r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9952
Expires: Wed, 23 Nov 2022 14:18:03 GMT
Date: Wed, 23 Nov 2022 11:32:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6046
Expires: Wed, 23 Nov 2022 13:12:57 GMT
Date: Wed, 23 Nov 2022 11:32:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3384
Cache-Control: max-age=86128
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:11 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 11:27:39 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GI7LvlQHi+c9ykMq1zGVLwzdfxlQKk/k25rxku05hP74xDLU5pH8cUXPec+Grj7hU8Luj1f4FfQ=
x-amz-request-id: TPCP2YTGXA2M9JS4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 10:42:57 GMT
age: 2954
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 11:17:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 904
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 11:32:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
szxuanshuo.com/
154.85.157.197301 Moved Permanently 0 B IP 154.85.157.197:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: szxuanshuo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 11:32:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.szxuanshuo.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 11:11:11 GMT
cache-control: public,max-age=3600
age: 1260
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4648
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:12 GMT
Last-Modified: Wed, 23 Nov 2022 10:14:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +TTZ5eH+oPczEjKvdP+8Tg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FwEnF4r78G0WLIYVEVPn5Ps4G6g=
www.szxuanshuo.com/index.php
154.85.157.197200 OK 796 B URL HTTP/1.1 www.szxuanshuo.com/index.php
IP 154.85.157.197:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 0ccab6ab91c3a6ea61d7b976fdbdbee9
a2cc1d48def2806b4aac1718ef4d2e69279c4eac
8f1305b5962f581030b212b44f5f55d55d85c0191e796df9011e4a91ddbb3aa5
Analyzer Verdict Alert fortinet Phishing
GET /index.php HTTP/1.1
Host: www.szxuanshuo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 11:32:12 GMT
Content-Type: text/html
Content-Length: 796
Connection: keep-alive
www.szxuanshuo.com/tj.js
154.85.157.197200 OK 601 B IP 154.85.157.197:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 5c38adc01b0ed502196a74f05cf4e805
9c1f4f9e38c140a6f81a2569dea0af087aa02345
1bdf4e0c4fb41ba6a8c5bcf9fac68ba308759cc8f985c4e560670642d7b9bf46
GET /tj.js HTTP/1.1
Host: www.szxuanshuo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.szxuanshuo.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 11:32:12 GMT
Content-Type: application/x-javascript
Content-Length: 601
Connection: keep-alive
www.szxuanshuo.com/common.js
154.85.157.197200 OK 984 B URL HTTP/1.1 www.szxuanshuo.com/common.js
IP 154.85.157.197:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash c91e18509440abecda88fb1d4077e0e3
034d56c2089d2eb1ae04ce8b28438add92fbb5ed
0b2733c3638655efcb1730bdb58c1aa5787eaf284d08ca822525e80046157657
GET /common.js HTTP/1.1
Host: www.szxuanshuo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.szxuanshuo.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 11:32:12 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
js.users.51.la/21274229.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21274229.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash eed708ec203ea60a9e30a409e797207f
eff7a8e139ddeacbacf8063e607d07ca2b528ebf
1f8e4192a0e605d8b489971b49f5d00ce865577f5faa9012e853f2e12d24ccda
GET /21274229.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.szxuanshuo.com/
HTTP/1.1 200 OK
Server: CloudWAF
Date: Wed, 23 Nov 2022 11:32:13 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=7b79b631db402314c98; path=/
HWWAFSESTIME=1669203128767; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4782
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 11:32:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4782
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 11:32:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4782
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 11:32:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4782
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 11:32:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 414rX74hOWUS2W1d9SVHs7McxZ4QDE249cjU-1EyIe0nMkZrQz2rrQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 48925
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 49434
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 06:36:36 GMT
age: 17737
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03830e3ff377979c234bf37561c54cfd
c18884ce9370c97e6b4e12ab0f827d68a1938bfa
5ba8bfc69c7eba42de4a16bf6d1e1e3570cd3918fe15cb8b2d25950ef791ddbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8365
x-amzn-requestid: e6c2ec6e-525e-4b9f-a45d-63076580df5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrpFJ3oAMF4mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee4a-576f678b6e364bca09532010;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 89jqCw8OJIxusDPoTi5-HDxWcgCfNvRrku2VFBLcQbFJwLLaZBpHGA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 13:32:03 GMT
age: 79210
etag: "c18884ce9370c97e6b4e12ab0f827d68a1938bfa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 8dea187e-ee61-4691-aff7-59202f978565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b2P4MF0UIAMFWBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378c69a-011430f86689624a29d71215;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 12:05:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c2w_q7fYc60JSQ4GcAlmUFyp7csfflgG8GvCXJuy_wWlvf9mIG0u9g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:38:55 GMT
age: 46398
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b591bcc9d645eed0ea6ebc5dae07d31
97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb
82dde9a4d139bdfae1d8859f4d7a77f92182c65ad630e25d0cc52f346dd1dfad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11793
x-amzn-requestid: 7edbd95e-83c8-4162-886f-b0bf88deee5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oFrQIAMFnYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-4f1317ec61500d713816830d;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WYzBlSLCZWYEtLVSlKROHJMgK7WYhBNym1oizSWYlwg5oBatM9eRYQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 08:07:46 GMT
age: 12267
etag: "97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
112.34.113.148200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.szxuanshuo.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 23 Nov 2022 11:32:13 GMT
Etag: "4078521116"
Expires: Thu, 23 Nov 2023 11:32:13 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=DDC1CAE9419A23D96CC2B153C53EB882:FG=1; max-age=31536000; expires=Thu, 23-Nov-23 11:32:13 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
www.szxuanshuo.com/favicon.ico
154.85.157.197200 OK 1.2 kB URL HTTP/1.1 www.szxuanshuo.com/favicon.ico
IP 154.85.157.197:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.szxuanshuo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.szxuanshuo.com/index.php
Cookie: __tins__21274229=%7B%22sid%22%3A%201669203133064%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201669204933064%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 11:32:13 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 28 Nov 2022 11:32:13 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
avdhtz03.com/xintz1.html
154.82.85.103200 OK 667 B IP 154.82.85.103:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9eb68bbae00b64456fb8fc9bce47e835
fe1f19418093afab60e069c4dc0b16a61a704cba
622a1be3d0d9ae1e25d2898b37bdc23979563fae14ca76e1211fbf1fc21a0a88
GET /xintz1.html HTTP/1.1
Host: avdhtz03.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.szxuanshuo.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 11:32:14 GMT
Content-Type: text/html
Last-Modified: Sun, 24 Jul 2022 16:31:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62dd73ed-5c8"
Content-Encoding: gzip
ia.51.la/go1?id=21274229&rt=1669203133064&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1669203133064&tt=%25E8%25B4%25B5%25E9%2598%25B3%25E5%2590%25AE%25E7%25A7%2586%25E8%25A3%2585%25E9%25A5%25B0%25E5%25B7%25A5%25E7%25A8%258B%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.szxuanshuo.com%252Findex.php&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21274229&rt=1669203133064&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1669203133064&tt=%25E8%25B4%25B5%25E9%2598%25B3%25E5%2590%25AE%25E7%25A7%2586%25E8%25A3%2585%25E9%25A5%25B0%25E5%25B7%25A5%25E7%25A8%258B%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.szxuanshuo.com%252Findex.php&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21274229&rt=1669203133064&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1669203133064&tt=%25E8%25B4%25B5%25E9%2598%25B3%25E5%2590%25AE%25E7%25A7%2586%25E8%25A3%2585%25E9%25A5%25B0%25E5%25B7%25A5%25E7%25A8%258B%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.szxuanshuo.com%252Findex.php&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.szxuanshuo.com/
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 23 Nov 2022 11:32:14 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=c0f71b718f012228855; path=/
HWWAFSESTIME=1669203130329; path=/
api.share.baidu.com/s.gif?l=http://www.szxuanshuo.com/index.php
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.szxuanshuo.com/index.php
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.szxuanshuo.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.szxuanshuo.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 23 Nov 2022 11:32:14 GMT
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 3a747bba9492e38334e63b15e3633fea
6edab074d856af6b5674bb90eb0bf6bdd372d449
fee5130a6e1a5f7039910964d8de4b72a990dd29066e3baf70ae887484e85a24
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 27 Nov 2022 08:17:21 GMT
ETag: "6edab074d856af6b5674bb90eb0bf6bdd372d449"
Last-Modified: Wed, 23 Nov 2022 08:17:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2734
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e995491b80b4f3-OSL
hm.baidu.com/hm.js?16a8b3d2da01bb4909e111dcabf67b13
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?16a8b3d2da01bb4909e111dcabf67b13
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash cbe681414bbe294ba25cb01e58a71857
4fae39f4543d91f2286efd7103985e92a6a3043a
25d6623a9c2d039e9269463714d955424c305b41e676681f7225afca429158e7
GET /hm.js?16a8b3d2da01bb4909e111dcabf67b13 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.szxuanshuo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 11:32:15 GMT
Etag: 268be14f702997150a6e94ddc6dd9536
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=30CDC39EDAF612F6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1532958505&si=16a8b3d2da01bb4909e111dcabf67b13&v=1.2.97&lv=1&sn=26686&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.szxuanshuo.com%2Findex.php&tt=%E8%B4%B5%E9%98%B3%E5%90%AE%E7%A7%86%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1532958505&si=16a8b3d2da01bb4909e111dcabf67b13&v=1.2.97&lv=1&sn=26686&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.szxuanshuo.com%2Findex.php&tt=%E8%B4%B5%E9%98%B3%E5%90%AE%E7%A7%86%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1532958505&si=16a8b3d2da01bb4909e111dcabf67b13&v=1.2.97&lv=1&sn=26686&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.szxuanshuo.com%2Findex.php&tt=%E8%B4%B5%E9%98%B3%E5%90%AE%E7%A7%86%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.szxuanshuo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 23 Nov 2022 11:32:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5DA75830A76C7336; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
zndhtz02.com/ttsetz.html
154.82.85.103200 OK 566 B IP 154.82.85.103:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 996fa5fd35759bdf0bbe895477e35d00
adb24a9a613974820fe0503228e4242212b680a6
f910d9ce434cb5a5f4560981993d1507da7eee36b7b6e3f0cebd329664821714
GET /ttsetz.html HTTP/1.1
Host: zndhtz02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avdhtz03.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 11:32:16 GMT
Content-Type: text/html
Content-Length: 566
Last-Modified: Sun, 20 Nov 2022 15:04:41 GMT
Connection: keep-alive
ETag: "637a4209-236"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b592eecbc1e6405a51d90ff789e57e23
9635eb335b2765f0affe3bd48a797e6bf6c95b88
f1691831a7278b93083a6007019d61cf4aeeeb85781978d503b1ef7ec518f764
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1691831A7278B93083A6007019D61CF4AEEEB85781978D503B1EF7EC518F764"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21535
Expires: Wed, 23 Nov 2022 17:31:12 GMT
Date: Wed, 23 Nov 2022 11:32:17 GMT
Connection: keep-alive
mmzyw22.com/template/m1938pc/static/picture/play.png
154.218.191.251200 OK 914 B URL HTTP/2 mmzyw22.com/template/m1938pc/static/picture/play.png
IP 154.218.191.251:0
ASN #137951 Clayer Limited
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d0bcf0dff3f7074e9a3ce72a06b4a9a8
48fbeab48ed57e626fe00e5e6617b7729726995e
ed0681b32fabd508fcc2aa62f2408181053043302e8089fd200da0649981f972
GET /template/m1938pc/static/picture/play.png HTTP/1.1
Host: mmzyw22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 11:32:18 GMT
content-type: image/png
content-length: 914
last-modified: Fri, 17 Jun 2022 02:29:26 GMT
etag: "62abe706-392"
expires: Fri, 23 Dec 2022 11:32:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
mmzyw22.com/template/m1938pc/static/images/arrow_up.png
154.218.191.251200 OK 398 B URL HTTP/2 mmzyw22.com/template/m1938pc/static/images/arrow_up.png
IP 154.218.191.251:0
ASN #137951 Clayer Limited
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 353247650251bb3b54b709aa3441deb0
9784d902cbdfbf51cbe3f0281098575311fd5d2f
cdd12906b6861716ac4c33bcb08ff9164f9269b304748e54886482e773d26aec
GET /template/m1938pc/static/images/arrow_up.png HTTP/1.1
Host: mmzyw22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 11:32:18 GMT
content-type: image/png
content-length: 398
last-modified: Fri, 17 Jun 2022 02:29:24 GMT
etag: "62abe704-18e"
expires: Fri, 23 Dec 2022 11:32:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
mmzyw22.com/template/m1938pc/static/images/share.png
154.218.191.251200 OK 3.2 kB URL HTTP/2 mmzyw22.com/template/m1938pc/static/images/share.png
IP 154.218.191.251:0
ASN #137951 Clayer Limited
File type PNG image data, 39 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 02f6a2fe1a4a8668aca32a1c08040c0f
72d7273e5e561ed4c70bd0ccef8e66407b9e7ce0
30a473f2f6a26ac3d2fb1538744d781985d6051cf1e8a54a4e8a8d1fabb0e8f8
GET /template/m1938pc/static/images/share.png HTTP/1.1
Host: mmzyw22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 11:32:18 GMT
content-type: image/png
content-length: 3172
last-modified: Fri, 17 Jun 2022 02:29:30 GMT
etag: "62abe70a-c64"
expires: Fri, 23 Dec 2022 11:32:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
raw.githubusercontent.com/laosu9898/shantu/main/960x240.gif
185.199.108.133200 OK 473 kB URL HTTP/2 raw.githubusercontent.com/laosu9898/shantu/main/960x240.gif
IP 185.199.108.133:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 473 kB (473262 bytes)
Hash 684975669f3b5ba70edcd50162b63ec7
263b1e0cb976ff53e2c20842bbc70ea2da74a4e3
df3cfebd0dcd82ea8335969d8c2bbb8b1c71a307fd40c1ca7f52e6d0c5e07d6a
GET /laosu9898/shantu/main/960x240.gif HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/gif
etag: W/"69409335def275b79efcbf7873744be9fae24fec05ff84dd0e622165171add37"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 4142:0A86:8972:E17E:637E04C2
accept-ranges: bytes
date: Wed, 23 Nov 2022 11:32:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669203138.420519,VS0,VE397
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: 4646b163601447c0a309e5061179db7ca8dcbbf0
expires: Wed, 23 Nov 2022 11:37:18 GMT
source-age: 0
content-length: 473262
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 37624cffbb7b8d1dc70eea33297d156f
d3c2bbcbe86576b1d9bf0de368b7c214d4bd38b8
d344aee4fd01ace247e744c9e90d21f485223b366f7b4f88dcb13a434e6fa675
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=90286
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:18 GMT
Etag: "637cc270-118"
Expires: Thu, 24 Nov 2022 12:37:04 GMT
Last-Modified: Tue, 22 Nov 2022 12:37:04 GMT
Server: nginx
Content-Length: 280
ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
IP 142.250.74.3:0
Hash 5987bf4a266144f0c8586a16fa0b9695
7296454b55cc730c1e99f624c07305f39d84489d
4253f1405d9a421e22f0f9f48aed322c72125d2f55d2e9a2e3763ca39d2573e7
POST /s/gts1p5/swCvH5hS9-4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
IP 142.250.74.3:0
Hash 5987bf4a266144f0c8586a16fa0b9695
7296454b55cc730c1e99f624c07305f39d84489d
4253f1405d9a421e22f0f9f48aed322c72125d2f55d2e9a2e3763ca39d2573e7
POST /s/gts1p5/swCvH5hS9-4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tukky.vip/91uu/91uu60.gif
172.67.142.245200 OK 26 kB URL HTTP/2 www.tukky.vip/91uu/91uu60.gif
IP 172.67.142.245:0
File type GIF image data, version 89a, 980 x 60\012- data
Hash 465314ce79ce6f8cfe4c183d176c1de2
ae8b9aabd887f97ac1d167c60724e54f96826640
81f1fb09701374b4142569654f494e080ede60db59188e27f58df1d641ebc1cc
GET /91uu/91uu60.gif HTTP/1.1
Host: www.tukky.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:18 GMT
content-type: image/gif
content-length: 25715
last-modified: Sun, 16 Oct 2022 23:17:43 GMT
etag: "634c9117-6473"
expires: Mon, 05 Dec 2022 20:32:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1482413
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaZkJWo38x5tAqg%2BSK8TeCR0PBWAy%2BDIAQd0Inf4eJCFWqHjwq0ewg9NrNzXX8yTYGuX8YE%2BClnCTGkW8re29OH3BqJ6VqjBM%2B%2FgB%2F6POL7LMlw8T0Dtz4czOZiWHYoW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e9956299cfb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.aoattsetp.vip/hf/dxsp001.gif
172.67.194.142200 OK 110 kB URL HTTP/2 www.aoattsetp.vip/hf/dxsp001.gif
IP 172.67.194.142:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 110 kB (110246 bytes)
Hash 3d25ac0f4a94e61bbbb48f399e7a27fa
1d01229e98b157bdff2dfc50a6ee8774c9827a52
83e77a17495a57cc92d27a7d7377c4452dc93e017c8e403305f5ec940a834c4f
GET /hf/dxsp001.gif HTTP/1.1
Host: www.aoattsetp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:18 GMT
content-type: image/gif
content-length: 110246
last-modified: Fri, 19 Aug 2022 17:28:34 GMT
etag: "62ffc842-1aea6"
expires: Sun, 04 Dec 2022 21:39:55 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1564779
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHkndw3nQ%2FgHiIMTV7Dt0ar0MXx7sm1%2BgDlTdjrwru6GDaaYOPXVzReEHa%2BG1bM%2B8z%2FNyT8OJDTM2q%2FHYShn5zZ6j%2BFA2gj%2FI4ysrUmIu572a3JdrYhGQ3QgP%2FCOsM8RzsXEHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995629d8b1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ca188454a07b8835f5316a2e97e8297
bf51c6e83fcfada5d8c02e98a439aab007952167
6d754027a9079a4cfbd7e17e31fff9a95100bddfe11aad5fce93f55e4113b5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D754027A9079A4CFBD7E17E31FFF9A95100BDDFE11AAD5FCE93F55E4113B5F9"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2102
Expires: Wed, 23 Nov 2022 12:07:20 GMT
Date: Wed, 23 Nov 2022 11:32:18 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
IP 142.250.74.3:0
Hash ae1252020408e77d95a83fcc432819fa
6b571acd4fdc8baf43b9cfb69cf200c64cf8f4f2
f8fa15462845b47ae7ec328092846963ed833e94c4c96d7bbb0480014cf76d91
POST /s/gts1p5/t1eJGFHGm7w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tukky.vip/hf/lghyr001.gif
172.67.142.245200 OK 87 kB URL HTTP/2 tukky.vip/hf/lghyr001.gif
IP 172.67.142.245:0
File type GIF image data, version 89a, 960 x 120\012- data
Hash c93b3ed293066d747d880ea368f305c3
7847cf128db1b0cc6f25cbfb54125348bf6dda97
79a2ddaa98a1421d78798163acdce3928ac97d2f63e5a7a64ff011180661a2b3
GET /hf/lghyr001.gif HTTP/1.1
Host: tukky.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 86697
last-modified: Tue, 31 May 2022 12:17:08 GMT
etag: "62960744-152a9"
expires: Sun, 11 Dec 2022 07:22:53 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1011385
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOW8UVzfcFQuj3SbT%2FF8I1lirg3TTWwJtNr6UcLfngQ2xoecUdrLXnRAhgtmZMM%2Bbo2vRGiBxl1xVlmyzHq4OMX3OKnHnjeLdAfu2IWzHYq2LyZEqU4OydBFogQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99562b9f7b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6b67b9663419a50a314b4d2095a7428
4c62bb07a119c0fa22dadee96566f8a329e51397
c73fed3853cc2400de906c998edc583f306acaa49e5ebee46f4fd72fb7813f42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C73FED3853CC2400DE906C998EDC583F306ACAA49E5EBEE46F4FD72FB7813F42"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3727
Expires: Wed, 23 Nov 2022 12:34:26 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6b67b9663419a50a314b4d2095a7428
4c62bb07a119c0fa22dadee96566f8a329e51397
c73fed3853cc2400de906c998edc583f306acaa49e5ebee46f4fd72fb7813f42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C73FED3853CC2400DE906C998EDC583F306ACAA49E5EBEE46F4FD72FB7813F42"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3727
Expires: Wed, 23 Nov 2022 12:34:26 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 579f25f65887f38fe8c7f9782188c2af
1d57b8258270ae48291d19b749330792aefba3bb
d2361945db79b9e5071e34c627c0ace70b792649c4e601e058deb548351b77e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2361945DB79B9E5071E34C627C0ACE70B792649C4E601E058DEB548351B77E8"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18048
Expires: Wed, 23 Nov 2022 16:33:07 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
www.tukudhgg.vip/hf/wang602.gif
172.67.208.179200 OK 875 kB URL HTTP/2 www.tukudhgg.vip/hf/wang602.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 961 x 82\012- data
Size 875 kB (874783 bytes)
Hash a2fb53ffd95f97887826abebea62513c
383ca8074e26fe16c406db211cbe5cba41e91f65
05c8180bd75026280aab15eabb7b113a44d97deb29fbf70ade8a954d4d70e51e
GET /hf/wang602.gif HTTP/1.1
Host: www.tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 874783
last-modified: Sat, 24 Sep 2022 02:18:02 GMT
etag: "632e68da-d591f"
expires: Sun, 04 Dec 2022 21:39:55 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1564780
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aREd3BemDDScFUpxygv1ht7GpjSTG3Dc5itZNO4yRm3M1U1voHstW9CW9Qo062zMqWz72uQTwHcfNSLeXgB1PazJ1CiYZIph%2BPsZiy%2FmDIKxtMfUd0vc7rPPQW7N5J5v%2F8vd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99562dba9b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP 142.250.74.3:0
Hash fdf9e30b311408e0261d62c3b5574d03
5a2f736178fa123d7a030c86eb11734addef56cb
917f8610e750bf273520574ac4768b4be5a32d1dc5768e30be6f44ec6786e41c
POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcc5959adcdf843288fe6c523e2e4912
be969c3e6afaf8d87f445d83c1cb61657ccfca8b
f74cee96689ad018db53ce3781926303e75dad28e6fbb4ef76fa788470b79878
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F74CEE96689AD018DB53CE3781926303E75DAD28E6FBB4EF76FA788470B79878"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10992
Expires: Wed, 23 Nov 2022 14:35:31 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/11/22/cc16487.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 11:32:18 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/11/20/heyzo4538.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 45b2b96a4ec9985e38b9959af957438c
41453534f5be308bf4aeb0d85660ca2d9f4d6e4d
747452ea31f1be9158a887d7cb85afd46babee78b714300ed4343a2b0e17b518
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "747452EA31F1BE9158A887D7CB85AFD46BABEE78B714300ED4343A2B0E17B518"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20688
Expires: Wed, 23 Nov 2022 17:17:07 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
www.tupku.top/lm/ssd.jpg
172.67.200.40200 OK 5.2 kB IP 172.67.200.40:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x68, components 3\012- data
Hash afef47e54b6a9a656791ca67efdab209
12a667dc2184993ce8dc8dbada8bf4649ee9a449
69bc9f756135ce1187c04b847403d8f6103204f9c7550df228925fddfb4edcea
GET /lm/ssd.jpg HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 5153
last-modified: Sat, 16 Jul 2022 07:43:04 GMT
etag: "62d26c08-1421"
expires: Fri, 16 Dec 2022 08:18:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 576040
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY0HlFdN2gan6BMvpLv8oynCmMS4wVM2OObq6lSxPX9W9gaV6k0AzinplTDkSFT3gmS0BmmCo0rmsVLpt5QL8i8eV2E1cf4MGT8FEJ6Nr6mgllwg3S%2BG2WzCalpXT4u1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995638cbd0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e4f242b450836176e7a1dd823e16594
881373cfc4e59fcf352b81b3e4970b8b054104bd
7aadfc998b7f9a204acc92f99325e6fdf5d41232d279f0a07cab1faf1f6cb982
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7AADFC998B7F9A204ACC92F99325E6FDF5D41232D279F0A07CAB1FAF1F6CB982"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18578
Expires: Wed, 23 Nov 2022 16:41:57 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e4f242b450836176e7a1dd823e16594
881373cfc4e59fcf352b81b3e4970b8b054104bd
7aadfc998b7f9a204acc92f99325e6fdf5d41232d279f0a07cab1faf1f6cb982
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7AADFC998B7F9A204ACC92F99325E6FDF5D41232D279F0A07CAB1FAF1F6CB982"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18578
Expires: Wed, 23 Nov 2022 16:41:57 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
tukudhgg.vip/logotp/xpj200.gif
172.67.208.179200 OK 423 kB URL HTTP/2 tukudhgg.vip/logotp/xpj200.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 423 kB (422639 bytes)
Hash e9fbb3e8331bcc6b705b7bc3c44a22bb
6f1c2c9b38a1f5c31e0d59d8f2bec101b5cbb329
bb0c7a32e541641e9c3f5899048ec245463de2bc5efc698b1e6bc528e8e2951a
GET /logotp/xpj200.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 422639
last-modified: Sat, 10 Sep 2022 08:46:22 GMT
etag: "631c4ede-672ef"
expires: Sun, 27 Nov 2022 13:44:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2198130
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rvjd6aMHZhXkBTXfab93NxDbMmzTCVgrqD6P7S1mMPO47g5HiFyNuva20BCy3iTxSoVhoxgDAkWDAF3j9%2BhLcbQzjkp91vYOzHYZsVd3DH3VAedB0cx8M87S0JXe0mE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995639cf1b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvevv.com/00cac4fde2e514f897f6e62f20c51d1f.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvevv.com/00cac4fde2e514f897f6e62f20c51d1f.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /00cac4fde2e514f897f6e62f20c51d1f.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: text/html
content-length: 162
location: https://kvthhh.top/00cac4fde2e514f897f6e62f20c51d1f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tukudhgg.vip/lm/aaa122.gif
172.67.208.179200 OK 514 kB URL HTTP/2 tukudhgg.vip/lm/aaa122.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 320 x 186\012- data
Size 514 kB (513487 bytes)
Hash eb6ae4c3d42252ba0149361e28da9f18
b42e20c95a707951729969f9250f0b66f3ab4992
43abb0219a75601add12728d8c9a91af813a1342cc8b70acc6d5d5429af2fb62
GET /lm/aaa122.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 513487
last-modified: Wed, 25 May 2022 14:05:09 GMT
etag: "628e3795-7d5cf"
expires: Sun, 04 Dec 2022 21:39:58 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1564777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRwugXZ6YGqtkqYMDPSv4rjRqT0n%2FpG4O6p4Jsqlf6RgX1KA%2FdOgCXGVT%2BAflCNlYkSVq74waXRS1SN3J4IIkzbLGLFrZl4Qn9jcF5B3xDa7%2FMl4RTedYsT39V2Q3y4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99563ad17b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mmzyw22.com/template/m1938pc/ads/dh.js
154.218.191.251200 OK 111 kB URL HTTP/2 mmzyw22.com/template/m1938pc/ads/dh.js
IP 154.218.191.251:0
ASN #137951 Clayer Limited
Size 111 kB (111348 bytes)
Hash 8530f25af29292bdda546bcc565829e9
e48cd026717b73633ebfed35db06c8f7fff017ca
894a5c5918ed8db101b2468e941f6c3db2126159bea5f799afa0a4618076e6e5
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: mmzyw22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 11:32:18 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 06:36:50 GMT
vary: Accept-Encoding
etag: W/"637c6e02-49a5"
expires: Wed, 23 Nov 2022 23:32:18 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.tukudhgg.vip/logotp/swrhe.gif
172.67.208.179200 OK 156 kB URL HTTP/2 www.tukudhgg.vip/logotp/swrhe.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 156 kB (156311 bytes)
Hash c1cd6fbcc60e4242fb31eb894d7d9450
1b0a2ba85f38fa452a391250067e916ac7b61345
aca31490b0e0478395648fb5f6ce318b56a4a443c7a64e069c71cee6c0f0bb44
GET /logotp/swrhe.gif HTTP/1.1
Host: www.tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 156311
last-modified: Wed, 08 Jun 2022 08:25:23 GMT
etag: "62a05cf3-26297"
expires: Thu, 15 Dec 2022 15:38:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 636045
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMcNlcVP5n8Up7inbteYxnvRlf98PGBF%2BAeMFrK5b8oNXynh%2FG2eY1pjN6rflqZ4GIg6XeAa%2FiZ%2B7f9AuNIWMrmyYab60Oe%2FJs8MCliPhr0ha0J0Vws4CoAhobTd8JWs09Ww"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99563ed57b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzemm.com/cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzemm.com/cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tukudhgg.vip/logotp/tiangx01.gif
172.67.208.179200 OK 193 kB URL HTTP/2 tukudhgg.vip/logotp/tiangx01.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 193 kB (192700 bytes)
Hash 1f96742e79c464754770d21b824c422e
2eacc04050d6b364ca38e67f740f5019ba609d72
90b4a34013848befc26d1e21f30afa75bb896fb8775cfb283e0d1f4d9bc1a294
GET /logotp/tiangx01.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 192700
last-modified: Sun, 19 Jun 2022 13:11:00 GMT
etag: "62af2064-2f0bc"
expires: Tue, 20 Dec 2022 05:44:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 239645
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPOxz0kmsXCjL7WBTndzMDvLT6g7xsjm66CKIPN%2BISu%2Biusp81qo2yOgJ2j2R11BnjFA0O5p%2F0bXlTAcTGZZ9mubtHLP3L32VzaRqSe4bdMOF2nFLvR2GU4E%2Bw%2Bd%2F9c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995642db2b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tupkku.top//lm/spk190.gif
172.67.178.134200 OK 173 kB URL HTTP/2 www.tupkku.top//lm/spk190.gif
IP 172.67.178.134:0
File type GIF image data, version 89a, 720 x 428\012- data
Size 173 kB (173345 bytes)
Hash 35311cb75e25f68d1dad6a630474ece2
e48ba5dcba824a35199fc4fc843be185c53f7f3b
c4ea26086533e343ba5eb059ca8d027490d161fca19228180f13f0032f91d901
GET //lm/spk190.gif HTTP/1.1
Host: www.tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 173345
last-modified: Thu, 15 Sep 2022 09:25:11 GMT
etag: "6322ef77-2a521"
expires: Thu, 01 Dec 2022 07:10:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1876137
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVdjLtcljkPCz4kHiorIwQd8l7KcAJynSm8ZnHnZkTWfM%2FL7lZNPhdMuB41zdG19ZNhhS1yWht2RleOux9PZOG5mEwQq2wjMiJtivuuRqeFuc2Ge062xQfps4pxKC3vqqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e9956438c7b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tupkku.top/lm/spk320.gif
104.21.51.97200 OK 137 kB IP 104.21.51.97:0
File type GIF image data, version 89a, 720 x 428\012- data
Size 137 kB (136930 bytes)
Hash 8ee25a766c10b2ade919dad65e1c9b37
a1d17bdfcda79dbf1ff41eed3e899db67c6c16c6
b9720e5b3ae93583e8e915eddc4c9c00d915c81be0ca0f20069443f18f37c0bb
GET /lm/spk320.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 136930
last-modified: Thu, 15 Sep 2022 09:25:05 GMT
etag: "6322ef71-216e2"
expires: Thu, 22 Dec 2022 17:00:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 26314
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyhlNPTqMCj2r4iomoQakA29gXBpHRlCHSxRkWl%2BDdJHH6gQrmR4hxlrtEjmBp70vgw1GKZeDDP2FP%2FO%2Bp6L4MT%2BAAG4WZ%2FhQsViAtTy5CVLqRx1oiIwKvumLEe9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99564494f0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aooacctp.vip/lm/se5.gif
104.21.82.179200 OK 397 kB IP 104.21.82.179:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 397 kB (396964 bytes)
Hash 7b42e791e269b8425a0f380efdd8e5fd
10c09c8f711478c7aeccc988c076d299fafcbbfa
00ef96678470106e95be9f6f4dc07debbbb63a96db839adbf17e5e04e27caf60
GET /lm/se5.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 396964
last-modified: Wed, 25 May 2022 14:04:51 GMT
etag: "628e3783-60ea4"
expires: Wed, 07 Dec 2022 13:30:26 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1334942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kf0kwtKxlR5RZbyw50Ca9z36g8AbPrCpnKSI8xh5etQ2UgKKZlDosGoJU9REAeolhaGM1VTIjBb2ZTxQxAzxAbchZqKJhOldwAwIO4qNIolSXpJmVzFm3j1K02k87HA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995643881b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tupkku.top/logotp/bbzy7.gif
104.21.51.97200 OK 111 kB URL HTTP/2 tupkku.top/logotp/bbzy7.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /logotp/bbzy7.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 19 Jun 2022 13:14:29 GMT
etag: "62af2135-1b020"
expires: Tue, 20 Dec 2022 05:44:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 239645
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPYua1JgfjPnCo7CanYbbP2GufkdHY4LhXyIZtxkGeDpUpa8ehPjK8v2AFjXuEMuiEiORClKBoJGZuDGhgkskxbMkrDDZbo71i31pk38zkuPh1xjGP7FPiJzgTmb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99564494d0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzeaa.com/156ce1c412d70d7463f3422999b2e5bc.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/156ce1c412d70d7463f3422999b2e5bc.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /156ce1c412d70d7463f3422999b2e5bc.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: text/html
content-length: 162
location: https://kvhccc.top/156ce1c412d70d7463f3422999b2e5bc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tupkku.top/logotp/xc02.gif
104.21.51.97200 OK 397 kB URL HTTP/2 tupkku.top/logotp/xc02.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 272 x 272\012- data
Size 397 kB (397251 bytes)
Hash 66ece7346a37c9793896b4dcffc0aa33
1ede3c927fc4c1a960463595289914f0a681ebe7
bf6660578b978113e0c2a1a5ad09dd8d355ab591a16670be0dfb1a2a3eabea30
GET /logotp/xc02.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 397251
last-modified: Sat, 21 May 2022 07:02:33 GMT
etag: "62888e89-60fc3"
expires: Thu, 22 Dec 2022 17:00:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 26314
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPKSn8MBkkaRhMZdwMr3NUMqQaXMJoDTlFBRegLl6Cbn91q%2BaI4bMJ15FyEvJOH2UQRvJ6e4yactSlBav%2B8N03pjaMvEVleUY5DPq83xirimLImiBWwNiVoUkElQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e9956499b80b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?0152085f3b6406a49be94f209e4f61f0
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0152085f3b6406a49be94f209e4f61f0
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 78f5f520a5aa2adee03bf358c99d769f
7329e0d0eff1782b7b6f0b6115515728ffca6588
c50ff10ae906b7c135e69f5d3ed07bdb4dcd816eb1c435a45c6ea23ae7764d41
GET /hm.js?0152085f3b6406a49be94f209e4f61f0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11334
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 11:32:18 GMT
Etag: f376eea7ba5a6c5cd227366ab70ae54b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5F656E652B46179E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 917c6270a3897d6dbc499550fe56c9a2
da1f360effd6e9bc349529f6217ad904fe98fadc
7bc60f85bec74a5196717c8532f08bc86b8685cfd7b43d2de7117be805427d20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 06:50:25 GMT
Expires: Wed, 30 Nov 2022 06:50:24 GMT
Etag: "da1f360effd6e9bc349529f6217ad904fe98fadc"
Cache-Control: max-age=587284,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e99564ad7cb529-OSL
aoattsetp.vip/logotp/wt01.gif
172.67.194.142200 OK 479 kB URL HTTP/2 aoattsetp.vip/logotp/wt01.gif
IP 172.67.194.142:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 479 kB (479032 bytes)
Hash 7f8ee4f985772f6a9c0256ae8b86186d
69a2b0b1d7e19fb38d21533fd22eff1bcf1f9abd
f3458aa5d6e2c3ba4a261dedd7a76da61915b7b2911d19b05cf23d6b04b40117
GET /logotp/wt01.gif HTTP/1.1
Host: aoattsetp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 479032
last-modified: Mon, 02 May 2022 08:41:22 GMT
etag: "626f9932-74f38"
expires: Thu, 22 Dec 2022 23:22:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 3361
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2afSYHqhQ1BFUvqPo8nw9MmTIus2ns3N9k%2B3L4S8%2FoKaCaqnTHoOFGSbNvuAEQxzlIOY6ENwDxmiO7VUomv90mSXhC7ERip1uKv6K5VeJEL2m06lkC078GL0ZnunM6r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e9956528471bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 06917509c2cc58ec0233028e53761e39
4cbae6fb70439445ea2b15da5dbf24ec15fbe655
cc51ba6f8b1879e5db5d971c99ff1ffe040a932efd0786aa2e95a430337b0274
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 23:53:07 GMT
Expires: Sat, 26 Nov 2022 23:53:06 GMT
Etag: "4cbae6fb70439445ea2b15da5dbf24ec15fbe655"
Cache-Control: max-age=303046,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e99564ed5ab515-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1f919c44f4be14ce20a12342acddc9f3
c1cace75609058f0af75470371415901bf320fe7
801032659dd656d53da1826df120cd0a6899436d4586153ca5546a8da2e58015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "801032659DD656D53DA1826DF120CD0A6899436D4586153CA5546A8DA2E58015"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8692
Expires: Wed, 23 Nov 2022 13:57:11 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
tupkku.top/logotp/xfb66.gif
104.21.51.97200 OK 624 kB URL HTTP/2 tupkku.top/logotp/xfb66.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 145 x 145\012- data
Size 624 kB (623748 bytes)
Hash a32d51e341cd89abbece4c69d304f22d
66079b18e75f9469f4be074e9bc02ba0d85c4361
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
GET /logotp/xfb66.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 623748
last-modified: Fri, 15 Apr 2022 17:52:24 GMT
etag: "6259b0d8-98484"
expires: Thu, 22 Dec 2022 17:00:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 26314
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5NwhzxWng3ASiH5JV13wfJWaq%2B0AomWYNXbLYYEFVG4uwhzO2Gd%2Fi2ElOK6LQIBYMwrv9pQtFzfC1gp%2FpMPxUhq11imsPZXwOUU0UmsTcqkEdDrknOGeITPRRFS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995655a700b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 37624cffbb7b8d1dc70eea33297d156f
d3c2bbcbe86576b1d9bf0de368b7c214d4bd38b8
d344aee4fd01ace247e744c9e90d21f485223b366f7b4f88dcb13a434e6fa675
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=90286
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:19 GMT
Etag: "637cc270-118"
Expires: Thu, 24 Nov 2022 12:37:05 GMT
Last-Modified: Tue, 22 Nov 2022 12:37:04 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
tukudhgg.vip/logotp/klm29.gif
172.67.208.179200 OK 707 kB URL HTTP/2 tukudhgg.vip/logotp/klm29.gif
IP 172.67.208.179:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 707 kB (706607 bytes)
Hash de65e95ed6ad16569325d0eb6f948afa
4cedbb4fb40fb0d35efd617b3b207e78ffe4d85a
88e67b99365a0814cbdf10fd982322516af9f2bb613f1c72e218ba32a7a31fca
GET /logotp/klm29.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 706607
last-modified: Mon, 02 May 2022 08:41:33 GMT
etag: "626f993d-ac82f"
expires: Tue, 20 Dec 2022 05:44:52 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 239642
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9L1fovwwt5sB2%2FOlpfvPw9BciDJ7lyLBwL4BR4BnTc4b1jQa4hJasYpGeEsLWV3Go8MsgZ0DT1S4NyhtEsMNAZywOAYzvjeoK42jXXrVNgyl%2FLsNxsMshp5zhUZvvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995659fd5b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
IP 142.250.74.3:0
Hash 5987bf4a266144f0c8586a16fa0b9695
7296454b55cc730c1e99f624c07305f39d84489d
4253f1405d9a421e22f0f9f48aed322c72125d2f55d2e9a2e3763ca39d2573e7
POST /s/gts1p5/swCvH5hS9-4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 06917509c2cc58ec0233028e53761e39
4cbae6fb70439445ea2b15da5dbf24ec15fbe655
cc51ba6f8b1879e5db5d971c99ff1ffe040a932efd0786aa2e95a430337b0274
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 23:53:07 GMT
Expires: Sat, 26 Nov 2022 23:53:06 GMT
Etag: "4cbae6fb70439445ea2b15da5dbf24ec15fbe655"
Cache-Control: max-age=303046,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e99564cd99b529-OSL
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/qzsnjbp2qzm1124qzsnjbp2qzm082947.jpg
172.67.28.138200 OK 9.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/qzsnjbp2qzm1124qzsnjbp2qzm082947.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 49d6da41da0305c166122ee0e23aa3d5
179fb898114e500e27312fc38c152c44ce92204f
0ac468c04f775a0bd00a0d0dec74d8f67aec7dfa2e41d187d68e7bb96118365a
GET /upload/vod/2022/10-17/11/qzsnjbp2qzm1124qzsnjbp2qzm082947.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 9687
last-modified: Mon, 17 Oct 2022 03:24:08 GMT
etag: "634ccad8-25d7"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995630932b51e-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/fu12sceeq3w1125fu12sceeq3w123035.jpg
172.67.28.138200 OK 9.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/fu12sceeq3w1125fu12sceeq3w123035.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8413630ca8b0ed350f25d1004a0497e8
6672ff94f3de97e954c4b5ef52ce8d376bdcec7d
e40b0130e1095052185567a3f8be9ee1d758fb6b1dfd1bbc8e330b59dd195cf4
GET /upload/vod/2022/10-17/11/fu12sceeq3w1125fu12sceeq3w123035.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 9144
last-modified: Mon, 17 Oct 2022 03:25:12 GMT
etag: "634ccb18-23b8"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99563093cb51e-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/ifog24ndxyn1124ifog24ndxyn162965.jpg
172.67.28.138200 OK 9.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/ifog24ndxyn1124ifog24ndxyn162965.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 27c14ff13c967f462d3b73215c87cb30
5e02134173a9e7bc83d4d2bb6d6e3539c7590318
284ec92d5589a7225528c1bd6b18751f0f9d9af0a67b00c9168682d502bb62d5
GET /upload/vod/2022/10-17/11/ifog24ndxyn1124ifog24ndxyn162965.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 9627
last-modified: Mon, 17 Oct 2022 03:24:16 GMT
etag: "634ccae0-259b"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995630933b51e-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/4q5bgzwgmbj11254q5bgzwgmbj073025.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/4q5bgzwgmbj11254q5bgzwgmbj073025.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6dd526bd7e1b5f4208bf48a3c2cce570
7d9369c4ad17e7b19dd9e5515b58529bc9683bbb
8accde4306fe0a0da328b53d2046c77ca6f20f4ed59665c5806c79f09bdfb860
GET /upload/vod/2022/10-17/11/4q5bgzwgmbj11254q5bgzwgmbj073025.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 10603
last-modified: Mon, 17 Oct 2022 03:25:07 GMT
etag: "634ccb13-296b"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995630935b51e-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/08/dfwrfcjcjev0840dfwrfcjcjev2521558.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/08/dfwrfcjcjev0840dfwrfcjcjev2521558.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 85fb482c8ac5033900323f7106bd5cff
897ab09aaaecb1e7c3dd5f1de44ce698dabe217f
e00ce49f90299e41fca43a3699d3946b34d7b628c0a75bef171245cfa967b099
GET /upload/vod/2019/11-08/08/dfwrfcjcjev0840dfwrfcjcjev2521558.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 12262
last-modified: Fri, 08 Nov 2019 00:40:25 GMT
etag: "5dc4b979-2fe6"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99562f925b51e-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ded49783fdcdc054fa5165dac98c634d
7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632
6996870c2af49b4b59cbf0fe6d9f95efbc4fa3d0cae1ec2961aeae20c4db4e68
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:18:44 GMT
Expires: Mon, 28 Nov 2022 23:18:43 GMT
Etag: "7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632"
Cache-Control: max-age=473783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e99565fe9cb515-OSL
lbfm.lbpictupian.com/upload/vod/2020/01-05/17/vppsbbkkhx11701vppsbbkkhx104659.jpg
172.67.28.138200 OK 8.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/17/vppsbbkkhx11701vppsbbkkhx104659.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash fcbfe90bb9a8bedae6bcb45477dd79f3
a64aad22427f45c7aaa01d060189900bb9730f07
010db6707df6e9087ba274b312465beb631ec848ffbb67aa9a117193f99e9d4c
GET /upload/vod/2020/01-05/17/vppsbbkkhx11701vppsbbkkhx104659.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 8842
last-modified: Sun, 05 Jan 2020 09:01:04 GMT
etag: "5e11a5d0-228a"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995630930b51e-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/cnklvdbjo0t1125cnklvdbjo0t443081.jpg
172.67.28.138200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/cnklvdbjo0t1125cnklvdbjo0t443081.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5a5b61352fda9f3eecb0e7bd2fb1604b
47df8d3ea0e4fd80ec0ebcec6e2047fcc32be344
bc3bea5cdc975683ad314990b605326953771dc05d78eb52688c4e5d2e8332cc
GET /upload/vod/2022/10-17/11/cnklvdbjo0t1125cnklvdbjo0t443081.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 8323
last-modified: Mon, 17 Oct 2022 03:25:44 GMT
etag: "634ccb38-2083"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e9956339c6b51e-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 06917509c2cc58ec0233028e53761e39
4cbae6fb70439445ea2b15da5dbf24ec15fbe655
cc51ba6f8b1879e5db5d971c99ff1ffe040a932efd0786aa2e95a430337b0274
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 23:53:07 GMT
Expires: Sat, 26 Nov 2022 23:53:06 GMT
Etag: "4cbae6fb70439445ea2b15da5dbf24ec15fbe655"
Cache-Control: max-age=303046,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e99564deae1c02-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 6e2b8a87b40599b2acb0c209fe584071
c77dc595fcd34a65294b84a0b25cead0ffc2b7e3
b5f0fdbc28f56a1f2f6d43ef69877d76eea45f86fcb89c667eb186ab4c448403
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 23 Nov 2022 11:32:19 GMT
Etag: "637bc6c9-1d7"
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hGX2-f_QZnIwgMpGZIzxAP3F3dSvn3esu7BTWAScmA2-XZ665uBODg==
lbfm.lbpictupian.com/upload/vod/2019/11-08/08/sdcft1dsw200841sdcft1dsw202921590.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/08/sdcft1dsw200841sdcft1dsw202921590.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 10ddd97a43bfdd7394db326f52700e45
a5e927620286db2de1d38dce0a9914c282137152
6ccab757052476dfd37dcc654faf06aa69ef3d51a0c0b5e920bc25cd5e8c869a
GET /upload/vod/2019/11-08/08/sdcft1dsw200841sdcft1dsw202921590.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 11633
last-modified: Fri, 08 Nov 2019 00:41:29 GMT
etag: "5dc4b9b9-2d71"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99563092eb51e-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-17/11/lrfbmfwlsd41126lrfbmfwlsd4353131.jpg
172.67.28.138200 OK 9.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-17/11/lrfbmfwlsd41126lrfbmfwlsd4353131.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 35d7f9d906d403e40ccd034216a4697b
af7fe706a04beee145cdb64bf70b0f025a4bb0e5
3563c23d3b8ba6ad6b9b01c83c26fd6ec59e66810542a2c7146436d8687d0d55
GET /upload/vod/2022/10-17/11/lrfbmfwlsd41126lrfbmfwlsd4353131.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 9341
last-modified: Mon, 17 Oct 2022 03:26:35 GMT
etag: "634ccb6b-247d"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e9956339c8b51e-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/08/41mdjglkx3w084141mdjglkx3w1321582.jpg
172.67.28.138200 OK 9.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/08/41mdjglkx3w084141mdjglkx3w1321582.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 30b4fa4aab9b8ee092c3d8f45f17a28e
30708a9c8376ea2b90a237842ee91238b2c4d8b8
a0d99e4d1a4b08ece256872785a6a0c66326ab48e1ab4b11f89b12fc0fbd86df
GET /upload/vod/2019/11-08/08/41mdjglkx3w084141mdjglkx3w1321582.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 9046
last-modified: Fri, 08 Nov 2019 00:41:13 GMT
etag: "5dc4b9a9-2356"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995638a6cb51e-OSL
X-Firefox-Spdy: h2
kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/ca302b14c051bf41d75347daaf6e7ab3.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/08/3iapqh2datu08403iapqh2datu0821550.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/08/3iapqh2datu08403iapqh2datu0821550.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b9bc54419aed54a08e430e8d579d5304
661a9f3211952a0807728e871cd7fdb200595223
38b1592a63566dab2b608c080d2ff95542a5ecc46cf2afd6ecd930ac4b56427e
GET /upload/vod/2019/11-08/08/3iapqh2datu08403iapqh2datu0821550.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 10206
last-modified: Fri, 08 Nov 2019 00:40:09 GMT
etag: "5dc4b969-27de"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995635a14b51e-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/08/2i1xmlpvdkc08392i1xmlpvdkc5221542.jpg
172.67.28.138200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/08/2i1xmlpvdkc08392i1xmlpvdkc5221542.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 63e43732871a380607583ff2f4d23e09
0612a7697501b65a34ca5c6891fc5ca267d45754
a8d8d3747958885e334471f06881a9508347384a428cadc77b4262965cf1f83f
GET /upload/vod/2019/11-08/08/2i1xmlpvdkc08392i1xmlpvdkc5221542.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 8565
last-modified: Fri, 08 Nov 2019 00:39:52 GMT
etag: "5dc4b958-2175"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99563aae1b51e-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 62e1241d2f892dd0358d10bc58897543
c429bc925e26bdc1cfbf8f061c092437c2f980da
d31cf74ba322eae9cf783734a4716069a07df3d8afa6f644925ade3cb7200750
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 08:52:33 GMT
Expires: Tue, 29 Nov 2022 08:52:32 GMT
Etag: "c429bc925e26bdc1cfbf8f061c092437c2f980da"
Cache-Control: max-age=508212,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e995667f19b515-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash af969d89223fe91b4ae51be1d2539d20
51391bd16364c826817c6e65b7ae5f4081d9a365
ea63475e5402f6195218c7f3ddc1ab5b33444b317be93a6e44d54914e2c0b7cd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 15:24:55 GMT
Expires: Tue, 29 Nov 2022 15:24:54 GMT
Etag: "51391bd16364c826817c6e65b7ae5f4081d9a365"
Cache-Control: max-age=531754,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e99565debdb529-OSL
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 244d34795f1bbbcb5cf6fe0b747abde5
b7d0d77a7c39c3decc8e9cc0c25cb037cd6a6b59
a0a14d77ba28e2525edc0c4ff5cc79d9f73bb8c2ac3f8c79d46832276b77fe18
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=887
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash c3e9ec779278d4c63a84cb32e91f6fd3
e61a4693828351c8da69b512c90a1bcfc6fd4cdd
593c2f1ab7003deea8c1723bdc49c5afd7c592af42aad82291ec300dc1e0603d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=874
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash c3e9ec779278d4c63a84cb32e91f6fd3
e61a4693828351c8da69b512c90a1bcfc6fd4cdd
593c2f1ab7003deea8c1723bdc49c5afd7c592af42aad82291ec300dc1e0603d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=874
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
X-N: S
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ded49783fdcdc054fa5165dac98c634d
7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632
6996870c2af49b4b59cbf0fe6d9f95efbc4fa3d0cae1ec2961aeae20c4db4e68
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:18:44 GMT
Expires: Mon, 28 Nov 2022 23:18:43 GMT
Etag: "7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632"
Cache-Control: max-age=473783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e995661f01b529-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash e3c7b20508f380e322b86f03381ff44c
6f765ff047388a8df56033af73fcac0ffcc13320
5d32ccf2e2a36beea0065194bda4156973904fb9c5447a8ba362638cc41cea85
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 27 Nov 2022 09:57:25 GMT
ETag: "6f765ff047388a8df56033af73fcac0ffcc13320"
Last-Modified: Wed, 23 Nov 2022 09:57:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2957
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e995673a26b523-OSL
lbfm.lbpictupian.com/upload/vod/2019/11-08/08/x1eejrbp3qx0840x1eejrbp3qx5721574.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/08/x1eejrbp3qx0840x1eejrbp3qx5721574.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6ee7922a35fdb54e8045604bdfc180f0
2334ee77f77217a09e88152075d8b5b6b0aaf37e
081ea1ec899d4639679071e8c5d4b867e3be9b0ec9f2ae1cfb0d2008785d26c5
GET /upload/vod/2019/11-08/08/x1eejrbp3qx0840x1eejrbp3qx5721574.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 10405
last-modified: Fri, 08 Nov 2019 00:40:57 GMT
etag: "5dc4b999-28a5"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995643be0b51e-OSL
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash c3e9ec779278d4c63a84cb32e91f6fd3
e61a4693828351c8da69b512c90a1bcfc6fd4cdd
593c2f1ab7003deea8c1723bdc49c5afd7c592af42aad82291ec300dc1e0603d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=866
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
X-N: S
mmzyw22.com/
154.218.191.251200 OK 16 kB IP 154.218.191.251:0
ASN #137951 Clayer Limited
Hash 9aae68f081c0226fa8b28f0749bc715b
7d768cbac868f0ac10cbeeb6b7ba681245b489f5
5257335fc26ec79f57d2a5eced3e123e9b763696e5c850ed2a695c82cbc8d56f
GET / HTTP/1.1
Host: mmzyw22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zndhtz02.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 11:32:17 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=599482520&si=0152085f3b6406a49be94f209e4f61f0&su=http%3A%2F%2Fzndhtz02.com%2F&v=1.2.97&lv=1&sn=26689&r=0&ww=1264&ct=!!&u=https%3A%2F%2Fmmzyw22.com%2F&tt=%E7%8C%AB%E7%8C%AB%E8%B5%84%E6%BA%90
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=599482520&si=0152085f3b6406a49be94f209e4f61f0&su=http%3A%2F%2Fzndhtz02.com%2F&v=1.2.97&lv=1&sn=26689&r=0&ww=1264&ct=!!&u=https%3A%2F%2Fmmzyw22.com%2F&tt=%E7%8C%AB%E7%8C%AB%E8%B5%84%E6%BA%90
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=599482520&si=0152085f3b6406a49be94f209e4f61f0&su=http%3A%2F%2Fzndhtz02.com%2F&v=1.2.97&lv=1&sn=26689&r=0&ww=1264&ct=!!&u=https%3A%2F%2Fmmzyw22.com%2F&tt=%E7%8C%AB%E7%8C%AB%E8%B5%84%E6%BA%90 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 23 Nov 2022 11:32:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B8453343770D1A26; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP 142.250.74.3:0
Hash fdf9e30b311408e0261d62c3b5574d03
5a2f736178fa123d7a030c86eb11734addef56cb
917f8610e750bf273520574ac4768b4be5a32d1dc5768e30be6f44ec6786e41c
POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lbfm.lbpictupian.com/upload/vod/2019/11-08/08/qmzxbzs5s2w0840qmzxbzs5s2w4121566.jpg
172.67.28.138200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/08/qmzxbzs5s2w0840qmzxbzs5s2w4121566.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8e47441782b37c28bdbaac113502e449
357736c1b188b15fc48ae6be46772e3d5e108394
d7f5b2f118d9fb9b7ea7d03d4e1c88739338fb4685de53567d3f3a5afeb9b321
GET /upload/vod/2019/11-08/08/qmzxbzs5s2w0840qmzxbzs5s2w4121566.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/jpeg
content-length: 8208
last-modified: Fri, 08 Nov 2019 00:40:41 GMT
etag: "5dc4b989-2010"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e995648c78b51e-OSL
X-Firefox-Spdy: h2
kvevv.com/507cb482a1ab80c11715f64fba692ed7.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvevv.com/507cb482a1ab80c11715f64fba692ed7.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /507cb482a1ab80c11715f64fba692ed7.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: text/html
content-length: 162
location: https://kvthhh.top/507cb482a1ab80c11715f64fba692ed7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e3492cb8b5d79fca4a4728f1c7a24c67
65851a755e917d441fb222dbca6cd8a4c7c06036
ed6b90d0db6beadcc3d21313f4d01063da407f58e62a9199f59a3098986a1263
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:55:15 GMT
Expires: Tue, 29 Nov 2022 23:55:14 GMT
Etag: "65851a755e917d441fb222dbca6cd8a4c7c06036"
Cache-Control: max-age=562374,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e995675fffb515-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd490cff7d54beaf942a7540b752d21a
008f40f9764f057c6268250deadd7a09dffff50b
b5403fe46f559feee6081f0c63efef13c463d2ea059d22aacad7cc74aed07709
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5403FE46F559FEEE6081F0C63EFEF13C463D2EA059D22AACAD7CC74AED07709"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4486
Expires: Wed, 23 Nov 2022 12:47:05 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e4f242b450836176e7a1dd823e16594
881373cfc4e59fcf352b81b3e4970b8b054104bd
7aadfc998b7f9a204acc92f99325e6fdf5d41232d279f0a07cab1faf1f6cb982
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7AADFC998B7F9A204ACC92F99325E6FDF5D41232D279F0A07CAB1FAF1F6CB982"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18578
Expires: Wed, 23 Nov 2022 16:41:57 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 45b2b96a4ec9985e38b9959af957438c
41453534f5be308bf4aeb0d85660ca2d9f4d6e4d
747452ea31f1be9158a887d7cb85afd46babee78b714300ed4343a2b0e17b518
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "747452EA31F1BE9158A887D7CB85AFD46BABEE78B714300ED4343A2B0E17B518"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20688
Expires: Wed, 23 Nov 2022 17:17:07 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
IP 142.250.74.3:0
Hash ae1252020408e77d95a83fcc432819fa
6b571acd4fdc8baf43b9cfb69cf200c64cf8f4f2
f8fa15462845b47ae7ec328092846963ed833e94c4c96d7bbb0480014cf76d91
POST /s/gts1p5/t1eJGFHGm7w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1328122b0123b079b5d7fc20e0e495a
cfe1e4885a7991cdec87f5d52e15b6bc2dd11ed9
4fc227053b3d3c54a9fbffe8fe570b429277a8f0e07928917f98bfcc99dbeeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FC227053B3D3C54A9FBFFE8FE570B429277A8F0E07928917F98BFCC99DBEEAA"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6719
Expires: Wed, 23 Nov 2022 13:24:18 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash de18ad85d08d9c4493ddcbfe3a552683
ab93b5f5137c6e81b7a2e58691e21a18e49a8ed0
339f5c934414a4335f3bd5dd4e48804c5e573fd05ea8604f0ff62f46fe9c5d28
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 27 Nov 2022 09:54:53 GMT
ETag: "ab93b5f5137c6e81b7a2e58691e21a18e49a8ed0"
Last-Modified: Wed, 23 Nov 2022 09:54:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 853
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e995681b73b523-OSL
fmlb.netlbtu.com/upload/vod/2020/04-14/00/tldlwxhed1v0011tldlwxhed1v242714.jpg
45.89.209.74200 OK 8.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-14/00/tldlwxhed1v0011tldlwxhed1v242714.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a60c65bcf84aa6af295e24841892a6d8
bfc7b7bfba8da47fdca757267cdef925f3c64b9c
8aa639f7e54d94112c02e9d588b7d9d4e8477083dac302f644ac60a98d436f98
GET /upload/vod/2020/04-14/00/tldlwxhed1v0011tldlwxhed1v242714.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/jpeg
Content-Length: 8010
Last-Modified: Wed, 09 Nov 2022 11:44:24 GMT
Connection: keep-alive
ETag: "636b9298-1f4a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
IP 142.250.74.3:0
Hash ae1252020408e77d95a83fcc432819fa
6b571acd4fdc8baf43b9cfb69cf200c64cf8f4f2
f8fa15462845b47ae7ec328092846963ed833e94c4c96d7bbb0480014cf76d91
POST /s/gts1p5/t1eJGFHGm7w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7a804f6b3381b63e2885a6ba0b409c9
6e5a82ccdcc3bee0b2980e272de3cd7ad229a2d7
c72e94130a0bac7e34304f593791ce91bb76b825f64eb1d853a43f930425c91e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C72E94130A0BAC7E34304F593791CE91BB76B825F64EB1D853A43F930425C91E"
Last-Modified: Tue, 22 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2330
Expires: Wed, 23 Nov 2022 12:11:09 GMT
Date: Wed, 23 Nov 2022 11:32:19 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2019/11-08/08/opoobkgdijt0841opoobkgdijt0521578.jpg
45.89.209.74200 OK 8.5 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/08/opoobkgdijt0841opoobkgdijt0521578.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5fbac22fa03d79efdce31f60fa5e9732
cd875ef41617bacb9a7eb598937a1281f6b06a23
abd67c12f8a3d39cedbf158c2f965cf6f0cb3f75ed76d6e7ade37dba541e6779
GET /upload/vod/2019/11-08/08/opoobkgdijt0841opoobkgdijt0521578.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/jpeg
Content-Length: 8476
Last-Modified: Wed, 09 Nov 2022 11:44:28 GMT
Connection: keep-alive
ETag: "636b929c-211c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/04/fvpyz2ayps20456fvpyz2ayps22212910.jpg
45.89.209.74200 OK 9.4 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/fvpyz2ayps20456fvpyz2ayps22212910.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 717x538, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5810c8c1db2ffd5de39c9ddfbeca3889
bdd3f083cd89df109622707ea24f8b956957ec08
b016ca5b8958ccb73702e18a617eaef58b71373cfe5347be4764d1c9411e5e11
GET /upload/vod/2019/11-08/04/fvpyz2ayps20456fvpyz2ayps22212910.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/jpeg
Content-Length: 9365
Last-Modified: Wed, 09 Nov 2022 11:44:16 GMT
Connection: keep-alive
ETag: "636b9290-2495"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-13/18/paduxq3kdo51807paduxq3kdo5061436.jpg
45.89.209.74200 OK 13 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-13/18/paduxq3kdo51807paduxq3kdo5061436.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c85eed472453e0686cc5166826c0a8aa
316b4c7bb61beeac126a97b6be0c497e0df99215
34aff1fcbc65cb5b4e53e3661792168673743ad3983a5eb8815043254fe59fdf
GET /upload/vod/2020/04-13/18/paduxq3kdo51807paduxq3kdo5061436.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/jpeg
Content-Length: 12636
Last-Modified: Wed, 09 Nov 2022 11:44:22 GMT
Connection: keep-alive
ETag: "636b9296-315c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash dd386ca2bd47a4e17f60c9b91ede28c0
72bcb393d243d98a70bf3a46dd4ebc133c56a68a
66d1920788ee99a468ac6a1e36719b61257d4bfc1ee58fc3016b4e4ca16136aa
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 27 Nov 2022 08:11:18 GMT
ETag: "72bcb393d243d98a70bf3a46dd4ebc133c56a68a"
Last-Modified: Wed, 23 Nov 2022 08:11:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2403
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e995686be0b523-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash eabcc3820b19c5053985e6da3ffea915
d82612b51a54c12ac0b54afda4a0931c87cb5fdc
ca5914bd34e86ab176b8f18938f749547866f5b54991d4df0c6a26a6fa6010c2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 13:11:48 GMT
Expires: Mon, 28 Nov 2022 13:11:47 GMT
Etag: "d82612b51a54c12ac0b54afda4a0931c87cb5fdc"
Cache-Control: max-age=437367,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e99567393b1c02-OSL
fmlb.netlbtu.com/upload/vod/2020/04-14/00/tymrhrxy12x0008tymrhrxy12x272357.jpg
45.89.209.74200 OK 9.4 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-14/00/tymrhrxy12x0008tymrhrxy12x272357.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2bb16d13621e429dcef63713a0b0ceaa
bbac180e6dedca2852a4b166b36096e13da5c0e0
272283c5f650e4163afc6cc25374557d2b1992560e81fd457ef410989d74db14
GET /upload/vod/2020/04-14/00/tymrhrxy12x0008tymrhrxy12x272357.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/jpeg
Content-Length: 9416
Last-Modified: Wed, 09 Nov 2022 11:44:40 GMT
Connection: keep-alive
ETag: "636b92a8-24c8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
dimg04.c-ctrip.com/images/0105q12000a3kiw4qFA60.gif
104.110.17.24200 OK 288 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105q12000a3kiw4qFA60.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 600 x 360\012- data
Size 288 kB (287656 bytes)
Hash 9ce9155f310336e3c4ba4a2cbf2bd32a
8c3caa3d7c997895ac50dab3a9fac955124cb8cc
5b9771108017dc13f8b2003591c955cc5fcb517fcddb46ba818a95ddf86edd2e
GET /images/0105q12000a3kiw4qFA60.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 287656
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=12940122
expires: Sat, 22 Apr 2023 06:01:01 GMT
date: Wed, 23 Nov 2022 11:32:19 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e3492cb8b5d79fca4a4728f1c7a24c67
65851a755e917d441fb222dbca6cd8a4c7c06036
ed6b90d0db6beadcc3d21313f4d01063da407f58e62a9199f59a3098986a1263
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:55:15 GMT
Expires: Tue, 29 Nov 2022 23:55:14 GMT
Etag: "65851a755e917d441fb222dbca6cd8a4c7c06036"
Cache-Control: max-age=562374,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e995675861b529-OSL
ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
IP 142.250.74.3:0
Hash 811d4bc15142556d4e41b702db5d0940
623469a82d68ecc4003f63786b45109cdb0ff415
6978b8c4c2ab6ba79699113a04cc654c7e1f6f0e4db36e767c906d4f1dc023ad
POST /s/gts1p5/mxpEmQKZIUM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 11:32:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kvthhh.top/00cac4fde2e514f897f6e62f20c51d1f.gif
104.21.235.65200 OK 82 kB URL HTTP/2 kvthhh.top/00cac4fde2e514f897f6e62f20c51d1f.gif
IP 104.21.235.65:0
File type GIF image data, version 89a, 960 x 80\012- data
Hash 62f39c1c0c44a8d8d01f8d3f72921ce3
94b052ad190771bc28a0d2925f342b364775c004
1fa3b28afa7262c9e4c7f1473a073f8b3b4275aa754418b5a21a7248cf6f758b
GET /00cac4fde2e514f897f6e62f20c51d1f.gif HTTP/1.1
Host: kvthhh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mmzyw22.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 82442
last-modified: Mon, 21 Nov 2022 23:12:43 GMT
etag: "637c05eb-1420a"
expires: Thu, 22 Dec 2022 11:15:04 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 87435
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9H6yMPLeHUNlsfoEV74vhJhYjjUo6DYjF6oXclXzMKdi2sybrM%2BmmQev753OQvxvub1iNSOfr4rWp%2FLS7DmgxYNagIZQuh6qf4JNeBlKKmIZYcTRmURAd22vs3v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99568c9f9773d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhccc.top/156ce1c412d70d7463f3422999b2e5bc.gif
104.21.233.189200 OK 138 kB URL HTTP/2 kvhccc.top/156ce1c412d70d7463f3422999b2e5bc.gif
IP 104.21.233.189:0
File type GIF image data, version 89a, 960 x 180\012- data
Size 138 kB (138161 bytes)
Hash 15f978959094f9cc20b26e8663a817d3
623ed3d654c37b32431eafc29e018c9056785320
22e65c24ceb37f09f713cdcb896777a120e6c5ed4439590c4d39f4eb57daf329
GET /156ce1c412d70d7463f3422999b2e5bc.gif HTTP/1.1
Host: kvhccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mmzyw22.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 138161
last-modified: Wed, 25 May 2022 14:00:28 GMT
etag: "628e367c-21bb1"
expires: Wed, 21 Dec 2022 23:16:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 130533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVFY1LkZoXCTQ1mj9LN8RV25%2BdWJCL1hCNneH5G52VnIF%2B3oy2e%2B1PAWm6cJj8ad5xMORjaZ9qZURsd3N6VDNOK%2BLF1wel9ECLj63YlCcLdw5hQb9FuidW4AY7D5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99568bba48879-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzenn.com/b3d9a37730111812e9e40be25e336998.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kzenn.com/b3d9a37730111812e9e40be25e336998.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /b3d9a37730111812e9e40be25e336998.gif HTTP/1.1
Host: kzenn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: text/html
content-length: 162
location: https://kvkkkk.top/b3d9a37730111812e9e40be25e336998.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 894a80c8dce0c10809872c022309ecbf
8f03e5df7ef099b94afa6ddfe4ed1da61a4986bb
b3aca29cddf84cf1a2fa6cf139337e9ea64c559f7767876416e2434df5c47d8f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B3ACA29CDDF84CF1A2FA6CF139337E9EA64C559F7767876416E2434DF5C47D8F"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Wed, 23 Nov 2022 17:31:48 GMT
Date: Wed, 23 Nov 2022 11:32:20 GMT
Connection: keep-alive
ads-6686.top/96060.gif
123.253.107.219200 OK 570 kB IP 123.253.107.219:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 570 kB (570462 bytes)
Hash 60393bbfab3aac9d2d4b557ba0752c41
4da3fa5126e9b68041eec58e3b794b28565ddd0a
b7c0b7710cec9c28a60532612d277bfe56400b95f4f524eb7d049a7b4ea73750
GET /96060.gif HTTP/1.1
Host: ads-6686.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: load-edge/2.1.1
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 570462
last-modified: Mon, 14 Nov 2022 07:57:56 GMT
etag: "6371f504-8b45e"
strict-transport-security: max-age=31536000
lp-geo: edge-l2ev
lp-addr: 91.90.42.154
lp-request: 65f59318-b4c3-4450-a687-938abc15d416
lp-id: 53007359817f40eccc0937a6fbea91b9
expires: Wed, 23 Nov 2022 11:37:19 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c617e615b2bb0716283bd84269665e45
fc8325297496c49234e345d88b3d1213a644dd6e
f2cc5a9050533a4beba574c951fa97c29cb5aa1e764444021e77a7ee67756848
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2CC5A9050533A4BEBA574C951FA97C29CB5AA1E764444021E77A7EE67756848"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 23 Nov 2022 17:32:20 GMT
Date: Wed, 23 Nov 2022 11:32:20 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bc8d265120c730a7055f4f864f3f9233
0c575bb277f43a4200d6f3d85059d2f7b36f7725
8e382040661f6d849cd2506dbbf4bfa3bba38178f36a02776fddac2b14b57dd9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 17:12:54 GMT
Expires: Sun, 27 Nov 2022 17:12:53 GMT
Etag: "0c575bb277f43a4200d6f3d85059d2f7b36f7725"
Cache-Control: max-age=365432,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e99568ba04b515-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash b7a40c7b1b94e9cd7afedd72481139dd
8146bdee3b10958f329368758988c2e7a8f16b7b
a9e5b9d4467ae5dda9e257c1911474f036e636b5c4eaa0a1098e87c4afe3eda6
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:20 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 09:48:55 GMT
Expires: Tue, 29 Nov 2022 09:48:54 GMT
Etag: "8146bdee3b10958f329368758988c2e7a8f16b7b"
Cache-Control: max-age=511593,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e995694e96b518-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash dedfef5f0ddd4b3038dd83f9dd65a236
364afb20ae6d4047cd5e81d2b124d64da540c8a8
ceaaede2db45be28bf25364e3c92b5d161bdc37bfae1ff3d4935a233dadb5ecf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 01:54:28 GMT
Expires: Mon, 28 Nov 2022 01:54:27 GMT
Etag: "364afb20ae6d4047cd5e81d2b124d64da540c8a8"
Cache-Control: max-age=396726,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e9956a4cb41c02-OSL
fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
45.89.209.74200 OK 0 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
IP 45.89.209.74:0
GET /images/2021/11/20/heyzo4538.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/jpeg
Content-Length: 43129
Last-Modified: Wed, 09 Nov 2022 11:44:28 GMT
Connection: keep-alive
ETag: "636b929c-a879"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
120.77.166.19200 OK 0 B URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 23 Nov 2022 11:32:20 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 637E04C40E395337389757F5
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 4
fls003.com/upload/uploads-images/default/other/2022-08-10/adcaa25dfc76285d32d349a87104fe53.png?_v=20220701
18.165.122.42200 OK 0 B URL HTTP/2 fls003.com/upload/uploads-images/default/other/2022-08-10/adcaa25dfc76285d32d349a87104fe53.png?_v=20220701
IP 18.165.122.42:0
GET /upload/uploads-images/default/other/2022-08-10/adcaa25dfc76285d32d349a87104fe53.png?_v=20220701 HTTP/1.1
Host: fls003.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 642664
server: nginx
date: Wed, 23 Nov 2022 11:32:20 GMT
last-modified: Wed, 10 Aug 2022 03:00:00 GMT
etag: "62f31f30-9ce68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a9827211f5accfa203d9dee17dcafb30.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P2
x-amz-cf-id: G40qJJGaozeoPuuHuUo8FRUbenTOJ7umowbFlExDKDEvcd5CSHXPGg==
X-Firefox-Spdy: h2
n0611.com/e4597d94b7c64d2cbd906c4116922097.gif
104.208.83.207200 OK 0 B URL HTTP/1.1 n0611.com/e4597d94b7c64d2cbd906c4116922097.gif
IP 104.208.83.207:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /e4597d94b7c64d2cbd906c4116922097.gif HTTP/1.1
Host: n0611.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 20 Nov 2022 15:57:26 GMT
ETag: W/"637a4e66-5bacd"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
362728tdg.com/1f35ff75886943c8b27c7a99c15aff4b.gif
103.170.15.80200 OK 0 B URL HTTP/1.1 362728tdg.com/1f35ff75886943c8b27c7a99c15aff4b.gif
IP 103.170.15.80:0
ASN #7483 Skycloud Computing co., Ltd.
Analyzer Verdict Alert quad9 Sinkholed
GET /1f35ff75886943c8b27c7a99c15aff4b.gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6371f560-6e6b1"
Date: Mon, 14 Nov 2022 08:12:45 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 14 Nov 2022 07:59:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-10
Content-Length: 452273
u1033.com/592fc8ed80064e97b2408949f7edf786.gif
45.61.212.175200 OK 0 B URL HTTP/2 u1033.com/592fc8ed80064e97b2408949f7edf786.gif
IP 45.61.212.175:0
GET /592fc8ed80064e97b2408949f7edf786.gif HTTP/1.1
Host: u1033.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63639ad9-4ea52"
server: nginx
date: Sun, 20 Nov 2022 05:25:42 GMT
content-type: image/gif
last-modified: Thu, 03 Nov 2022 10:41:29 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-15
content-length: 322130
X-Firefox-Spdy: h2
n0600.com/836dbbabe1714e0c98ace5c093afa12b.gif
20.18.120.118200 OK 0 B URL HTTP/1.1 n0600.com/836dbbabe1714e0c98ace5c093afa12b.gif
IP 20.18.120.118:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /836dbbabe1714e0c98ace5c093afa12b.gif HTTP/1.1
Host: n0600.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 03 Nov 2022 10:40:48 GMT
ETag: W/"63639ab0-71fb4"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
n0600.com/10596a0520a742dc8660c257e3362266.gif
20.18.120.118200 OK 0 B URL HTTP/1.1 n0600.com/10596a0520a742dc8660c257e3362266.gif
IP 20.18.120.118:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /10596a0520a742dc8660c257e3362266.gif HTTP/1.1
Host: n0600.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 03 Nov 2022 10:41:01 GMT
ETag: W/"63639abd-3d935"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 0 B URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 11:29:57 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Fri, 23 Dec 2022 11:29:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvtddd.top/ca302b14c051bf41d75347daaf6e7ab3.gif
104.21.235.61200 OK 0 B URL HTTP/2 kvtddd.top/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 104.21.235.61:0
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mmzyw22.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:20 GMT
content-type: image/gif
content-length: 198998
last-modified: Sat, 16 Apr 2022 08:19:50 GMT
etag: "625a7c26-30956"
expires: Sun, 04 Dec 2022 23:19:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1599176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUMzoGTzW66oNGbrJg%2B0%2FefV7c%2B%2BPDVAWC59qINBQGSguPXDKPYHn%2BydOgGYB3ASSJAywiEvpuPBpcntKc3yumq0DdsaA6%2FywBNAOe1BuInjV59qzW5FfPBi1K02"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e9956a0e478e2d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
45.89.209.74200 OK 0 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
IP 45.89.209.74:0
GET /images/2021/11/22/cc16487.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 11:32:20 GMT
Content-Type: image/jpeg
Content-Length: 186946
Last-Modified: Wed, 09 Nov 2022 11:44:29 GMT
Connection: keep-alive
ETag: "636b929d-2da42"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
n0600.com/33930d0b3a2a4bba8710c02df43b9e32.gif
20.18.120.118200 OK 0 B URL HTTP/1.1 n0600.com/33930d0b3a2a4bba8710c02df43b9e32.gif
IP 20.18.120.118:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /33930d0b3a2a4bba8710c02df43b9e32.gif HTTP/1.1
Host: n0600.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 20 Nov 2022 15:57:49 GMT
ETag: W/"637a4e7d-3c8c8"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u1044.com/6ab4f9a2b1674a56b3f1709009c50bb6.gif
103.170.15.68200 OK 0 B URL HTTP/2 u1044.com/6ab4f9a2b1674a56b3f1709009c50bb6.gif
IP 103.170.15.68:0
ASN #7483 Skycloud Computing co., Ltd.
GET /6ab4f9a2b1674a56b3f1709009c50bb6.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6378cfd9-41a67"
server: nginx
date: Sat, 19 Nov 2022 12:49:58 GMT
content-type: image/gif
last-modified: Sat, 19 Nov 2022 12:45:13 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-58
content-length: 268903
X-Firefox-Spdy: h2
kvtddd.top/cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif
104.21.235.61200 OK 0 B URL HTTP/2 kvtddd.top/cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif
IP 104.21.235.61:0
GET /cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mmzyw22.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 11:32:20 GMT
content-type: image/gif
content-length: 1991234
last-modified: Sat, 01 Oct 2022 05:59:47 GMT
etag: "6337d753-1e6242"
expires: Fri, 16 Dec 2022 18:50:26 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 578514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5NwRX4zywtvxscWMYfuYO1sYuUqv%2BQGOpjNzN2hWdlVWdXBqCz3pVnvwjJrAYS8spbV3we2HHDqsAVPE188WmS4F8mLE2V1TsbPmIqE3LThhlqT6CisWcUbtE5l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e99569cde18e2d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mmzyw22.com/template/m1938pc/ads/dddlll.js
154.218.191.251200 OK 0 B URL HTTP/2 mmzyw22.com/template/m1938pc/ads/dddlll.js
IP 154.218.191.251:0
ASN #137951 Clayer Limited
GET /template/m1938pc/ads/dddlll.js HTTP/1.1
Host: mmzyw22.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 11:32:18 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 10:39:10 GMT
vary: Accept-Encoding
etag: W/"637b554e-5f7"
expires: Wed, 23 Nov 2022 23:32:18 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
3p8801.co/yy-960x120.gif
142.0.131.26200 OK 0 B IP 142.0.131.26:0
GET /yy-960x120.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 11:32:19 GMT
content-type: image/gif
content-length: 64647
last-modified: Sat, 12 Nov 2022 07:15:02 GMT
etag: "636f47f6-fc87"
expires: Fri, 23 Dec 2022 11:32:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
1088hg01.oss-cn-hongkong.aliyuncs.com/lanqiu.gif
47.75.19.69200 OK 0 B URL HTTP/1.1 1088hg01.oss-cn-hongkong.aliyuncs.com/lanqiu.gif
IP 47.75.19.69:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /lanqiu.gif HTTP/1.1
Host: 1088hg01.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 23 Nov 2022 11:32:19 GMT
Content-Type: image/gif
Content-Length: 944089
Connection: keep-alive
x-oss-request-id: 637E04C3FC567C3831956916
Accept-Ranges: bytes
ETag: "AA2183D37F4BB3E32799AA7559D6828B"
Last-Modified: Wed, 09 Nov 2022 07:53:02 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9189525011022840236
x-oss-storage-class: Standard
Content-MD5: qiGD039Ls+Mnmap1WdaCiw==
x-oss-server-time: 2
u1044.com/48d35239bb794efab94ae5a90284b3fa.gif
103.170.15.68200 OK 0 B URL HTTP/2 u1044.com/48d35239bb794efab94ae5a90284b3fa.gif
IP 103.170.15.68:0
ASN #7483 Skycloud Computing co., Ltd.
GET /48d35239bb794efab94ae5a90284b3fa.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mmzyw22.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6378cfff-572e3"
server: nginx
date: Sun, 20 Nov 2022 16:22:38 GMT
content-type: image/gif
last-modified: Sat, 19 Nov 2022 12:45:51 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-58
content-length: 357091
X-Firefox-Spdy: h2