besiktaszumbakursu.com/
157.52.137.132301 Moved Permanently 0 B IP 157.52.137.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: besiktaszumbakursu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Dec 2022 23:53:12 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.besiktaszumbakursu.com/index.php
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15470
Expires: Wed, 07 Dec 2022 04:11:24 GMT
Date: Tue, 06 Dec 2022 23:53:34 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1294
Cache-Control: max-age=125958
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:34 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 10:52:52 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2738
Expires: Wed, 07 Dec 2022 00:39:12 GMT
Date: Tue, 06 Dec 2022 23:53:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 23:20:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1988
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pYsx/44OlZstYWHGDAcIigh52166RoDJRb47se6x/ZK/XQrwj1j08meYvEdVGpy/QC3rKW2Lbr0=
x-amz-request-id: Z2BWV8XA3F44GVMQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 23:49:09 GMT
age: 265
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.besiktaszumbakursu.com/index.php
157.52.137.132200 OK 558 B URL HTTP/1.1 www.besiktaszumbakursu.com/index.php
IP 157.52.137.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (760), with CRLF line terminators
Hash 2c167056740ce4ceeac4f2c5fca86573
a78da8ade8e555611dbce2aee4b68cbc4aa7c3b6
f407f3f85c18377e0e1417d3eef217687d193403c1c98ddc51e402cb9dc65582
GET /index.php HTTP/1.1
Host: www.besiktaszumbakursu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 23:53:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.besiktaszumbakursu.com/common.js
157.52.137.132200 OK 675 B URL HTTP/1.1 www.besiktaszumbakursu.com/common.js
IP 157.52.137.132:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1295), with no line terminators
Hash c4468d295a1d3238c2027545ae9e0eb5
67f72e9a83bc89c6535fe1f6738ddcda957c9b15
1f4228c735498bc33d130a08f893d8a5f53df6759b1e46dffb589d7e30432385
GET /common.js HTTP/1.1
Host: www.besiktaszumbakursu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.besiktaszumbakursu.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 23:53:13 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1276
Cache-Control: max-age=120872
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:34 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:28:06 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 23:08:58 GMT
cache-control: public,max-age=3600
age: 2676
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.besiktaszumbakursu.com/tj.js
157.52.137.132200 OK 258 B URL HTTP/1.1 www.besiktaszumbakursu.com/tj.js
IP 157.52.137.132:0
File type ASCII text, with CRLF line terminators
Hash ecd2a954c7ad9e69b49f13b7c5838aee
8418a2b59680f94b68d45cb371a831f52bd15773
a6a4491d6889128778c9eb164f9ddd71924c8d858271e1d590e05dd933445e13
GET /tj.js HTTP/1.1
Host: www.besiktaszumbakursu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.besiktaszumbakursu.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 23:53:13 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XA5/RmNjlJjZMAWrfd45iA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iAqwUbvPHh9pK+uBViB5WGIBZN4=
www.besiktaszumbakursu.com/favicon.ico
157.52.137.132200 OK 1.2 kB URL HTTP/1.1 www.besiktaszumbakursu.com/favicon.ico
IP 157.52.137.132:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.besiktaszumbakursu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.besiktaszumbakursu.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 23:53:13 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 11 Dec 2022 23:53:13 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash e287754c60a88666a6312bad9576d6d6
ebf26b4fc9095405264affb5ec5bb74da1390c11
1e3b86f238eebe96b7a33f7df7dfd4815e9e6f6ebf801e7dd8489687d05bc870
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 22:20:00 GMT
ETag: "ebf26b4fc9095405264affb5ec5bb74da1390c11"
Last-Modified: Tue, 06 Dec 2022 22:20:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1356
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7758f11d5eb4b50f-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac51cbdedc00b561ce5832b296d92a38
0adde74e79146941e2ff49c76560ed38c7816ed7
15e6bbba12721551bf1b8f6f80cdacd10a6855b94d4b976a17f64224e0034483
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15E6BBBA12721551BF1B8F6F80CDACD10A6855B94D4B976A17F64224E0034483"
Last-Modified: Tue, 06 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 07 Dec 2022 05:53:35 GMT
Date: Tue, 06 Dec 2022 23:53:35 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 75aa80ce6ceeffb5b9aca48d613cea34
43fe7b565cdd7d18cd3963eb1e6ffbf25135d439
b17bbeba272f7ceaba4493ca153eb4342cf37b37fb958fab3eaa7ae5d0ada3f9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B17BBEBA272F7CEABA4493CA153EB4342CF37B37FB958FAB3EAA7AE5D0ADA3F9"
Last-Modified: Tue, 06 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8207
Expires: Wed, 07 Dec 2022 02:10:23 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
xb3.hadhd.com/
156.251.146.196200 OK 18 kB IP 156.251.146.196:0
Hash 6992006d2ea01c66670bed85e2beee71
487b65f3ba702f45821fc31c46fa4ce24c744608
2c7f3e756f4209638c8dedae26fcc985e906b1aaa84e900dc3dc56785ccfe7a3
GET / HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.besiktaszumbakursu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?cf2924db4c940add05202cd8e338731f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?cf2924db4c940add05202cd8e338731f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash b16ef05b1c012132f85e33d5a62a525a
6db8ce8974975accbf68cf4f34a106b97bac6029
45117b1e7ce60ca7dbb8fb6a3d49e4dbc8ddd359aab3359fe2151290b8700211
GET /hm.js?cf2924db4c940add05202cd8e338731f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.besiktaszumbakursu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 23:53:36 GMT
Etag: 6a3f23c5187f9e3fe8d95d0a2a8edb19
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0BF28ADC45728169; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 75aa80ce6ceeffb5b9aca48d613cea34
43fe7b565cdd7d18cd3963eb1e6ffbf25135d439
b17bbeba272f7ceaba4493ca153eb4342cf37b37fb958fab3eaa7ae5d0ada3f9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B17BBEBA272F7CEABA4493CA153EB4342CF37B37FB958FAB3EAA7AE5D0ADA3F9"
Last-Modified: Tue, 06 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8207
Expires: Wed, 07 Dec 2022 02:10:23 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 75aa80ce6ceeffb5b9aca48d613cea34
43fe7b565cdd7d18cd3963eb1e6ffbf25135d439
b17bbeba272f7ceaba4493ca153eb4342cf37b37fb958fab3eaa7ae5d0ada3f9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B17BBEBA272F7CEABA4493CA153EB4342CF37B37FB958FAB3EAA7AE5D0ADA3F9"
Last-Modified: Tue, 06 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8207
Expires: Wed, 07 Dec 2022 02:10:23 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
ddcdn.pic-726-baidu.com/upload/vod/2020-10-06/16019173488.jpg
104.22.29.157200 OK 8.6 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2020-10-06/16019173488.jpg
IP 104.22.29.157:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11b7de194071c2cbd0491b8ded490dae
60273e24cd5756a5afc7077b251e5ee3dd7f8a23
ff35081213630bb345a07c6569ed494eceba15d5e3b81350a931be8289530153
GET /upload/vod/2020-10-06/16019173488.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: image/webp
content-length: 8576
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9301
content-disposition: inline; filename="16019173488.webp"
etag: "5f7b51a4-2455"
expires: Thu, 05 Jan 2023 12:37:12 GMT
last-modified: Mon, 05 Oct 2020 17:02:28 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 40584
accept-ranges: bytes
server: cloudflare
cf-ray: 7758f123da4ab4eb-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 75aa80ce6ceeffb5b9aca48d613cea34
43fe7b565cdd7d18cd3963eb1e6ffbf25135d439
b17bbeba272f7ceaba4493ca153eb4342cf37b37fb958fab3eaa7ae5d0ada3f9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B17BBEBA272F7CEABA4493CA153EB4342CF37B37FB958FAB3EAA7AE5D0ADA3F9"
Last-Modified: Tue, 06 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8207
Expires: Wed, 07 Dec 2022 02:10:23 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7071
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
ddcdn.pic-726-baidu.com/upload/vod/2020-10-07/16020091976.jpg
104.22.29.157200 OK 12 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2020-10-07/16020091976.jpg
IP 104.22.29.157:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 31a8d321998d9774c52241d433d5e6e2
104d4885b26b086b08dc2b267a641037a462636b
926b03821075437a788f94a7cbdd471c1ce18d4f828988458c2fa86b063f976a
GET /upload/vod/2020-10-07/16020091976.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: image/jpeg
content-length: 12476
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13200, status=webp_bigger
etag: "5f7cb86d-3390"
expires: Thu, 05 Jan 2023 12:37:12 GMT
last-modified: Tue, 06 Oct 2020 18:33:17 GMT
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 40584
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758f123ea51b4eb-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7071
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
ddcdn.pic-726-baidu.com/upload/vod/2020-10-14/160263920614.jpg
104.22.29.157200 OK 4.8 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2020-10-14/160263920614.jpg
IP 104.22.29.157:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 96a5abb2e501b5f11229b52de21678dd
50d27d435814928c04c239e9e0ee4f5992274152
8c84fd47babb93b43dc542b0a88d5697296d25a1a35021dea03f1a95314734f5
GET /upload/vod/2020-10-14/160263920614.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: image/webp
content-length: 4760
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6921
content-disposition: inline; filename="160263920614.webp"
etag: "5f865566-1b09"
expires: Thu, 05 Jan 2023 12:37:12 GMT
last-modified: Wed, 14 Oct 2020 01:33:26 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 40584
accept-ranges: bytes
server: cloudflare
cf-ray: 7758f123fa59b4eb-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Znjnq24wuXoi43Bfc9aPdcUHhMh-a00hSCXUHFpHq3sTtQQoUYe6Uw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:29:49 GMT
age: 59027
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xb3.hadhd.com/template/meizhuama/css/ate.css
156.251.146.196200 OK 17 kB URL HTTP/2 xb3.hadhd.com/template/meizhuama/css/ate.css
IP 156.251.146.196:0
Hash 82bcebce7f09fe3b0854754b9dff56f5
5b22675588d55820e7f9c2ae90ec144202091ab2
f492e7734278c986147dcf247455a6faf1d9bc1383663e3e6869154635497e62
GET /template/meizhuama/css/ate.css HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: text/css
last-modified: Wed, 30 Nov 2022 16:01:32 GMT
vary: Accept-Encoding
etag: W/"63877e5c-11e0a"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: 2ebf542a-dacc-472a-81c0-0c69cb1ec143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEQAH2doAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb3ff-7173ff7941b57fa163e3cc6b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fxuPjC35VBDaymSCPY_iBxDnQY4CFHgolHSmnDhCRUjzw5UzY7ovA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:12:54 GMT
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
age: 70842
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7071
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 03:29:42 GMT
age: 73434
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gKrU6wAuRsrr4_VwxjHIsTHjAB_L3xy6VQPRFBTUrK4vd7ycP3kyig==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:46:26 GMT
age: 58030
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a317faf49d8e057d1da40f9441b6c30
f01497a3eef693b70b18885156f63c9c7305ed7e
5687e273eefa9ba3733fabe234e52bc7db87b4ec6244d12077c5816ae7961576
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12259
x-amzn-requestid: db1b424e-af8a-4a6f-92dc-27ccf3256d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: coKPCHc9oAMFygg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638cbd93-56c293d73368cab66819d31e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 15:32:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1go6MAGUUThlH59lQ8FRciYwPrzYJbcTKlNPmzqxNWynDV7SHrwmTw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 05:47:40 GMT
age: 65156
etag: "f01497a3eef693b70b18885156f63c9c7305ed7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7071
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7071
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash df3dc0366d181cbc0a4272733322cfac
ae7a50019ff1d5e7b98130e1be80a07a58ba7281
9a81b6beb55751c12c41f4007b02532e02cfbe389a5e2ba505cb2f47a76c125e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A81B6BEB55751C12C41F4007B02532E02CFBE389A5E2BA505CB2F47A76C125E"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=578
Expires: Wed, 07 Dec 2022 00:03:14 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash df3dc0366d181cbc0a4272733322cfac
ae7a50019ff1d5e7b98130e1be80a07a58ba7281
9a81b6beb55751c12c41f4007b02532e02cfbe389a5e2ba505cb2f47a76c125e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A81B6BEB55751C12C41F4007B02532E02CFBE389A5E2BA505CB2F47A76C125E"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=578
Expires: Wed, 07 Dec 2022 00:03:14 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash df3dc0366d181cbc0a4272733322cfac
ae7a50019ff1d5e7b98130e1be80a07a58ba7281
9a81b6beb55751c12c41f4007b02532e02cfbe389a5e2ba505cb2f47a76c125e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A81B6BEB55751C12C41F4007B02532E02CFBE389A5E2BA505CB2F47A76C125E"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=578
Expires: Wed, 07 Dec 2022 00:03:14 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
xb3.hadhd.com/template/web/app1.js
156.251.146.196200 OK 955 B URL HTTP/2 xb3.hadhd.com/template/web/app1.js
IP 156.251.146.196:0
File type HTML document, Unicode text, UTF-8 text
Hash ab4ae5013d917be298ff9c06067533c1
0dad4c068ee0573ba1dccc5005a780ece8c6a7ab
297d8b5f5326b6f946d1468a3518071fda7ec87410d99d2559b2df73d0a4fdad
GET /template/web/app1.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
content-length: 955
last-modified: Tue, 06 Dec 2022 16:48:28 GMT
etag: "638f725c-3bb"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 34ed941ce8db9682d441aab5540316db
555c1f5b0792a1fea3dfec1142d8883a79a0a387
990490649b47e58d909f7cac73880165cd5f10746a0adf80a326436982a6f429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "990490649B47E58D909F7CAC73880165CD5F10746A0ADF80A326436982A6F429"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9145
Expires: Wed, 07 Dec 2022 02:26:01 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
xb3.hadhd.com/template/web/app3.js
156.251.146.196200 OK 975 B URL HTTP/2 xb3.hadhd.com/template/web/app3.js
IP 156.251.146.196:0
File type HTML document, Unicode text, UTF-8 text
Hash c0d3b18c7c8e6c9f72e5602cb7c647f2
58c592d56e080a0e1e6cc7db1bd481f10dd7b549
cc416713ce78ba78e1e94131b203431087a66641c49bd7c6da526135b76006ac
GET /template/web/app3.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
content-length: 975
last-modified: Tue, 06 Dec 2022 16:48:43 GMT
etag: "638f726b-3cf"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 34ed941ce8db9682d441aab5540316db
555c1f5b0792a1fea3dfec1142d8883a79a0a387
990490649b47e58d909f7cac73880165cd5f10746a0adf80a326436982a6f429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "990490649B47E58D909F7CAC73880165CD5F10746A0ADF80A326436982A6F429"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9145
Expires: Wed, 07 Dec 2022 02:26:01 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 34ed941ce8db9682d441aab5540316db
555c1f5b0792a1fea3dfec1142d8883a79a0a387
990490649b47e58d909f7cac73880165cd5f10746a0adf80a326436982a6f429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "990490649B47E58D909F7CAC73880165CD5F10746A0ADF80A326436982A6F429"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11868
Expires: Wed, 07 Dec 2022 03:11:24 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 34ed941ce8db9682d441aab5540316db
555c1f5b0792a1fea3dfec1142d8883a79a0a387
990490649b47e58d909f7cac73880165cd5f10746a0adf80a326436982a6f429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "990490649B47E58D909F7CAC73880165CD5F10746A0ADF80A326436982A6F429"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17794
Expires: Wed, 07 Dec 2022 04:50:10 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 34ed941ce8db9682d441aab5540316db
555c1f5b0792a1fea3dfec1142d8883a79a0a387
990490649b47e58d909f7cac73880165cd5f10746a0adf80a326436982a6f429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "990490649B47E58D909F7CAC73880165CD5F10746A0ADF80A326436982A6F429"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17750
Expires: Wed, 07 Dec 2022 04:49:26 GMT
Date: Tue, 06 Dec 2022 23:53:36 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1228067241&si=cf2924db4c940add05202cd8e338731f&v=1.3.0&lv=1&sn=14736&r=0&ww=1280&u=http%3A%2F%2Fwww.besiktaszumbakursu.com%2Findex.php&tt=%E6%B9%96%E5%B7%9E%E8%BE%9E%E5%AE%A6%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1228067241&si=cf2924db4c940add05202cd8e338731f&v=1.3.0&lv=1&sn=14736&r=0&ww=1280&u=http%3A%2F%2Fwww.besiktaszumbakursu.com%2Findex.php&tt=%E6%B9%96%E5%B7%9E%E8%BE%9E%E5%AE%A6%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1228067241&si=cf2924db4c940add05202cd8e338731f&v=1.3.0&lv=1&sn=14736&r=0&ww=1280&u=http%3A%2F%2Fwww.besiktaszumbakursu.com%2Findex.php&tt=%E6%B9%96%E5%B7%9E%E8%BE%9E%E5%AE%A6%E7%A7%9F%E5%94%AE%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.besiktaszumbakursu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 23:53:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7B6E91C9D66BD8A1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
pic1.semaobf1.com/20221109/CE9255B9862726F9/CE9255B9862726F9.jpg
5.180.83.41200 OK 7.3 kB URL HTTP/1.1 pic1.semaobf1.com/20221109/CE9255B9862726F9/CE9255B9862726F9.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a97d2d99e90d06c5a618362f592d9a00
d9b1f720f95adf9f5599d92fc97ac66dc7e0f926
4aefa43bdf03c874c6f97cace323012c086fd59705e21d58d2db7844deee37ba
GET /20221109/CE9255B9862726F9/CE9255B9862726F9.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:01 GMT
Content-Type: image/jpeg
Content-Length: 7339
Last-Modified: Thu, 17 Nov 2022 04:20:58 GMT
Connection: keep-alive
ETag: "6375b6aa-1cab"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20221110/392BA37CE6480A5C/392BA37CE6480A5C.jpg
5.180.83.41200 OK 7.4 kB URL HTTP/1.1 pic1.semaobf1.com/20221110/392BA37CE6480A5C/392BA37CE6480A5C.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash fd5b97445180679fb83eebae2659b311
ac42603208314138243b5e0ac05a01d3fe171b2d
c2de15a414701cb5ff6c76d5f22c2e7621603b9d1c4dcb16af5b3a627ef26add
GET /20221110/392BA37CE6480A5C/392BA37CE6480A5C.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:01 GMT
Content-Type: image/jpeg
Content-Length: 7378
Last-Modified: Fri, 18 Nov 2022 04:53:35 GMT
Connection: keep-alive
ETag: "63770fcf-1cd2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20221108/12F2E2EFA96877D1/12F2E2EFA96877D1.jpg
5.180.83.41200 OK 8.6 kB URL HTTP/1.1 pic1.semaobf1.com/20221108/12F2E2EFA96877D1/12F2E2EFA96877D1.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 480x331, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2c3e1fe9d1cf7bb86c8f05afb083e5a0
c2456c681d42ae0a2cd540d7cdc9716ad62da541
c1468065679186706809c84875114163cfb9f59cdcdc563eea7acf97bb5e34b7
GET /20221108/12F2E2EFA96877D1/12F2E2EFA96877D1.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:01 GMT
Content-Type: image/jpeg
Content-Length: 8641
Last-Modified: Wed, 16 Nov 2022 04:25:53 GMT
Connection: keep-alive
ETag: "63746651-21c1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20221111/9F4374017DA84EE8/9F4374017DA84EE8.jpg
5.180.83.41200 OK 7.8 kB URL HTTP/1.1 pic1.semaobf1.com/20221111/9F4374017DA84EE8/9F4374017DA84EE8.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0faf389aa26e00b50ba31236d7aa757c
0331ae9c7ae00212ba595b36d920d2b25d018cf9
0334ee949db00220fe6b879038dea459cec5f8dbadb3abd373ece4d41f5ec866
GET /20221111/9F4374017DA84EE8/9F4374017DA84EE8.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:01 GMT
Content-Type: image/jpeg
Content-Length: 7827
Last-Modified: Sat, 19 Nov 2022 05:59:28 GMT
Connection: keep-alive
ETag: "637870c0-1e93"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20221109/A06D19082C0DBDD6/A06D19082C0DBDD6.jpg
5.180.83.41200 OK 9.7 kB URL HTTP/1.1 pic1.semaobf1.com/20221109/A06D19082C0DBDD6/A06D19082C0DBDD6.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash dfaa7f3b897f22e3c766cb9e55b8293d
175bd2fd56bb5bb451231c8b54bead1068233d58
d0e9b9575044f14dfb9fd50c4b70bd4a0e4a835f9b0e2e74e34f4dd469be6c98
GET /20221109/A06D19082C0DBDD6/A06D19082C0DBDD6.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:01 GMT
Content-Type: image/jpeg
Content-Length: 9654
Last-Modified: Thu, 17 Nov 2022 04:16:43 GMT
Connection: keep-alive
ETag: "6375b5ab-25b6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20221205-1/45d84d1a53eb80c23aeca0476d37a5c9.jpg
23.224.136.188200 OK 14 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221205-1/45d84d1a53eb80c23aeca0476d37a5c9.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 385x234, components 3\012- data
Hash 5b50873adeb3b7170ab9705c8fd5fe6b
41a6621563a7a5152cb51a897f6801cde8c9a8ae
70b17cdfc2e2d75980c6317638cc55b6b4a1eaa09a721da8ea7e96276e46f5b6
GET /upload/vod/20221205-1/45d84d1a53eb80c23aeca0476d37a5c9.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:36 GMT
Content-Type: image/jpeg
Content-Length: 13822
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 11:12:58 GMT
ETag: "638dd23a-35fe"
Accept-Ranges: bytes
pic1.semaobf1.com/20221107/1846E8B201CAB214/1846E8B201CAB214.jpg
5.180.83.41200 OK 13 kB URL HTTP/1.1 pic1.semaobf1.com/20221107/1846E8B201CAB214/1846E8B201CAB214.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 8a25f25a235e9067394057fec2b6f009
3b5ef9001bc0df81dcdc3f8424a71674c1a4b865
c369b554b7fdf7c07846ceef2e9e411a93a0caa83b27b84bb853bf5343cd4502
GET /20221107/1846E8B201CAB214/1846E8B201CAB214.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:02 GMT
Content-Type: image/jpeg
Content-Length: 12631
Last-Modified: Tue, 15 Nov 2022 04:27:02 GMT
Connection: keep-alive
ETag: "63731516-3157"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20221107/B953184976498753/B953184976498753.jpg
5.180.83.41200 OK 12 kB URL HTTP/1.1 pic1.semaobf1.com/20221107/B953184976498753/B953184976498753.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6a9e93ebfdbaa499e379742e48805b74
081bbf14cd0a8e07352df2054b2bb247a156d2e7
ac6ab1fd755ee5914e1b3e59829fc57c931fded4304333644f41a47254ead193
GET /20221107/B953184976498753/B953184976498753.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:02 GMT
Content-Type: image/jpeg
Content-Length: 12211
Last-Modified: Tue, 15 Nov 2022 04:28:07 GMT
Connection: keep-alive
ETag: "63731557-2fb3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20221106/A9097817FE39EB0C/A9097817FE39EB0C.jpg
5.180.83.41200 OK 12 kB URL HTTP/1.1 pic1.semaobf1.com/20221106/A9097817FE39EB0C/A9097817FE39EB0C.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash df1cb4568f34c6573bde72c8528d212f
ea7ceab4de5d2959ef6c3996dde5b2ea49e97a73
0d4800b81acdb1487f633f7ca690ae23ffd86d1aede4a690cf17d1104d181d50
GET /20221106/A9097817FE39EB0C/A9097817FE39EB0C.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:02 GMT
Content-Type: image/jpeg
Content-Length: 11902
Last-Modified: Mon, 14 Nov 2022 08:29:54 GMT
Connection: keep-alive
ETag: "6371fc82-2e7e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20221106/60887D8B11EFFEEA/60887D8B11EFFEEA.jpg
5.180.83.41200 OK 15 kB URL HTTP/1.1 pic1.semaobf1.com/20221106/60887D8B11EFFEEA/60887D8B11EFFEEA.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 435f29693fe11b165bdba845e584f02c
bd447f2cbc5e876adeb64da6fca571beb9290203
1e22835f13014b24ab5cc80f4229ee2119270b5fe909efb48f18cee3b30484bf
GET /20221106/60887D8B11EFFEEA/60887D8B11EFFEEA.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:02 GMT
Content-Type: image/jpeg
Content-Length: 14700
Last-Modified: Mon, 14 Nov 2022 08:29:48 GMT
Connection: keep-alive
ETag: "6371fc7c-396c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
pic1.semaobf1.com/20221108/41CD33B0029A55C9/41CD33B0029A55C9.jpg
5.180.83.41200 OK 22 kB URL HTTP/1.1 pic1.semaobf1.com/20221108/41CD33B0029A55C9/41CD33B0029A55C9.jpg
IP 5.180.83.41:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 2efe545cedfe5d5651f61b7f9f7af668
197a72e40a5016b5bb65988530812c2334363338
c469365aab6840fbf67b51d1300b6279e6ac29b795366e3a20c2f48d0c0b3b4e
GET /20221108/41CD33B0029A55C9/41CD33B0029A55C9.jpg HTTP/1.1
Host: pic1.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:01 GMT
Content-Type: image/jpeg
Content-Length: 22168
Last-Modified: Wed, 16 Nov 2022 04:25:54 GMT
Connection: keep-alive
ETag: "63746652-5698"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
xb3.hadhd.com/template/web/GG/rem.gif
156.251.146.196200 OK 254 B URL HTTP/2 xb3.hadhd.com/template/web/GG/rem.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/web/GG/rem.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: image/gif
content-length: 254
last-modified: Tue, 19 Jul 2022 11:08:30 GMT
etag: "62d690ae-fe"
expires: Thu, 05 Jan 2023 23:53:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 95c99d9315f42646d902fdb762011db3
60ee48f76b40fac032a60be54471f8ac0a4eea55
065370073a44ce709693772cabe0210c94d2ff33f4f055f0c3544a6a92eeeda2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6177
Cache-Control: max-age=94127
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:37 GMT
Etag: "638e8a8f-118"
Expires: Thu, 08 Dec 2022 02:02:24 GMT
Last-Modified: Tue, 06 Dec 2022 00:19:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 95c99d9315f42646d902fdb762011db3
60ee48f76b40fac032a60be54471f8ac0a4eea55
065370073a44ce709693772cabe0210c94d2ff33f4f055f0c3544a6a92eeeda2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6389
Cache-Control: max-age=94339
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:37 GMT
Etag: "638e8a8f-118"
Expires: Thu, 08 Dec 2022 02:05:56 GMT
Last-Modified: Tue, 06 Dec 2022 00:19:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 95c99d9315f42646d902fdb762011db3
60ee48f76b40fac032a60be54471f8ac0a4eea55
065370073a44ce709693772cabe0210c94d2ff33f4f055f0c3544a6a92eeeda2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3017
Cache-Control: max-age=90967
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:37 GMT
Etag: "638e8a8f-118"
Expires: Thu, 08 Dec 2022 01:09:44 GMT
Last-Modified: Tue, 06 Dec 2022 00:19:27 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 95c99d9315f42646d902fdb762011db3
60ee48f76b40fac032a60be54471f8ac0a4eea55
065370073a44ce709693772cabe0210c94d2ff33f4f055f0c3544a6a92eeeda2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:37 GMT
Last-Modified: Tue, 06 Dec 2022 22:19:42 GMT
Server: ECS (amb/6B77)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 95c99d9315f42646d902fdb762011db3
60ee48f76b40fac032a60be54471f8ac0a4eea55
065370073a44ce709693772cabe0210c94d2ff33f4f055f0c3544a6a92eeeda2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3476
Cache-Control: max-age=91426
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:37 GMT
Etag: "638e8a8f-118"
Expires: Thu, 08 Dec 2022 01:17:23 GMT
Last-Modified: Tue, 06 Dec 2022 00:19:27 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 280
imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/e0921234-c4a9-4c2c-e9f8-9edc9c41ee00/public
104.18.2.36200 OK 7.4 kB URL HTTP/2 imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/e0921234-c4a9-4c2c-e9f8-9edc9c41ee00/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11160886e51f2998d748e78a37a7345d
8593db2f6150aa1452b17895f63e581bc5c756d0
f419bc635485ddea94a7328ad68eb1ea0fd85fc0945d1c06dd03376a4ffcbf57
GET /PZ5Nnb5z4TfMFnFORJSOeg/e0921234-c4a9-4c2c-e9f8-9edc9c41ee00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/webp
content-length: 7368
cf-ray: 7758f1279dd9b4f7-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cf_h4xif-eJHbyMHpkLNIY5i538dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=478 c=0+9 v=2022.11.1 l=7368
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xb3.hadhd.com/template/meizhuama/css/zui.css
156.251.146.196200 OK 36 kB URL HTTP/2 xb3.hadhd.com/template/meizhuama/css/zui.css
IP 156.251.146.196:0
Hash c593b60f726537d694080c59e2fd459a
2dd16449c269c3e8695a15d58b74fe1e3de63a02
dacb9f5261ec7f0ca94aff01b4bb54ddae5020f5d0f96827bf699f7ba2aee06f
GET /template/meizhuama/css/zui.css HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: text/css
last-modified: Tue, 03 May 2022 06:22:50 GMT
vary: Accept-Encoding
etag: W/"6270ca3a-18ca0"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/d7f4f233-0ec9-425c-758f-dcf37d7a6400/public
104.18.2.36200 OK 96 kB URL HTTP/2 imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/d7f4f233-0ec9-425c-758f-dcf37d7a6400/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 053613ae3a2a211b79d2b4894275add4
54b82daa9cf29085ed88b303aca50b601893f39d
92a46fbd82ab22e9ce57f7759be78dcb1d09a0b0c22fbdfd5c20bf52063a2c55
GET /PZ5Nnb5z4TfMFnFORJSOeg/d7f4f233-0ec9-425c-758f-dcf37d7a6400/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/webp
content-length: 95610
cf-ray: 7758f1278daeb4f7-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfVzg5_s7MyEj1XjB5P1mATv4D8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=497 c=2+96 v=2022.11.1 l=95610
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/app2.js
156.251.146.196200 OK 178 kB URL HTTP/2 xb3.hadhd.com/template/web/app2.js
IP 156.251.146.196:0
Size 178 kB (178228 bytes)
Hash b48d57a806c3194701cddf7b503b999f
e8360d1fc82241fdce0ab6d0231af166c485798f
7fb41a9227f42b43c9d169e59b02e4a3ca5403beba81642f87dc91f25079e5fb
GET /template/web/app2.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 16:48:35 GMT
vary: Accept-Encoding
etag: W/"638f7263-42f"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/3f0957c0-5294-4ee3-6e9c-814a3b345000/public
104.18.2.36200 OK 375 kB URL HTTP/2 imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/3f0957c0-5294-4ee3-6e9c-814a3b345000/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 375 kB (374632 bytes)
Hash d63a3555e5be6447fee4b71ab41cb4e8
3899a39cd51df5c53160038da28dcf48dd1433ac
46c1fc7c0d09d2e2490190550fde2fc5b525065d5f5bcff8ca5b218eff3a19ff
GET /PZ5Nnb5z4TfMFnFORJSOeg/3f0957c0-5294-4ee3-6e9c-814a3b345000/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/webp
content-length: 374632
cf-ray: 7758f1279ddcb4f7-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cf7NPAYhs3yfOrI7U9r9g3D4wm8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-images: internal=ok/- q=5 n=46 c=40+520 v=2022.11.7 l=374632
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/db56bf41-b5ba-4312-1f3b-02600da4df00/public
104.18.2.36200 OK 28 kB URL HTTP/2 imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/db56bf41-b5ba-4312-1f3b-02600da4df00/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 563b5167050b00aa961020f1b36f6a13
935f5843f264f461ae1ad8f20c20693acfa07328
01f7a644e8c3fa1d81c221f70e58589d109a6cff40ec0573d386b9c218eaa976
GET /PZ5Nnb5z4TfMFnFORJSOeg/db56bf41-b5ba-4312-1f3b-02600da4df00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/webp
content-length: 27598
cf-ray: 7758f127de14b4f7-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfHl48yvK3nZNVpjAE2CG2ukWr8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-images: internal=ok/- q=0 n=493 c=1+27 v=2022.11.1 l=27598
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/xx1.js
156.251.146.196200 OK 668 kB URL HTTP/2 xb3.hadhd.com/template/web/xx1.js
IP 156.251.146.196:0
Size 668 kB (668069 bytes)
Hash ddbf588c4d8d146d54422c7dd268a4e9
99ed8d5019e55a4c73c1497746f415259d2f07b0
78b5496d9536e42118b31f37b7ed4fe3451ba9d8b94eeeab850f57ab0b0a2e87
GET /template/web/xx1.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 17:13:49 GMT
vary: Accept-Encoding
etag: W/"638f784d-9ec"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20221205-1/21f6fb9548349b67e41b6de8228927ce.jpg
23.224.136.188200 OK 39 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221205-1/21f6fb9548349b67e41b6de8228927ce.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Software: Snipaste", baseline, precision 8, 806x423, components 3\012- data
Hash 9fcefcdf566001d72c006537155d7f2e
a786c9246412cf49f9319a962865b1c453730a49
48f81b361dc8680eab140cdce080adcc0105312b040388cd13e06644d8a83f5d
GET /upload/vod/20221205-1/21f6fb9548349b67e41b6de8228927ce.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:36 GMT
Content-Type: image/jpeg
Content-Length: 38728
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 11:12:58 GMT
ETag: "638dd23a-9748"
Accept-Ranges: bytes
xb3.hadhd.com/template/web/dh2.js
156.251.146.196200 OK 505 kB URL HTTP/2 xb3.hadhd.com/template/web/dh2.js
IP 156.251.146.196:0
Size 505 kB (504889 bytes)
Hash f0cb3a929da69358e893cd0234e5d3fe
490ec792a8c1478e32ea21bc9567b27b0363f1d3
26a3fed219b832bb0dba18361865c184eb959e2b01d1d4809f45889b13e9b68e
GET /template/web/dh2.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 16:48:59 GMT
vary: Accept-Encoding
etag: W/"638f727b-15e8"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/a3ba936d-6129-462c-4def-2918ff4fa400/public
104.18.2.36200 OK 322 kB URL HTTP/2 imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/a3ba936d-6129-462c-4def-2918ff4fa400/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 322 kB (322258 bytes)
Hash 5480c7fb7119c3a7338594817d14ac7c
ff1dd9717282f255b89e3d36c929f9ad0624b3e8
6e70cf679430dec757558d145628e0f98f35a0245746b328342c46464837c8c9
GET /PZ5Nnb5z4TfMFnFORJSOeg/a3ba936d-6129-462c-4def-2918ff4fa400/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/webp
content-length: 322258
cf-ray: 7758f127ce11b4f7-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfLnot9Fn1uTmBSEoy0Kna27d58dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-images: internal=ok/- q=0 n=31 c=32+364 v=2022.11.7 l=322258
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/bb83b3c4-440f-4cf8-9b48-862b0d393a00/public
104.18.2.36200 OK 804 kB URL HTTP/2 imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/bb83b3c4-440f-4cf8-9b48-862b0d393a00/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 804 kB (803788 bytes)
Hash 87d94a746164e73df553f2d1a92ebb40
8a04cb8f923367453b77415f3a31d640d9e4128f
2b70b6312d229b98ba9b7d3b35a3d68619e3247694deeb313f33fe525f9579a0
GET /PZ5Nnb5z4TfMFnFORJSOeg/bb83b3c4-440f-4cf8-9b48-862b0d393a00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/webp
content-length: 803788
cf-ray: 7758f1278db7b4f7-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfODn44PiZEjmlREkSsNcP6IgH8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-images: internal=ok/- q=1 n=692 c=54+1015 v=2022.11.7 l=803788
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 95c99d9315f42646d902fdb762011db3
60ee48f76b40fac032a60be54471f8ac0a4eea55
065370073a44ce709693772cabe0210c94d2ff33f4f055f0c3544a6a92eeeda2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:37 GMT
Last-Modified: Tue, 06 Dec 2022 22:19:42 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
xb3.hadhd.com/template/meizhuama/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff
156.251.146.196404 Not Found 146 B URL HTTP/2 xb3.hadhd.com/template/meizhuama/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff
IP 156.251.146.196:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/meizhuama/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xb3.hadhd.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
xb3.hadhd.com/template/meizhuama/images/video-play.png
156.251.146.196200 OK 1.6 kB URL HTTP/2 xb3.hadhd.com/template/meizhuama/images/video-play.png
IP 156.251.146.196:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/meizhuama/images/video-play.png HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/png
content-length: 1567
last-modified: Sun, 06 Mar 2022 14:17:50 GMT
etag: "6224c28e-61f"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/25b65e6c-d8c9-461c-ae8c-129adc09a400/public
104.18.2.36200 OK 424 kB URL HTTP/2 imagedelivery.net/PZ5Nnb5z4TfMFnFORJSOeg/25b65e6c-d8c9-461c-ae8c-129adc09a400/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 424 kB (423700 bytes)
Hash bce797c959a9c7498cdb65db29db36a9
3beba5200b69203f09f935df3f09dd93da2688a1
28b80b6297b3fe959ea06bea745a887b61ad06c471d194fa056ba4d68b17a3ad
GET /PZ5Nnb5z4TfMFnFORJSOeg/25b65e6c-d8c9-461c-ae8c-129adc09a400/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/webp
content-length: 423700
cf-ray: 7758f128eec8b4f7-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfGhStahWYAid_xbNfQZFffhHH8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-images: internal=ok/- q=0 n=25 c=26+500 v=2022.11.7 l=423700
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 0e25dfb76880fd08bfe0b487eecd00c5
c81d13d40dea9abb482e903d528ad7f61f84e690
7ea3e0a84fed229feda834d4429093cb0f6518d5180ffcfe3a82730d3850a22b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:53:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 20:49:15 GMT
ETag: "c81d13d40dea9abb482e903d528ad7f61f84e690"
Last-Modified: Tue, 06 Dec 2022 20:49:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 85
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7758f1293c5ab4fd-OSL
ttzytp3.com/upload/vod/20221206-1/15270081c3db5449cb84e2df7629875a.jpg
23.224.136.188200 OK 145 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/15270081c3db5449cb84e2df7629875a.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 709x477, components 3\012- data
Size 145 kB (144976 bytes)
Hash 5a23490f263edd80985b59db25fe7b32
1f7c38ef0b654657b6467e5b436f5208be051b18
864dafb8ec9c2538583c0e8af7ffa98a04ef76aa58f77cf359eee2fa92be80a6
GET /upload/vod/20221206-1/15270081c3db5449cb84e2df7629875a.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:37 GMT
Content-Type: image/jpeg
Content-Length: 144976
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:43 GMT
ETag: "638f474b-23650"
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash ccbd2458a16e4175af30286d1c39462b
2e4896a22a0cd59b6d397a53acc20b1f3ab205dc
7ecef890fd3b16f53d6ca8686aadcad791f2214e5b7ae08588590714ecf29da2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156118
Date: Tue, 06 Dec 2022 23:53:37 GMT
Etag: "638f8d45-1d7"
Expires: Thu, 08 Dec 2022 19:15:35 GMT
Last-Modified: Tue, 06 Dec 2022 18:43:17 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JkBFBSzzlvaGZLfhmB_P1yMm8RTISeJ1s1ZxWyIBBjqobXXojM-rKA==
Age: 1938
ttzytp3.com/upload/vod/20221206-1/7f100fe22e556a813126d95f63a8ee37.jpg
23.224.136.188200 OK 169 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/7f100fe22e556a813126d95f63a8ee37.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 169 kB (169067 bytes)
Hash 70820c7b074eab51c22697f111facf21
775fc66a69c5d9c735a19eb6c1034cf865ab02eb
1f2ce78882e8a87442fe1d9a6215cdaf00bd10864bae634f3229936c7a34639c
GET /upload/vod/20221206-1/7f100fe22e556a813126d95f63a8ee37.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:36 GMT
Content-Type: image/jpeg
Content-Length: 169067
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:46:32 GMT
ETag: "638f47b8-2946b"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20221206-1/2a6d94eabc826949caa382ab4bb51cb5.jpg
23.224.136.188200 OK 196 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/2a6d94eabc826949caa382ab4bb51cb5.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 196 kB (196233 bytes)
Hash aec2414746a45df85d89a22dc4077a06
27582b25b8f66ad84643cdaa2aa834081c8cda31
051fcb43321a44c7c8c9d1c9d2f02dcf27fb5300763864e8f439619bf03a35b9
GET /upload/vod/20221206-1/2a6d94eabc826949caa382ab4bb51cb5.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:36 GMT
Content-Type: image/jpeg
Content-Length: 196233
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:45 GMT
ETag: "638f474d-2fe89"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20221205-1/c50b8e983f05c6b677fd2ceeca1adf5a.jpg
23.224.136.188200 OK 102 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221205-1/c50b8e983f05c6b677fd2ceeca1adf5a.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x496, components 3\012- data
Size 102 kB (101518 bytes)
Hash e631c257e89fb3323c17230910bb8a94
48b3c3cfd4554117f73e099d7f7e1f5ac1db9893
d9ca34feaf19674e6611448246f0a128df13df9ab04fc76ea066ebabeed2a884
GET /upload/vod/20221205-1/c50b8e983f05c6b677fd2ceeca1adf5a.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:36 GMT
Content-Type: image/jpeg
Content-Length: 101518
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 11:12:58 GMT
ETag: "638dd23a-18c8e"
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b1d1023adf27e0ee99002b48728cbcab
0b0775af1dbf156faf17a96711c2230f2fc8998f
c7f9cfe59996a74386a2c97216916fdd537155d292790ce167ff99e75cf58fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7F9CFE59996A74386A2C97216916FDD537155D292790CE167FF99E75CF58FA0"
Last-Modified: Mon, 05 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4261
Expires: Wed, 07 Dec 2022 01:04:38 GMT
Date: Tue, 06 Dec 2022 23:53:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 963294908cdc458cfeee9db5f7a5c317
f60b8f2beb74d8f5e5cf10cbe0357003ece27dbb
15f80b4c5d17e4309d201bba4daa327d9129e9f2196d4d4287ad17b2ddd76cf1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15F80B4C5D17E4309D201BBA4DAA327D9129E9F2196D4D4287AD17B2DDD76CF1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3461
Expires: Wed, 07 Dec 2022 00:51:18 GMT
Date: Tue, 06 Dec 2022 23:53:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3180376d560b1e82f61def0c07a6f565
dfc3eaf3e301b831c232f3a90f109413b4424a1d
10f544c3df0faa2ba8e42bece975253d5e6da5c0d32a10c7f6b624f689c041f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10F544C3DF0FAA2BA8E42BECE975253D5E6DA5C0D32A10C7F6B624F689C041F8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=594
Expires: Wed, 07 Dec 2022 00:03:31 GMT
Date: Tue, 06 Dec 2022 23:53:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7534c98b14abebf840f986a87d02bd42
76d21f3449c88f60c7f06f818c9630d8a95c479e
271403270c25927649ced9034ea986e2d91f5de7802772bc1dd9d9c57b11d67f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "271403270C25927649CED9034EA986E2D91F5DE7802772BC1DD9D9C57B11D67F"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17213
Expires: Wed, 07 Dec 2022 04:40:30 GMT
Date: Tue, 06 Dec 2022 23:53:37 GMT
Connection: keep-alive
xb3.hadhd.com/template/web/GG/k4.gif
156.251.146.196200 OK 114 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/k4.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 114 kB (114030 bytes)
Hash 79cf722c45cb4e5b3e7da0cfff829c98
71558743109d39b3163e3e873111641615c6f80c
37336e1d469f511d19c69cd7e3576ef2665204c7304e0b8dd2ec051dd78309e3
GET /template/web/GG/k4.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: image/gif
content-length: 114030
last-modified: Fri, 27 May 2022 05:30:56 GMT
etag: "62906210-1bd6e"
expires: Thu, 05 Jan 2023 23:53:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20221206-1/56aded898ef77940a62aca1b8ceabda4.jpg
23.224.136.188200 OK 6.3 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/56aded898ef77940a62aca1b8ceabda4.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash debe611e4d9aeec9f0feb6356152346d
8d9bb2cbdfa5e34d62963c2fa8cb996ec21be389
c957aebc1703580c8b0c8e4211e9b2a9c38df66e87ddb85adec9c2312f17c07e
GET /upload/vod/20221206-1/56aded898ef77940a62aca1b8ceabda4.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:37 GMT
Content-Type: image/jpeg
Content-Length: 6295
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:42 GMT
ETag: "638f474a-1897"
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2dc947233160ef84bdb6fa9a87aeab08
3980083890ea21061261c3de77d4c85dda87d9f1
986dbb8f402a305733803b6211c70f1c7cfaba95713b19be4378a41649496a3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "986DBB8F402A305733803B6211C70F1C7CFABA95713B19BE4378A41649496A3D"
Last-Modified: Tue, 06 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19678
Expires: Wed, 07 Dec 2022 05:21:35 GMT
Date: Tue, 06 Dec 2022 23:53:37 GMT
Connection: keep-alive
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4f5ca562874d2b77c6c37263e48db5c6.gif HTTP/1.1
Host: kzeww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: text/html
content-length: 162
location: https://max009.top/4f5ca562874d2b77c6c37263e48db5c6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvexx.com/d766f59de772a56dbe1bc6cf1d0027ad.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvexx.com/d766f59de772a56dbe1bc6cf1d0027ad.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /d766f59de772a56dbe1bc6cf1d0027ad.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: text/html
content-length: 162
location: https://kvhttt.top/d766f59de772a56dbe1bc6cf1d0027ad.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b86b0789d91ae5978755d889cfaf0374
905e12b2c24f20ad72a054c20738c546a6a2f19b
f621391b79c5c9498a1931b2f970d47934aef19b27d52f93b59a10b2af794822
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F621391B79C5C9498A1931B2F970D47934AEF19B27D52F93B59A10B2AF794822"
Last-Modified: Mon, 05 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3053
Expires: Wed, 07 Dec 2022 00:44:30 GMT
Date: Tue, 06 Dec 2022 23:53:37 GMT
Connection: keep-alive
kvhttt.top/d766f59de772a56dbe1bc6cf1d0027ad.gif
172.67.164.169200 OK 328 kB URL HTTP/2 kvhttt.top/d766f59de772a56dbe1bc6cf1d0027ad.gif
IP 172.67.164.169:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 328 kB (328164 bytes)
Hash 27b3d7f9fb788c290c5025ee779a7a86
549f03a050418ee932de6ac04508c6a49668341a
8e40d3a5d0773e3f69da3851dc6adfd4920b109a0d349a6d97da76cdc00f4717
GET /d766f59de772a56dbe1bc6cf1d0027ad.gif HTTP/1.1
Host: kvhttt.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xb3.hadhd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 328164
last-modified: Wed, 30 Nov 2022 09:05:08 GMT
etag: "63871cc4-501e4"
expires: Fri, 30 Dec 2022 12:17:32 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 560165
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJkyPi9JzASWR0g6EAGaYzTXvfFBxm4T85ID3%2BKLgBIf7PAvvYAx%2BgiGa%2BDkg5DMyY2qvgopfveP06QfEykdY5qJSGYF1Nv7u3U6Mg6xPesCG7lM4KKB%2Bupbr%2B%2Fl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758f12b98c5b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8c1fff5149f498228a0429b2fa478b3e
ee1813ce794f3d43cfc3be96f58cf8480a5a50d1
93796bbb876ee0e717cc92ff7652727040bb732e59e01ddee52a4c10d23ed174
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "93796BBB876EE0E717CC92FF7652727040BB732E59E01DDEE52A4C10D23ED174"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1553
Expires: Wed, 07 Dec 2022 00:19:30 GMT
Date: Tue, 06 Dec 2022 23:53:37 GMT
Connection: keep-alive
ttzytp3.com/upload/vod/20221206-1/03bbe17ec327f1e69dd60092b8d63d80.jpg
23.224.136.188200 OK 225 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/03bbe17ec327f1e69dd60092b8d63d80.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x537, components 3\012- data
Size 225 kB (224886 bytes)
Hash 731e8e32a7c9d3e52688dc49dacb505b
cf76e2b209aad3e1b772741ff653fe64a32a9961
cc49b05209f158d03abef1d662d58c1c395f4b7fdb64b247ba5d9acb26b4d8aa
GET /upload/vod/20221206-1/03bbe17ec327f1e69dd60092b8d63d80.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:37 GMT
Content-Type: image/jpeg
Content-Length: 224886
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:42 GMT
ETag: "638f474a-36e76"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20221206-1/9a3dc0a11f02a4858eaebc53fb995551.jpg
23.224.136.188200 OK 190 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/9a3dc0a11f02a4858eaebc53fb995551.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x539, components 3\012- data
Size 190 kB (189852 bytes)
Hash 1141d1e80f4980b00cb304bc3e0851ca
542235aa604a4e8d60a31916602960531e9f083c
986f6f3306362f5ac3a69a713d9225528977aface3715bd7c9e5718738dada1a
GET /upload/vod/20221206-1/9a3dc0a11f02a4858eaebc53fb995551.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:37 GMT
Content-Type: image/jpeg
Content-Length: 189852
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:42 GMT
ETag: "638f474a-2e59c"
Accept-Ranges: bytes
xb3.hadhd.com/template/web/zxbf.js
156.251.146.196200 OK 858 B URL HTTP/2 xb3.hadhd.com/template/web/zxbf.js
IP 156.251.146.196:0
Hash 399e55d0d296bcf427e9a9b0b3f1f74f
465d3c1b2b66bebdac3c9a6dccd9bd6bd7154410
063a69da32a8ea89ea3d0e5954234112b056a5bf774f51965a1dfa943e7b3bc7
GET /template/web/zxbf.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 16:49:35 GMT
vary: Accept-Encoding
etag: W/"638f729f-12c9"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20221206-1/3aadfd5645bd5472b2b6a3d91a3d1ebe.jpg
23.224.136.188200 OK 186 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/3aadfd5645bd5472b2b6a3d91a3d1ebe.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 186 kB (186034 bytes)
Hash 07c0a0cf3fbd4280924574e615290d12
a083d7d102485f5ec6d654fe4f297f10f2d3962f
5cc46917a397c81352c3ead1f245dc525feeeacc2560ae495086f822793ec6a3
GET /upload/vod/20221206-1/3aadfd5645bd5472b2b6a3d91a3d1ebe.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:37 GMT
Content-Type: image/jpeg
Content-Length: 186034
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:42 GMT
ETag: "638f474a-2d6b2"
Accept-Ranges: bytes
hm.baidu.com/hm.js?1f1fc0976934b3c98a8d2495b7812387
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1f1fc0976934b3c98a8d2495b7812387
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 8d72e681434f7a1e21011ce9a1854ba6
8b08105945cdcf26ec5815f955eef964b68220a2
35b6fe34f74629ab0263dadf2698fe20aee5ca72acca3a8e7de73ac484855231
GET /hm.js?1f1fc0976934b3c98a8d2495b7812387 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 23:53:37 GMT
Etag: 8ca91dc5d09887ed112d4514a5b66678
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=25BA26D3E131723C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 32f8a07564666588f30ab92d21ed7864
d068d31c420db0f40e56da0519f2489ba29c4f74
d3504d18e8037eca9a16197bb4235d873432bcca3c2a360cb67971e003248ef2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D3504D18E8037ECA9A16197BB4235D873432BCCA3C2A360CB67971E003248EF2"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19397
Expires: Wed, 07 Dec 2022 05:16:54 GMT
Date: Tue, 06 Dec 2022 23:53:37 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8c1fff5149f498228a0429b2fa478b3e
ee1813ce794f3d43cfc3be96f58cf8480a5a50d1
93796bbb876ee0e717cc92ff7652727040bb732e59e01ddee52a4c10d23ed174
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "93796BBB876EE0E717CC92FF7652727040BB732E59E01DDEE52A4C10D23ED174"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17837
Expires: Wed, 07 Dec 2022 04:50:55 GMT
Date: Tue, 06 Dec 2022 23:53:38 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 19ed7fe1c4a8419d8f14a7e5e55484ec
2acc74743375dc64eaa07dac94c1589b86ac154b
d4849f48d80801fe935b0af9a36569109c3b38f5c63abcea4a3757efc3f02145
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D4849F48D80801FE935B0AF9A36569109C3B38F5C63ABCEA4A3757EFC3F02145"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4618
Expires: Wed, 07 Dec 2022 01:10:36 GMT
Date: Tue, 06 Dec 2022 23:53:38 GMT
Connection: keep-alive
max009.top/4f5ca562874d2b77c6c37263e48db5c6.gif
104.21.235.59200 OK 845 kB URL HTTP/2 max009.top/4f5ca562874d2b77c6c37263e48db5c6.gif
IP 104.21.235.59:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /4f5ca562874d2b77c6c37263e48db5c6.gif HTTP/1.1
Host: max009.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xb3.hadhd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 845326
last-modified: Sat, 01 Oct 2022 05:25:56 GMT
etag: "6337cf64-ce60e"
expires: Thu, 29 Dec 2022 10:59:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 651242
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkOBmRiGSRt2fFydA2Z5sJfn29AMLCJ2g2sZ9fdIz%2BpG68%2B%2FOSuHfemB%2BILzow%2B%2F%2BeGP3mDpo259L5rkqqnsSCJ1H1UdDDqw1DMgqGXiHIaBw3zfYtxqgpZpvaDb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758f12c1af071c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20221206-1/be01be30def19335cafe9161347894ee.jpg
23.224.136.188200 OK 131 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/be01be30def19335cafe9161347894ee.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 709x477, components 3\012- data
Size 131 kB (130922 bytes)
Hash e196d2d0535745a3371bb5f5dc7f5665
ba3af4d8f4faf3693b5b7b10ffbc6789c22d7007
104d1eec41f14e726596a75c030ec3ceb0cd269ecee458e96698c507c326ddf6
GET /upload/vod/20221206-1/be01be30def19335cafe9161347894ee.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:38 GMT
Content-Type: image/jpeg
Content-Length: 130922
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:41 GMT
ETag: "638f4749-1ff6a"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20221206-1/1a0a698e76b05b48ef3ef658c98db9b4.jpg
23.224.136.188200 OK 174 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/1a0a698e76b05b48ef3ef658c98db9b4.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 174 kB (173527 bytes)
Hash 877701c5fdd60256ecf9bd7b4d1fcb45
5baac695fb03b94059f77732bd305c9f82f356d5
952178f7c199f6ebf83c4156cb78ef6b6a4755b638f3ddbdcd672d0136951a54
GET /upload/vod/20221206-1/1a0a698e76b05b48ef3ef658c98db9b4.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:37 GMT
Content-Type: image/jpeg
Content-Length: 173527
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:42 GMT
ETag: "638f474a-2a5d7"
Accept-Ranges: bytes
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.21.28.152200 OK 919 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.21.28.152:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xb3.hadhd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:38 GMT
content-type: image/gif
content-length: 918679
last-modified: Thu, 01 Dec 2022 15:44:20 GMT
etag: "6388cbd4-e0497"
expires: Sat, 31 Dec 2022 16:43:30 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 457808
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXh9mhYgx7gAiPxAj069ZCT2d5NExVEV06Qu7mnT2HZCfe0wob2cZHer5ZM3Vh80SVbgZCgUk0fFFK9KwSv4tqjDeWIEl%2FygY2VW%2BxzO6FuAEjrB4RCdLwNbIiKZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758f12d2a7bb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/GG/k14.gif
156.251.146.196200 OK 73 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/k14.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /template/web/GG/k14.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: image/gif
content-length: 73223
last-modified: Sat, 28 May 2022 04:43:32 GMT
etag: "6291a874-11e07"
expires: Thu, 05 Jan 2023 23:53:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?35d04a7d0ada2b49f1c51725fde2aae6
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?35d04a7d0ada2b49f1c51725fde2aae6
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 6e401ae41770a46068d06c1727bfd5f1
4f7d21ff1a05a2738b31b705376d73e1b43dd95b
796301361c2dbbfb94c8123d561e61e9c4d02d23c81a8bbf497afbefb399d630
GET /hm.js?35d04a7d0ada2b49f1c51725fde2aae6 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 23:53:37 GMT
Etag: b9cefca9303dd49353ba2efdbab884d2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EAF2377CDC4B9609; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
xb3.hadhd.com/template/web/GG/d10.gif
156.251.146.196200 OK 119 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/d10.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 119 kB (119145 bytes)
Hash 03611dd134898d951bd6479076eee32b
4aef7215e5d6206ededff3fff78d735064e6fbb5
9c3ea4fa33413bfe2175b5e9eac750617538bafe475a84367d0c6d693c75c076
GET /template/web/GG/d10.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: image/gif
content-length: 119145
last-modified: Sat, 23 Apr 2022 04:49:11 GMT
etag: "62638547-1d169"
expires: Thu, 05 Jan 2023 23:53:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xb3.hadhd.com/template/meizhuama/fonts/iconfont.woff
156.251.146.196200 OK 525 B URL HTTP/2 xb3.hadhd.com/template/meizhuama/fonts/iconfont.woff
IP 156.251.146.196:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
GET /template/meizhuama/fonts/iconfont.woff HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xb3.hadhd.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: font/woff
content-length: 525
last-modified: Sun, 06 Mar 2022 14:12:36 GMT
etag: "6224c154-20d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/GG/k1.gif
156.251.146.196200 OK 167 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/k1.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 167 kB (167104 bytes)
Hash 9387415ad469299bf6e3bb5c1bbc77e2
cc52974b6ed2239afbbd4088c675fceb0d75cd22
912ce0aceb7de66266542ec85454be033b0a285c975dd7fc8f0d43eecb8716ce
GET /template/web/GG/k1.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: image/gif
content-length: 167104
last-modified: Fri, 27 May 2022 05:30:54 GMT
etag: "6290620e-28cc0"
expires: Thu, 05 Jan 2023 23:53:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 32f8a07564666588f30ab92d21ed7864
d068d31c420db0f40e56da0519f2489ba29c4f74
d3504d18e8037eca9a16197bb4235d873432bcca3c2a360cb67971e003248ef2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D3504D18E8037ECA9A16197BB4235D873432BCCA3C2A360CB67971E003248EF2"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19396
Expires: Wed, 07 Dec 2022 05:16:54 GMT
Date: Tue, 06 Dec 2022 23:53:38 GMT
Connection: keep-alive
ttzytp3.com/upload/vod/20221206-1/3c1921e102aca72cbb062da9f54452bb.jpg
23.224.136.188200 OK 199 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/3c1921e102aca72cbb062da9f54452bb.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 199 kB (199076 bytes)
Hash 2dc3c6eab50baaf8396ba8fb216ac4ed
945b8a36688ea4b295a856184746d2c1c5f555a1
0de81eb0505c53f0a94eccf20d8f78d8f34491fba90be71d50e66b66fd7e0c41
GET /upload/vod/20221206-1/3c1921e102aca72cbb062da9f54452bb.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:38 GMT
Content-Type: image/jpeg
Content-Length: 199076
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:41 GMT
ETag: "638f4749-309a4"
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
IP 216.58.211.3:0
Hash 494aaaf4b850e21c93f05fd18de163c8
65651bfdb5feac6f09fd5fdcc0a92e13f10c9b52
fbff6623f1743a6ba9387ad1bb719492678d0d3bfb043f64a47e105d13c24845
POST /s/gts1p5/6NFsAw0VKxk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 19ed7fe1c4a8419d8f14a7e5e55484ec
2acc74743375dc64eaa07dac94c1589b86ac154b
d4849f48d80801fe935b0af9a36569109c3b38f5c63abcea4a3757efc3f02145
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D4849F48D80801FE935B0AF9A36569109C3B38F5C63ABCEA4A3757EFC3F02145"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4618
Expires: Wed, 07 Dec 2022 01:10:36 GMT
Date: Tue, 06 Dec 2022 23:53:38 GMT
Connection: keep-alive
kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
18.155.68.9200 OK 65 kB URL HTTP/1.1 kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP 18.155.68.9:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 65414
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:07:51 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 06 Dec 2022 10:42:49 GMT
ETag: "514c48163ce5b65fb6bf16d8578b478b"
X-Cache: Hit from cloudfront
Via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: U14N075EQDpIY4bVipHAiP398zXMR4ZeOnWnadLFzRxKyhOAgA4-MQ==
Age: 47449
ttzytp3.com/upload/vod/20221206-1/43aa3ea6d47d487c2c5ed9566472cc1d.jpg
23.224.136.188200 OK 225 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/43aa3ea6d47d487c2c5ed9566472cc1d.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x539, components 3\012- data
Size 225 kB (224923 bytes)
Hash f50713533562eb2bf5508fabb0a21b11
542fe24dc91b7f51dcc27d52c3ca072b4dd56eb1
247053d5c2209c2fa5a7155d449f19a268c3e412925ca3bd9b1b00f017490108
GET /upload/vod/20221206-1/43aa3ea6d47d487c2c5ed9566472cc1d.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:38 GMT
Content-Type: image/jpeg
Content-Length: 224923
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:51 GMT
ETag: "638f4753-36e9b"
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
IP 216.58.211.3:0
Hash 494aaaf4b850e21c93f05fd18de163c8
65651bfdb5feac6f09fd5fdcc0a92e13f10c9b52
fbff6623f1743a6ba9387ad1bb719492678d0d3bfb043f64a47e105d13c24845
POST /s/gts1p5/6NFsAw0VKxk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1840130417&si=1f1fc0976934b3c98a8d2495b7812387&su=http%3A%2F%2Fwww.besiktaszumbakursu.com%2F&v=1.3.0&lv=1&sn=14738&r=0&ww=1268&u=https%3A%2F%2Fxb3.hadhd.com%2F&tt=%E5%91%B7%E5%93%BA%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1840130417&si=1f1fc0976934b3c98a8d2495b7812387&su=http%3A%2F%2Fwww.besiktaszumbakursu.com%2F&v=1.3.0&lv=1&sn=14738&r=0&ww=1268&u=https%3A%2F%2Fxb3.hadhd.com%2F&tt=%E5%91%B7%E5%93%BA%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1840130417&si=1f1fc0976934b3c98a8d2495b7812387&su=http%3A%2F%2Fwww.besiktaszumbakursu.com%2F&v=1.3.0&lv=1&sn=14738&r=0&ww=1268&u=https%3A%2F%2Fxb3.hadhd.com%2F&tt=%E5%91%B7%E5%93%BA%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 23:53:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=941D08EA0C4C38A0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ttzytp3.com/upload/vod/20221206-1/2d480be55c821f6e69f367867030eea6.jpg
23.224.136.188200 OK 187 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/2d480be55c821f6e69f367867030eea6.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x537, components 3\012- data
Size 187 kB (187051 bytes)
Hash d013c8f9dc99e542e302cc60e4dc0529
a158de342391bd8c54639dcbf023678714004522
ceda8bc169e6856dbc90552daff1c02b2da4b968d7cd93cce9b96fcf0c3cee0c
GET /upload/vod/20221206-1/2d480be55c821f6e69f367867030eea6.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:38 GMT
Content-Type: image/jpeg
Content-Length: 187051
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:51 GMT
ETag: "638f4753-2daab"
Accept-Ranges: bytes
max002.top/68a7807de3933bf7079116fa9df99e6f.gif
104.21.233.253200 OK 366 kB URL HTTP/2 max002.top/68a7807de3933bf7079116fa9df99e6f.gif
IP 104.21.233.253:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: max002.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xb3.hadhd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:38 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Thu, 05 Jan 2023 17:25:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 23272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMKaX9QieFWLqoqyoTHrmMZru2sIj0PXKU1X7UuevcEYiQExRBHFbHNYHP5Dnq%2B150FyXmLd9uLYKhwNCQYgxK1mntaaybmjEDJ7T0IbJSb%2FL2PtvFr8ZKrEXZk5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758f12eca1475a1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.235.62200 OK 902 kB URL HTTP/2 kvtddd.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.235.62:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xb3.hadhd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:53:38 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Tue, 03 Jan 2023 23:06:12 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 175646
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViFt3kic3EUS1U31WWwrx8%2FOe6Ern47%2B%2BgNSZJCz7dmDgmjw7tIT456PS4UgUxSCsP65Qo0J%2FWjHqKO2aSy2rp6f6e0tqq0s8dZfsPuWuoPMbQeAYykQR6YxO6ei"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758f12ccf6a773e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/GG/t2.gif
156.251.146.196200 OK 254 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/t2.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 254 kB (253670 bytes)
Hash bace60a0adc9bdd54f7c83058456a847
4867fd68497b7db5c4e5bbdde781cf098dbabd22
17a4f7b3d5caf413211515976326969951cc1bb9a3e32a9caa885fd6e3109368
GET /template/web/GG/t2.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 253670
last-modified: Tue, 10 May 2022 09:20:01 GMT
etag: "627a2e41-3dee6"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/GG/dp1.gif
156.251.146.196200 OK 141 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/dp1.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 141 kB (141174 bytes)
Hash 2846430b1663c942a9d2a92c559667cd
2b7d07a004fa13af572b8d5d6317594c1eee9eec
b1357936607e4478fa840a29b58e6714f0063f4a90e28571bd8c8be4e175d74e
GET /template/web/GG/dp1.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 141174
last-modified: Mon, 25 Apr 2022 12:29:49 GMT
etag: "6266943d-22776"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/app.js
156.251.146.196200 OK 675 kB URL HTTP/2 xb3.hadhd.com/template/web/app.js
IP 156.251.146.196:0
Size 675 kB (675096 bytes)
Hash 28e52f6cedb3f2198044f4ad024d30b1
4d2bb81b18250d6151aa959b875a8e0d187a7225
bdb138f85d6c7639dc5e40ef58ab0eb935cdb91fa7f95b096f5f6ce2641fa45a
GET /template/web/app.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 16:53:57 GMT
vary: Accept-Encoding
etag: W/"638f73a5-2433"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/GG/xxx1.gif
156.251.146.196200 OK 553 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/xxx1.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 200 x 252\012- data
Size 553 kB (552798 bytes)
Hash 91d07389688e8efa64691b2e60121992
7e0bb709dd99efb0076fd5ce62a6b244acdc30d1
a95c5eaa76c0863eb4bf0a11d77f203f3a691ba3254da27820ab7c561186b34a
GET /template/web/GG/xxx1.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 552798
last-modified: Sat, 19 Nov 2022 15:51:37 GMT
etag: "6378fb89-86f5e"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/GG/122.gif
156.251.146.196200 OK 301 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/122.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 301 kB (301024 bytes)
Hash 924fb352713ee10f6f4bce3167ccce13
127a437f7a5020f7e7c08b6c6465be55dcb32e0c
6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
GET /template/web/GG/122.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: image/gif
content-length: 301024
last-modified: Wed, 09 Mar 2022 10:04:32 GMT
etag: "62287bb0-497e0"
expires: Thu, 05 Jan 2023 23:53:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20221206-1/ae3f128b4ffbbcb2a8564a88f382b231.jpg
23.224.136.188200 OK 186 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/ae3f128b4ffbbcb2a8564a88f382b231.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 186 kB (185628 bytes)
Hash fa8c2b91e334a77908b5dcecb0f2c20c
46a8fbfade44564e610e8437f6e2fce584d27260
7aa35ad4c692cb9f9919d308d3639f62558b3ebde640835b0c430581d2fd09a7
GET /upload/vod/20221206-1/ae3f128b4ffbbcb2a8564a88f382b231.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:38 GMT
Content-Type: image/jpeg
Content-Length: 185628
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:51 GMT
ETag: "638f4753-2d51c"
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1362839056&si=35d04a7d0ada2b49f1c51725fde2aae6&su=http%3A%2F%2Fwww.besiktaszumbakursu.com%2F&v=1.3.0&lv=1&sn=14738&r=0&ww=1268&u=https%3A%2F%2Fxb3.hadhd.com%2F&tt=%E5%91%B7%E5%93%BA%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1362839056&si=35d04a7d0ada2b49f1c51725fde2aae6&su=http%3A%2F%2Fwww.besiktaszumbakursu.com%2F&v=1.3.0&lv=1&sn=14738&r=0&ww=1268&u=https%3A%2F%2Fxb3.hadhd.com%2F&tt=%E5%91%B7%E5%93%BA%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1362839056&si=35d04a7d0ada2b49f1c51725fde2aae6&su=http%3A%2F%2Fwww.besiktaszumbakursu.com%2F&v=1.3.0&lv=1&sn=14738&r=0&ww=1268&u=https%3A%2F%2Fxb3.hadhd.com%2F&tt=%E5%91%B7%E5%93%BA%E8%B5%84%E6%BA%90%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 23:53:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F1770E8BE15F895D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ttzytp3.com/upload/vod/20221206-1/54f8c0c786897036482d5ba6c252634d.jpg
23.224.136.188200 OK 179 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/54f8c0c786897036482d5ba6c252634d.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x534, components 3\012- data
Size 179 kB (178787 bytes)
Hash 85fa21aa908ef766c80282c5a3b34abe
a6bc4e8cc09574e6904bba90dcfb54ed70ce8a91
3bb9dd0021df1638a355e7cbaecda4388e4e0f5246738e8257c0456beb5e8592
GET /upload/vod/20221206-1/54f8c0c786897036482d5ba6c252634d.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:38 GMT
Content-Type: image/jpeg
Content-Length: 178787
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:51 GMT
ETag: "638f4753-2ba63"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20221206-1/f5c1960b5f974af108ee9b81c7c83633.jpg
23.224.136.188200 OK 199 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/f5c1960b5f974af108ee9b81c7c83633.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x534, components 3\012- data
Size 199 kB (199352 bytes)
Hash b2ef3b975e2a99faa7574abb7038e24b
18de9edf289676f7a9e8265892382cee01f74f30
f3a591437cc2e03943ef7d34f83a4088c6ccfe00d5492378691ce8d6d21346be
GET /upload/vod/20221206-1/f5c1960b5f974af108ee9b81c7c83633.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:38 GMT
Content-Type: image/jpeg
Content-Length: 199352
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:50 GMT
ETag: "638f4752-30ab8"
Accept-Ranges: bytes
xb3.hadhd.com/template/web/GG/4.gif
156.251.146.196200 OK 279 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/4.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 200 x 113\012- data
Size 279 kB (279026 bytes)
Hash 42809e0a73309f01de7651ab3b712cb4
19a1658a10d4e8ca6831a824d4bccbb35dcbf113
da7e1e1332d196cde6cc3a7b9c758abb4493e9708799e7836551823dd399b13d
GET /template/web/GG/4.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 279026
last-modified: Wed, 11 May 2022 08:12:44 GMT
etag: "627b6ffc-441f2"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
gif.xjabre.net/GIF/GG.gif
172.247.31.99200 OK 103 kB URL HTTP/2 gif.xjabre.net/GIF/GG.gif
IP 172.247.31.99:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 103 kB (102652 bytes)
Hash 4ea87bf064b6a321a25be03966f1fe52
950e88121e18e47880340351cd8b435ef009dd16
1d1efeb6b9857e9d7ea6ec4c94154c0a61b3bcf9251108fe527adec84fbde332
GET /GIF/GG.gif HTTP/1.1
Host: gif.xjabre.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 102652
last-modified: Tue, 15 Nov 2022 06:13:56 GMT
etag: "63732e24-190fc"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/dh1.js
156.251.146.196200 OK 621 kB URL HTTP/2 xb3.hadhd.com/template/web/dh1.js
IP 156.251.146.196:0
Size 621 kB (620689 bytes)
Hash cd01b3fda750e838036cd1b6cbfd137a
b86db8f67add390e1bd474c74d99798d916d1b8c
0a89d0d8bd8cd8757b0aa3c811ba4906b490533e384d7d2357ed6044bd3e565e
GET /template/web/dh1.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 16:48:51 GMT
vary: Accept-Encoding
etag: W/"638f7273-11b5"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8adbfe5f74ca7a301df04dda468dc2e4
4528f3f14121d4ccbbf1d9fbc30aabae0a08e71c
cb8434dba323656c9c0542672c83732215ec9040f5c2e4a95ccd61bdadee7306
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:53:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 06:28:36 GMT
Expires: Sun, 11 Dec 2022 06:28:35 GMT
Etag: "4528f3f14121d4ccbbf1d9fbc30aabae0a08e71c"
Cache-Control: max-age=368696,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758f1313b1bb503-OSL
xb3.hadhd.com/template/web/GG/55.gif
156.251.146.196200 OK 834 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/55.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 140 x 206\012- data
Size 834 kB (834244 bytes)
Hash 3965598665b057b276ed86263c36f334
f8374496c56ad6cd140a9bd009b0637c8ce91a35
5efcea93fd0c2cb8059ea79144c6bfb6b094b5810e21cf6e2168ef51ac2fd36a
GET /template/web/GG/55.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 834244
last-modified: Wed, 11 May 2022 08:28:17 GMT
etag: "627b73a1-cbac4"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/GG/dp2.gif
156.251.146.196200 OK 767 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/dp2.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 767 kB (766938 bytes)
Hash 06f924cdbba4e6c4765765139a404682
7eaadc65f26a4fe45240e14f96c29aa53e721775
514dc1d00a06bed8dbb2a891aa73b6ff70cd32772f582df1c2c959c856d45a5d
GET /template/web/GG/dp2.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 766938
last-modified: Mon, 25 Apr 2022 12:29:50 GMT
etag: "6266943e-bb3da"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/GG/dp4.gif
156.251.146.196200 OK 747 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/dp4.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 747 kB (746571 bytes)
Hash 84e8edecf6c28c8218e0a7b1ad9ea414
3897e6bf1a2292c59b45e44d2b9c38e45f8f9a6f
356abb92d87698d59a4af16304d13e760b032739634c495fba68568e82d5c1ce
GET /template/web/GG/dp4.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 746571
last-modified: Mon, 25 Apr 2022 12:29:52 GMT
etag: "62669440-b644b"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fls003.com/upload/uploads-images/default/other/2022-10-17/8cdc88ee844c3c65adc3555c66696f42.gif?_v=20220701
54.192.99.58200 OK 110 kB URL HTTP/2 fls003.com/upload/uploads-images/default/other/2022-10-17/8cdc88ee844c3c65adc3555c66696f42.gif?_v=20220701
IP 54.192.99.58:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 110 kB (110506 bytes)
Hash 8da7cb8f2784403c85084b571e4e40ca
e40eb9d426029b12a9fb15f61c415d0042a888c0
8ae55a9cf08f85570d390d8176cb306c39516287e487ac01a537f15fe3d01fac
GET /upload/uploads-images/default/other/2022-10-17/8cdc88ee844c3c65adc3555c66696f42.gif?_v=20220701 HTTP/1.1
Host: fls003.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 110506
server: nginx
date: Tue, 06 Dec 2022 23:53:38 GMT
last-modified: Mon, 17 Oct 2022 13:40:31 GMT
etag: "634d5b4f-1afaa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 8021f954d329869476f935f2fb14e66e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: tfwo1L-y0jhsIs3DlZn9DGXRIwvwgojlD8PJ5UvNpMDddxynlKb_cg==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8adbfe5f74ca7a301df04dda468dc2e4
4528f3f14121d4ccbbf1d9fbc30aabae0a08e71c
cb8434dba323656c9c0542672c83732215ec9040f5c2e4a95ccd61bdadee7306
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:53:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 06:28:36 GMT
Expires: Sun, 11 Dec 2022 06:28:35 GMT
Etag: "4528f3f14121d4ccbbf1d9fbc30aabae0a08e71c"
Cache-Control: max-age=368696,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758f130be8eb51b-OSL
xb3.hadhd.com/template/web/GG/xx7.gif
156.251.146.196200 OK 360 kB URL HTTP/2 xb3.hadhd.com/template/web/GG/xx7.gif
IP 156.251.146.196:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 360 kB (359977 bytes)
Hash 14950db3ed3afbd5ed56e866a5f42fcb
6872ddf2a12966c6a69eaffff2bf807034168ba7
2f9b3f10f9691fadd60822c131a5ce89679f0ce97792e90863d51320e1845e97
GET /template/web/GG/xx7.gif HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:37 GMT
content-type: image/gif
content-length: 359977
last-modified: Sat, 19 Nov 2022 12:26:52 GMT
etag: "6378cb8c-57e29"
expires: Thu, 05 Jan 2023 23:53:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20221205-1/4ce151fd2da4f7695944ef5c328fc2e1.jpg
23.224.136.188200 OK 96 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20221205-1/4ce151fd2da4f7695944ef5c328fc2e1.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=960, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=540], baseline, precision 8, 1077x718, components 3\012- data
Hash f12f3259d7829325cf1c7cd4963ecda2
75177a481e09d0b12e4ffef3fbaabfa8880a3798
37e094175268b1fa016504d4e913c4c82224dcc97a68ca0fd4edc9ded5173ee1
GET /upload/vod/20221205-1/4ce151fd2da4f7695944ef5c328fc2e1.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:36 GMT
Content-Type: image/jpeg
Content-Length: 95676
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 11:12:58 GMT
ETag: "638dd23a-175bc"
Accept-Ranges: bytes
xb3.hadhd.com/template/meizhuama/fonts/iconfont.ttf
156.251.146.196200 OK 1.2 kB URL HTTP/2 xb3.hadhd.com/template/meizhuama/fonts/iconfont.ttf
IP 156.251.146.196:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
GET /template/meizhuama/fonts/iconfont.ttf HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:38 GMT
content-type: application/octet-stream
content-length: 1163
last-modified: Sun, 06 Mar 2022 14:17:48 GMT
etag: "6224c28c-48b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvevv.com/4b6dde2b3f39cee4956a18a192534906.gif
18.155.68.9200 OK 325 kB URL HTTP/1.1 kvevv.com/4b6dde2b3f39cee4956a18a192534906.gif
IP 18.155.68.9:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 325 kB (325185 bytes)
Hash f6abc830b4c6c36a82db7bc9c87d79db
deda6d00011a2f90e666ce239ce43139f8e8b2ef
eca7c8dc365cd60e9fc4076bce5e618d6cf1ed7176d2da027be2b23f065109a9
GET /4b6dde2b3f39cee4956a18a192534906.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 325185
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:06:14 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 06 Dec 2022 10:42:50 GMT
ETag: "f6abc830b4c6c36a82db7bc9c87d79db"
X-Cache: Hit from cloudfront
Via: 1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: 7e6SRgjg9WD4F0jHwwD5bnif22JWimB08isdJfnFDLIeD5WmIlVhAw==
Age: 47448
xb3.hadhd.com/template/web/xx3.js
156.251.146.196200 OK 699 kB URL HTTP/2 xb3.hadhd.com/template/web/xx3.js
IP 156.251.146.196:0
Size 699 kB (698622 bytes)
Hash 6fb4566c3cd2bd0217076ed906b7d156
3e52bd688064cd6b336babcdf941b5ed4e6b6a42
e80fac8cec24958f4f262b06c3e93f40d02b45d8c6e10c60cac9dfc672783c27
GET /template/web/xx3.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 17:13:47 GMT
vary: Accept-Encoding
etag: W/"638f784b-9fe"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ntvxbf7.com/7a4bba1f2d494d268e4e3d01f7b02f09.gif
45.61.212.52200 OK 73 kB URL HTTP/1.1 ntvxbf7.com/7a4bba1f2d494d268e4e3d01f7b02f09.gif
IP 45.61.212.52:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash 68b499187d4013f220129a499602b1f9
80f5fbd2ff84d9e55159bbb5d7871415391cf382
e5bc92b24d0ecf1febf05f08c0787be05413a6bf82bb950505e6a34c492af6ae
Analyzer Verdict Alert quad9 Sinkholed
GET /7a4bba1f2d494d268e4e3d01f7b02f09.gif HTTP/1.1
Host: ntvxbf7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6294b7c2-11daf"
Date: Tue, 15 Nov 2022 19:41:05 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 30 May 2022 12:25:38 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-22
Content-Length: 73135
img.1158555.com/images/638f5e4d93f8ec5e6b5c07f8.gif
185.239.226.87302 Found 727 B URL HTTP/2 img.1158555.com/images/638f5e4d93f8ec5e6b5c07f8.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
Hash 0f16558350cdc0791ab380ce4cd55636
7a1654c58ed6498272e499839d14aa99909199e8
6162272254439de90561c9a5529ea309b8d2dbd2522299ec26ca6fed6afe4532
GET /images/638f5e4d93f8ec5e6b5c07f8.gif HTTP/1.1
Host: img.1158555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/44806b63977c4233aff487907a4efa90
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/44806b63977c4233aff487907a4efa90
47.246.44.224200 OK 180 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/44806b63977c4233aff487907a4efa90
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 130 x 130\012- data
Size 180 kB (179559 bytes)
Hash 12bddb3d218b1092cafee407bf7a769a
9df85c0c5e60970e9cd10f06aa586155730d4a8b
08cffaa5b2b7e8c8205ee009f1c813ef36d2ebaa83667ff4078d8242f9f959ac
GET /obj/tos-cn-i-dy/44806b63977c4233aff487907a4efa90 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 179559
date: Mon, 05 Dec 2022 13:26:09 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 12:45:39 GMT
nw-session-id: 2022120520453801020402415421C55112msshl01dy
nw-session-trace: 2022-12-05T20:45:39.019875998+08:00 38
x-bdcdn-cache-status: TCP_HIT
x-length: 179559
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 20:45:39 GMT
x-tt-logid: 2022120520453801020402415421C55112
via: n132-082-090, cache1.l2de2[0,0,206-0,H], cache21.l2de2[0,0], cache21.l2de2[1,0], cache1.se1[0,0,200-0,H], cache3.se1[2,0]
x-request-ip: fdbd:dc03:8:579::167
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01fd379e806552472691cc785c4d3ee565d551db217bf2923320eb014dc36052a94fa95496fa3683998372ab46e94b1970a6ecb8807ef77d2d3045545758b6d7f63fb29df3755e279e363a53c9de7fa241d0ab5810c8deb447d876fdfaf427042f
x-response-lb: image
ali-swift-global-savetime: 1670246770
age: 124049
x-cache: HIT TCP_MEM_HIT dirn:4:55130599
x-swift-savetime: Mon, 05 Dec 2022 14:21:20 GMT
x-swift-cachetime: 31532690
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716703708194202800e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 0f16558350cdc0791ab380ce4cd55636
7a1654c58ed6498272e499839d14aa99909199e8
6162272254439de90561c9a5529ea309b8d2dbd2522299ec26ca6fed6afe4532
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165688
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:53:39 GMT
Etag: "638fba3b-2d7"
Expires: Thu, 08 Dec 2022 21:55:07 GMT
Last-Modified: Tue, 06 Dec 2022 21:55:07 GMT
Server: nginx
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
47.246.44.224200 OK 460 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 460 kB (459882 bytes)
Hash 9755d798f1df0ff90ff281daf889c27e
6684c546dc5b1e65c84786cf929562e4bf5a4854
86943358042194179070f2e3fa41e8296cd53999c5d025fdcaf6ddff98714f87
GET /obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 459882
date: Mon, 05 Dec 2022 11:57:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:29:24 GMT
nw-session-id: 202212051929240102090950660FC6D0DCgkhk903dy
nw-session-trace: 2022-12-05T19:29:24.652328753+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 459882
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:29:24 GMT
x-tt-logid: 202212051929240102090950660FC6D0DC
via: n132-078-099, cache9.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e53d331f021ee346a4a71cd251f620c397b4785e133000e4fcc6a1414827e76105afaf9318ee148ff06afa2468c0c77cf2a1905b0e38acce52cf9db0363cd74a65d3a109f76bc5c653c18372cd8b87f98cdbbed705c989cbdb2708cf3e5eac60
x-response-lb: image
ali-swift-global-savetime: 1670241457
age: 129362
x-cache: HIT TCP_MEM_HIT dirn:2:442320201
x-swift-savetime: Mon, 05 Dec 2022 12:00:14 GMT
x-swift-cachetime: 31535843
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716703708196082887e
X-Firefox-Spdy: h2
rootnetworksdv.ocsp-certum.com/
95.101.10.193200 OK 1.5 kB URL HTTP/1.1 rootnetworksdv.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 1dbb0a4c2d432ba20f383bf83b436b1a
4e640ddad1970ae908db4c55916a16e72cef5de0
3f1dd23f0ccb6a91c6f3d9db6ddb47b043d23e1c9f6360ac4d0d16e0cee07f6c
POST / HTTP/1.1
Host: rootnetworksdv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1490
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=661
Date: Tue, 06 Dec 2022 23:53:39 GMT
Connection: keep-alive
X-N: S
rootnetworksdv.ocsp-certum.com/
95.101.10.193200 OK 1.5 kB URL HTTP/1.1 rootnetworksdv.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 0cc5fa0f5710cbeed20ec843f6c5c81d
f0c2a6138a2e5fb7bfcbbd8eacad48a17d281696
b5091bd5570ea8a699ba0b52b2559c26e17c339979c81d493b9dec985b0fb029
POST / HTTP/1.1
Host: rootnetworksdv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1490
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 06 Dec 2022 23:53:39 GMT
Connection: keep-alive
X-N: S
xb3.hadhd.com/template/web/xx2.js
156.251.146.196200 OK 375 kB URL HTTP/2 xb3.hadhd.com/template/web/xx2.js
IP 156.251.146.196:0
Size 375 kB (375282 bytes)
Hash 34aba328d00e547caab1c2650006524a
c4fbd6531c5c65a4d8af1324e781575ba3b509fc
f2348a7e0dd0bb628723d8db422be4dc6eb501042f7994df82cd58b409d2175c
GET /template/web/xx2.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 16:49:16 GMT
vary: Accept-Encoding
etag: W/"638f728c-683"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
xb3.hadhd.com/template/web/dipiao.js
156.251.146.196200 OK 0 B URL HTTP/2 xb3.hadhd.com/template/web/dipiao.js
IP 156.251.146.196:0
GET /template/web/dipiao.js HTTP/1.1
Host: xb3.hadhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:53:36 GMT
content-type: application/javascript
last-modified: Sun, 15 May 2022 14:24:29 GMT
vary: Accept-Encoding
etag: W/"62810d1d-81a"
expires: Wed, 07 Dec 2022 11:53:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20221206-1/8fda736edf118df17c9869f0fd28dafc.jpg
23.224.136.188200 OK 0 B URL HTTP/1.1 ttzytp3.com/upload/vod/20221206-1/8fda736edf118df17c9869f0fd28dafc.jpg
IP 23.224.136.188:0
GET /upload/vod/20221206-1/8fda736edf118df17c9869f0fd28dafc.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xb3.hadhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 23:53:37 GMT
Content-Type: image/jpeg
Content-Length: 187543
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:44:41 GMT
ETag: "638f4749-2dc97"
Accept-Ranges: bytes