0516bm.com/book/5895/0.html
172.82.168.212301 Moved Permanently 0 B URL HTTP/1.1 0516bm.com/book/5895/0.html
IP 172.82.168.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /book/5895/0.html HTTP/1.1
Host: 0516bm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.0516bm.com/book/5895/0.html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 035772439731bbe3992c865f68e4b977
53fe2d0f678772b6b3e935aaca4d1ef82767e48f
9880ae6537e30af38e8d7ed612a5a44a54037d86686c63ef7eeebcc62cbda05f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9880AE6537E30AF38E8D7ED612A5A44A54037D86686C63EF7EEEBCC62CBDA05F"
Last-Modified: Sat, 01 Apr 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10524
Expires: Tue, 04 Apr 2023 05:45:54 GMT
Date: Tue, 04 Apr 2023 02:50:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c17f530e6db706fa5f9eb36a6cca4a4
446b60a425aae47b0adf5abd7e18e9f90f52c0bc
ccf1a90e945a18fb951654d29f128acdb3916d4dca315b0fad44ae8cc95be48e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCF1A90E945A18FB951654D29F128ACDB3916D4DCA315B0FAD44AE8CC95BE48E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16126
Expires: Tue, 04 Apr 2023 07:19:16 GMT
Date: Tue, 04 Apr 2023 02:50:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 02:16:35 GMT
content-type: application/json
age: 2035
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfa7240b39fdd332060e920c46349e55
4048b95ed6f1434eebbfd50296d21e3660c96448
53b261a56af518a9a5f27a6e08209e1c137d4c24947229567ee11f6b79cee7a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53B261A56AF518A9A5F27A6E08209E1C137D4C24947229567EE11F6B79CEE7A4"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2314
Expires: Tue, 04 Apr 2023 03:29:04 GMT
Date: Tue, 04 Apr 2023 02:50:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 95f61d351f5fc9533cc78e255ce9bc06
fba284117f347782ac23c51d141d7e3ec15a867e
7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3
GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oQEoD5hNOKbebi0EUj8939xnBckWJj4c6iu/9Ak9oSZYzqrD20dDMIbFVnBVwf5eW24ITR8YTsQ=
x-amz-request-id: SBX3QYAH3MACJMJZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 01:52:58 GMT
age: 3452
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.0516bm.com/book/5895/0.html
172.82.168.212200 OK 553 B URL HTTP/1.1 www.0516bm.com/book/5895/0.html
IP 172.82.168.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (737), with CRLF line terminators
Hash eb719a8e7a310ff0f2ee421254ce4ee4
6c12c984ee780ea97b8bec8ac375df6a6d654d4e
498a89cc923bc9c19e5c96fd098f8678bbd19a34634844624ea83a1cde2b9c33
Analyzer Verdict Alert fortinet Phishing
GET /book/5895/0.html HTTP/1.1
Host: www.0516bm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Expires, Retry-After, Cache-Control, Alert, Backoff, Pragma, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 02:17:29 GMT
age: 1981
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.0516bm.com/common.js
172.82.168.212200 OK 676 B IP 172.82.168.212:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1294), with no line terminators
Hash e36537c28b103b81acc51716b989dabf
8e84a89bc7fc62a4182fa97b63222e6ee3317744
02a341e4c74c93bf2ef964dbf7a09ec9404ff9697b79d6513b3cf46e0d820ef4
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.0516bm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.0516bm.com/book/5895/0.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2820ca2dae3aed6a76736f236502749b
d2e4995fdd0fbb64d9051f50be93023a752ef449
0ac73659b8f464575a3596da96a94fc6dbc26a4d5a90bec1331a5df5ad796006
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AC73659B8F464575A3596DA96A94FC6DBC26A4D5A90BEC1331A5DF5AD796006"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12289
Expires: Tue, 04 Apr 2023 06:15:19 GMT
Date: Tue, 04 Apr 2023 02:50:30 GMT
Connection: keep-alive
www.0516bm.com/tj.js
172.82.168.212200 OK 520 B IP 172.82.168.212:0
File type ASCII text, with CRLF line terminators
Hash f319f199df232e2aa0d743b6f3c03971
e240894747b6a3c1551494fb3f1ddf70fdf6c8ee
a147dad1ced9df62267363b434fa1e8cdf4b8fb99289e690f31640f6a5e9f3e9
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.0516bm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.0516bm.com/book/5895/0.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.services.mozilla.com/
34.213.54.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.54.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EPYoogQD3OVnyM92/HgbtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UifHLqxdMgjhT1dB4hWkrCHaRXg=
www.0516bm.com/favicon.ico
172.82.168.212200 OK 1.2 kB URL HTTP/1.1 www.0516bm.com/favicon.ico
IP 172.82.168.212:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.0516bm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.0516bm.com/book/5895/0.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 09 Apr 2023 02:50:35 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2007a069f5d6092055c5c5bc5413c2ed
78b2fd7c40540da74d413fc59eaece73662dcb72
d4e7ce8ccc0a584d53486051530fe8a7314e659017f02676f6ce83b2efe74e08
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4E7CE8CCC0A584D53486051530FE8A7314E659017F02676F6CE83B2EFE74E08"
Last-Modified: Mon, 03 Apr 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Tue, 04 Apr 2023 08:50:02 GMT
Date: Tue, 04 Apr 2023 02:50:31 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash eb2cb3d3d81e7c53977149ee03a363ef
6214530134c150bcf91b69234efa252a047c3e21
a613d4201434746f8dca06aab983e119fe6424b797f374adf8b0d566261163a3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 08 Apr 2023 01:05:28 GMT
ETag: "6214530134c150bcf91b69234efa252a047c3e21"
Last-Modified: Tue, 04 Apr 2023 01:05:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2809
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b263e8d0b0fb527-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash eb2cb3d3d81e7c53977149ee03a363ef
6214530134c150bcf91b69234efa252a047c3e21
a613d4201434746f8dca06aab983e119fe6424b797f374adf8b0d566261163a3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 08 Apr 2023 01:05:28 GMT
ETag: "6214530134c150bcf91b69234efa252a047c3e21"
Last-Modified: Tue, 04 Apr 2023 01:05:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2809
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b263e8d0e24b529-OSL
a2.cmbt8.com/template/web/dbxf.js
23.224.15.235200 OK 0 B URL HTTP/2 a2.cmbt8.com/template/web/dbxf.js
IP 23.224.15.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /template/web/dbxf.js HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:31 GMT
content-type: application/javascript
content-length: 0
last-modified: Mon, 13 Mar 2023 16:49:50 GMT
etag: "640f542e-0"
expires: Tue, 04 Apr 2023 14:50:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/meizhuama/ads/
23.224.15.235403 Forbidden 146 B URL HTTP/2 a2.cmbt8.com/template/meizhuama/ads/
IP 23.224.15.235:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9fe3cb2b7313dc79bb477bc8fde184a7
4d7b3cb41e90618358d0ee066c45c76227a13747
32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864
Analyzer Verdict Alert fortinet Phishing
GET /template/meizhuama/ads/ HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/app1.js
23.224.15.235200 OK 901 B URL HTTP/2 a2.cmbt8.com/template/web/app1.js
IP 23.224.15.235:0
File type HTML document, Unicode text, UTF-8 text
Hash 6b93310b70d142807a0ea0c09e87e2cf
302cdb784ef0a5d68e57f89739328db75eb9da23
28aa16e7d46732703dded60b43877e76e880c745be6874feb53235ef66698042
Analyzer Verdict Alert fortinet Phishing
GET /template/web/app1.js HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: application/javascript
content-length: 901
last-modified: Mon, 03 Apr 2023 08:43:35 GMT
etag: "642a91b7-385"
expires: Tue, 04 Apr 2023 14:50:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/app2.js
23.224.15.235200 OK 859 B URL HTTP/2 a2.cmbt8.com/template/web/app2.js
IP 23.224.15.235:0
File type HTML document, Unicode text, UTF-8 text
Hash c20224dbbd7570e39e51fc9c40223511
a7bdb8f19368878bd568f808330605aa44291129
1dee72dd9e6cc74b33658395f65e3683fdcdcf2f87a3cf9117ddd74553225ee7
Analyzer Verdict Alert fortinet Phishing
GET /template/web/app2.js HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: application/javascript
content-length: 859
last-modified: Mon, 03 Apr 2023 08:44:02 GMT
etag: "642a91d2-35b"
expires: Tue, 04 Apr 2023 14:50:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/zyxf.js
23.224.15.235200 OK 849 B URL HTTP/2 a2.cmbt8.com/template/web/zyxf.js
IP 23.224.15.235:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (507)
Hash 374025370e51e1c11b066d038faa6ded
0312e6c4aea1ecad1e89d7dddd4903bb64b2a7ce
efc6b40219ba240b70a426602dd630c9f509b64a124b55f707624cdb99922764
Analyzer Verdict Alert fortinet Phishing
GET /template/web/zyxf.js HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: application/javascript
content-length: 849
last-modified: Sun, 19 Mar 2023 02:40:37 GMT
etag: "64167625-351"
expires: Tue, 04 Apr 2023 14:50:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/1111.gif
23.224.15.235200 OK 193 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/1111.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 193 kB (192775 bytes)
Hash 2a8473b0751f565a9a92cff0d0525eb4
a9e7aa97e687466a338bf16b6c8a3e1338c1defa
907d459d656772bdeab141f597576780409e89554081ee074d2c62f9948a85b9
GET /template/web/GG/1111.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 192775
last-modified: Sun, 13 Mar 2022 08:36:46 GMT
etag: "622dad1e-2f107"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/meizhuama/ads/
23.224.15.235403 Forbidden 146 B URL HTTP/2 a2.cmbt8.com/template/meizhuama/ads/
IP 23.224.15.235:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9fe3cb2b7313dc79bb477bc8fde184a7
4d7b3cb41e90618358d0ee066c45c76227a13747
32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864
Analyzer Verdict Alert fortinet Phishing
GET /template/meizhuama/ads/ HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/zxbf.js
23.224.15.235200 OK 670 B URL HTTP/2 a2.cmbt8.com/template/web/zxbf.js
IP 23.224.15.235:0
Hash 250450fe272c70847945ad8a32e38054
2db77f179e83d85efc2e62382c65d0c1435fa98a
8a67d4b20a833088d88d6fc989d1fd5f50a02d270dbf43603127b7859038323c
Analyzer Verdict Alert fortinet Phishing
GET /template/web/zxbf.js HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: application/javascript
last-modified: Mon, 03 Apr 2023 08:46:01 GMT
vary: Accept-Encoding
etag: W/"642a9249-9f0"
expires: Tue, 04 Apr 2023 14:50:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e5f28f5329bce2675c8906728540afb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e5f28f5329bce2675c8906728540afb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash b403202fe2d50fcf0c2d902a4f1fb1f6
59561ca6076cb39cf44ca789e1ecb5ea48b40486
f84dd2b335aa66882ff460ca6870b808b577066d13eaee7f12dd0135345b86e3
GET /hm.js?e5f28f5329bce2675c8906728540afb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.0516bm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Tue, 04 Apr 2023 02:50:32 GMT
Etag: 9c691b7f8ee5b445ceb394d32bdbb46b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D9AF553F70CC042B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?9c701029d6c7ce8f18fa226adfd4f59d
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?9c701029d6c7ce8f18fa226adfd4f59d
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash b184b3ca5f82a2b12a0ff8bc34ea61a9
74b343469c28be1bb99ec9f38f4c9f7f7fecb8f7
f7470657fe6f65a836832734ae4a135a6820a0438234df742e783011867b8baf
GET /hm.js?9c701029d6c7ce8f18fa226adfd4f59d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.0516bm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Tue, 04 Apr 2023 02:50:32 GMT
Etag: 1cef81cdfa6eb614ba7b6089064dc0d9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EDA82BC9EDA043F0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
a2.cmbt8.com/template/meizhuama/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff
23.224.15.235404 Not Found 146 B URL HTTP/2 a2.cmbt8.com/template/meizhuama/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff
IP 23.224.15.235:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /template/meizhuama/fonts/1e500f419c3a4f24a89cb2dddf17de88.woff HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://a2.cmbt8.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
a2.cmbt8.com/template/meizhuama/images/video-play.png
23.224.15.235200 OK 1.6 kB URL HTTP/2 a2.cmbt8.com/template/meizhuama/images/video-play.png
IP 23.224.15.235:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/meizhuama/images/video-play.png HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/png
content-length: 1567
last-modified: Sun, 06 Mar 2022 14:17:50 GMT
etag: "6224c28e-61f"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1905462989&si=e5f28f5329bce2675c8906728540afb7&v=1.3.0&lv=1&sn=62628&r=0&ww=1280&u=http%3A%2F%2Fwww.0516bm.com%2Fbook%2F5895%2F0.html&tt=%E6%97%A0%E9%94%A1%E8%B6%B4%E7%85%A4%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1905462989&si=e5f28f5329bce2675c8906728540afb7&v=1.3.0&lv=1&sn=62628&r=0&ww=1280&u=http%3A%2F%2Fwww.0516bm.com%2Fbook%2F5895%2F0.html&tt=%E6%97%A0%E9%94%A1%E8%B6%B4%E7%85%A4%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1905462989&si=e5f28f5329bce2675c8906728540afb7&v=1.3.0&lv=1&sn=62628&r=0&ww=1280&u=http%3A%2F%2Fwww.0516bm.com%2Fbook%2F5895%2F0.html&tt=%E6%97%A0%E9%94%A1%E8%B6%B4%E7%85%A4%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.0516bm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 04 Apr 2023 02:50:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=67C5413BD083D96A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
a2.cmbt8.com/template/web/GG/251.gif
23.224.15.235200 OK 57 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/251.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 180 x 180\012- data
Hash c8853c641e90aff2686a6049852b6b3a
320987fba791e5b8d2c4d8a7a9e8f08b053e5ce7
0fbed21d68150637b42777ebadc95f228e25453276ea0ef920ba24cc43a0b9c1
GET /template/web/GG/251.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 56758
last-modified: Thu, 24 Mar 2022 08:42:36 GMT
etag: "623c2efc-ddb6"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/250.gif
23.224.15.235200 OK 14 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/250.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 30958f0ded41d9ecdda597fb0f67efc7
0f5f6baea56fd26f79eb2325ae01478ca6010e9b
6b2b1f6737c5c5146c61dcc3bebcd337979f457765aa4346f625303ae94badf7
GET /template/web/GG/250.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 13764
last-modified: Sun, 22 May 2022 16:40:02 GMT
etag: "628a6762-35c4"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/599.gif
23.224.15.235200 OK 55 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/599.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash cdcad94f14cf66c6ef925cc7955f9988
114115753e7a2392a860f2e2eebd9249ad4c403a
522241287f2818f90a4d4addbeb265de91414a1a537debae00ae716de17fc8ca
GET /template/web/GG/599.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 55242
last-modified: Tue, 21 Jun 2022 13:36:22 GMT
etag: "62b1c956-d7ca"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=875849426&si=9c701029d6c7ce8f18fa226adfd4f59d&v=1.3.0&lv=1&sn=62628&r=0&ww=1280&u=http%3A%2F%2Fwww.0516bm.com%2Fbook%2F5895%2F0.html&tt=%E6%97%A0%E9%94%A1%E8%B6%B4%E7%85%A4%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=875849426&si=9c701029d6c7ce8f18fa226adfd4f59d&v=1.3.0&lv=1&sn=62628&r=0&ww=1280&u=http%3A%2F%2Fwww.0516bm.com%2Fbook%2F5895%2F0.html&tt=%E6%97%A0%E9%94%A1%E8%B6%B4%E7%85%A4%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=875849426&si=9c701029d6c7ce8f18fa226adfd4f59d&v=1.3.0&lv=1&sn=62628&r=0&ww=1280&u=http%3A%2F%2Fwww.0516bm.com%2Fbook%2F5895%2F0.html&tt=%E6%97%A0%E9%94%A1%E8%B6%B4%E7%85%A4%E8%88%AA%E5%A4%A9%E4%BF%A1%E6%81%AF%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.0516bm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 04 Apr 2023 02:50:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8F2006E72BD91A55; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
a2.cmbt8.com/template/web/GG/101.gif
23.224.15.235200 OK 43 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/101.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 300 x 100\012- data
Hash 38c465ae0d76a2122359410f1f95e23b
269756d127e90fd69c292881d48c2d27fb3e98cc
157de88ef9f6a8fb995bb29e146b41ba7cd11eed923d0a5d47e496d1e2af8d00
GET /template/web/GG/101.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 42782
last-modified: Sat, 22 Oct 2022 11:57:34 GMT
etag: "6353daae-a71e"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/ok11.jpg
23.224.15.235200 OK 34 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/ok11.jpg
IP 23.224.15.235:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 960x540, components 3\012- data
Hash d753fbec50b57f3c41b8aa53d54948f4
4776c462134e65d6b4f3dec6c0346c3f44fda795
3404984aaa27cbc69a8b00389b2914caf0fde5d1c700eb943fdb1c15f1b12b93
GET /template/web/GG/ok11.jpg HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/jpeg
content-length: 34030
last-modified: Wed, 31 Aug 2022 05:54:37 GMT
etag: "630ef79d-84ee"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/3-144.gif
23.224.15.235200 OK 830 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/3-144.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 144 x 144\012- data
Size 830 kB (829961 bytes)
Hash a1efda7796f0fbfdcbe6b08bb18a639c
786daad3715bc1ba25d1b5fd76e9f4df9f78aa46
797f52b2e61d11f38513e84f4f9c7a1d4fdb6885d5a607f62aeeb30704392c15
GET /template/web/GG/3-144.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 829961
last-modified: Sun, 12 Jun 2022 07:52:28 GMT
etag: "62a59b3c-caa09"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/x6.gif
23.224.15.235200 OK 80 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/x6.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash 3b6a5179b4a06bb8c98cab3aeaa698ed
c798dc8b16e3feaf91392cfa1cf839b4556fc243
64d5d65c65f47564411cce16d70dcca2aa83d5ad212ac46d3d9d0ba4ab8aee96
GET /template/web/GG/x6.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 80545
last-modified: Sat, 04 Feb 2023 05:17:48 GMT
etag: "63ddea7c-13aa1"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/d2.gif
23.224.15.235200 OK 74 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/d2.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash 5b4e72d18de28282b1d5d1dea7107ded
150f7f68aca2c046083e233aedeede50fb239c62
1798fc289463c275efca9b0de502a7912b5d821edecbdb7c4d1fd7d7ef15aa94
GET /template/web/GG/d2.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 74088
last-modified: Wed, 11 May 2022 04:54:41 GMT
etag: "627b4191-12168"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/t1.gif
23.224.15.235200 OK 106 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/t1.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 106 kB (106327 bytes)
Hash 2336a96779cb2e08b66270ceb110a6a9
b6e76df32721200d2b1e4ec51ec4d95fae6b28cf
cc652b77b9e8d3fc27d200dec560e0723f563a14bf5e761ad1286c30813ed8e9
GET /template/web/GG/t1.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 106327
last-modified: Thu, 12 May 2022 13:31:57 GMT
etag: "627d0c4d-19f57"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/150X.gif
23.224.15.235200 OK 114 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/150X.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 114 kB (113918 bytes)
Hash f003d6aa824b0d41498c97c017b3c8ba
192162490beedaa22ad3b47e317af0e531d75063
cd8c07e012fc3e4cbbf0d3174f6427dc8cb6c98aa8afcb9945692c3eb20ec66b
GET /template/web/GG/150X.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 113918
last-modified: Tue, 27 Dec 2022 03:58:05 GMT
etag: "63aa6d4d-1bcfe"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/2347.gif
23.224.15.235200 OK 73 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/2347.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 6ce732040d4d9750ef120f2a4221f362
f3114f09ed27718c62d54d6fbe08847421429a00
bf4e102a698f9d805b4d4209c8ca62ca20565344a8949d0efeedc6a720026c5b
GET /template/web/GG/2347.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 73223
last-modified: Sun, 22 May 2022 16:36:36 GMT
etag: "628a6694-11e07"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/122.gif
23.224.15.235200 OK 127 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/122.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 127 kB (127035 bytes)
Hash c0771e43e1403d07837570ccea851979
47598fca54a26cbae24cdf2ea56835dec36decdb
2b326f36cc612a9f82670bb93cb3448a177dc511b974d6af56479bc7212144c0
GET /template/web/GG/122.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 127035
last-modified: Wed, 11 May 2022 04:33:57 GMT
etag: "627b3cb5-1f03b"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/200200.gif
23.224.15.235200 OK 75 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/200200.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /template/web/GG/200200.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 75259
last-modified: Fri, 22 Apr 2022 06:46:29 GMT
etag: "62624f45-125fb"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/1231.gif
23.224.15.235200 OK 111 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/1231.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /template/web/GG/1231.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 110624
last-modified: Sat, 04 Feb 2023 04:38:04 GMT
etag: "63dde12c-1b020"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/68-144.gif
23.224.15.235200 OK 100 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/68-144.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash 7c257206526a438ac8bc1eb27ab9bc84
1f1eb185928dae4a45e9f86dfa2a7456c53360a1
6028ca31ca6b7c98d63e99d8be21990d570d226ca779c52a5f03213db0dec502
GET /template/web/GG/68-144.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 99778
last-modified: Tue, 27 Dec 2022 04:33:11 GMT
etag: "63aa7587-185c2"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 1fbc3e61e7ea840242e3551938e5d04a
cfba3ec6f3eb66c6cc95bec930be4fe660135db6
f6f7e81773177121f67caefd712722ed20f2d9f9c0902b43246764989748cf4c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 08 Apr 2023 01:25:39 GMT
ETag: "cfba3ec6f3eb66c6cc95bec930be4fe660135db6"
Last-Modified: Tue, 04 Apr 2023 01:25:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 151
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b263e9788e3b527-OSL
a2.cmbt8.com/template/web/GG/2.gif
23.224.15.235200 OK 90 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/2.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 750 x 376\012- data
Hash 35e51480209a5443d388b3728be96bd9
79052ce459c623c6346aba47dcd39fc3a2f0786d
91c013dceb04d882ae73fadab5f5e42fa1508ac952b23d6fc3e009843a521e7a
GET /template/web/GG/2.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 90163
last-modified: Thu, 12 May 2022 05:35:20 GMT
etag: "627c9c98-16033"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/d3.gif
23.224.15.235200 OK 156 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/d3.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 156 kB (156311 bytes)
Hash c1cd6fbcc60e4242fb31eb894d7d9450
1b0a2ba85f38fa452a391250067e916ac7b61345
aca31490b0e0478395648fb5f6ce318b56a4a443c7a64e069c71cee6c0f0bb44
GET /template/web/GG/d3.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 156311
last-modified: Wed, 18 May 2022 05:46:29 GMT
etag: "62848835-26297"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/cc.jpg
23.224.15.235200 OK 458 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/cc.jpg
IP 23.224.15.235:0
File type GIF image data, version 89a, 512 x 512\012- data
Size 458 kB (458138 bytes)
Hash 28d18a1e2254e0444c490ac0406f4775
6e07ae02d4a9cc0ef6253b8eff7a6da9303292c2
e1e83f340b221fa32755fa74eae03c1e8ed7d82913ff339ca8d61b0c794356d3
GET /template/web/GG/cc.jpg HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/jpeg
content-length: 458138
last-modified: Sat, 12 Nov 2022 04:22:00 GMT
etag: "636f1f68-6fd9a"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/meizhuama/fonts/iconfont.woff
23.224.15.235200 OK 525 B URL HTTP/2 a2.cmbt8.com/template/meizhuama/fonts/iconfont.woff
IP 23.224.15.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
Analyzer Verdict Alert fortinet Phishing
GET /template/meizhuama/fonts/iconfont.woff HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://a2.cmbt8.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:33 GMT
content-type: font/woff
content-length: 525
last-modified: Sun, 06 Mar 2022 14:12:36 GMT
etag: "6224c154-20d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/qw12.gif
23.224.15.235200 OK 167 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/qw12.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 167 kB (167104 bytes)
Hash 9387415ad469299bf6e3bb5c1bbc77e2
cc52974b6ed2239afbbd4088c675fceb0d75cd22
912ce0aceb7de66266542ec85454be033b0a285c975dd7fc8f0d43eecb8716ce
GET /template/web/GG/qw12.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 167104
last-modified: Wed, 08 Jun 2022 07:31:21 GMT
etag: "62a05049-28cc0"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?d01a7156ce2d125c8328c50aca92de5d
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d01a7156ce2d125c8328c50aca92de5d
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 0daa178bf3a53e17762b5dc03cf35572
2b77cc93c9fef70c7b9e4bd69b453483988d3856
39cd9c69e44cc2bbb3fff1c56a827f68d13fe5d67e5ca2d762ac8cd366b1aba0
GET /hm.js?d01a7156ce2d125c8328c50aca92de5d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Tue, 04 Apr 2023 02:50:33 GMT
Etag: 011761a7942b249b9972aa2835fb83d2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=26DE914542DBFBF9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
a2.cmbt8.com/template/web/GG/xj8.gif
23.224.15.235200 OK 1.2 MB URL HTTP/2 a2.cmbt8.com/template/web/GG/xj8.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 600 x 400\012- data
Size 1.2 MB (1165357 bytes)
Hash efbb325cbffa3a7962310cd3068c75ce
a0f92fda48cd12bcce828638c4b20a30d48625bc
55f627af006faad83cc702ba57b19f6d9dde25a9abe06dc222a09297bc796984
GET /template/web/GG/xj8.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 1165357
last-modified: Thu, 01 Sep 2022 13:54:04 GMT
etag: "6310b97c-11c82d"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/171.gif
23.224.15.235200 OK 750 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/171.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 750 kB (749706 bytes)
Hash 5b3e843ec7923ace3c8c52e7e3d71608
65b34236bdea1d3bb438b23eaa028df8b587cc45
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
GET /template/web/GG/171.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 749706
last-modified: Tue, 27 Dec 2022 04:40:30 GMT
etag: "63aa773e-b708a"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/5776.gif
23.224.15.235200 OK 278 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/5776.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 278 kB (277592 bytes)
Hash 9d544af0de4b8567935ef334e40942b5
d844131638169f2cc54538d66f566ae2e36af726
dc56f3aa82182a9f7c37f0afd1bdfd212c92d43776df5902d44f9d13b2e6541a
GET /template/web/GG/5776.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 277592
last-modified: Fri, 24 Mar 2023 08:58:05 GMT
etag: "641d661d-43c58"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/3.gif
23.224.15.235200 OK 678 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/3.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 270 x 160\012- data
Size 678 kB (677521 bytes)
Hash 94051cb1d1b77200b4462281a864b96e
e5b468a1b2f4bbdda1b6a3a0df2dcce6b3de7e06
d44d0d2dd188024b60ec38cb3f3ea10c080690175e923f90c9c2a2e862670c84
GET /template/web/GG/3.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 677521
last-modified: Wed, 09 Mar 2022 10:04:29 GMT
etag: "62287bad-a5691"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/4.gif
23.224.15.235200 OK 427 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/4.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 427 kB (427313 bytes)
Hash 0abb26a25a3de816b3cbf4bbe10c6b83
9538a2c7d4793144c89b1aee60ce1091856cea2b
95fac97b45588f9ba29b60c468d8be1f28b61660843dfcbe838cdfe7be0e7180
GET /template/web/GG/4.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 427313
last-modified: Wed, 11 May 2022 04:40:35 GMT
etag: "627b3e43-68531"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.1625a.com/images/641d6124bbfe06d2a158fe49.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1625a.com/images/641d6124bbfe06d2a158fe49.gif
IP 3.36.126.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/641d6124bbfe06d2a158fe49.gif HTTP/1.1
Host: img.1625a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://img.mengzhan24.com/loveimgmoe/30/51/6407367e513765fe09cf3051.gif
X-Firefox-Spdy: h2
a2.cmbt8.com/template/meizhuama/fonts/iconfont.ttf
23.224.15.235200 OK 1.2 kB URL HTTP/2 a2.cmbt8.com/template/meizhuama/fonts/iconfont.ttf
IP 23.224.15.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
Analyzer Verdict Alert fortinet Phishing
GET /template/meizhuama/fonts/iconfont.ttf HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/template/meizhuama/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:33 GMT
content-type: application/octet-stream
content-length: 1163
last-modified: Sun, 06 Mar 2022 14:17:48 GMT
etag: "6224c28c-48b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/GG/250-7.gif
23.224.15.235200 OK 618 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/250-7.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 618 kB (618431 bytes)
Hash 8d17fae2a46ee77c255f069c708f80e5
cacfcb380e7f8247929866737b3d0bcbdb209cb1
a886230e44621d23fe4ef9fc5d56a6e54446f905d8b4529e0abe93dfae002535
GET /template/web/GG/250-7.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 618431
last-modified: Wed, 11 May 2022 04:44:27 GMT
etag: "627b3f2b-96fbf"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xiod.xyz/TYC960-60.gif
119.167.147.72200 OK 103 kB IP 119.167.147.72:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 103 kB (102702 bytes)
Hash 93ba05164118dad1850084dc322b7d00
08595008702352888ab2203a015b6e76cb9d5ae5
7fce95dcb9f56ef612cf4085e4784f5a35f838e1019650377804a4cc1cf507de
GET /TYC960-60.gif HTTP/1.1
Host: xiod.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 08 Mar 2023 12:46:25 GMT
Etag: "93ba05164118dad1850084dc322b7d00"
Content-Type: image/gif
Date: Tue, 21 Mar 2023 08:33:32 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 18209788840137125968
x-cos-request-id: NjQxOTZiZGNfYjIxMDcxMDlfMTY3YjNfNDBlMGFiZg==
Content-Length: 102702
Accept-Ranges: bytes
X-NWS-LOG-UUID: 5581367940647759464
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=86400
a2.cmbt8.com/template/web/GG/55.gif
23.224.15.235200 OK 2.1 MB URL HTTP/2 a2.cmbt8.com/template/web/GG/55.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 250 x 368\012- data
Size 2.1 MB (2071506 bytes)
Hash 832978230181be84d01dd943c2170d3d
178ec5da2212453ebb974aa5d5b8f384fb62ebd9
a9bb5c8550ad70b2031697541f8805b4eaa505856b095631e308fd1c3c16ab39
GET /template/web/GG/55.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: image/gif
content-length: 2071506
last-modified: Wed, 11 May 2022 04:58:39 GMT
etag: "627b427f-1f9bd2"
expires: Thu, 04 May 2023 02:50:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.1277999.com/images/63eb1d827246d7a4662c524b.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1277999.com/images/63eb1d827246d7a4662c524b.gif
IP 3.36.126.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/63eb1d827246d7a4662c524b.gif HTTP/1.1
Host: img.1277999.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://img.mengzhan26.com/loveimgmoe/7d/17/63e9ca13602bf44ad5847d17.gif
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8b7820829a354895d60b643d6afaf7af
0985a2a455e95cf491b3b57dda7367af29e4a524
d8bc8bd475986dc5c9f57f3b871f18cdaf5232b25f0ea37003223a07f12d6e69
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Apr 2023 04:42:12 GMT
Expires: Mon, 10 Apr 2023 04:42:11 GMT
Etag: "0985a2a455e95cf491b3b57dda7367af29e4a524"
Cache-Control: max-age=524496,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b263e9b8c210b69-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f06399875b2b1c6a0afe8a1d791f5a4a
f2ce36c5d6599e57e4df8f08a030e8cb00ebe830
2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2754
Expires: Tue, 04 Apr 2023 03:36:28 GMT
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f06399875b2b1c6a0afe8a1d791f5a4a
f2ce36c5d6599e57e4df8f08a030e8cb00ebe830
2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2754
Expires: Tue, 04 Apr 2023 03:36:28 GMT
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 48fd12c2f90c8af70916e4ae61a108cc
c6ec4ef40749c394a549c6df7316c6125f8ec864
e3b8b003ec2f8cd5bf7df3c635c3e8ff15d8e613781853b1083e206fcb6c4ead
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 01 Apr 2023 18:50:28 GMT
Expires: Sat, 08 Apr 2023 18:50:27 GMT
Etag: "c6ec4ef40749c394a549c6df7316c6125f8ec864"
Cache-Control: max-age=402592,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b263e9b8caeb509-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f06399875b2b1c6a0afe8a1d791f5a4a
f2ce36c5d6599e57e4df8f08a030e8cb00ebe830
2eef24cc1ae135e7e1687c3e56cd7be21530e2aa7612e686a829d2c204ab532e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EEF24CC1AE135E7E1687C3E56CD7BE21530E2AA7612E686A829D2C204AB532E"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2754
Expires: Tue, 04 Apr 2023 03:36:28 GMT
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=102531069&si=d01a7156ce2d125c8328c50aca92de5d&su=http%3A%2F%2Fwww.0516bm.com%2F&v=1.3.0&lv=1&sn=62629&r=0&ww=1268&u=https%3A%2F%2Fa2.cmbt8.com%2F&tt=%E8%8D%89%E8%8E%93%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=102531069&si=d01a7156ce2d125c8328c50aca92de5d&su=http%3A%2F%2Fwww.0516bm.com%2F&v=1.3.0&lv=1&sn=62629&r=0&ww=1268&u=https%3A%2F%2Fa2.cmbt8.com%2F&tt=%E8%8D%89%E8%8E%93%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=102531069&si=d01a7156ce2d125c8328c50aca92de5d&su=http%3A%2F%2Fwww.0516bm.com%2F&v=1.3.0&lv=1&sn=62629&r=0&ww=1268&u=https%3A%2F%2Fa2.cmbt8.com%2F&tt=%E8%8D%89%E8%8E%93%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 04 Apr 2023 02:50:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D90CC1A24239302E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
a2.cmbt8.com/template/meizhuama/css/zui.css
23.224.15.235200 OK 34 kB URL HTTP/2 a2.cmbt8.com/template/meizhuama/css/zui.css
IP 23.224.15.235:0
Hash 353407a456e3c42f34d102b97f773074
c6af8b25f47d8c4e30557090c90eefedfbf6f03d
32cc6b0165f547d21b85283de02a75ed3d47120e4bd945a789459a0137142afe
GET /template/meizhuama/css/zui.css HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:31 GMT
content-type: text/css
last-modified: Thu, 24 Mar 2022 12:09:22 GMT
vary: Accept-Encoding
etag: W/"623c5f72-18081"
expires: Tue, 04 Apr 2023 14:50:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8b7820829a354895d60b643d6afaf7af
0985a2a455e95cf491b3b57dda7367af29e4a524
d8bc8bd475986dc5c9f57f3b871f18cdaf5232b25f0ea37003223a07f12d6e69
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Apr 2023 04:42:12 GMT
Expires: Mon, 10 Apr 2023 04:42:11 GMT
Etag: "0985a2a455e95cf491b3b57dda7367af29e4a524"
Cache-Control: max-age=524496,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b263e9b890ab4f3-OSL
a2.cmbt8.com/template/meizhuama/js/jquery.min.js
23.224.15.235200 OK 38 kB URL HTTP/2 a2.cmbt8.com/template/meizhuama/js/jquery.min.js
IP 23.224.15.235:0
Hash e884b1c62190ade21b53aaad33346edc
0e5e1a9dfb556ec60ff4491f6b60b07414abf44a
3db8937c981fc45717756fa59c836dc7a15fdeab24e448d4f3e8bd1d4410d0d9
Analyzer Verdict Alert fortinet Phishing
GET /template/meizhuama/js/jquery.min.js HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:31 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:24:38 GMT
vary: Accept-Encoding
etag: W/"638856b6-1538f"
expires: Tue, 04 Apr 2023 14:50:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
a2.cmbt8.com/template/meizhuama/css/ate.css
23.224.15.235200 OK 15 kB URL HTTP/2 a2.cmbt8.com/template/meizhuama/css/ate.css
IP 23.224.15.235:0
Hash 6f80e689134791f5edc88655290e1948
5f76aa5c9526f32b6b676ffc5c3c694f5ce33d4b
c3b8d224bbb9743841b04d63c03d137f78abc011fc285a4202426ac910b39684
GET /template/meizhuama/css/ate.css HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:31 GMT
content-type: text/css
last-modified: Sun, 06 Mar 2022 14:12:24 GMT
vary: Accept-Encoding
etag: W/"6224c148-126e4"
expires: Tue, 04 Apr 2023 14:50:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
a2.cmbt8.com/template/meizhuama/css/seyuav-ui.css
23.224.15.235200 OK 16 kB URL HTTP/2 a2.cmbt8.com/template/meizhuama/css/seyuav-ui.css
IP 23.224.15.235:0
Hash ea719fc046e6d677660d22b0b1c77e73
efd17540e64450ec3eb0691c3582e5bb367f8b2b
a8194480bdd3b955e46dae46518313e711e210ecf2e5100d8c42a2cc71a2b9c6
GET /template/meizhuama/css/seyuav-ui.css HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:31 GMT
content-type: text/css
last-modified: Thu, 01 Dec 2022 07:24:07 GMT
vary: Accept-Encoding
etag: W/"63885697-8a77"
expires: Tue, 04 Apr 2023 14:50:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad137bebd56918d96431d867ae123332
8572417b762ea2b1dccc3d4236336456be6be1cf
92a575b8055174a83ac1066e2ff931525760c9b96f3e588077ce0ce24a0a7b46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09d7bfe8-bfa6-4d25-aa3f-159254f09bfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8658
x-amzn-requestid: 36fb7671-bd9a-43fc-8920-c5948711d560
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CvNkNGjHIAMFsBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6429294d-5e753ae346a583ac5cbb42f4;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 07:05:49 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UPNt2yE-_295UTjOFpgSxhrl1XjSOSgQVJoEf__wc0y5btcJ9dIT1w==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 07:22:47 GMT
age: 70067
etag: "8572417b762ea2b1dccc3d4236336456be6be1cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fde7605b95c3ac6b8de339dbd12e17b1
b44d521b31be7b3fe378a0e070c49379a6eab26e
5496cf7c705ccc67dd13f86a07d9a352424d58591aa67afe1e1361c640f8d510
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5a64c6f-4f76-4a92-92c4-1fa8cb48142e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6803
x-amzn-requestid: 6c78179f-0d11-4a23-8e86-e4f05d7c7f90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C0fq3HrioAMF7ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642b4645-758850e07ef9b1512b684c35;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 21:33:57 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: fYzW2B9Nf5JLhQdDSzDsT7h-auY41wg3PSAaSI6U68BNGvtHI99W7A==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Apr 2023 21:51:49 GMT
age: 17925
etag: "b44d521b31be7b3fe378a0e070c49379a6eab26e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.mengzhan24.com/loveimgmoe/30/51/6407367e513765fe09cf3051.gif
172.67.24.77200 OK 511 kB URL HTTP/2 img.mengzhan24.com/loveimgmoe/30/51/6407367e513765fe09cf3051.gif
IP 172.67.24.77:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 511 kB (511033 bytes)
Hash 693aa3320d2064d869939be9376f07ab
bb3f7f6d7093d19c641732fec0cf114a0ae1f6d3
218e327bea95523d0cc32a61642b024f87b7fb8c853122480e2335432627f558
GET /loveimgmoe/30/51/6407367e513765fe09cf3051.gif HTTP/1.1
Host: img.mengzhan24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Apr 2023 02:50:34 GMT
content-type: image/jpeg
content-length: 511033
cache-control: max-age=2678400
last-modified: Sat, 01 Apr 2023 16:29:04 GMT
cf-cache-status: HIT
age: 158842
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7b263e9c7e3ab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 097098664ac95bb6339a4233508ea61a
ea0269b31c35d9bb10dedfbff65218955d8b71e7
d4773ad7f1593d2253bd71d0e6117d9d4d862e080c287961aeffd576cd763b66
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=845
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
X-N: S
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8b7820829a354895d60b643d6afaf7af
0985a2a455e95cf491b3b57dda7367af29e4a524
d8bc8bd475986dc5c9f57f3b871f18cdaf5232b25f0ea37003223a07f12d6e69
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Apr 2023 04:42:12 GMT
Expires: Mon, 10 Apr 2023 04:42:11 GMT
Etag: "0985a2a455e95cf491b3b57dda7367af29e4a524"
Cache-Control: max-age=524496,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b263e9b8f680b3d-OSL
img.mengzhan26.com/loveimgmoe/7d/17/63e9ca13602bf44ad5847d17.gif
104.22.32.80200 OK 296 kB URL HTTP/2 img.mengzhan26.com/loveimgmoe/7d/17/63e9ca13602bf44ad5847d17.gif
IP 104.22.32.80:0
File type GIF image data, version 89a, 750 x 80\012- data
Size 296 kB (296504 bytes)
Hash 21571f4ef480972f2dbb5c6ca420abdd
b85608b1ad30e97beb7092cf1aab307bc12fde50
670533a818c7822ba83c5e54ce7161729e10a8048e07c36b2225349bd9f1980f
GET /loveimgmoe/7d/17/63e9ca13602bf44ad5847d17.gif HTTP/1.1
Host: img.mengzhan26.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Apr 2023 02:50:34 GMT
content-type: image/jpeg
content-length: 296504
cache-control: max-age=2678400
last-modified: Sat, 01 Apr 2023 17:01:52 GMT
cf-cache-status: HIT
age: 208089
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7b263e9cbf5a2d5d-ARN
X-Firefox-Spdy: h2
xiod.xyz/k9-ky960x60.gif
119.167.147.72200 OK 406 kB IP 119.167.147.72:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (405511 bytes)
Hash 2cc0caa937d60ce47f10bcc67e78c29d
e6be035b70daeef0479d69f5530e552cb7bb5cdc
a8360b2d6ce237a2ff2899226461cce6ebf9d014aed3febb2c4cdc8e2356c6df
GET /k9-ky960x60.gif HTTP/1.1
Host: xiod.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 13 Mar 2023 10:13:40 GMT
Etag: "2cc0caa937d60ce47f10bcc67e78c29d"
Content-Type: image/gif
Date: Tue, 21 Mar 2023 05:59:20 GMT
Server: tencent-cos
x-cos-cache: true
x-cos-hash-crc64ecma: 17982091820924443950
x-cos-request-id: NjQxOTQ3YjhfYmE1MGI3MDlfYWJmZV8zZTdkYjYy
Content-Length: 405511
Accept-Ranges: bytes
X-NWS-LOG-UUID: 12439667753196433058
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=86400
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash f115f9088ce1ed390e75fe21a2117331
d107bbb10957842d24d3b35b6b350c3c149b5767
2c6f5c647668abbca6f64e1b4fd4caa2bbcaee29233e552b95e0872735d413a1
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 08 Apr 2023 00:35:10 GMT
ETag: "d107bbb10957842d24d3b35b6b350c3c149b5767"
Last-Modified: Tue, 04 Apr 2023 00:35:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1529
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b263e9d0fcdb529-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e7a8ca99fc6d4e3220546e3fff05f74
0eefb325cdc6c86ade4957902add10fb4bb20012
d7e75a5af009a4dbe5a74aa79db8d134d5c4cacc52d0d62694e79ca2315a8a31
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E75A5AF009A4DBE5A74AA79DB8D134D5C4CACC52D0D62694E79CA2315A8A31"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2970
Expires: Tue, 04 Apr 2023 03:40:04 GMT
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e7a8ca99fc6d4e3220546e3fff05f74
0eefb325cdc6c86ade4957902add10fb4bb20012
d7e75a5af009a4dbe5a74aa79db8d134d5c4cacc52d0d62694e79ca2315a8a31
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E75A5AF009A4DBE5A74AA79DB8D134D5C4CACC52D0D62694E79CA2315A8A31"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2970
Expires: Tue, 04 Apr 2023 03:40:04 GMT
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e7a8ca99fc6d4e3220546e3fff05f74
0eefb325cdc6c86ade4957902add10fb4bb20012
d7e75a5af009a4dbe5a74aa79db8d134d5c4cacc52d0d62694e79ca2315a8a31
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E75A5AF009A4DBE5A74AA79DB8D134D5C4CACC52D0D62694E79CA2315A8A31"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2970
Expires: Tue, 04 Apr 2023 03:40:04 GMT
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
xiod.xyz/xpj960x60.gif
119.167.147.72200 OK 345 kB IP 119.167.147.72:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 345 kB (344832 bytes)
Hash 4ebdabbf56c5ea36aeb13bc0dfb3cd1c
1683d1b07480e966e2ea783b9cc43220e1f8f549
0eac7dfc2111bea18f69905fd0183364c76e9489a39dcd319872b83fa5a53f51
GET /xpj960x60.gif HTTP/1.1
Host: xiod.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 29 Dec 2022 12:11:22 GMT
Etag: "4ebdabbf56c5ea36aeb13bc0dfb3cd1c"
Content-Type: image/gif
Date: Tue, 21 Mar 2023 06:01:32 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 357403910767134175
x-cos-request-id: NjQxOTQ4M2NfNGE4Y2VlMDlfMmZhMGRfM2U0YjJiOA==
Content-Length: 344832
Accept-Ranges: bytes
X-NWS-LOG-UUID: 2262032927347606544
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Cache-Control: max-age=86400
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bceaef-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 87001f276f0dd5afaf094edfa83136fc
57fc7a94a090808b5b111cfc7cb8ceb08af75421
1c68a494f22994f95949405ac83b5cc528339d4152dde436add4f24edbe3125f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C68A494F22994F95949405AC83B5CC528339D4152DDE436ADD4F24EDBE3125F"
Last-Modified: Sun, 02 Apr 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1959
Expires: Tue, 04 Apr 2023 03:23:13 GMT
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 1894dee9a2a8540e6160ac753ec9cb44
81e41783663140647e26dcdee31b6cf1b0d2e657
57e2d03d4ac16b4dcb191bae35155d90d50818c58e055e5333b63a828aa52ca9
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 08 Apr 2023 00:41:39 GMT
ETag: "81e41783663140647e26dcdee31b6cf1b0d2e657"
Last-Modified: Tue, 04 Apr 2023 00:41:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1530
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b263e9eed8ab527-OSL
img10.360buyimg.com/ddimg/jfs/t1/186655/10/32286/419710/641ea7faF7e473b2d/6cd5810db6772e64.gif
2.21.240.146200 OK 420 kB URL HTTP/2 img10.360buyimg.com/ddimg/jfs/t1/186655/10/32286/419710/641ea7faF7e473b2d/6cd5810db6772e64.gif
IP 2.21.240.146:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 960 x 80\012- data
Size 420 kB (419710 bytes)
Hash df253535aab8dd30f56b8e0f8607ceee
ef1487250ba643656e41a9043a8dfb1ed9325af1
494e8747b226d7f8dd2d7174b8d16b6da61f776ca8e859f3a253f003f5082204
GET /ddimg/jfs/t1/186655/10/32286/419710/641ea7faF7e473b2d/6cd5810db6772e64.gif HTTP/1.1
Host: img10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 419710
cache-control: max-age=15552000
expires: Sat, 23 Sep 2023 02:43:17 GMT
last-modified: Sat, 25 Mar 2023 07:51:22 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1679884997101-0-0-0-33-33;200;200-1679884997074-0-0-0-67-67;200-1679891231103-0-0-0-1-1
date: Tue, 04 Apr 2023 02:50:34 GMT
x-cache: TCP_HIT from a2-21-240-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4e335bcf768b3171ae585240ce048297
acc11b0b16e4d241f665a3b514c5d9e0ea6b5a3a
f814ff1ffdaaa8e3caca27fc7d0aae7cc46ef028bb16c0d17307aa7c797bccac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F814FF1FFDAAA8E3CACA27FC7D0AAE7CC46EF028BB16C0D17307AA7C797BCCAC"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13802
Expires: Tue, 04 Apr 2023 06:40:36 GMT
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
ttzytp3.com/upload/vod/20230402-1/3e0e0aef5feade350824bd7ad8ac3c75.jpg
23.224.136.188200 OK 11 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230402-1/3e0e0aef5feade350824bd7ad8ac3c75.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d3594eda72f467f6c70e736ad9f8f063
8021bd627bcfa6ad6cca9802de4cd6ef0817a755
43532f1092d1aead80fe99f5fccd48c81e516f11a7b8e5543e92259a00a15794
GET /upload/vod/20230402-1/3e0e0aef5feade350824bd7ad8ac3c75.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: image/jpeg
Content-Length: 11393
Last-Modified: Sun, 02 Apr 2023 13:30:55 GMT
Connection: keep-alive
ETag: "6429838f-2c81"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
27.36.125.193200 OK 1.2 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
IP 27.36.125.193:0
ASN #136959 China Unicom Guangdong IP network
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:33 GMT
content-type: image/gif
content-length: 1197751
cache-control: max-age=15552000
expires: Mon, 25 Sep 2023 01:04:25 GMT
last-modified: Fri, 25 Nov 2022 14:36:03 GMT
age: 524768
via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cHs f ]), http/1.1 GD-UNI-1-MIX-213 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1680051865013-0-0-23-172-172;200;200-1680196710439-0-0-0-6-6;200-1680576633592-0-0-0-1-1
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ba6eac8152e40b1ad54aa6ae48305843
4c1e916009a2b3c498c00fc0801d7a969f72a506
2c28ab2af7b000bc228720ef70cd2657ab342d2eed77b42036f359b4857eb9b5
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 04 Apr 2023 02:50:34 GMT
Connection: keep-alive
X-N: S
kzepp.com/369d3cab0738178d5f6baa59773bc159.gif
98.126.214.50301 Moved Permanently 162 B URL HTTP/2 kzepp.com/369d3cab0738178d5f6baa59773bc159.gif
IP 98.126.214.50:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /369d3cab0738178d5f6baa59773bc159.gif HTTP/1.1
Host: kzepp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 04 Apr 2023 02:50:34 GMT
content-type: text/html
content-length: 162
location: https://kvthhh.top/369d3cab0738178d5f6baa59773bc159.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230402-1/6ea58ffcc979b23788323a9db6fd0b4c.jpg
23.224.136.188200 OK 9.6 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230402-1/6ea58ffcc979b23788323a9db6fd0b4c.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 55e8c20a3cee65390869dec267d5ee5e
4cf660d08b589559350542a55dfe1d2f939c5396
8d7159210bf0f1076b91f92d15e441ed5f46c7757c63bec1edeec363fae93bc3
GET /upload/vod/20230402-1/6ea58ffcc979b23788323a9db6fd0b4c.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: image/jpeg
Content-Length: 9613
Last-Modified: Sun, 02 Apr 2023 13:30:54 GMT
Connection: keep-alive
ETag: "6429838e-258d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvthhh.top/369d3cab0738178d5f6baa59773bc159.gif
104.21.235.66200 OK 62 kB URL HTTP/2 kvthhh.top/369d3cab0738178d5f6baa59773bc159.gif
IP 104.21.235.66:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash e8f2424d923c5870226cfa59bc9d45f9
1f1e73d86af3010b13ff6e9b5b75c62efd20448b
1cf01ff6f602ac30c1dffadd33cd947c83133ec135969d0335e8d0a5729da74d
GET /369d3cab0738178d5f6baa59773bc159.gif HTTP/1.1
Host: kvthhh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a2.cmbt8.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Apr 2023 02:50:34 GMT
content-type: image/gif
content-length: 61583
last-modified: Fri, 17 Mar 2023 06:36:45 GMT
etag: "64140a7d-f08f"
expires: Mon, 24 Apr 2023 09:03:52 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 841602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqBPoe6a4CUZu3Q3SClBtGt3rhHgNi%2B6066dFu60sQpGyxunYzrbOz7fJRdfRr8xL0FDVGYbI34PDYta7QtkF0G%2FZTUtslJbg14LMNRCvLammw%2B2%2Fd0RRQWnI8Ml"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b263ea0a8914189-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
595tuchuang.com/960x80.gif
23.224.27.252200 OK 145 kB URL HTTP/2 595tuchuang.com/960x80.gif
IP 23.224.27.252:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 145 kB (144990 bytes)
Hash 9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Apr 2023 02:50:34 GMT
content-type: image/gif
content-length: 144990
last-modified: Wed, 21 Dec 2022 13:28:21 GMT
etag: "63a309f5-2365e"
expires: Thu, 20 Apr 2023 21:17:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230403-1/2213d15919c5efb5a127485f19316a25.jpg
23.224.136.188200 OK 122 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/2213d15919c5efb5a127485f19316a25.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x537, components 3\012- data
Size 122 kB (121719 bytes)
Hash abf72218654375db61412b39ad2df72c
8f78c0ce6cd2ac2ffe787df8faec2b0be026de76
5fd7a9e0c794ecb2071ef87474ed1d387b9dba735d8e5d3aa38eee901795ac71
GET /upload/vod/20230403-1/2213d15919c5efb5a127485f19316a25.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: image/jpeg
Content-Length: 121719
Last-Modified: Mon, 03 Apr 2023 09:15:21 GMT
Connection: keep-alive
ETag: "642a9929-1db77"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230403-1/4c287c8512461b3adea52328fe7b6979.jpg
23.224.136.188200 OK 123 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/4c287c8512461b3adea52328fe7b6979.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 123 kB (122879 bytes)
Hash 6087cf61f336d5f6f18689f01ad506e6
b11866ed230723ab3ea7247254c4a2202f9daee9
1c19129454baa2cc755c0b2ec705fe27279db11025a59443f6e981fb0201085d
GET /upload/vod/20230403-1/4c287c8512461b3adea52328fe7b6979.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: image/jpeg
Content-Length: 122879
Last-Modified: Mon, 03 Apr 2023 09:17:00 GMT
Connection: keep-alive
ETag: "642a998c-1dfff"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
js.users.51.la/21569647.js
103.143.19.103200 OK 2.5 kB URL HTTP/1.1 js.users.51.la/21569647.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document, ASCII text, with very long lines (5207)
Hash 4afba7c1f72f53dfa80c9b1d76366bde
4c4da7de652ba7849ce3279eed47fd4bc47237af
d559c7f82adade2fe97eecddc5f0b74ccad06eff3db129d2f8a3b696558aab6d
GET /21569647.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=ba60e5da8d3ba7a1e29; path=/
HWWAFSESTIME=1680576630705; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ttzytp3.com/upload/vod/20230403-1/b890e03cede0b069b045a83510094ebc.jpg
23.224.136.188200 OK 136 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/b890e03cede0b069b045a83510094ebc.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 136 kB (135733 bytes)
Hash 1b19c03ea5d505955a723ead0233caed
985a7697d21b9829f5e066e2cadaf3f335070332
0cbcf06e98280a5689867d60b8bc13f10b2bd5c909d346511df3f557f408c465
GET /upload/vod/20230403-1/b890e03cede0b069b045a83510094ebc.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: image/jpeg
Content-Length: 135733
Last-Modified: Mon, 03 Apr 2023 09:17:58 GMT
Connection: keep-alive
ETag: "642a99c6-21235"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230403-1/de32d59566e7f123450a4e9a29bfbcb1.jpg
23.224.136.188200 OK 159 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/de32d59566e7f123450a4e9a29bfbcb1.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 800x540, components 3\012- data
Size 159 kB (159086 bytes)
Hash e779fa164f872735c43f275b5178778f
fc06bc0510fb6746e6959f2cdb5504de699c41a4
c156a2da69c79e63c791cf5862ecc1f8eaa29dec56a72fea147f7b2e6ada0f47
GET /upload/vod/20230403-1/de32d59566e7f123450a4e9a29bfbcb1.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: image/jpeg
Content-Length: 159086
Last-Modified: Mon, 03 Apr 2023 09:16:52 GMT
Connection: keep-alive
ETag: "642a9984-26d6e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230403-1/dd68cf72b7861c206b67ea1eccf5e56c.jpg
23.224.136.188200 OK 194 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/dd68cf72b7861c206b67ea1eccf5e56c.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 194 kB (193459 bytes)
Hash b04c850097c39aad9f1f3425bfcf46ef
d2a06aeac519d48a788f8adfd32f659226e738b9
2bd4dc3168917e49b083f4ae2895ef0006227c041377b0055d473664e9d86ccf
GET /upload/vod/20230403-1/dd68cf72b7861c206b67ea1eccf5e56c.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: image/jpeg
Content-Length: 193459
Last-Modified: Mon, 03 Apr 2023 09:17:58 GMT
Connection: keep-alive
ETag: "642a99c6-2f3b3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
683tuchuang.com/960x80.gif
14.128.34.140200 OK 97 kB URL HTTP/1.1 683tuchuang.com/960x80.gif
IP 14.128.34.140:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 960 x 80\012- data
Hash 7ef2a37263a1cbc9b7cf55c6f0d5ac67
c8bfc4c06c67fc0e5e9d53700d223dc8a356e771
12e406cd176aa01d744f324307d636b84de1ed6bae0d0c1a7ac9fb454768b41f
GET /960x80.gif HTTP/1.1
Host: 683tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: image/gif
Content-Length: 97435
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 12:07:53 GMT
ETag: "63de4a99-17c9b"
Expires: Sat, 29 Apr 2023 04:32:27 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash fd4de2bc6e3b2588131e652af8e82ede
f4fb3760ffe85f1799cc3149dd9f5f33e7c9748b
88ba9558c3ee26cc15dc00c8e9acb3453d3d55f3c168acb0eddaa5e01a3d9cab
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=868
Date: Tue, 04 Apr 2023 02:50:35 GMT
Connection: keep-alive
X-N: S
587tuchuang.com/587z80.gif
14.128.34.139200 OK 139 kB URL HTTP/1.1 587tuchuang.com/587z80.gif
IP 14.128.34.139:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 960 x 80\012- data
Size 139 kB (139025 bytes)
Hash 4751af930c8c7b33a61958356ca554f0
c0cfc5b499211aa4f43c5815630738d36013c1aa
68f1f41464e84af0d6078d951d3a3f479e6865bb641a6eed4ba969bb7067bb18
GET /587z80.gif HTTP/1.1
Host: 587tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:34 GMT
Content-Type: image/gif
Content-Length: 139025
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 13:30:32 GMT
ETag: "63a30a78-21f11"
Expires: Sat, 29 Apr 2023 04:32:20 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230403-1/c02d4488202079a3dc0074f7dc6fcb7c.jpg
23.224.136.188200 OK 92 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/c02d4488202079a3dc0074f7dc6fcb7c.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Hash a1b976bcc8bc4c0b7ce24faa38c319fa
0cadec0cdbf017f4727f712730bb4307e86332c0
0b4222e05d3a57c8569e5e2e6c57de43592fb52f7120a969e3bd014daa903d98
GET /upload/vod/20230403-1/c02d4488202079a3dc0074f7dc6fcb7c.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 92291
Last-Modified: Mon, 03 Apr 2023 09:16:52 GMT
Connection: keep-alive
ETag: "642a9984-16883"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.5969a.com/images/641d6038bbfe06d2a158fe47.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.5969a.com/images/641d6038bbfe06d2a158fe47.gif
IP 3.36.126.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/641d6038bbfe06d2a158fe47.gif HTTP/1.1
Host: img.5969a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://img.mengzhan24.com/loveimgmoe/6c/85/6319c0d8f74eb42056026c85.gif
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230402-1/3555e92b4ae1c3d6db9fb15a373a37f5.jpg
23.224.136.188200 OK 177 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230402-1/3555e92b4ae1c3d6db9fb15a373a37f5.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 177 kB (176856 bytes)
Hash d55cd7fc81ef599cdf3f05cc3f492a7b
6f75d9e0cebf1bde491afdda00108d4c626c221c
f73e58ab7135780577bc2120de240d48374772f67addd7d54c1a26c1e22e8952
GET /upload/vod/20230402-1/3555e92b4ae1c3d6db9fb15a373a37f5.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 176856
Last-Modified: Sun, 02 Apr 2023 13:30:49 GMT
Connection: keep-alive
ETag: "64298389-2b2d8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
a2.cmbt8.com/template/web/GG/dp1.gif
23.224.15.235200 OK 141 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/dp1.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 141 kB (141174 bytes)
Hash 2846430b1663c942a9d2a92c559667cd
2b7d07a004fa13af572b8d5d6317594c1eee9eec
b1357936607e4478fa840a29b58e6714f0063f4a90e28571bd8c8be4e175d74e
GET /template/web/GG/dp1.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:35 GMT
content-type: image/gif
content-length: 141174
last-modified: Sat, 25 Jun 2022 05:41:21 GMT
etag: "62b6a001-22776"
expires: Thu, 04 May 2023 02:50:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230403-1/09cba5eb8fbe07c332cddf582888b2f9.jpg
23.224.136.188200 OK 197 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/09cba5eb8fbe07c332cddf582888b2f9.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 197 kB (197060 bytes)
Hash 71eaa000af0d6484706563cb4e8a6875
41c4dbc48e0cc7c7488c3bd1ae61ebe7219a9861
54496bf538399473300e64afeafa7e446ec58ad95f90c7f5d350491ce760663c
GET /upload/vod/20230403-1/09cba5eb8fbe07c332cddf582888b2f9.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 197060
Last-Modified: Mon, 03 Apr 2023 09:16:53 GMT
Connection: keep-alive
ETag: "642a9985-301c4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230403-1/b6c9266ca53f62d61fb661e342e05bff.jpg
23.224.136.188200 OK 191 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/b6c9266ca53f62d61fb661e342e05bff.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 191 kB (190863 bytes)
Hash 505dfe2736585a5f31810299c6f73780
18fd82e0fca6d9322f7ffa54e4c6f7ad21fb9af5
6ad18295e6f59cd59e79310add8a93943658a9650acf29e4316457dcca4167fa
GET /upload/vod/20230403-1/b6c9266ca53f62d61fb661e342e05bff.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 190863
Last-Modified: Mon, 03 Apr 2023 09:16:52 GMT
Connection: keep-alive
ETag: "642a9984-2e98f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230403-1/ee7e4f0fff4b10d7313d3bc9e0bf0f35.jpg
23.224.136.188200 OK 185 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/ee7e4f0fff4b10d7313d3bc9e0bf0f35.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 185 kB (184990 bytes)
Hash acee9bdf1b87db8de572b0bd2db0d0df
44a42bb080da73559232a35abff1f4897d5959c1
1e5bf6fa6bc6b202893f455362efda84f64e2346bfd50f97cf5fb6194f81eaf6
GET /upload/vod/20230403-1/ee7e4f0fff4b10d7313d3bc9e0bf0f35.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 184990
Last-Modified: Mon, 03 Apr 2023 09:16:52 GMT
Connection: keep-alive
ETag: "642a9984-2d29e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230403-1/2cf61b93e53099e1236cce402b56fd47.jpg
23.224.136.188200 OK 193 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/2cf61b93e53099e1236cce402b56fd47.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x537, components 3\012- data
Size 193 kB (193132 bytes)
Hash 4c8376983137caf2b7a542e6ac9004e5
146255c906da6407052bdf35c655a3461766d0f9
a4b821baf2c8ad20a0172d8df3c2656d37465514b8e52aa95eae1def76c643de
GET /upload/vod/20230403-1/2cf61b93e53099e1236cce402b56fd47.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 193132
Last-Modified: Mon, 03 Apr 2023 09:16:52 GMT
Connection: keep-alive
ETag: "642a9984-2f26c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
104.26.1.190200 OK 9.2 kB URL HTTP/2 s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
IP 104.26.1.190:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /2022/05/21/zAxwCKkLnFjlaQ8.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Apr 2023 02:50:35 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Sat, 21 May 2022 11:42:12 GMT
etag: "6288d014-23ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgSuFDVKohKJSjVvApG68JH2M3%2FfKJyxdU7cI6eZZkmOu8%2BJtdcK9lT%2F70523S6C%2BPVzE6jcHQj9ZPMOq6ROmAPvXz6jcvgd5RRlo1PalhuXCSMTsVNETzSnrh7u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b263ea3bca5b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230402-1/e6c9a4b4494ddaeaf147803eae3a5bb5.jpg
23.224.136.188200 OK 10 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230402-1/e6c9a4b4494ddaeaf147803eae3a5bb5.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash cce66a8c8ac886c4bfea389d6788d95e
e87b94db66eae94335cff16d565bcc496b1dc07f
cc21cabfb8cb56ef6e2d83bf3d94bd13e52d4de0f5c951fcae04980d49d70e90
GET /upload/vod/20230402-1/e6c9a4b4494ddaeaf147803eae3a5bb5.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 10389
Last-Modified: Sun, 02 Apr 2023 13:30:53 GMT
Connection: keep-alive
ETag: "6429838d-2895"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230402-1/cc6222d1654ba1246c59a5f0222d36ba.jpg
23.224.136.188200 OK 20 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230402-1/cc6222d1654ba1246c59a5f0222d36ba.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 0735a734483bb59091653392367f5dec
547760e999e4879411627763e98e5386dcfebf6b
194f5eaee75e3fcb2288af14711b32141e3786b178624df5d8edc3875a318121
GET /upload/vod/20230402-1/cc6222d1654ba1246c59a5f0222d36ba.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 20226
Last-Modified: Sun, 02 Apr 2023 13:30:54 GMT
Connection: keep-alive
ETag: "6429838e-4f02"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
a2.cmbt8.com/template/web/GG/dp2.gif
23.224.15.235200 OK 767 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/dp2.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 767 kB (766938 bytes)
Hash 06f924cdbba4e6c4765765139a404682
7eaadc65f26a4fe45240e14f96c29aa53e721775
514dc1d00a06bed8dbb2a891aa73b6ff70cd32772f582df1c2c959c856d45a5d
GET /template/web/GG/dp2.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:35 GMT
content-type: image/gif
content-length: 766938
last-modified: Sat, 25 Jun 2022 05:40:57 GMT
etag: "62b69fe9-bb3da"
expires: Thu, 04 May 2023 02:50:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230403-1/8053c262958d78de84d47d0b96d5b492.jpg
23.224.136.188200 OK 134 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/8053c262958d78de84d47d0b96d5b492.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 134 kB (134029 bytes)
Hash b53b09780913c405f1b81e8a40b67d1c
f4d26c860b2da5a584cdbafd5551ce301a2ab015
353d043d8c57c8d6dd3d63fb130969a050bf7cf39e46e2814aea2693c2cdb2c1
GET /upload/vod/20230403-1/8053c262958d78de84d47d0b96d5b492.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 134029
Last-Modified: Mon, 03 Apr 2023 09:25:08 GMT
Connection: keep-alive
ETag: "642a9b74-20b8d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230402-1/f7ca18debb258b2b1bfbad1c63433a52.jpg
23.224.136.188200 OK 185 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230402-1/f7ca18debb258b2b1bfbad1c63433a52.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 185 kB (185304 bytes)
Hash 4aa8eb158dad47abc62511d0a8cac645
b95c2c8c8987a67c7db7a0120a9ac0ae872214d6
3911d6a4153439dc454b0f12fb0e366494ce0038609656e914535ff153935163
GET /upload/vod/20230402-1/f7ca18debb258b2b1bfbad1c63433a52.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 185304
Last-Modified: Sun, 02 Apr 2023 13:30:41 GMT
Connection: keep-alive
ETag: "64298381-2d3d8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230403-1/6fe4c78e646ed2e6214f1f3a2fb31cdb.jpg
23.224.136.188200 OK 109 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/6fe4c78e646ed2e6214f1f3a2fb31cdb.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x534, components 3\012- data
Size 109 kB (108717 bytes)
Hash 83e1c0bce978a4d55ad656132e1a0063
25a434bc6c5f2a16745ec3847de6525a3651ccfa
22e0ce0be0faa44f41a7cb78d1c81a4c52a02f693dc34a52071fa6a8c6fd5da7
GET /upload/vod/20230403-1/6fe4c78e646ed2e6214f1f3a2fb31cdb.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 108717
Last-Modified: Mon, 03 Apr 2023 09:22:51 GMT
Connection: keep-alive
ETag: "642a9aeb-1a8ad"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
228tuchuang.com/960x80.gif
14.128.34.137200 OK 124 kB URL HTTP/1.1 228tuchuang.com/960x80.gif
IP 14.128.34.137:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 960 x 80\012- data
Size 124 kB (123970 bytes)
Hash 83735404f4ab51b1abaad368fe9563cb
49009970fdcebba47b2dfa21efe27724adb4a5de
d6e4e3d48c2872e139be81a41b2b1abe0bb552f2c60df118f723afb33245a216
GET /960x80.gif HTTP/1.1
Host: 228tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/gif
Content-Length: 123970
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 06:49:37 GMT
ETag: "64019881-1e442"
Expires: Sat, 29 Apr 2023 04:32:15 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
qp.ezfxpuo.cn/960X60.gif
218.66.171.96200 OK 245 kB IP 218.66.171.96:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (244625 bytes)
Hash 8ea7a6d4406fc7d5d0c11e711a860b6b
5dfe851d968ba8bdd6c9aa331fe816505f1749f6
f1fb1cf1dc68a5b38cf47a0676d19a68a67a1fec63d97657be4a32b899cf0aaf
GET /960X60.gif HTTP/1.1
Host: qp.ezfxpuo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Tue, 04 Apr 2023 02:50:34 GMT
content-type: image/gif
content-length: 244625
x-oss-request-id: 63F9A9C29DB57833328C4EFC
etag: "8EA7A6D4406FC7D5D0C11E711A860B6B"
last-modified: Fri, 24 Feb 2023 05:36:14 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4303395622184053937
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: jqem1EBvx9XQwR5xGoYLaw==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230403-1/3304214c7555699a3ff7c2436cd0fff1.jpg
23.224.136.188200 OK 172 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/3304214c7555699a3ff7c2436cd0fff1.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 72x72, segment length 16, progressive, precision 8, 800x535, components 3\012- data
Size 172 kB (171850 bytes)
Hash ec9d692b3b6c2cfa4f5453cbbbfec11d
74aa8678c23113f258a972ebe485acc3b1eb8342
1e85b8a825c4160a83c3a72b80a2dcfa1d984706fac07be68974f5609aa69ad8
GET /upload/vod/20230403-1/3304214c7555699a3ff7c2436cd0fff1.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 171850
Last-Modified: Mon, 03 Apr 2023 09:30:55 GMT
Connection: keep-alive
ETag: "642a9ccf-29f4a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230403-1/2156d7bfd549f7295851cfa8b5a1a098.jpg
23.224.136.188200 OK 7.4 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/2156d7bfd549f7295851cfa8b5a1a098.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d11f30ac1263f8860aef6c5a11d75145
b612bc7696686a75969bb20d55fb8bbbf5756821
130f8b00df96bb26bdfc309f070c63f18a22ad9752452493008e91dc261b2d49
GET /upload/vod/20230403-1/2156d7bfd549f7295851cfa8b5a1a098.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 7350
Last-Modified: Mon, 03 Apr 2023 09:30:54 GMT
Connection: keep-alive
ETag: "642a9cce-1cb6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
a2.cmbt8.com/template/web/GG/dp4.gif
23.224.15.235200 OK 747 kB URL HTTP/2 a2.cmbt8.com/template/web/GG/dp4.gif
IP 23.224.15.235:0
File type GIF image data, version 89a, 640 x 200\012- data
Size 747 kB (746571 bytes)
Hash 84e8edecf6c28c8218e0a7b1ad9ea414
3897e6bf1a2292c59b45e44d2b9c38e45f8f9a6f
356abb92d87698d59a4af16304d13e760b032739634c495fba68568e82d5c1ce
GET /template/web/GG/dp4.gif HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:35 GMT
content-type: image/gif
content-length: 746571
last-modified: Tue, 10 May 2022 07:07:15 GMT
etag: "627a0f23-b644b"
expires: Thu, 04 May 2023 02:50:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230403-1/6d130b8623dfbfa1988937c0be0c218d.jpg
23.224.136.188200 OK 208 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/6d130b8623dfbfa1988937c0be0c218d.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 800x538, components 3\012- data
Size 208 kB (208446 bytes)
Hash d87ce3eae7cfeed2a3363d97d282bea7
9a4567161780bad710000e9638eb5841c1827b77
30276655ec244b7b13803682f59b479e185f5c80ce4374ae2b4c1002b73f0a1b
GET /upload/vod/20230403-1/6d130b8623dfbfa1988937c0be0c218d.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 208446
Last-Modified: Mon, 03 Apr 2023 09:30:55 GMT
Connection: keep-alive
ETag: "642a9ccf-32e3e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ia.51.la/go1?id=21569647&rt=1680576635255&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E8%258D%2589%25E8%258E%2593%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1680576635255&tt=%25E8%258D%2589%25E8%258E%2593%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E8%258D%2589%25E8%258E%2593%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252Fa2.cmbt8.com%252F&pu=http%253A%252F%252Fwww.0516bm.com%252F
112.90.153.37200 0 B URL HTTP/1.1 ia.51.la/go1?id=21569647&rt=1680576635255&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E8%258D%2589%25E8%258E%2593%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1680576635255&tt=%25E8%258D%2589%25E8%258E%2593%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E8%258D%2589%25E8%258E%2593%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252Fa2.cmbt8.com%252F&pu=http%253A%252F%252Fwww.0516bm.com%252F
IP 112.90.153.37:0
ASN #136959 China Unicom Guangdong IP network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21569647&rt=1680576635255&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E8%258D%2589%25E8%258E%2593%25E5%25BD%25B1%25E8%25A7%2586&ing=1&ekc=&sid=1680576635255&tt=%25E8%258D%2589%25E8%258E%2593%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E8%258D%2589%25E8%258E%2593%25E5%25BD%25B1%25E8%25A7%2586&cu=https%253A%252F%252Fa2.cmbt8.com%252F&pu=http%253A%252F%252Fwww.0516bm.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Content-Length: 0
Date: Tue, 04 Apr 2023 02:50:26 GMT
ttzytp3.com/upload/vod/20230402-1/f07b168d494f81b4977d40ff91ac312e.jpg
23.224.136.188200 OK 94 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230402-1/f07b168d494f81b4977d40ff91ac312e.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x438, components 3\012- data
Hash 8e3090955886c455d1c0b33b3976895d
c9c900e1c038b7f7c5c09f1851643e41f5aa0b66
4ef69f976995dc197816474b816942d3fcf164a3e057aa64e208d967112456f6
GET /upload/vod/20230402-1/f07b168d494f81b4977d40ff91ac312e.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 94394
Last-Modified: Sun, 02 Apr 2023 13:30:29 GMT
Connection: keep-alive
ETag: "64298375-170ba"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12e77198075a662e9070d16f27201a17
cb8026c06c7f8edb27c3a1c0a776dd95681d5bbe
0ec3594fb267fdba4efdfed1d75e821dbe5484d28c7e16e418da1ab22bf6091f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0EC3594FB267FDBA4EFDFED1D75E821DBE5484D28C7E16E418DA1AB22BF6091F"
Last-Modified: Mon, 03 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1504
Expires: Tue, 04 Apr 2023 03:15:40 GMT
Date: Tue, 04 Apr 2023 02:50:36 GMT
Connection: keep-alive
ttzytp3.com/upload/vod/20230403-1/cf9f08d6dadce17fe4a4e5f070bbc964.jpg
23.224.136.188200 OK 140 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/cf9f08d6dadce17fe4a4e5f070bbc964.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 140 kB (139478 bytes)
Hash d4557479e7e458de1def074067100fb5
f6216197d7ba78a70142b957b3a01b57e951b3e5
284852b7a1d6c110f732caddd44d5868a5c1cf254269970a43b653243985f0fd
GET /upload/vod/20230403-1/cf9f08d6dadce17fe4a4e5f070bbc964.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 139478
Last-Modified: Mon, 03 Apr 2023 09:30:53 GMT
Connection: keep-alive
ETag: "642a9ccd-220d6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 50d49bf967a11fecb36046e07320663c
cef7bd3a5bec13eee2784819623360870db8b0c0
a666975543824a3472d00e447e995d10c65a9d03d41357083013a145841e02e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 31 Mar 2023 22:39:56 GMT
Expires: Fri, 07 Apr 2023 22:39:55 GMT
Etag: "cef7bd3a5bec13eee2784819623360870db8b0c0"
Cache-Control: max-age=329958,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b263ea78b67b509-OSL
ttzytp3.com/upload/vod/20230403-1/13b27d73c11d0358814ee2d5ef963ab4.jpg
23.224.136.188200 OK 168 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230403-1/13b27d73c11d0358814ee2d5ef963ab4.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 800x537, components 3\012- data
Size 168 kB (167456 bytes)
Hash 687e33f1247d91feec96e69a7ed45635
dc10abae1595f176b3c8a9421f69e436929a7463
be012f57b028a7a06ae9a43a22427fa83df7720db8f4a206c17d2984f408e923
GET /upload/vod/20230403-1/13b27d73c11d0358814ee2d5ef963ab4.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 04 Apr 2023 02:50:35 GMT
Content-Type: image/jpeg
Content-Length: 167456
Last-Modified: Mon, 03 Apr 2023 09:29:11 GMT
Connection: keep-alive
ETag: "642a9c67-28e20"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 50d49bf967a11fecb36046e07320663c
cef7bd3a5bec13eee2784819623360870db8b0c0
a666975543824a3472d00e447e995d10c65a9d03d41357083013a145841e02e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 31 Mar 2023 22:39:56 GMT
Expires: Fri, 07 Apr 2023 22:39:55 GMT
Etag: "cef7bd3a5bec13eee2784819623360870db8b0c0"
Cache-Control: max-age=329958,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b263ea78e9fb4f3-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash fcf59e27764266647666df7a9f71b266
fbeb6ea74a828c6168162a6600dff28df2acf032
98453c15c15327b9bdd7fabf243cd81122e50a415b2f8e926ad6f38ddbeb2f19
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 02:50:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 31 Mar 2023 19:00:23 GMT
Expires: Fri, 07 Apr 2023 19:00:22 GMT
Etag: "fbeb6ea74a828c6168162a6600dff28df2acf032"
Cache-Control: max-age=316785,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b263ea77f990b69-OSL
yhtuchuang.com/960x80.gif
23.224.27.254200 OK 456 kB URL HTTP/2 yhtuchuang.com/960x80.gif
IP 23.224.27.254:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 456 kB (455488 bytes)
Hash 87b3b534ef6dfd1637c44ef283475ba9
0ef5da9ba5db5a5fe941f68e481aed1b0e0c055f
1331c8e7ccb1879ea248dab48440764e8ca2521c2580e0c2c5bb0d218e809f4c
GET /960x80.gif HTTP/1.1
Host: yhtuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Apr 2023 02:50:35 GMT
content-type: image/gif
content-length: 455488
last-modified: Sun, 26 Feb 2023 05:05:40 GMT
etag: "63fae8a4-6f340"
expires: Sat, 22 Apr 2023 07:17:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
66886aaa.com/8f6f39f812db4573989c1fde961ca47a.gif
45.61.212.219200 OK 276 kB URL HTTP/1.1 66886aaa.com/8f6f39f812db4573989c1fde961ca47a.gif
IP 45.61.212.219:0
File type GIF image data, version 89a, 180 x 180\012- data
Size 276 kB (275781 bytes)
Hash e6b935405a2f267592cd1d81fbe51897
475f77009b099e3edfe16b9fa4b3105fab4b62ea
eb05ec6c95dddb68b7615d26c68820ab928b9c32f534b2e3eee12e1c8b97f6f3
GET /8f6f39f812db4573989c1fde961ca47a.gif HTTP/1.1
Host: 66886aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63959721-43545"
Date: Thu, 30 Mar 2023 11:33:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 11 Dec 2022 08:38:57 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-19
Content-Length: 275781
collect-v6.51.la/v6/collect?dt=4
103.143.19.103403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 276
Origin: https://a2.cmbt8.com
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403
Server: CloudWAF
Date: Tue, 04 Apr 2023 02:50:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=4f7b0a57c9aac4c5943; path=/
HWWAFSESTIME=1680576635100; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://a2.cmbt8.com
Access-Control-Allow-Credentials: true
a2.cmbt8.com/
23.224.15.235200 OK 270 kB IP 23.224.15.235:0
Size 270 kB (269550 bytes)
Hash aefe835129c1300e541338f03c41c2cf
777d2f6387afa860ec183c74703e3ecb57556262
b696cd889ec958feabd8b144849586f1d372868057c242aab85c3b7856f83708
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.0516bm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
66886aaa.com/ce6b072c41fa412e9ba1a0bed8aa5f55.gif
45.61.212.219200 OK 1.0 MB URL HTTP/1.1 66886aaa.com/ce6b072c41fa412e9ba1a0bed8aa5f55.gif
IP 45.61.212.219:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 1.0 MB (1014326 bytes)
Hash 77b7959e612c6d66794724465b5419c6
d099413d7b418986fb539f3b23ed1426dfa1398c
88a0814cd72868125148c4a9808bf9ec36d79a383b993a481d65ed0c8a234585
GET /ce6b072c41fa412e9ba1a0bed8aa5f55.gif HTTP/1.1
Host: 66886aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "639596f4-f7a36"
Date: Thu, 30 Mar 2023 11:33:05 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 11 Dec 2022 08:38:12 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-19
Content-Length: 1014326
taiwtp1.com/xin/200200sas.gif
220.128.218.220200 OK 694 kB URL HTTP/2 taiwtp1.com/xin/200200sas.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Size 694 kB (693471 bytes)
Hash e6ff7b0afb00d39bca2032b100e871ec
f3da5b9bd4d1769ed482bf6f23c3b05ded824d63
41d7266ed35337d77b04bad32c7ec3c4b44e7a1707f6c6f21c8e6bc4c9f3f252
GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:42:58 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Thu, 04 May 2023 02:42:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
n0611.com/dc96748bc31546039f860a67359a2b2c.gif
107.167.16.2200 OK 0 B URL HTTP/2 n0611.com/dc96748bc31546039f860a67359a2b2c.gif
IP 107.167.16.2:0
GET /dc96748bc31546039f860a67359a2b2c.gif HTTP/1.1
Host: n0611.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Apr 2023 02:50:34 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sat, 11 Mar 2023 07:57:37 GMT
etag: W/"640c3471-5c246"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/dipiao.js
23.224.15.235200 OK 0 B URL HTTP/2 a2.cmbt8.com/template/web/dipiao.js
IP 23.224.15.235:0
Analyzer Verdict Alert fortinet Phishing
GET /template/web/dipiao.js HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: application/javascript
last-modified: Wed, 29 Jun 2022 10:28:30 GMT
vary: Accept-Encoding
etag: W/"62bc294e-81a"
expires: Tue, 04 Apr 2023 14:50:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
a2.cmbt8.com/template/web/app.js
23.224.15.235200 OK 0 B URL HTTP/2 a2.cmbt8.com/template/web/app.js
IP 23.224.15.235:0
Analyzer Verdict Alert fortinet Phishing
GET /template/web/app.js HTTP/1.1
Host: a2.cmbt8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a2.cmbt8.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 02:50:32 GMT
content-type: application/javascript
last-modified: Mon, 03 Apr 2023 08:43:17 GMT
vary: Accept-Encoding
etag: W/"642a91a5-24a0"
expires: Tue, 04 Apr 2023 14:50:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2