r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12846
Expires: Tue, 15 Nov 2022 13:24:04 GMT
Date: Tue, 15 Nov 2022 09:49:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6561
Expires: Tue, 15 Nov 2022 11:39:19 GMT
Date: Tue, 15 Nov 2022 09:49:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3533
Cache-Control: max-age=92412
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:49:58 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:30:10 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6pnFGKfCQJBgK+NLY3oVp41vuKTqrrQ6NXFMPjMpK/h+Qe/4goOtd2ulnch9qdHyxZzn+BnUYqY=
x-amz-request-id: SDYRWT7EVQSZYGR3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 08:51:29 GMT
age: 3509
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 09:44:25 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 333
alt-svc: clear
X-Firefox-Spdy: h2
higeban.com/
154.12.61.138301 Moved Permanently 0 B IP 154.12.61.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 15 Nov 2022 09:49:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.higeban.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 09:49:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 09:44:48 GMT
cache-control: public,max-age=3600
age: 310
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6147
Cache-Control: max-age=89969
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:49:59 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:49:28 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bp08+pbexUvN1OR2KxVdIA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gAkQ499J5xOtJChWVLHDFO6sSns=
www.higeban.com/
154.12.61.138200 OK 36 kB IP 154.12.61.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash a41666131c5f43ee4240ed302af75dd0
7c02269bcb6d28008fb6f4cfb60b5b44f8204afa
47f784dcacf45c7d01bcd73cb249a08d3f8f05c62823d563e1f7ec9ff2cc2d4d
GET / HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: text/html
Content-Length: 36457
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
www.higeban.com/staticmy/js/tj.js
154.12.61.138200 OK 554 B URL HTTP/1.1 www.higeban.com/staticmy/js/tj.js
IP 154.12.61.138:0
File type HTML document, ASCII text, with very long lines (554), with no line terminators
Hash 30e5c78d6c64e70d90bd3812ee1551c6
f18ecfca05d7b62756abcd58839b53536d1e27e9
f21d6dac5d45d1ccf3cc6a98932b33ebce5c390272881f587968d012dd3f0c04
GET /staticmy/js/tj.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Content-Length: 554
Last-Modified: Thu, 22 Sep 2022 06:59:38 GMT
Connection: keep-alive
ETag: "632c07da-22a"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.higeban.com/staticmy/js/stui_default.js
154.12.61.138200 OK 1.8 kB URL HTTP/1.1 www.higeban.com/staticmy/js/stui_default.js
IP 154.12.61.138:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 88309ab2087abf77ffd6cd362306bdc2
a70ca083de465cd44c46d1522ed0a398da145fed
c1ee1083469f5915240855919148a951ad49493d2f0bf6ef62a587715eb727ce
GET /staticmy/js/stui_default.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c4-11b6"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.higeban.com/staticmy/js/jquery.cookie.min.js
154.12.61.138200 OK 707 B URL HTTP/1.1 www.higeban.com/staticmy/js/jquery.cookie.min.js
IP 154.12.61.138:0
File type ASCII text, with very long lines (1266)
Hash 58dbd5fe203290a568f56b67b661e002
76f8bf540b3df5c5ec21957ce3d3f221fa4925b3
7965786891d81a4d8a5e9211cdc4db9b586c1dfb3b9c65d1079ba7999f980822
GET /staticmy/js/jquery.cookie.min.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c2-514"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.higeban.com/staticmy/js/jquery.lazyload.min.js
154.12.61.138200 OK 1.3 kB URL HTTP/1.1 www.higeban.com/staticmy/js/jquery.lazyload.min.js
IP 154.12.61.138:0
File type ASCII text, with very long lines (3309)
Hash 107610b0db6edb28f23fa6225715d7b8
126dbbafb6d950bdad39ed43252935662102c427
d66c70427c0ca29dd4ca5649cb50c2f4c72e03506309ead0bbf9ca0d18d82f18
GET /staticmy/js/jquery.lazyload.min.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c2-d35"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.higeban.com/staticmy/js/home.js
154.12.61.138200 OK 8.9 kB URL HTTP/1.1 www.higeban.com/staticmy/js/home.js
IP 154.12.61.138:0
Hash ef5684d1a2af89012b3f0c76e654ca77
92f8faba52aa48931d94d25d9d368af6a91fbce1
17f2053129817790271a8fce4d6a19dfdc31d322fc5707c7e3d30b82af8b2ac0
GET /staticmy/js/home.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 31 May 2022 10:51:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6295f340-84cc"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.higeban.com/staticmy/js/sousuo.js
154.12.61.138200 OK 548 B URL HTTP/1.1 www.higeban.com/staticmy/js/sousuo.js
IP 154.12.61.138:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 89b22a142e755eee1874e155fca78600
d415526cdaa5a714777ae28c11c04bb98cb932fb
f35c1ff5a7a3c8f59ba5eb5cf3d5e7d8830f6c2802bf7cf2c72d9e16d6c61e7d
GET /staticmy/js/sousuo.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Content-Length: 548
Last-Modified: Mon, 17 Oct 2022 08:15:52 GMT
Connection: keep-alive
ETag: "634d0f38-224"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.higeban.com/staticmy/js/daohang1.js
154.12.61.138200 OK 585 B URL HTTP/1.1 www.higeban.com/staticmy/js/daohang1.js
IP 154.12.61.138:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 331aebda27d8f6a2d7478e120d149a84
5ed8b0789076203b4626ac7ca698fdd4970e78c4
8b27f61d90ed4cc911a4aa62fb2ca502fe8c00f1810d3fc4c878dc988a831d89
GET /staticmy/js/daohang1.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Content-Length: 585
Last-Modified: Tue, 15 Nov 2022 07:48:31 GMT
Connection: keep-alive
ETag: "6373444f-249"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.higeban.com/staticmy/js/daohang2.js
154.12.61.138200 OK 467 B URL HTTP/1.1 www.higeban.com/staticmy/js/daohang2.js
IP 154.12.61.138:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash f498e7b1793fb3479224761b8f2e6df1
4982b8f8de5c91a13b2d86c38fa6ce407d43d6f8
acaaa8b58c222acac470ec1923f91cbba689fe711b5e0376badd6854760dee97
GET /staticmy/js/daohang2.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 06:57:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632c0753-a18"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.higeban.com/staticmy/js/daohang3.js
154.12.61.138200 OK 663 B URL HTTP/1.1 www.higeban.com/staticmy/js/daohang3.js
IP 154.12.61.138:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 551d721c7c9737dd153d9cab1f874b93
5486604a848cdc2049718229538b049817be5bf9
ca0610a0feeb9bffb5978ed71aff84a40b2258d9fda66d4cf66fb2e9cdb6650d
GET /staticmy/js/daohang3.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Content-Length: 663
Last-Modified: Tue, 15 Nov 2022 07:48:53 GMT
Connection: keep-alive
ETag: "63734465-297"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.higeban.com/gg7f5kv/shang1i7d3.php
154.12.61.138200 OK 145 B URL HTTP/1.1 www.higeban.com/gg7f5kv/shang1i7d3.php
IP 154.12.61.138:0
File type ASCII text, with no line terminators
Hash 311e048ee57000c77a5abfdcefbf98c5
da3fd293e7533ce653d92d8ebfdebb1d390dadf7
07cd6b438593f73484ee78be5b1f4f06d55c065f8fffc5c4f9e83990d37b0deb
GET /gg7f5kv/shang1i7d3.php HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.higeban.com/staticmy/js/jquery.min.js
154.12.61.138200 OK 33 kB URL HTTP/1.1 www.higeban.com/staticmy/js/jquery.min.js
IP 154.12.61.138:0
File type ASCII text, with very long lines (32061)
Hash 86e98aeb7b032f4d77c7417cf01804c2
6dac186a17a276a44ab10be97ce7a7e68ea0f4ca
25122f689abc9b607b190b64254c6f70daa217593624db865e0a763d05aa4d28
GET /staticmy/js/jquery.min.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c2-14938"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.higeban.com/gg7f5kv/sxpf.js
154.12.61.138200 OK 970 B URL HTTP/1.1 www.higeban.com/gg7f5kv/sxpf.js
IP 154.12.61.138:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (509), with CRLF line terminators
Hash 6536ca21c71ae990e6ab6868fe7f89a1
1eecdf2b2956a322c774cc4bf3608d7b18175cf4
67eee7f71b43c72557162a9a24d0b3bf82383dbb722bbbadafeb058903328a26
GET /gg7f5kv/sxpf.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Nov 2022 05:39:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636de015-d9d"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.higeban.com/gg7f5kv/shipinqiangg.js
154.12.61.138200 OK 559 B URL HTTP/1.1 www.higeban.com/gg7f5kv/shipinqiangg.js
IP 154.12.61.138:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash de2af2de94b27b56f3dc52de14738ae0
0522af4482a27513304855bb49ad82811a76c24b
d93096146fefdbca11da93925243c7578254099761d81059a0a5242ef1d28ef5
GET /gg7f5kv/shipinqiangg.js HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 09:12:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636628e5-716"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.higeban.com/staticmy/css/iconfont.css
154.12.61.138200 OK 928 B URL HTTP/1.1 www.higeban.com/staticmy/css/iconfont.css
IP 154.12.61.138:0
File type Unicode text, UTF-8 (with BOM) text
Hash d6f5821d0866c5ef4329519076096849
a006c2ca7493b9cd1954e2cc106fb72e361b8540
b8145589bb54c721a56e293facb2f6204779c4c3824e6b628c38dcf83c76150d
GET /staticmy/css/iconfont.css HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: text/css
Last-Modified: Tue, 07 Sep 2021 04:59:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c4-e41"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.higeban.com/staticmy/css/stui_default.css
154.12.61.138200 OK 4.9 kB URL HTTP/1.1 www.higeban.com/staticmy/css/stui_default.css
IP 154.12.61.138:0
File type assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (310), with CRLF line terminators
Hash b2877c0ce3ce01eb038dad7dadf34f95
cbbad210aa4f04ace95a0077b2cc7ade27499077
c9ca9a33dce8a3946d18a9737723ebca93bdc278103710a95a310bd0f4e72efd
GET /staticmy/css/stui_default.css HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:49:59 GMT
Content-Type: text/css
Last-Modified: Thu, 22 Sep 2022 07:00:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632c081c-4b1d"
Expires: Tue, 15 Nov 2022 21:49:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 18aa9031fbda2b04ff3ee181effbfa00
19cf98cd8b998a595a468d0c398f453ddb9eba48
265208d94864169f2dd7c47001255ceec1616d2dd7ca18e422309abc57c0308c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5880
Cache-Control: max-age=165995
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:00 GMT
Etag: "63732f3b-118"
Expires: Thu, 17 Nov 2022 07:56:35 GMT
Last-Modified: Tue, 15 Nov 2022 06:18:35 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
www.higeban.com/gg7f5kv/shouyeshang.html
154.12.61.138200 OK 4.0 kB URL HTTP/1.1 www.higeban.com/gg7f5kv/shouyeshang.html
IP 154.12.61.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 90bad9a6e9c31e0cf3498843dff11039
d6d9efc6b44bda466824e3c99684dff7f924bfa5
37460c441f8c823275187d92b952a318107c10dfdb6707ccffad3be034cbad5f
GET /gg7f5kv/shouyeshang.html HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:50:00 GMT
Content-Type: text/html
Last-Modified: Mon, 14 Nov 2022 07:42:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6371f178-44be"
Content-Encoding: gzip
www.higeban.com/staticmy/images/150x50.gif
154.12.61.138200 OK 6.5 kB URL HTTP/1.1 www.higeban.com/staticmy/images/150x50.gif
IP 154.12.61.138:0
File type GIF image data, version 89a, 150 x 50\012- data
Hash 234bdd5dc2570a5ab1dc9c708245b395
375b93c3bc8f4382991d2ff4af446685e429bf2c
77cab73693745ce7a57f4e10d5b7213019939be397f526fd709e759bde032aa9
GET /staticmy/images/150x50.gif HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/staticmy/css/stui_default.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:50:00 GMT
Content-Type: image/gif
Content-Length: 6450
Last-Modified: Tue, 07 Sep 2021 04:59:40 GMT
Connection: keep-alive
ETag: "6136f1bc-1932"
Expires: Thu, 15 Dec 2022 09:50:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 15 Nov 2022 09:50:00 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.higeban.com/staticmy/images/load.gif
154.12.61.138200 OK 65 kB URL HTTP/1.1 www.higeban.com/staticmy/images/load.gif
IP 154.12.61.138:0
File type GIF image data, version 89a, 150 x 210\012- data
Hash 1fbb5556099254502571ddee76ec3683
8d1bc81d78d45b97e0c031f813c338cf22043978
1a41d8b1fe312bd93ad4ce35db83af7647ab0ebef9d60c45d211cda7340ec4c8
GET /staticmy/images/load.gif HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/staticmy/css/stui_default.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:50:00 GMT
Content-Type: image/gif
Content-Length: 65214
Last-Modified: Tue, 07 Sep 2021 04:59:40 GMT
Connection: keep-alive
ETag: "6136f1bc-febe"
Expires: Thu, 15 Dec 2022 09:50:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
104.26.0.190200 OK 9.2 kB URL HTTP/2 s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
IP 104.26.0.190:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /2022/05/21/zAxwCKkLnFjlaQ8.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:00 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Sat, 21 May 2022 11:42:12 GMT
etag: "6288d014-23ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=540Core3YCEYbMwgNGvIWYN4l7WU8364JKZhzyLmRWSXioKE%2B6%2BvgbKjWjiH3edIfgr%2BZg5MMiorzMD%2BABDyUVlrvrrHNcEPtCz78oekH7bhU0ILo4Ny8DousLYY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a71482991bb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.higeban.com/staticmy/fonts/c8e1344f3d584efebecd98ce9573c7b8.woff
154.12.61.138200 OK 158 kB URL HTTP/1.1 www.higeban.com/staticmy/fonts/c8e1344f3d584efebecd98ce9573c7b8.woff
IP 154.12.61.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size 158 kB (157747 bytes)
Hash a41e2180ee544e19c63b8fabc1941135
ebcf8970d76975bbed7de1513f79b3b8b1189dd6
31206296a0f23577b122a8b5c94d5154255a41aed005d295ac6e08e47fda8473
GET /staticmy/fonts/c8e1344f3d584efebecd98ce9573c7b8.woff HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.higeban.com/staticmy/css/iconfont.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:50:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash becf6b0b539002f2ab7b6b29bed46920
acc9772e8b8fef04f3c4a170c00e46defe5462b8
35963f6149968d7f86b2777172622577e3b6ede30c5fdea3196c4b21c7d2b4e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35963F6149968D7F86B2777172622577E3B6EDE30C5FDEA3196C4B21C7D2B4E9"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11140
Expires: Tue, 15 Nov 2022 12:55:40 GMT
Date: Tue, 15 Nov 2022 09:50:00 GMT
Connection: keep-alive
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 453
Origin: http://www.higeban.com
Connection: keep-alive
Referer: http://www.higeban.com/
HTTP/1.1 200
Server: CloudWAF
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=dea2db3b329d7effc5b; path=/
HWWAFSESTIME=1668505797821; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.higeban.com
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71a7bed10b3ef4d607fff3e362c80542
aaf42416b6d7f582865bdb512acde8c8a87d9811
fade3e60819e4424192e0c26690f50340577935cbc4b642c3a15b22d74bed917
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FADE3E60819E4424192E0C26690F50340577935CBC4B642C3A15B22D74BED917"
Last-Modified: Mon, 14 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Tue, 15 Nov 2022 15:49:35 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a16ac05d476f2aa2038c4346ede6b03c
4b1bf1997cd2b26c4eb7496d59cea83f161d2d86
7883aef9db245b30c2545e15915c36a23e0cf3bef1ec6b98a9268474053a9723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7883AEF9DB245B30C2545E15915C36A23E0CF3BEF1EC6B98A9268474053A9723"
Last-Modified: Mon, 14 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18607
Expires: Tue, 15 Nov 2022 15:00:08 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash becf6b0b539002f2ab7b6b29bed46920
acc9772e8b8fef04f3c4a170c00e46defe5462b8
35963f6149968d7f86b2777172622577e3b6ede30c5fdea3196c4b21c7d2b4e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35963F6149968D7F86B2777172622577E3B6EDE30C5FDEA3196C4B21C7D2B4E9"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11139
Expires: Tue, 15 Nov 2022 12:55:40 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
www.higeban.com/staticmy/fonts/iconfont-15417656157251.ttf
154.12.61.138200 OK 22 kB URL HTTP/1.1 www.higeban.com/staticmy/fonts/iconfont-15417656157251.ttf
IP 154.12.61.138:0
File type TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh, \012- data
Hash ac82e9b2caf4353072767003329646d5
6711419177b4fd005c1c69900517af042504bb60
12cfa0fe87f6160e5fc1d1dd699e701e6c55f36b5c6a86a2e1fbcbf12f7b688e
GET /staticmy/fonts/iconfont-15417656157251.ttf HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/staticmy/css/iconfont.css
Cookie: __vtins__Jp5aWRUfxTPckPtO=%7B%22sid%22%3A%20%22349d2047-f5a6-56d6-b3dd-49964cb9abea%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201668507600182%2C%20%22ct%22%3A%201668505800182%7D; __51uvsct__Jp5aWRUfxTPckPtO=1; __51vcke__Jp5aWRUfxTPckPtO=db60104f-22f4-540b-9e91-62c12db46571; __51vuft__Jp5aWRUfxTPckPtO=1668505800186
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: application/octet-stream
Content-Length: 21940
Last-Modified: Tue, 07 Sep 2021 04:59:38 GMT
Connection: keep-alive
ETag: "6136f1ba-55b4"
Accept-Ranges: bytes
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=12004663
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Tue, 15 Nov 2022 09:50:01 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105j12000a16nl1n59E7.gif?proc=autoorient
104.110.17.24200 OK 477 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105j12000a16nl1n59E7.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 477 kB (477289 bytes)
Hash 760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd
GET /images/0105j12000a16nl1n59E7.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 477289
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11692704
expires: Thu, 30 Mar 2023 17:48:25 GMT
date: Tue, 15 Nov 2022 09:50:01 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/03939120009jipi3rDA3C.gif
104.110.17.24200 OK 494 kB URL HTTP/2 dimg04.c-ctrip.com/images/03939120009jipi3rDA3C.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 494 kB (494023 bytes)
Hash ea0576d5e89340fa184a80ff90105db6
8033f7b3314b4369b35dc82e59bd28a9f8d05aff
25364dfe88f21395c8089451cd4f5c7c405c621c0a7465c63781a4c98849ed68
GET /images/03939120009jipi3rDA3C.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 494023
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=2350259
expires: Mon, 12 Dec 2022 14:41:00 GMT
date: Tue, 15 Nov 2022 09:50:01 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
104.110.17.24200 OK 894 kB URL HTTP/2 dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /images/03950120009rs7dn26B5E.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 893726
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6885981
expires: Fri, 03 Feb 2023 02:36:22 GMT
date: Tue, 15 Nov 2022 09:50:01 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 808b62e352442d2e0861e04f246afc14
db370f5a7a86cfd96ac345b12e3003ee02f8ea6a
2e7c56d521e10e2c8880db7354fda6c2487519a8e6a4fc3fcca3efc068bf1a94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E7C56D521E10E2C8880DB7354FDA6C2487519A8E6A4FC3FCCA3EFC068BF1A94"
Last-Modified: Sun, 13 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5446
Expires: Tue, 15 Nov 2022 11:20:47 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 808b62e352442d2e0861e04f246afc14
db370f5a7a86cfd96ac345b12e3003ee02f8ea6a
2e7c56d521e10e2c8880db7354fda6c2487519a8e6a4fc3fcca3efc068bf1a94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E7C56D521E10E2C8880DB7354FDA6C2487519A8E6A4FC3FCCA3EFC068BF1A94"
Last-Modified: Sun, 13 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5446
Expires: Tue, 15 Nov 2022 11:20:47 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd1c35459ce71c75dfbede7c11c7fe9f
0f6ff466ca9f68c194422c0eeee311a5771d0239
9d2b7b5dffd5df6aa374dfa5181439e5e5927692b2a67b51b81cd81bae5ccbff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D2B7B5DFFD5DF6AA374DFA5181439E5E5927692B2A67B51B81CD81BAE5CCBFF"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11928
Expires: Tue, 15 Nov 2022 13:08:49 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://kvkppp.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://kvtccc.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://kvtccc.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d7dd8322248b6e3d047bc4c8350a3a5
9af3b349da79065500028ec7c5326c04c80c1bd5
877d1f72baf0b3ecd78ac2291475f6d095f0da3e9322f6053860194e3176daad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "877D1F72BAF0B3ECD78AC2291475F6D095F0DA3E9322F6053860194E3176DAAD"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2851
Expires: Tue, 15 Nov 2022 10:37:32 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00b3420d6eb8bec77c0cc9005f09dc8a
5fa2a4e996ed997f339844fbe102427472672606
e250e52dc09897aee93b6a3e233a05a3877411232f2e4720b6b7b7826fad423c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E250E52DC09897AEE93B6A3E233A05A3877411232F2E4720B6B7B7826FAD423C"
Last-Modified: Sun, 13 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8294
Expires: Tue, 15 Nov 2022 12:08:15 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 98bf5a1b9b890f90e375532dac131dde
7bec9a47dc2df5e8586165b1677e935ca0aa3482
9654a60e9daac2a6f0f8970645f202dd6f3b41b2a9334fd1ad5c409adac7f135
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9654A60E9DAAC2A6F0F8970645F202DD6F3B41B2A9334FD1AD5C409ADAC7F135"
Last-Modified: Tue, 15 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21059
Expires: Tue, 15 Nov 2022 15:41:00 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7419692
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Tue, 15 Nov 2022 09:50:01 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
www.higeban.com/staticmy/images/favicon.ico
154.12.61.138200 OK 4.3 kB URL HTTP/1.1 www.higeban.com/staticmy/images/favicon.ico
IP 154.12.61.138:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 11bf57dec75674ec9af4351125a77667
a95e2eb332bcf60a29bf2ff9ad27a9e7acb9dcbd
d5edeeecd4f0ce96dd5ea591726b17a090b843e9a4dbc83cf98f216a73e835b1
GET /staticmy/images/favicon.ico HTTP/1.1
Host: www.higeban.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.higeban.com/
Cookie: __vtins__Jp5aWRUfxTPckPtO=%7B%22sid%22%3A%20%22349d2047-f5a6-56d6-b3dd-49964cb9abea%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201668507600182%2C%20%22ct%22%3A%201668505800182%7D; __51uvsct__Jp5aWRUfxTPckPtO=1; __51vcke__Jp5aWRUfxTPckPtO=db60104f-22f4-540b-9e91-62c12db46571; __51vuft__Jp5aWRUfxTPckPtO=1668505800186
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Sat, 27 Aug 2022 07:44:58 GMT
Connection: keep-alive
ETag: "6309cb7a-10be"
Accept-Ranges: bytes
kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://kvhbbb.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 51a297a8a673b60aceb4f3a6c84ce15a
9a07a775bb746ebe4d4b200a0c7ac9826b6fbc40
df67609fa2f42d92d0f7fbdc11b1cbdefbdef21fa51161c111a42165c5ef2e0f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 10:21:59 GMT
Expires: Sun, 20 Nov 2022 10:21:58 GMT
Etag: "9a07a775bb746ebe4d4b200a0c7ac9826b6fbc40"
Cache-Control: max-age=433316,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a7148c5826b4ff-OSL
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://kvkfff.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4ba14371e1cf4d95db3762d3ba2d2f47
a5bb868fffa6e5b46d4f15a131640beb3433acc8
a6f62ea742ecfd7f8ec474b16e641b5deb8686ad71c76c37f226c4f4e7a8e84c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 02:24:37 GMT
Expires: Sat, 19 Nov 2022 02:24:36 GMT
Etag: "a5bb868fffa6e5b46d4f15a131640beb3433acc8"
Cache-Control: max-age=318274,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a7148c5d161c0e-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash efcc7951da3253b92f3d663258995193
6af51fcda98e9cba53ccd1e0a42fdc92e5a2053b
4eadad66fbb350939b7d333715b25d9a18735340495dab435971ce26375dff70
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 00:53:49 GMT
Expires: Tue, 22 Nov 2022 00:53:48 GMT
Etag: "6af51fcda98e9cba53ccd1e0a42fdc92e5a2053b"
Cache-Control: max-age=572026,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a7148cdd8e1c0e-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 40aa5de198ed3fd819271a9abe37b106
3980588ab26b84e18bc2477a623bdb963113e642
42f5d2fe906fdadbead9875eff4a7bd05fa9ec2915fb942f756e2cd756a5634b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 19 Nov 2022 08:08:23 GMT
ETag: "3980588ab26b84e18bc2477a623bdb963113e642"
Last-Modified: Tue, 15 Nov 2022 08:08:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1961
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a7148d6e5b0b4d-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 698e22cc7ead1b461e1e4a45c1e0d8e9
be93d65846c92dbcd637e002abfe27cd4f5e3bc5
a1b34861a7a232fc1e16d7756bea5a401a2fb54f4a63c94797b3dbdac95e21c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1B34861A7A232FC1E16D7756BEA5A401A2FB54F4A63C94797B3DBDAC95E21C7"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8581
Expires: Tue, 15 Nov 2022 12:13:02 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 08888285453a8af870f2b71bb48c173d
097a3138da47682e3eae7a7ee39872ecc67aa17d
ac3c2eefec68f64e20597c87cbac151445a8b3820d94d4d04a013c52f2eb32a5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 05:43:34 GMT
Expires: Sun, 20 Nov 2022 05:43:33 GMT
Etag: "097a3138da47682e3eae7a7ee39872ecc67aa17d"
Cache-Control: max-age=416611,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a7148c4a1f0b65-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1c3840739b7ade8587e3a95fdbe5f968
79a2ee4595e306ddab67cebc6328a1c31db42a7e
eda4c227c37ed7e6eed9f87f434c97e020c294975b3337a815fbcbd1d6571b95
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 17:02:15 GMT
Expires: Sat, 19 Nov 2022 17:02:14 GMT
Etag: "79a2ee4595e306ddab67cebc6328a1c31db42a7e"
Cache-Control: max-age=370932,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a7148c4b8d0afa-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5a96fd1ea367bb0c42a568270d01f590
15046d6a894c40a70c938dcdf8f36ec317bb4b86
92f13a51eea7272f1a8592b1718e6003dd0f7a630474e6b36c771d7f42b31da3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 04:52:22 GMT
Expires: Mon, 21 Nov 2022 04:52:21 GMT
Etag: "15046d6a894c40a70c938dcdf8f36ec317bb4b86"
Cache-Control: max-age=499939,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a7148c59e6fab8-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10177
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10177
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10177
Expires: Tue, 15 Nov 2022 12:39:38 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5bf33c5c8a30d64f0a11ec9d1524681d
a905cdb432414350cee433ffec9a1f6572ab17a5
bbe1458a5b471c4855e61fd120c63c4e88da52501eee8f2d5f96a21ec4f16b17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BBE1458A5B471C4855E61FD120C63C4E88DA52501EEE8F2D5F96A21EC4F16B17"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3841
Expires: Tue, 15 Nov 2022 10:54:02 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4a2c612eab631a3b70c19f39d5570f4
a01e6209818a0af7ee99570bad5a93eb7bce5a5e
36e1f1a6e7a3bdb28d430cdc8b69fc0fbc698b89d1ea5fdec2d90fe2bb739fcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36E1F1A6E7A3BDB28D430CDC8B69FC0FBC698B89D1EA5FDEC2D90FE2BB739FCB"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15112
Expires: Tue, 15 Nov 2022 14:01:53 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fc9477e5982c76b5205fe284f50848
2ca4915631ddcda64c1cb70674f4b1379e288050
496e4e4317538bd34bc6bc28f0c772b7afaf0edac6d2a8686f5e6c4f44331bb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11290
x-amzn-requestid: e56e4731-696e-4c63-9b48-1be184b32098
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPzMHOEoAMFVJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63706014-22c49f066ed90cf35d5bba3d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RXdcX1PweMfXctBjufkeOtyV8F9Yb8OyZJaUX38cdaswfBHCim7mGQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:37:51 GMT
age: 22330
etag: "2ca4915631ddcda64c1cb70674f4b1379e288050"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c5f45accbd2d3551103631fa77deee8f
7295ef4c52bcea1be24b963d7ff170ef5bacf713
495e2cef9d9ebec66f1ddcf478512af7e37a301b562d7b75e5d28bb7753d2290
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9311
x-amzn-requestid: ccbd88f7-a72f-4f7c-868d-907b2dbea1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ9_UEQ4IAMFmzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d76c8-4c0b800d7bf5064346932e15;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 22:10:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bJa_vwFYVNizWkPP2aLO8cOJiMqMfZmD34-hAnOlmJ0K2OO3dghWvw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 22:09:42 GMT
age: 42019
etag: "7295ef4c52bcea1be24b963d7ff170ef5bacf713"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b891dd714ee24b92f59f0697dd45c2b4
8b54f502df3eb318b87ff8a3313007876752e181
d50396bc97a46452ed3af30dbfffc9fe75cf7d4ec347c0a8460d99a6affd1fb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5856
x-amzn-requestid: 5261109d-ca5e-4b77-b0a2-17b634a51fd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtpFvRoAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff0-570bdfbd329fe34b47d8c7a4;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:36 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xzBHbUXe_VMnc5T1FV00IoyKZ075qXakhZTXJMW_QQ8bGi-1QL4z7A==
via: 1.1 ba55932f4947672586f0865cea81e028.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 08:58:54 GMT
age: 3067
etag: "8b54f502df3eb318b87ff8a3313007876752e181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e329432ad3ade706bedd8efaea0f5b3
b1d819b19438f4f0c0e2eea4b53631315b8c488b
0f7c40667a14cbedef0685c60da735d4dd89a8ff6ae330c6e96fe539d60c3980
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F7C40667A14CBEDEF0685C60DA735D4DD89A8FF6AE330C6E96FE539D60C3980"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14946
Expires: Tue, 15 Nov 2022 13:59:07 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 508368e91f7702272c5610f905e4204b
0d61ccdb959e45368a9f6ada26679974374d81a2
bd3b3d55264bccbbf647577e3f93c35dd56840967713fcb948e67426c8a71b38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 35753773-2e2d-4def-a9ef-6224343d62e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bklm8E9qoAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b62c-46372f151eb5ba9f0f5ec3a0;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:29:48 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T8ocx27r2N_V74-jyk23ATbGtw9TJBqSRB0MK0Kahre8ESS5kM_9lQ==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 43359
etag: "0d61ccdb959e45368a9f6ada26679974374d81a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c048f3e-f5d6-474b-926e-cfa0f872a7e6.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c048f3e-f5d6-474b-926e-cfa0f872a7e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcd8c821cc1f76bbeb3535701b0385e5
398ee550da0a20bd7acf15287ef478fcf08f4738
6b55b0f3a025cf90ac05ae6f5689349ce2eb32d067498de7301ec5a307247a0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c048f3e-f5d6-474b-926e-cfa0f872a7e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9446
x-amzn-requestid: dc1a4cf6-6fa0-461b-87f4-6a89277c3ab1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE3JGrCoAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e82d-07e38b3b522822663532e70d;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:03:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uo1miK7EeB5BfvK64ok7yQJLit3boViYVTtkrDT3Z0ZZgg0EXvJ9LA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 07:13:24 GMT
age: 9397
etag: "398ee550da0a20bd7acf15287ef478fcf08f4738"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9568a49c8e4920b3a887bcf576748449
8ad050b1cc42d146a5ce7280192333fccf8a6890
6bfe8e8fc9848e28f1cd62c8214d1378c1edb43a592fa11d79dc70fbdb5b6b7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BFE8E8FC9848E28F1CD62C8214D1378C1EDB43A592FA11D79DC70FBDB5B6B7A"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12470
Expires: Tue, 15 Nov 2022 13:17:51 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5zDWKjYmvVLCemXw5Swm2qkhw1mQtD5c07Fl7Krydo_XR5FFyHDu4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 09:05:32 GMT
age: 79973
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 09:47:43 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Thu, 15 Dec 2022 09:47:43 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvhaa.com/cf4287991556df0490caf209d0ed91fe.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/cf4287991556df0490caf209d0ed91fe.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /cf4287991556df0490caf209d0ed91fe.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/cf4287991556df0490caf209d0ed91fe.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 81089fcf4a0be0b551f4f6a51c02fc0f
5de7136b61ceeb7eeeccd4d5530e0677876693ad
2b6e117d01ed1f0e4b11c3d4ba90a823d830e33adc1b8e389229594a84a4e1a7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 19 Nov 2022 06:08:14 GMT
ETag: "5de7136b61ceeb7eeeccd4d5530e0677876693ad"
Last-Modified: Tue, 15 Nov 2022 06:08:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3042
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a7148e1eed0b4d-OSL
kvmaa.com/2bce8945ac6ae3579798b563e15db7a0.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/2bce8945ac6ae3579798b563e15db7a0.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2bce8945ac6ae3579798b563e15db7a0.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/2bce8945ac6ae3579798b563e15db7a0.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a08404a7754df7d149a27373f051997c
ced6223c66303c5c9abf420b9afec26b7df8fb91
12bc40568a86f83327e9a79acbd9e7e6c8c578c0a72089ba2455c6aa3e015dd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12BC40568A86F83327E9A79ACBD9E7E6C8C578C0A72089BA2455C6AA3E015DD6"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3668
Expires: Tue, 15 Nov 2022 10:51:09 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7870d29e114d6c4164f6b2eb03525c3
c35bf8cc2ede037de3eaf703867060f4faf39195
2387e4ae05850f4f3ec6bf84e8a1a70c6a128fbd46a3029bdc4b15264a194c55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2387E4AE05850F4F3EC6BF84E8A1A70C6A128FBD46A3029BDC4B15264A194C55"
Last-Modified: Tue, 15 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11956
Expires: Tue, 15 Nov 2022 13:09:17 GMT
Date: Tue, 15 Nov 2022 09:50:01 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP 142.250.74.35:0
Hash 1d352091d164dea29e2c25e4cdc375a7
667f72395fcbdda458318f1b2e8a10366ec11f87
dbad3c5b677bd5e39b42178db15cad384f0f830fc023fa8729692a9e99b5e7a2
POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kvexx.com/03c3cb047014f05117117e4a924df90d.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvexx.com/03c3cb047014f05117117e4a924df90d.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://kvhttt.top/03c3cb047014f05117117e4a924df90d.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.154.165200 OK 400 kB URL HTTP/2 kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.154.165:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Sat, 10 Dec 2022 11:40:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 425355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmPYbxX9uIVFotlzH86yh5wLeTZK4Mfw3eFTjKLjHVUuedMoG6K9r0%2F8K4DaWrp3Kf5aA78ZAeRXwc%2B%2F3UDx0%2Bq9Uu3T1CDzmcDmy4yEprOMGigMB7zaY%2B%2BQJryM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a7148ebe2cb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
45.150.164.88301 Moved Permanently 162 B URL HTTP/2 kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP 45.150.164.88:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: kzett.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:01 GMT
content-type: text/html
content-length: 162
location: https://kvtiii.top/65e7e65f41ad1c2cb20bb39e08e6b041.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 096346081f9b12ccbdd3111cd422f2f5
21b5bdfe1f4418d3c4e8cbda5f7d7f7121d90f68
6ce9a6eb9a62365c643405be749297530328050bb7c401e12d0f8b43ae6bec24
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6CE9A6EB9A62365C643405BE749297530328050BB7C401E12D0F8B43AE6BEC24"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4105
Expires: Tue, 15 Nov 2022 10:58:27 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 529c3ea856983d60976f25d34f0c3990
b2f06ffaee00153f612fd954045b009f9f3b8afc
232a318fc71ffa36e61e69d5180228cd18afd15b2fc4db428cad583c2cc9148a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168769
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Etag: "6373510b-118"
Expires: Thu, 17 Nov 2022 08:42:51 GMT
Last-Modified: Tue, 15 Nov 2022 08:42:51 GMT
Server: nginx
Content-Length: 280
kvkppp.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
172.67.167.11200 OK 566 kB URL HTTP/2 kvkppp.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 172.67.167.11:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kvkppp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
etag: "63441a05-8a16f"
expires: Sat, 10 Dec 2022 11:47:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 424943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbV%2BOyptY989sHt5ImTYVPcr2AHOO%2BWr2sq8hwOk%2FUV8CI1DLele61d%2B2H9w%2FOS%2BICdRlu3IUXp04Y7f2bugWEilSSz4NIB9eFMtjcoljtU88GaXM98lTKQ09Kf3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a7148f1cd7b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kveww.com/99462c01e85acc1311bebac224df6cce.gif
66.150.130.123301 Moved Permanently 162 B URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP 66.150.130.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: text/html
content-length: 162
location: https://kvkbbb.top/99462c01e85acc1311bebac224df6cce.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 529c3ea856983d60976f25d34f0c3990
b2f06ffaee00153f612fd954045b009f9f3b8afc
232a318fc71ffa36e61e69d5180228cd18afd15b2fc4db428cad583c2cc9148a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 266
Cache-Control: max-age=169035
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Etag: "6373510b-118"
Expires: Thu, 17 Nov 2022 08:47:17 GMT
Last-Modified: Tue, 15 Nov 2022 08:42:51 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 280
yh.133svip.com/tu/960%C3%97120.gif
23.225.33.69200 OK 726 kB URL HTTP/1.1 yh.133svip.com/tu/960%C3%97120.gif
IP 23.225.33.69:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 726 kB (726222 bytes)
Hash 130b7105c146e3147938a30b95438d0b
43102c80cf43db03028d5c306ed9d9fd7b3d16cb
e40f0165bbd173dd3598ff685bc966d38c24f9552eaaeaf7d562e2d45d4efe02
GET /tu/960%C3%97120.gif HTTP/1.1
Host: yh.133svip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
ETag: "1eaa4ba0f4bad81:0"
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2022 15:41:23 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Mon, 14 Nov 2022 23:26:03 GMT
X-Cache: HIT from dhostname
Content-Length: 726222
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash efcc7951da3253b92f3d663258995193
6af51fcda98e9cba53ccd1e0a42fdc92e5a2053b
4eadad66fbb350939b7d333715b25d9a18735340495dab435971ce26375dff70
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 00:53:49 GMT
Expires: Tue, 22 Nov 2022 00:53:48 GMT
Etag: "6af51fcda98e9cba53ccd1e0a42fdc92e5a2053b"
Cache-Control: max-age=572025,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a7148ca8a4b4ff-OSL
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
45.154.214.206301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP 45.154.214.206:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: text/html
content-length: 162
location: https://kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f156fd60f95523d0d106456db00ca679
7cf9526923a602db2425add0fef948878216d7ad
9abdb921bb1ce3ab132d2d2a262dd2b2d9782ad295c16f5d979954db72485311
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 15:19:37 GMT
Expires: Sat, 19 Nov 2022 15:19:36 GMT
Etag: "7cf9526923a602db2425add0fef948878216d7ad"
Cache-Control: max-age=364773,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a7148ddeeb1c0e-OSL
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
104.21.63.42200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP 104.21.63.42:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Sun, 04 Dec 2022 03:02:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 974873
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NNaWCfD%2BMGpEXRU%2BiCCHX0rW7MV3W7TOMD2x3afXOEkNGHN2dxo7kUzYQlE5dNnuhyR5LCHmo0U%2FcOYroO5%2BBy%2F74H3Ryv276crhGLuOAs79saG8XDuSv4h6tACcxCRhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a7148f3b2fb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b247426561bd8058f88175a8cbfbd1c
b47305002efedeae1ff9c1f23ac07570a1ed3ada
954fd99d909967926b3e66616f5340c15ddecf65b72806800db7c9c63181e8ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=167317
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Etag: "63734b5f-117"
Expires: Thu, 17 Nov 2022 08:18:39 GMT
Last-Modified: Tue, 15 Nov 2022 08:18:39 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP 142.250.74.35:0
Hash 1d352091d164dea29e2c25e4cdc375a7
667f72395fcbdda458318f1b2e8a10366ec11f87
dbad3c5b677bd5e39b42178db15cad384f0f830fc023fa8729692a9e99b5e7a2
POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 827c77b7c826c026bd708b94577205f1
4398ad5c2a0dbb012c13914d8bd5500af771c03e
5bdd00b0883f9d238e905ef50eef80ac9e4a51f862a27bfc6c2995b8450ee6e2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5BDD00B0883F9D238E905EF50EEF80AC9E4A51F862A27BFC6C2995B8450EE6E2"
Last-Modified: Sun, 13 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19499
Expires: Tue, 15 Nov 2022 15:15:01 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 109f72c29d1a9bb181ee8c712efdec16
8281fa96daf43d784997261a5a656686332cf9f7
718528a824f0a0530ec279123ea9ba428c4ffcc07aae815b613db6b78498379c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6459
Cache-Control: max-age=110416
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Etag: "637253df-117"
Expires: Wed, 16 Nov 2022 16:30:18 GMT
Last-Modified: Mon, 14 Nov 2022 14:42:39 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 096346081f9b12ccbdd3111cd422f2f5
21b5bdfe1f4418d3c4e8cbda5f7d7f7121d90f68
6ce9a6eb9a62365c643405be749297530328050bb7c401e12d0f8b43ae6bec24
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6CE9A6EB9A62365C643405BE749297530328050BB7C401E12D0F8B43AE6BEC24"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4105
Expires: Tue, 15 Nov 2022 10:58:27 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
kvkfff.top/92f0c144d76dd785f7c04f84ae149b33.gif
172.67.216.219200 OK 1.0 MB URL HTTP/2 kvkfff.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 172.67.216.219:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvkfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Sat, 10 Dec 2022 11:21:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 426534
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOhslE11c2atTtRwkA3S%2FOasmIA59%2Fzff7J5EPbyEm1jILY2JVw8gWBOfyERliEkXbXMNXvBsQsfN4L4nno44jQ6pAuekt%2FFCDGXxiYHp162H0aX1Tg1%2B1astFSt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a71490191c0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8f1a936d2c4740e31d9e8abf0ba3c0fa
2cf962e0748f3517a1477145d80b385a008805e7
ec3b475eb60452a08d42b437c6bbaec049a2a1674f29fec1590b18c8eda0e782
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC3B475EB60452A08D42B437C6BBAEC049A2A1674F29FEC1590B18C8EDA0E782"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18766
Expires: Tue, 15 Nov 2022 15:02:48 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash bae0b81351e2e182459e0a57c1bb7317
014b491c8fc78659927e620f78a39a0391bd1b0c
befe4ea8676367ad5fa0709720f9fc967071b6d1b8b72fa7fb1880cb3fd47dea
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 19 Nov 2022 08:37:10 GMT
ETag: "014b491c8fc78659927e620f78a39a0391bd1b0c"
Last-Modified: Tue, 15 Nov 2022 08:37:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 338
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a7149029370b4d-OSL
nvhbbb.top/2bce8945ac6ae3579798b563e15db7a0.gif
172.67.170.188200 OK 54 kB URL HTTP/2 nvhbbb.top/2bce8945ac6ae3579798b563e15db7a0.gif
IP 172.67.170.188:0
File type GIF image data, version 89a, 960 x 120\012- data
Hash 1b0debb707f7274e95ae467969832663
7787ea12e377677eccfcbba7f7fc14b18602ddad
688c201ad0040278d8431382eeeb71ea318699cc7d4ccf167132e5818473d55f
GET /2bce8945ac6ae3579798b563e15db7a0.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 53701
last-modified: Tue, 27 Sep 2022 05:36:32 GMT
etag: "63328be0-d1c5"
expires: Sun, 27 Nov 2022 07:55:28 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1562074
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IErcv%2BdQ7bKWLBhrOv%2FBiklSckJz6%2BMSTj5XpXicUv7Y7h22E59gAWk5sFY3snWY5GpPwEgO4EsJJC16aZLeaN4lQpa8vw23ga5GSWly3zsYm0hxxnirFgaqWfnX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a714902a80b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3b0ee2e8d2469a8b07b50cfd28c419f0
bc773a6e35dd387b6bf9e758e3fcdbfaf53e064c
b438aa87b104299fa8963dc8b85b082d040a55eeb263c758ee0fa6188b934414
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6459
Cache-Control: max-age=134926
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Etag: "6372b39d-117"
Expires: Wed, 16 Nov 2022 23:18:48 GMT
Last-Modified: Mon, 14 Nov 2022 21:31:09 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dbb721370f1344e6b3f95ace37662551
90ac2343c52f060385cedf7f0834d20c7c54c5a2
4e24afd20497601fc867e464c9d66d690c7be9e45f01687a27d1536d4cf4b8fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4E24AFD20497601FC867E464C9D66D690C7BE9E45F01687A27D1536D4CF4B8FD"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11997
Expires: Tue, 15 Nov 2022 13:09:59 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash be8bcd8cb1b34d677c1ae9d4e55fe97b
21c67429b3796bb0cac8ad9f204661e060a601d3
7ea323a9e2a8bf141456c1ad38b1658df6e24788d7d60ef7e0386360dce92639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6458
Cache-Control: max-age=122295
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Etag: "63728247-117"
Expires: Wed, 16 Nov 2022 19:48:17 GMT
Last-Modified: Mon, 14 Nov 2022 18:00:39 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 24261eb8918f7468bc083fcf299015ef
19c8eaf466d95626730907679884e88ad3f0b23d
a9e71d8d15454c9e67e2a5ca53ed337dbafa1e4535d2c0e264ddde225971f467
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 19 Nov 2022 07:18:51 GMT
ETag: "19c8eaf466d95626730907679884e88ad3f0b23d"
Last-Modified: Tue, 15 Nov 2022 07:18:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 501
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a714910a9e0b4d-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 45cc6d128e7907e35ed532cdc23f61e7
8585b85e8ed0bdf33abc4868bde47014a9b255dc
738b21edde1a532cd48d0835ef586fb56f5df7093c25cf9582239bbc269a5f54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "738B21EDDE1A532CD48D0835EF586FB56F5DF7093C25CF9582239BBC269A5F54"
Last-Modified: Mon, 14 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12382
Expires: Tue, 15 Nov 2022 13:16:24 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
kvhttt.top/03c3cb047014f05117117e4a924df90d.gif
104.21.58.206200 OK 310 kB URL HTTP/2 kvhttt.top/03c3cb047014f05117117e4a924df90d.gif
IP 104.21.58.206:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310102 bytes)
Hash aaaee07863e1fab7724d3b6698c0b4b3
1f75ba89585a8844a2c1e41625f88bae649be17d
41ac392c3cca5e4434c0f80595838a48338c94f8a9c691d4141c7ecb68acb24e
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvhttt.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 310102
last-modified: Wed, 13 Jul 2022 15:28:42 GMT
etag: "62cee4aa-4bb56"
expires: Sat, 10 Dec 2022 21:09:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 391215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9ISijGLSGtWT7VWs6dw0YPLjI7MgijervIaIy%2F%2BhKceyABEI8cJz67rJwGQQ7WxDyT4rHV44T%2BzqObu3IH188aiAqfHUZ6lMrgvV0VJoxiC8C4nge4nfvCU4cj2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a714914ccd0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhbbb.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
104.21.234.66200 OK 864 kB URL HTTP/2 kvhbbb.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 104.21.234.66:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Thu, 15 Dec 2022 09:03:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2821
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx%2BcgErlOYZpSy1gfWPUQiSeT4SjipCpmiNUtAg95h0DNjeErJoC%2BckhgO4CIEGZWsMg95EHN0JwSVn4CZqauFLLAQLbOR79FcGvZGnujBJGndw6gFVnOBYSyn2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a7148ffad4dd03-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b4a175bff9e952fa2a457bde5a71d12
61a364a6d413ad74616a50f05dc5b9c5101ac92b
1e3a67666dcc17a43dee39cc5f5821a9ca593d8c86c6f3f5e69721c499cac057
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1E3A67666DCC17A43DEE39CC5F5821A9CA593D8C86C6F3F5E69721C499CAC057"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17143
Expires: Tue, 15 Nov 2022 14:35:45 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/GQSs7eGZfTs
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/GQSs7eGZfTs
IP 142.250.74.35:0
Hash a75975107c79846d7c585da7600af516
466b5028b935c494208bebe596cd3ef654e5d28c
8825829ee28509a4110ff0cad41a742581550a0e78337c2d974566767fa5fb8b
POST /s/gts1p5/GQSs7eGZfTs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 53b09d30a364fee803f7c118bd16ad91
1fd484b0419407ace387472e44645c09019cb68b
e1e73e17f7925f99f1e97d988b215ce7f67aebd64435caf8dcfc5e8f4b92cab0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1E73E17F7925F99F1E97D988B215CE7F67AEBD64435CAF8DCFC5E8F4B92CAB0"
Last-Modified: Mon, 14 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18349
Expires: Tue, 15 Nov 2022 14:55:51 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 80bb89617c503d7fe47cec6501017a56
62c193dc89aeeec94b043dc8b9293194c84d3276
b86bf24df74c1ce764430aea27b046d449d615ebc5c95396fb40ed5d48163bf0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B86BF24DF74C1CE764430AEA27B046D449D615EBC5C95396FB40ED5D48163BF0"
Last-Modified: Mon, 14 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18004
Expires: Tue, 15 Nov 2022 14:50:06 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
u1102.com/e78dae76ab72458a805527bea2c08236.gif
103.170.15.56200 OK 262 kB URL HTTP/2 u1102.com/e78dae76ab72458a805527bea2c08236.gif
IP 103.170.15.56:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 262 kB (262190 bytes)
Hash 1a8e3a0619f31ef8f6c1fc4929b111df
5e0aa3f1847a89e281f54895ec6bdf95a1a907f9
eb28b213fc0196269abe1f9cfb6ce42f8fc3b2d6362828a91ec32fb99c63bfe2
GET /e78dae76ab72458a805527bea2c08236.gif HTTP/1.1
Host: u1102.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6363bb28-4002e"
server: nginx
date: Tue, 15 Nov 2022 01:03:38 GMT
content-type: image/gif
last-modified: Thu, 03 Nov 2022 12:59:20 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-46
content-length: 262190
X-Firefox-Spdy: h2
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: text/html
content-length: 162
location: https://kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 827c77b7c826c026bd708b94577205f1
4398ad5c2a0dbb012c13914d8bd5500af771c03e
5bdd00b0883f9d238e905ef50eef80ac9e4a51f862a27bfc6c2995b8450ee6e2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5BDD00B0883F9D238E905EF50EEF80AC9E4A51F862A27BFC6C2995B8450EE6E2"
Last-Modified: Sun, 13 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19499
Expires: Tue, 15 Nov 2022 15:15:01 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
kvkbbb.top/99462c01e85acc1311bebac224df6cce.gif
104.21.45.17200 OK 845 kB URL HTTP/2 kvkbbb.top/99462c01e85acc1311bebac224df6cce.gif
IP 104.21.45.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kvkbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 845326
last-modified: Mon, 15 Aug 2022 06:10:27 GMT
etag: "62f9e353-ce60e"
expires: Tue, 13 Dec 2022 12:28:27 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 163295
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cwwMZhgw2vvdoAGO5uQbPTSMC6ck6V3L0o6ygS0ldViCPWnreZZB%2F4%2BuMc8SZaAfqm1sX%2BlU6zfS62zKJPufRkjogvBoTX1Kjp0xvVcP9OmJjJvYh1kT64a1%2F7c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a714920fc0b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
538936vxn.com/d435373888944b359330ac8c9bcff8c1.gif
45.61.212.229200 OK 553 kB URL HTTP/1.1 538936vxn.com/d435373888944b359330ac8c9bcff8c1.gif
IP 45.61.212.229:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /d435373888944b359330ac8c9bcff8c1.gif HTTP/1.1
Host: 538936vxn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9374-86f72"
Date: Wed, 09 Nov 2022 03:49:03 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:31:48 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-29
Content-Length: 552818
u1077.com/7d4f48b23e524efe84655e58b93dd099.gif
103.170.15.56200 OK 245 kB URL HTTP/2 u1077.com/7d4f48b23e524efe84655e58b93dd099.gif
IP 103.170.15.56:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (244664 bytes)
Hash aa11636f42b19d53cbf158bb3b430ab6
56a03dd54d3cfed70d743b8f8db3b6392e3012cd
1016d6ee9fb98243950bf14f82f8e9007807c3c7cd42ee8748ae7162c5d61b56
GET /7d4f48b23e524efe84655e58b93dd099.gif HTTP/1.1
Host: u1077.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "635ce2e9-3bbb8"
server: nginx
date: Wed, 09 Nov 2022 14:58:53 GMT
content-type: image/gif
last-modified: Sat, 29 Oct 2022 08:23:05 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-46
content-length: 244664
X-Firefox-Spdy: h2
nvhaaa.top/cf4287991556df0490caf209d0ed91fe.gif
104.21.234.40200 OK 318 kB URL HTTP/2 nvhaaa.top/cf4287991556df0490caf209d0ed91fe.gif
IP 104.21.234.40:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 318 kB (317903 bytes)
Hash fb3f1f47e7cd3c017411f4a08cb222b7
9ef0eebfa48d7d3c66398066ad781c2e4c5c2fce
864310898b7de94e28b82e0e318d801e6537365a75078d2f94b98a25c81e98a9
GET /cf4287991556df0490caf209d0ed91fe.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 317903
last-modified: Sat, 13 Aug 2022 11:03:31 GMT
etag: "62f78503-4d9cf"
expires: Wed, 14 Dec 2022 23:04:42 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 38720
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYIni80JhW2gtuRDOg%2BccaNV48x9EK%2BAdCPAfoH%2FZXi9FbyG9mxm0Ul4%2BVI1NyAAST%2FH1PiLwGr%2BUF12Mp6ko%2FKLpYPUC%2FPtSLqMk6pGjpK8ZogNiqJ%2BJ%2FeGLJMu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a7149128767792-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zmhmaz8.com/f7c7ff277fc946dab898f4ae7c2c4be0.gif
45.61.212.126200 OK 1.0 MB URL HTTP/1.1 zmhmaz8.com/f7c7ff277fc946dab898f4ae7c2c4be0.gif
IP 45.61.212.126:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
Analyzer Verdict Alert quad9 Sinkholed
GET /f7c7ff277fc946dab898f4ae7c2c4be0.gif HTTP/1.1
Host: zmhmaz8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee2dc7-f90bb"
Date: Thu, 03 Nov 2022 10:41:57 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 09:00:55 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-26
Content-Length: 1020091
u1102.com/d97fe322993444ccb8fa7cd5a76002c9.gif
103.170.15.56200 OK 348 kB URL HTTP/2 u1102.com/d97fe322993444ccb8fa7cd5a76002c9.gif
IP 103.170.15.56:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 348 kB (347872 bytes)
Hash 1ace5409fd371542532d2c9a27131b87
98c7c29f6d64296235a6be4b8259ffce72fd6691
8794843b5991bae6c5224e7e49f7389e2560098704392c0b10dc621bf38e3113
GET /d97fe322993444ccb8fa7cd5a76002c9.gif HTTP/1.1
Host: u1102.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "635ce297-54ee0"
server: nginx
date: Tue, 15 Nov 2022 01:03:38 GMT
content-type: image/gif
last-modified: Sat, 29 Oct 2022 08:21:43 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-46
content-length: 347872
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b266ed9e9ca074f146e3e740289244aa
86c764b681ebb28d61f6a596e1beee4ad2409d30
3abba334723dffa5cef66c8093fe72a45d7c712cd81c705162ab0d778d19aae3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 18:12:20 GMT
Expires: Sun, 20 Nov 2022 18:12:19 GMT
Etag: "86c764b681ebb28d61f6a596e1beee4ad2409d30"
Cache-Control: max-age=461536,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a7148faf680afa-OSL
kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
104.21.235.61200 OK 1.6 MB URL HTTP/2 kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
IP 104.21.235.61:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sat, 01 Oct 2022 05:56:30 GMT
etag: "6337d68e-1844d9"
expires: Sat, 10 Dec 2022 21:07:23 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 391359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIOJAO5JtPqwmqWUkBU0kc%2Bl149cniRTQekjz32oq5Zez25iHyGzPxRk9zV7xYU7poVYEERspJ4Gj%2Fflc%2BVGfTQM2p3ELR5cM%2BaYSa9t%2BjwTLo0RqBUgNoZApiOE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a714912d137525-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b836ec2410f965c29a87b3348a56ec1b
4edf66031e47cffc08869145035649a70fb4b5a5
e93e319080af3b99891869bcdd883fb00a65a567c7712f34812e1ee9bbbe7985
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E93E319080AF3B99891869BCDD883FB00A65A567C7712F34812E1EE9BBBE7985"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15166
Expires: Tue, 15 Nov 2022 14:02:48 GMT
Date: Tue, 15 Nov 2022 09:50:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 827a3d59397935d4c4c8f6af6082f7a9
5bb0e0cee303b3be4c14d60d1327fe6988698e05
c2eda51a83a2cd051112a9f5a4e6fc92d064267d58ab8e1d8b5bcd5f3b8e15d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=105045
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Etag: "6372581f-116"
Expires: Wed, 16 Nov 2022 15:00:47 GMT
Last-Modified: Mon, 14 Nov 2022 15:00:47 GMT
Server: nginx
Content-Length: 278
375772rug.com/02f7015ef2c54e15b07e72759e2fa331.gif
45.61.212.121200 OK 205 kB URL HTTP/1.1 375772rug.com/02f7015ef2c54e15b07e72759e2fa331.gif
IP 45.61.212.121:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 205 kB (204652 bytes)
Hash 893ce7e1e286a47f5ee410fa3ef6d6ce
22f23ceae5657d1fe4d00f2bb31e121aa4f803e1
3549f7f43225c6ad611e4d0ce1013126b16e41c6cf9a8f3d9a06f31182721477
Analyzer Verdict Alert quad9 Sinkholed
GET /02f7015ef2c54e15b07e72759e2fa331.gif HTTP/1.1
Host: 375772rug.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635e02fe-31f6c"
Date: Tue, 15 Nov 2022 09:50:02 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 30 Oct 2022 04:52:14 GMT
Accept-Ranges: bytes
X-Cache: MISS from cloud-us2-cdnb-21
Content-Length: 204652
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 109f72c29d1a9bb181ee8c712efdec16
8281fa96daf43d784997261a5a656686332cf9f7
718528a824f0a0530ec279123ea9ba428c4ffcc07aae815b613db6b78498379c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103957
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:02 GMT
Etag: "637253df-117"
Expires: Wed, 16 Nov 2022 14:42:39 GMT
Last-Modified: Mon, 14 Nov 2022 14:42:39 GMT
Server: nginx
Content-Length: 279
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
172.67.170.228200 OK 919 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 172.67.170.228:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Tue, 29 Nov 2022 15:27:11 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1362171
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQOirnGvEtQBYiBfGfR7WbHjgsXFVMaZ5rnjO5f8n464oHFklL0pu39dO7PxLSY3tgUsnEw6kkfbrBo7RBVdtSjtBNeJUoRNDlflbl4rFH%2B6W%2FNejIqy5MRLKOnF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a714949f93b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3b0ee2e8d2469a8b07b50cfd28c419f0
bc773a6e35dd387b6bf9e758e3fcdbfaf53e064c
b438aa87b104299fa8963dc8b85b082d040a55eeb263c758ee0fa6188b934414
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6460
Cache-Control: max-age=134926
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:03 GMT
Etag: "6372b39d-117"
Expires: Wed, 16 Nov 2022 23:18:49 GMT
Last-Modified: Mon, 14 Nov 2022 21:31:09 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dbb721370f1344e6b3f95ace37662551
90ac2343c52f060385cedf7f0834d20c7c54c5a2
4e24afd20497601fc867e464c9d66d690c7be9e45f01687a27d1536d4cf4b8fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4E24AFD20497601FC867E464C9D66D690C7BE9E45F01687A27D1536D4CF4B8FD"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11996
Expires: Tue, 15 Nov 2022 13:09:59 GMT
Date: Tue, 15 Nov 2022 09:50:03 GMT
Connection: keep-alive
kvtiii.top/65e7e65f41ad1c2cb20bb39e08e6b041.gif
104.21.235.172200 OK 854 kB URL HTTP/2 kvtiii.top/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP 104.21.235.172:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 854 kB (853944 bytes)
Hash d79a778e368adfa2f53d664e82abde9e
7dadfb41956752ef565c1abff3503165b425d37d
0935a89bc9ea17037cebcba4feb1cd87fca775504e2b4f5e2c61b4c79dd2ce15
GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: kvtiii.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 853944
last-modified: Fri, 21 Oct 2022 12:07:21 GMT
etag: "63528b79-d07b8"
expires: Sun, 04 Dec 2022 13:12:32 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 938250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdqkLdQdedwqG7uA%2Frc87hNqd%2Bo0Tvsjv%2Fva7m1bLAkJVKLtctHEvUkpaC9eNntEd%2Bvkk9AaabgZGPwh1xwHKTu%2BfHfQBRYhWwtvV2g7F7PAZx0rgoghNxeY1H1b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a7149219a38879-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
223969ufy.com/13489beb95e840629251f7c0f98cc843.gif
45.61.212.49200 OK 654 kB URL HTTP/1.1 223969ufy.com/13489beb95e840629251f7c0f98cc843.gif
IP 45.61.212.49:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 654 kB (653713 bytes)
Hash 6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
Analyzer Verdict Alert quad9 Sinkholed
GET /13489beb95e840629251f7c0f98cc843.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b8da1-9f991"
Date: Sat, 12 Nov 2022 04:40:45 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:06:57 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-19
Content-Length: 653713
kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
104.21.234.203200 OK 902 kB URL HTTP/2 kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP 104.21.234.203:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvhiii.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:03 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Fri, 02 Dec 2022 22:38:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1077080
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFp5dZ03pgoOwEn%2BLob7BoDQqA3A05eP0QVs0%2F82DQZvfTgGVxWVxRvHsUb7PdXbs9ON0kDg0ipvDmBqTqDF%2FDhQA4A7c%2Bm7I2MBOXDXcTSGpK59cdJlkrf0kqjc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a71495089506ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b247426561bd8058f88175a8cbfbd1c
b47305002efedeae1ff9c1f23ac07570a1ed3ada
954fd99d909967926b3e66616f5340c15ddecf65b72806800db7c9c63181e8ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=167316
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:03 GMT
Etag: "63734b5f-117"
Expires: Thu, 17 Nov 2022 08:18:39 GMT
Last-Modified: Tue, 15 Nov 2022 08:18:39 GMT
Server: nginx
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b4a175bff9e952fa2a457bde5a71d12
61a364a6d413ad74616a50f05dc5b9c5101ac92b
1e3a67666dcc17a43dee39cc5f5821a9ca593d8c86c6f3f5e69721c499cac057
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1E3A67666DCC17A43DEE39CC5F5821A9CA593D8C86C6F3F5E69721C499CAC057"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17142
Expires: Tue, 15 Nov 2022 14:35:45 GMT
Date: Tue, 15 Nov 2022 09:50:03 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash f61516b4dfce0dbc333dd8306c60f1de
17a77026f84a2120bf163626741c2d695eb44584
0e76a7a25953ab6ff331ab62bdf24b0f82f1faaeca447574b0f574339e1dcd2a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:03 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 23:09:42 GMT
Expires: Mon, 21 Nov 2022 23:09:41 GMT
Etag: "17a77026f84a2120bf163626741c2d695eb44584"
Cache-Control: max-age=565777,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a714954cdeb51b-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b836ec2410f965c29a87b3348a56ec1b
4edf66031e47cffc08869145035649a70fb4b5a5
e93e319080af3b99891869bcdd883fb00a65a567c7712f34812e1ee9bbbe7985
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E93E319080AF3B99891869BCDD883FB00A65A567C7712F34812E1EE9BBBE7985"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15165
Expires: Tue, 15 Nov 2022 14:02:48 GMT
Date: Tue, 15 Nov 2022 09:50:03 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c6b69a4af40b9ac1a341d52adaa7917e
ad5be3c12088cedaee53f25093f5ea9859fa7bd1
e09e88cbc17ae4e2247cb23ebae904cf72c9ec580ec793f79a15e08b16acafd8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E09E88CBC17AE4E2247CB23EBAE904CF72C9EC580EC793F79A15E08B16ACAFD8"
Last-Modified: Sun, 13 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15726
Expires: Tue, 15 Nov 2022 14:12:09 GMT
Date: Tue, 15 Nov 2022 09:50:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 827a3d59397935d4c4c8f6af6082f7a9
5bb0e0cee303b3be4c14d60d1327fe6988698e05
c2eda51a83a2cd051112a9f5a4e6fc92d064267d58ab8e1d8b5bcd5f3b8e15d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=105045
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:03 GMT
Etag: "6372581f-116"
Expires: Wed, 16 Nov 2022 15:00:48 GMT
Last-Modified: Mon, 14 Nov 2022 15:00:47 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash be8bcd8cb1b34d677c1ae9d4e55fe97b
21c67429b3796bb0cac8ad9f204661e060a601d3
7ea323a9e2a8bf141456c1ad38b1658df6e24788d7d60ef7e0386360dce92639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=115836
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:03 GMT
Etag: "63728247-117"
Expires: Wed, 16 Nov 2022 18:00:39 GMT
Last-Modified: Mon, 14 Nov 2022 18:00:39 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/s/gts1p5/GQSs7eGZfTs
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/GQSs7eGZfTs
IP 142.250.74.35:0
Hash a75975107c79846d7c585da7600af516
466b5028b935c494208bebe596cd3ef654e5d28c
8825829ee28509a4110ff0cad41a742581550a0e78337c2d974566767fa5fb8b
POST /s/gts1p5/GQSs7eGZfTs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.yximgs.com/bs2/adcarsku/skud1de4370-6451-422a-8204-414fc5429d02.gif
184.31.15.75200 OK 385 kB URL HTTP/2 static.yximgs.com/bs2/adcarsku/skud1de4370-6451-422a-8204-414fc5429d02.gif
IP 184.31.15.75:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 960 x 60\012- data
Size 385 kB (384932 bytes)
Hash 6b1533d50f7375dff2f5b3969e7ec1da
6dfd13e56902faedb34a9d2e6d27e51605ddb0f1
2f235ff0c8fd65b40619ef5448206c505716aa41dcee03850c00b1352c986f7c
GET /bs2/adcarsku/skud1de4370-6451-422a-8204-414fc5429d02.gif HTTP/1.1
Host: static.yximgs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 384932
x-amz-request-id: 3607b70a966740a29c69435fa09c8440
x-amz-id-2: YmtladlyC5Brv61SXMcXhdrxlrT3jEqmdZzcFWxrdeFWqF9zMBQ=
etag: "6B1533D50F7375DFF2F5B3969E7EC1DA"
last-modified: Wed, 09 Nov 2022 05:04:31 GMT
x-amz-storage-class: STANDARD
x-bs-object-status: 0
x-kslogid: 667971176872490743
accept-ranges: bytes
cache-control: max-age=2057337
expires: Fri, 09 Dec 2022 05:19:00 GMT
date: Tue, 15 Nov 2022 09:50:03 GMT
akamai-mon-iucid-del: 1076937
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-tcp-cca:
x-ks-cache: Hit from 184.31.15.75
x-mai-cache-status: Y0-L0-0
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
72agg.com/gg/960x60-2.gif
137.175.13.103200 OK 567 kB URL HTTP/2 72agg.com/gg/960x60-2.gif
IP 137.175.13.103:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 567 kB (566629 bytes)
Hash c9fa1542af8b7e568dc7b3a56522b833
1449fff789834cb44c300d12d770eeb251a4bbd5
7db19a9e96ed52f61b3b4c76bf6cac9259ae0b3e9d18eb597320c30a0e4e1e90
GET /gg/960x60-2.gif HTTP/1.1
Host: 72agg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 09:52:12 GMT
content-type: image/gif
content-length: 566629
last-modified: Tue, 01 Nov 2022 07:49:47 GMT
etag: "6360cf9b-8a565"
expires: Thu, 15 Dec 2022 09:52:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c6b69a4af40b9ac1a341d52adaa7917e
ad5be3c12088cedaee53f25093f5ea9859fa7bd1
e09e88cbc17ae4e2247cb23ebae904cf72c9ec580ec793f79a15e08b16acafd8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E09E88CBC17AE4E2247CB23EBAE904CF72C9EC580EC793F79A15E08B16ACAFD8"
Last-Modified: Sun, 13 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15726
Expires: Tue, 15 Nov 2022 14:12:09 GMT
Date: Tue, 15 Nov 2022 09:50:03 GMT
Connection: keep-alive
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7xHewExic0gnkb8ycBV8hScWAsnRQWRAJGLgqEqfiaFfFU/0
43.154.254.32200 OK 231 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7xHewExic0gnkb8ycBV8hScWAsnRQWRAJGLgqEqfiaFfFU/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 231 kB (231270 bytes)
Hash 2f2c8ec52149276d3ef1c493494dcdd9
f6f8e0965653c402469862d8cdc7e57df1ddc846
a1274ed00e690cfe012e394ca855570f6ebb32e625385597f8ecb5110e444a08
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7xHewExic0gnkb8ycBV8hScWAsnRQWRAJGLgqEqfiaFfFU/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 15 Nov 2022 09:50:02 GMT
content-type: image/gif
content-length: 231270
vary: Accept,Origin
last-modified: Mon, 26 Sep 2022 14:50:11 GMT
cache-control: max-age=2592000
x-delay: 167 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 231270
chid: 0
fid: 0
x-nws-log-uuid: 0a763b37-d0eb-4c9d-970b-0d6696554129
X-Firefox-Spdy: h2
kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
104.21.234.86200 OK 366 kB URL HTTP/2 kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
IP 104.21.234.86:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kvtnnn.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:03 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Tue, 13 Dec 2022 07:39:59 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 180604
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyFJYU3r86dPytxgeo1PbqIbQSGIf%2FGLAGT%2Bb4zI67VNCRdmjnEeWkaQ97ay%2Fb%2BqhSIvDDwehhb3pLT%2BxlNKvQYjdsCQw585ELhAbnRjoRhODy51WCOwQwOh10Rc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a714974a6e06b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 1aa2ba5a2b627a7a94ad60a345811454
028b9bd19bd5837bcebce06f388fc912b17d124e
817bc9b78295e8d553daa8f5a0124730930442e401c4b300c40880da9e12d5b2
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 15 Nov 2022 09:50:03 GMT
Last-Modified: Tue, 15 Nov 2022 08:54:44 GMT
ETag: "637353d4-1d7"
Expires: Thu, 17 Nov 2022 08:54:44 GMT
Cache-Control: max-age=169481
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1668505803
Via: cache21.l2de2[468,468,200-0,M], cache21.l2de2[469,0], cache5.se1[496,496,200-0,M], cache5.se1[498,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 15 Nov 2022 09:50:03 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916685058030871495e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 1aa2ba5a2b627a7a94ad60a345811454
028b9bd19bd5837bcebce06f388fc912b17d124e
817bc9b78295e8d553daa8f5a0124730930442e401c4b300c40880da9e12d5b2
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 15 Nov 2022 09:50:03 GMT
Last-Modified: Tue, 15 Nov 2022 08:54:44 GMT
ETag: "637353d4-1d7"
Expires: Thu, 17 Nov 2022 08:54:44 GMT
Cache-Control: max-age=169481
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1668505803
Via: cache16.l2de2[505,505,200-0,M], cache16.l2de2[506,0], cache8.se1[528,528,200-0,M], cache8.se1[530,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 15 Nov 2022 09:50:03 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16685058030881491e
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 523643e85013e3366fd6b2fad18977f0
97fcffd99dca808d2acea9d23f74c3edff4abc22
c626bc2aa4436c762fb8ba12706737b0b227bc0694f06fa68681647e8c2211b1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 09:50:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 19 Nov 2022 07:15:48 GMT
ETag: "97fcffd99dca808d2acea9d23f74c3edff4abc22"
Last-Modified: Tue, 15 Nov 2022 07:15:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2576
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a714989f6ab50f-OSL
tpcdnde88de.com/235tp/960x60.gif
23.224.145.233200 OK 590 kB URL HTTP/2 tpcdnde88de.com/235tp/960x60.gif
IP 23.224.145.233:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 590 kB (590255 bytes)
Hash d9d8d54236add0a03997175e250e51ef
b65ebc88346d3a308dbf4791ade0637330df8895
81954cd3768276219bbf7aca8ce82881fbda51a1721ef78d559cdd7772800571
GET /235tp/960x60.gif HTTP/1.1
Host: tpcdnde88de.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:49:56 GMT
content-type: image/gif
content-length: 590255
last-modified: Wed, 15 Jun 2022 13:02:58 GMT
etag: "62a9d882-901af"
expires: Thu, 15 Dec 2022 08:56:49 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
529723929.com/f570c1027cb24e31b7615a45b9215112.gif
47.75.19.145200 OK 584 kB URL HTTP/1.1 529723929.com/f570c1027cb24e31b7615a45b9215112.gif
IP 47.75.19.145:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
GET /f570c1027cb24e31b7615a45b9215112.gif HTTP/1.1
Host: 529723929.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 09:50:01 GMT
Content-Type: image/gif
Content-Length: 584025
Connection: keep-alive
x-oss-request-id: 637360C9DD75B739379EB99C
Accept-Ranges: bytes
ETag: "EBF4EE75BBD43B703E1B1B861BA166E2"
Last-Modified: Wed, 28 Sep 2022 06:57:23 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9573701292697531384
x-oss-storage-class: Standard
Content-MD5: 6/TudbvUO3A+GxuGG6Fm4g==
x-oss-server-time: 2
tpcdnde88de.com/79tp/960x60-2.gif
23.224.145.233200 OK 322 kB URL HTTP/2 tpcdnde88de.com/79tp/960x60-2.gif
IP 23.224.145.233:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 322 kB (322376 bytes)
Hash c41a909fa1e62a4ebc583626a93c05c1
10adfd5b6d78d04cc93c76b14a29fc93ce4f2708
b60310fa346cdc56ed271a244d9c4f1e137e0fd46571802f25c0c8e09131aa4e
GET /79tp/960x60-2.gif HTTP/1.1
Host: tpcdnde88de.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:49:56 GMT
content-type: image/gif
content-length: 322376
last-modified: Sat, 25 Jun 2022 12:15:37 GMT
etag: "62b6fc69-4eb48"
expires: Thu, 15 Dec 2022 08:24:00 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
829355rff.com/6010fb1531bd41f4a889ff19c6f74dea.gif
103.170.15.91200 OK 359 kB URL HTTP/1.1 829355rff.com/6010fb1531bd41f4a889ff19c6f74dea.gif
IP 103.170.15.91:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 359 kB (358672 bytes)
Hash 668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859
Analyzer Verdict Alert quad9 Sinkholed
GET /6010fb1531bd41f4a889ff19c6f74dea.gif HTTP/1.1
Host: 829355rff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "636753b8-57910"
Date: Mon, 14 Nov 2022 00:03:48 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 06 Nov 2022 06:27:04 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 358672
383tupian.oss-cn-shenzhen.aliyuncs.com/960x60.gif
120.77.166.80200 OK 299 kB URL HTTP/1.1 383tupian.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP 120.77.166.80:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /960x60.gif HTTP/1.1
Host: 383tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 09:50:02 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 637360CAFF7A843735ED0CB6
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Sun, 23 Oct 2022 07:06:26 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 4
kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X60.gif
47.75.19.39200 OK 254 kB URL HTTP/1.1 kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X60.gif
IP 47.75.19.39:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 254 kB (253519 bytes)
Hash f744e995971941b6a95fcd2636f5a545
ac9c1230e04eab9e31512d2afe440fe5f0367dc5
59b1a138fa72df587e61916179965cbd819f91aec53ce6ab606949a7e06b3063
GET /960X60.gif HTTP/1.1
Host: kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 09:50:02 GMT
Content-Type: image/gif
Content-Length: 253519
Connection: keep-alive
x-oss-request-id: 637360CA22AAFC3736CCA4AC
Accept-Ranges: bytes
ETag: "F744E995971941B6A95FCD2636F5A545"
Last-Modified: Thu, 13 Oct 2022 11:11:01 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17987192695826819902
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: 90TplZcZQbapX80mNvWlRQ==
x-oss-server-time: 1
tx2.a.yximgs.com/udata/music/music_18b1203430a64bd6926c1553a634d6370.jpg
101.33.29.222200 OK 498 kB URL HTTP/1.1 tx2.a.yximgs.com/udata/music/music_18b1203430a64bd6926c1553a634d6370.jpg
IP 101.33.29.222:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /udata/music/music_18b1203430a64bd6926c1553a634d6370.jpg HTTP/1.1
Host: tx2.a.yximgs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Etag: "ed129d0c5c976fdc76930de38fd7602a-1"
Date: Mon, 14 Nov 2022 17:48:30 GMT
Server: tencent-cos
expires: Fri, 28 Oct 2022 13:10:38 GMT
x-cos-hash-crc64ecma: 6254477180293915344
x-cos-request-id: NjM3MjdmNmVfODE1ZjIwOV84YjZiXzI4NGIwYzA=
x-cos-storage-class: STANDARD_IA
x-cos-version-id: null
Accept-Ranges: bytes
Last-Modified: Fri, 21 Oct 2022 13:10:38 GMT
Cache-Control: max-age=604800
Content-Length: 497844
X-NWS-LOG-UUID: 422445767946776977
Connection: keep-alive
X-Cache-Lookup: Cache Hit, Hit From Inner Cluster
X-Ks-Cache: Hit from 101.33.29.222
x-ks-http-first-data: 3
x-ks-client-ip: 91.90.42.154
X-Ks-Request-ID: 422445767946776977
kwaisign: NULL
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 529c3ea856983d60976f25d34f0c3990
b2f06ffaee00153f612fd954045b009f9f3b8afc
232a318fc71ffa36e61e69d5180228cd18afd15b2fc4db428cad583c2cc9148a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=168769
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 09:50:04 GMT
Etag: "6373510b-118"
Expires: Thu, 17 Nov 2022 08:42:53 GMT
Last-Modified: Tue, 15 Nov 2022 08:42:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
8499483.com/8499/960x60.gif
172.247.50.226200 OK 331 kB URL HTTP/2 8499483.com/8499/960x60.gif
IP 172.247.50.226:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:03 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
768tupian.oss-cn-shenzhen.aliyuncs.com/vip80.gif
120.77.166.19200 OK 264 kB URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/vip80.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /vip80.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 09:50:03 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 637360CB9B92023735A80FB0
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:06:00 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 2
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x80-6.gif
120.77.166.72200 OK 562 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x80-6.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (562130 bytes)
Hash 8beed805ef37d0fa42646c105c8aadd8
48ce0717f037a6fb1f489ff1da3537a00ff0f47b
9df49f47b95763d2234554adf562f5a0ba5eb3910a9f7f01a5d90e5f425eccce
GET /af/q960x80-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 09:50:03 GMT
Content-Type: image/gif
Content-Length: 562130
Connection: keep-alive
x-oss-request-id: 637360CB9B92023537A40FB0
Accept-Ranges: bytes
ETag: "8BEED805EF37D0FA42646C105C8AADD8"
Last-Modified: Tue, 27 Sep 2022 07:43:47 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15479893720264865523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i+7YBe830PpCZGwQXIqt2A==
x-oss-server-time: 1
sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
120.77.166.72200 OK 397 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 397 kB (397200 bytes)
Hash 0d809e04f716b7dc1cdfc0257cec94e1
bcb9e09d31d9187c08c30f2b8ce95b770a47ae29
75d04a8c719342e2ed71db3bc7e07f18f5cf68c92462c3703ad1cf511b48fe5d
GET /js960x80%20.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 09:50:03 GMT
Content-Type: image/gif
Content-Length: 397200
Connection: keep-alive
x-oss-request-id: 637360CB0059583436458996
Accept-Ranges: bytes
ETag: "0D809E04F716B7DC1CDFC0257CEC94E1"
Last-Modified: Sun, 03 Jul 2022 04:32:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6647872845358323269
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: DYCeBPcWt9wc38AlfOyU4Q==
x-oss-server-time: 2
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96060a.gif
47.110.23.69200 OK 361 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96060a.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 361 kB (360564 bytes)
Hash 6ddb2c594cffa429b9a8d6e6d769cc55
249205769506cc866b2fd713c6a081bfda665ce6
97e69b0591caab530f2423032146f83d16a5e3ad35b0c0953c4be1c2e63e9ce8
GET /ky/ky96060a.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 09:50:03 GMT
Content-Type: image/gif
Content-Length: 360564
Connection: keep-alive
x-oss-request-id: 637360CB1B08F7383017FA68
Accept-Ranges: bytes
ETag: "6DDB2C594CFFA429B9A8D6E6D769CC55"
Last-Modified: Sun, 06 Nov 2022 07:48:55 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8471982680050803013
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: bdssWUz/pCm5qNbm12nMVQ==
x-oss-server-time: 3
img.u1669.com/images/63523ea35fe50f0585d3ef84.gif
23.225.228.58302 Found 0 B URL HTTP/2 img.u1669.com/images/63523ea35fe50f0585d3ef84.gif
IP 23.225.228.58:0
GET /images/63523ea35fe50f0585d3ef84.gif HTTP/1.1
Host: img.u1669.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_18b1203430a64bd6926c1553a634d6370.jpg
cache-control: max-age=3600
X-Firefox-Spdy: h2
yzf.qq.com/fsna/kf-file/kf_pic/20221110/KFPIC_c51417a941b8c9a65_WXIMAGE_36fca5ebf61741059e0b9c62b0c9403d.jpg
113.96.208.98200 OK 0 B URL HTTP/2 yzf.qq.com/fsna/kf-file/kf_pic/20221110/KFPIC_c51417a941b8c9a65_WXIMAGE_36fca5ebf61741059e0b9c62b0c9403d.jpg
IP 113.96.208.98:0
GET /fsna/kf-file/kf_pic/20221110/KFPIC_c51417a941b8c9a65_WXIMAGE_36fca5ebf61741059e0b9c62b0c9403d.jpg HTTP/1.1
Host: yzf.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:03 GMT
content-type: image/jpeg
set-cookie: tgw_l7_route=f269fee9b6566b9c6f92d3317870bb0e; Expires=Tue, 15-Nov-2022 09:55:03 GMT; Path=/
server: nginx/1.12.2
last-modified: Mon, 14 Nov 2022 13:33:48 GMT
x-content-type-options: nosniff
x-xss-protection: 1
x-request-id: ff9454eb1c55310ef652e5bf4466bf94
content-encoding: gzip
X-Firefox-Spdy: h2
img.u1773.com/images/636b34de14dd2ea30a790fe7.gif
23.225.228.58302 Found 0 B URL HTTP/2 img.u1773.com/images/636b34de14dd2ea30a790fe7.gif
IP 23.225.228.58:0
GET /images/636b34de14dd2ea30a790fe7.gif HTTP/1.1
Host: img.u1773.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.higeban.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://static.yximgs.com/bs2/adcarsku/skud1de4370-6451-422a-8204-414fc5429d02.gif
cache-control: max-age=3600
X-Firefox-Spdy: h2
kvtccc.top/4bf88adf466b90cef3686374a27fc0e2.gif
104.21.235.35200 OK 0 B URL HTTP/2 kvtccc.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP 104.21.235.35:0
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvtccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:04 GMT
content-type: image/gif
content-length: 755861
last-modified: Thu, 06 Oct 2022 15:26:58 GMT
etag: "633ef3c2-b8895"
expires: Sun, 04 Dec 2022 23:13:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 902187
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvMeciOX%2BBgOJFWymh1RG%2FXe8rpmhoC24W%2BIF6weiv42T8b1s0b1VgvJKJKigcnZ9gf8A4jT30e0RYiZ9F5NP8NXKVcCLJqkCRv5ZF9aU4zzdQgQBVmH%2FpPBEy2q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a7148f2915dd60-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtccc.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
104.21.235.35200 OK 0 B URL HTTP/2 kvtccc.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP 104.21.235.35:0
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvtccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.higeban.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 09:50:04 GMT
content-type: image/gif
content-length: 612740
last-modified: Thu, 03 Nov 2022 08:27:37 GMT
etag: "63637b79-95984"
expires: Sat, 10 Dec 2022 21:37:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 389545
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIE%2FDwbRdMAnVbRHY1o9%2FNI09Wlrg3iOqqTuq5AVMoZT%2BHBn9PfAe2%2BmZxlCPYnnESoXOuqe%2FtA16kEYKOwL7a5B%2FVN7F%2B1LaB4Cx9wlwnPnZbb0jIbk%2FHHLBOWe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a7148fb9ecdd60-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2