av136.xyz/
104.21.81.144301 Moved Permanently 0 B IP 104.21.81.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: av136.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 17:12:12 GMT
Content-Length: 0
Connection: keep-alive
Location: https://114av.one/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWZVBCMrJD%2BpZTl0ywlKxPqZH0eAEw2w8xO9uB4IlUmXWLZaH%2FLkehOKzrLnHuMCYk7b8%2BoBC7TZSMc%2BhKj52vjRG30MlNPHreeZ8ZgFeToB%2F6hCMeHzVRTyz7g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770c7cc48a0cb500-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10441
Expires: Sun, 27 Nov 2022 20:06:13 GMT
Date: Sun, 27 Nov 2022 17:12:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5117
Cache-Control: max-age=153858
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:12 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:56:30 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 16:19:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3169
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16039
Expires: Sun, 27 Nov 2022 21:39:31 GMT
Date: Sun, 27 Nov 2022 17:12:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Qd+067DqQK3kGaSn9IOWZMxDo+/Mt39n/Puppvsc6+eOuzdToMR7p66l22U+qITWIwVfD+qamr8=
x-amz-request-id: 9XXEHHG0GKNTKRX5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 16:44:42 GMT
age: 1650
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ece24af71c4e3f75c542fbc982b618b7
7074cfdcfc4c1eb6576793ad35bc801a5c731df6
a8b939e61a5de4dbcf9e01c7735e19397971ba196989659c1efe2997ddfd5986
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A8B939E61A5DE4DBCF9E01C7735E19397971BA196989659C1EFE2997DDFD5986"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10928
Expires: Sun, 27 Nov 2022 20:14:20 GMT
Date: Sun, 27 Nov 2022 17:12:12 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 17:12:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ece24af71c4e3f75c542fbc982b618b7
7074cfdcfc4c1eb6576793ad35bc801a5c731df6
a8b939e61a5de4dbcf9e01c7735e19397971ba196989659c1efe2997ddfd5986
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A8B939E61A5DE4DBCF9E01C7735E19397971BA196989659C1EFE2997DDFD5986"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10928
Expires: Sun, 27 Nov 2022 20:14:20 GMT
Date: Sun, 27 Nov 2022 17:12:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 17:11:12 GMT
cache-control: public,max-age=3600
age: 61
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2576
Cache-Control: max-age=146255
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:13 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 09:49:48 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e5c7c241cd7d7c07cf12bc13b9fa7e3
132fdb677ef1194e0dee7f060430d7e4ed4fd92a
707c05e37ef413836f7ae9b9c124af7dd98aa08b2d8fd1c5d64a7291ebba75fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "707C05E37EF413836F7AE9B9C124AF7DD98AA08B2D8FD1C5D64A7291EBBA75FD"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19217
Expires: Sun, 27 Nov 2022 22:32:30 GMT
Date: Sun, 27 Nov 2022 17:12:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e5c7c241cd7d7c07cf12bc13b9fa7e3
132fdb677ef1194e0dee7f060430d7e4ed4fd92a
707c05e37ef413836f7ae9b9c124af7dd98aa08b2d8fd1c5d64a7291ebba75fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "707C05E37EF413836F7AE9B9C124AF7DD98AA08B2D8FD1C5D64A7291EBBA75FD"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16877
Expires: Sun, 27 Nov 2022 21:53:30 GMT
Date: Sun, 27 Nov 2022 17:12:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e5c7c241cd7d7c07cf12bc13b9fa7e3
132fdb677ef1194e0dee7f060430d7e4ed4fd92a
707c05e37ef413836f7ae9b9c124af7dd98aa08b2d8fd1c5d64a7291ebba75fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "707C05E37EF413836F7AE9B9C124AF7DD98AA08B2D8FD1C5D64A7291EBBA75FD"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16877
Expires: Sun, 27 Nov 2022 21:53:30 GMT
Date: Sun, 27 Nov 2022 17:12:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e5c7c241cd7d7c07cf12bc13b9fa7e3
132fdb677ef1194e0dee7f060430d7e4ed4fd92a
707c05e37ef413836f7ae9b9c124af7dd98aa08b2d8fd1c5d64a7291ebba75fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "707C05E37EF413836F7AE9B9C124AF7DD98AA08B2D8FD1C5D64A7291EBBA75FD"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16877
Expires: Sun, 27 Nov 2022 21:53:30 GMT
Date: Sun, 27 Nov 2022 17:12:13 GMT
Connection: keep-alive
114av.one/
172.67.179.20200 OK 13 kB IP 172.67.179.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21020)
Hash 12fa31556fb30ee21eb6d719a2b67483
3092455c88b6aac4fe0a296b63997deb6e6825ca
45255def8bae75a17e19e4089582aca189eaab696b07fff9b8d3329dfbee9120
GET / HTTP/1.1
Host: 114av.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:12 GMT
content-type: text/html; charset=UTF-8
cf-ray: 770c7cc6cb84b518-OSL
access-control-allow-origin: *
cache-control: public, max-age=172000, stale-if-error=7200
expires: Thu, 26 Jan 2023 17:12:12 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
cache-key: 114av:_b6e23ebc9e1:/
ghash: _b6e23ebc9e1
ipcountry: NO
t-ray: wseu4
w-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxHo2jNwB2A7LUYyHhO2LSNsoQOpYglhBDun2cAedebsRFhwu%2BYxmcIzTml3%2FfDvk0W32V7Q10PuCXchsoRiEwpUsKCs2SN3a4aWRm9c0gboTpwJcrZ3aliMYcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 85b925d8ffbbb1c7bb8ba502e5bb1841
e96c2d71d3c6a7a756a194f96d97bf79b1a1551a
6ff3103d7545df08fdb5d0af125a0a52f9aaa7474bb56630f2e7027726e64e93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=162373
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:14 GMT
Etag: "638371b3-116"
Expires: Tue, 29 Nov 2022 14:18:27 GMT
Last-Modified: Sun, 27 Nov 2022 14:18:27 GMT
Server: nginx
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6fbb9fdf5492d45c30f772d8e675627c
8fc4750023832984c38634eb3687ea086f5151a7
403239c26597958f2729c7961500fc68beb24e6613767c9db97ddcdd525b0d30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "403239C26597958F2729C7961500FC68BEB24E6613767C9DB97DDCDD525B0D30"
Last-Modified: Fri, 25 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4187
Expires: Sun, 27 Nov 2022 18:22:01 GMT
Date: Sun, 27 Nov 2022 17:12:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6fbb9fdf5492d45c30f772d8e675627c
8fc4750023832984c38634eb3687ea086f5151a7
403239c26597958f2729c7961500fc68beb24e6613767c9db97ddcdd525b0d30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "403239C26597958F2729C7961500FC68BEB24E6613767C9DB97DDCDD525B0D30"
Last-Modified: Fri, 25 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4187
Expires: Sun, 27 Nov 2022 18:22:01 GMT
Date: Sun, 27 Nov 2022 17:12:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc5935acb69d3aa63eeb9b287df8b07e
54d8a691ad70d09b8df9559435c8a2fad550670d
984f8d378358606c7017d28384ddebdd1cc686b416bb8d229030fea8e26d36c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "984F8D378358606C7017D28384DDEBDD1CC686B416BB8D229030FEA8E26D36C6"
Last-Modified: Sun, 27 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16917
Expires: Sun, 27 Nov 2022 21:54:11 GMT
Date: Sun, 27 Nov 2022 17:12:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d6370d40875cc13a34866797bbe1b31d
f7ae466676364f5a160a4429b1332260cdd71259
451a70f1fa15e5c89aea9f3d8a660db85c3e79daf234d5b999c1799dd4275d26
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "451A70F1FA15E5C89AEA9F3D8A660DB85C3E79DAF234D5B999C1799DD4275D26"
Last-Modified: Sun, 27 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7310
Expires: Sun, 27 Nov 2022 19:14:04 GMT
Date: Sun, 27 Nov 2022 17:12:14 GMT
Connection: keep-alive
kvhmm.com/e6fdfe6babffce68e22b9c38b992583e.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/e6fdfe6babffce68e22b9c38b992583e.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e6fdfe6babffce68e22b9c38b992583e.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:14 GMT
content-type: text/html
content-length: 162
location: https://max005.top/e6fdfe6babffce68e22b9c38b992583e.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc5935acb69d3aa63eeb9b287df8b07e
54d8a691ad70d09b8df9559435c8a2fad550670d
984f8d378358606c7017d28384ddebdd1cc686b416bb8d229030fea8e26d36c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "984F8D378358606C7017D28384DDEBDD1CC686B416BB8D229030FEA8E26D36C6"
Last-Modified: Sun, 27 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 27 Nov 2022 23:12:14 GMT
Date: Sun, 27 Nov 2022 17:12:14 GMT
Connection: keep-alive
kvhmm.com/3a51d5c56a7a748c2c25ca523628cc04.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/3a51d5c56a7a748c2c25ca523628cc04.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3a51d5c56a7a748c2c25ca523628cc04.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:14 GMT
content-type: text/html
content-length: 162
location: https://max005.top/3a51d5c56a7a748c2c25ca523628cc04.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhnn.com/e1dac3356c0e9d5f1899262d4f5d6b9c.gif
137.175.13.78301 Moved Permanently 105 kB URL HTTP/2 kvhnn.com/e1dac3356c0e9d5f1899262d4f5d6b9c.gif
IP 137.175.13.78:0
Size 105 kB (105301 bytes)
Hash 5b815b8314fb95fb21e6e697b2f4d2bb
cdf5799b0f8e63c50b19397bc1f217c88433387a
d5d168dad95869ed213d726c16473e0433bfa2b95e6ae4cc41a82d0fb526717e
GET /e1dac3356c0e9d5f1899262d4f5d6b9c.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:14 GMT
content-type: text/html
content-length: 162
location: https://max003.top/e1dac3356c0e9d5f1899262d4f5d6b9c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhdd.com/3d2937201b5e8815339d007a969c7bca.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kvhdd.com/3d2937201b5e8815339d007a969c7bca.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3d2937201b5e8815339d007a969c7bca.gif HTTP/1.1
Host: kvhdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:14 GMT
content-type: text/html
content-length: 162
location: https://kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhnn.com/805b36721b09ad0e4cb11e51a5f4ae2c.gif
137.175.13.78301 Moved Permanently 162 B URL HTTP/2 kvhnn.com/805b36721b09ad0e4cb11e51a5f4ae2c.gif
IP 137.175.13.78:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /805b36721b09ad0e4cb11e51a5f4ae2c.gif HTTP/1.1
Host: kvhnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:14 GMT
content-type: text/html
content-length: 162
location: https://max003.top/805b36721b09ad0e4cb11e51a5f4ae2c.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebe302b8696fecd6e724bcf2b21505a
0b7fb76618632d4a604b8f34c43ca0610650e40f
1c663090596c40af6007dd3dddd1e4f52fb55b5aec791229185c3f541c21a20c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C663090596C40AF6007DD3DDDD1E4F52FB55B5AEC791229185C3F541C21A20C"
Last-Modified: Sat, 26 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Sun, 27 Nov 2022 23:12:05 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
kzeoo.com/145498385d51f6114f01924b07a536b5.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kzeoo.com/145498385d51f6114f01924b07a536b5.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /145498385d51f6114f01924b07a536b5.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:14 GMT
content-type: text/html
content-length: 162
location: https://max001.top/145498385d51f6114f01924b07a536b5.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 67eb90fdd8eab25bfb5aa2ccc49e99e1
708df660d022ae35753088c284b64c85353fa892
8e1c5d2322b910130b220d541acf32f553e8ae7c2b1fd3d5da4f517972279b0c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 01 Dec 2022 13:38:26 GMT
ETag: "708df660d022ae35753088c284b64c85353fa892"
Last-Modified: Sun, 27 Nov 2022 13:38:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3551
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770c7cd79be50b65-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 67eb90fdd8eab25bfb5aa2ccc49e99e1
708df660d022ae35753088c284b64c85353fa892
8e1c5d2322b910130b220d541acf32f553e8ae7c2b1fd3d5da4f517972279b0c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 01 Dec 2022 13:38:26 GMT
ETag: "708df660d022ae35753088c284b64c85353fa892"
Last-Modified: Sun, 27 Nov 2022 13:38:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3551
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770c7cd79b49b4ed-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 67eb90fdd8eab25bfb5aa2ccc49e99e1
708df660d022ae35753088c284b64c85353fa892
8e1c5d2322b910130b220d541acf32f553e8ae7c2b1fd3d5da4f517972279b0c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 01 Dec 2022 13:38:26 GMT
ETag: "708df660d022ae35753088c284b64c85353fa892"
Last-Modified: Sun, 27 Nov 2022 13:38:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3551
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770c7cd79eadb50f-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c1b50c8e6269cefd044f0c96f30c0df3
99041acdd6bb8234b31968732b9a5364be7f25ec
dc82e400351d69f1fa1dddb6cbe36264b91809a536c43f2031d22a6d46d830b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC82E400351D69F1FA1DDDB6CBE36264B91809A536C43F2031D22A6D46D830B1"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7895
Expires: Sun, 27 Nov 2022 19:23:50 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1904ab9d057a470c7b29ecd9115c16c3
9a2e73daee78b9d321537ef03938826f2a069655
724a11e4462a21d30ea67addbe5dc3a51d68157c8531ba018aa4de56a223d41f
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 01 Dec 2022 15:08:04 GMT
ETag: "9a2e73daee78b9d321537ef03938826f2a069655"
Last-Modified: Sun, 27 Nov 2022 15:08:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3054
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770c7cd7fc660b65-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 1b1753ce8a4d1b660e61b299a8d980ac
a42f69ba8bf4fcef02547d9915f7d73f8c1e1da3
a21ca28479781ac3c62eb9819ecc7af8e65d824496536c67d253a82bdad73972
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 01 Dec 2022 13:13:51 GMT
ETag: "a42f69ba8bf4fcef02547d9915f7d73f8c1e1da3"
Last-Modified: Sun, 27 Nov 2022 13:13:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3551
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770c7cd83c40b4ed-OSL
dimg04.c-ctrip.com/images/0106l12000a0pkm4cC076.gif
104.110.17.24200 OK 136 kB URL HTTP/2 dimg04.c-ctrip.com/images/0106l12000a0pkm4cC076.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 136 kB (136456 bytes)
Hash 92fdc373a12738d52d7d931eacd228a5
f2fc544b501c443c01daa7a545944335e79927ab
8dea486fc0c223e5472c018f6fd9892f1b3c4a92c5422504bca598324a71636f
GET /images/0106l12000a0pkm4cC076.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 136456
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 146
cache-control: max-age=7580704
expires: Thu, 23 Feb 2023 10:57:19 GMT
date: Sun, 27 Nov 2022 17:12:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0100812000a0gbc4iF593.gif?proc=autoorient
104.110.17.24200 OK 212 kB URL HTTP/2 dimg04.c-ctrip.com/images/0100812000a0gbc4iF593.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 1140 x 100\012- data
Size 212 kB (212414 bytes)
Hash 70730bae184e481644c32bb7b632f611
498605c96e0a4b47c79e3ce0af02e111907e77d9
6fd07537bbc60b12f5708a94fb208b3afe0db2e1da1b7159956cb026ee5c535b
GET /images/0100812000a0gbc4iF593.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 212414
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=10320652
expires: Mon, 27 Mar 2023 04:03:07 GMT
date: Sun, 27 Nov 2022 17:12:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/01003120009thg27w15E2.gif
104.110.17.24200 OK 56 kB URL HTTP/2 dimg04.c-ctrip.com/images/01003120009thg27w15E2.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 760 x 70\012- data
Hash 1a6428da25ae1a7827cd1c5bba54ef18
45e13e8fd9547535326ec8f8ebb866dd4bfbeb1a
c17b9cc5abf071007c532b8962edcd945d44c24bbb0fe430241991eb4d52d18c
GET /images/01003120009thg27w15E2.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 55980
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7580435
expires: Thu, 23 Feb 2023 10:52:50 GMT
date: Sun, 27 Nov 2022 17:12:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0106d120009xynp2h4C59.gif?proc=autoorient
104.110.17.24200 OK 61 kB URL HTTP/2 dimg04.c-ctrip.com/images/0106d120009xynp2h4C59.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Hash 71d3b226da95d5a5abb3f063324964be
9c72ed2e2e083a71d179f3a5b1d759e898f40d58
565a28ff220536add488d456ca85c28c58b1bd8dc8fe0d359b31a482c6072d31
GET /images/0106d120009xynp2h4C59.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 61146
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=8857872
expires: Fri, 10 Mar 2023 05:43:27 GMT
date: Sun, 27 Nov 2022 17:12:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0104512000a0o8tmw75B2.gif?proc=autoorient
104.110.17.24200 OK 959 kB URL HTTP/2 dimg04.c-ctrip.com/images/0104512000a0o8tmw75B2.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 959 kB (959138 bytes)
Hash 0d623030b97e875ce6d2673ec66532d2
0403ed2b35c44fd932220042ca9a775b42b28513
37e036137455e3f33d77ab25b270c20f36b47f853b7cd16a95ae7569ee40c152
GET /images/0104512000a0o8tmw75B2.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 959138
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=10412074
expires: Tue, 28 Mar 2023 05:26:49 GMT
date: Sun, 27 Nov 2022 17:12:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
64.32.13.142301 Moved Permanently 1.3 kB URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 64.32.13.142:0
File type PNG image data, 505 x 259, 8-bit/color RGBA, non-interlaced\012- data
Hash 06caf479f9e3898cf8a5c671ada0c271
6860c73ba7ba4b3d883fe539d7a39c7a330435da
9c088944bc82f6bbfdec2aac4795f2bc8a24399491ca5b7dac4d37865385fe0f
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: text/html
content-length: 162
location: https://max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/01025120009xlxvcj935B.gif
104.110.17.24200 OK 487 kB URL HTTP/2 dimg04.c-ctrip.com/images/01025120009xlxvcj935B.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 487 kB (486900 bytes)
Hash 74d02513f3773d3b94765a1315157565
eccace184c4c8b0680d980d3be10d7eb0d1a2e93
37e407b33f89d82ed1e2e38a122150d522e16948daf9d2ba1ab40319dbb2912c
GET /images/01025120009xlxvcj935B.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 486900
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7580478
expires: Thu, 23 Feb 2023 10:53:33 GMT
date: Sun, 27 Nov 2022 17:12:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 75bbbfa5bebb4582a591dcd288d08de8
09353cf566a6f62f02d8e18ef6b247c5456bf61a
6cd989725bfe5a1d9adaf7fb34c7afeaeafd7ef389081eb0b6e7b9d000c2d68e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CD989725BFE5A1D9ADAF7FB34C7AFEAEAFD7EF389081EB0B6E7B9D000C2D68E"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10152
Expires: Sun, 27 Nov 2022 20:01:27 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/0101h12000a5zplxc0A0D.gif
104.110.17.24200 OK 854 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101h12000a5zplxc0A0D.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 854 kB (853944 bytes)
Hash d79a778e368adfa2f53d664e82abde9e
7dadfb41956752ef565c1abff3503165b425d37d
0935a89bc9ea17037cebcba4feb1cd87fca775504e2b4f5e2c61b4c79dd2ce15
GET /images/0101h12000a5zplxc0A0D.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 853944
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7580479
expires: Thu, 23 Feb 2023 10:53:34 GMT
date: Sun, 27 Nov 2022 17:12:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a5042307c971f9d40cd10d000cbdf761
1b80fb02f1205489a92e5af19ce2bde18c49e3ee
3dd5760272b5651de7928abfd6ff1eff27c6799c66003810586550a75c4eb144
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 18:50:26 GMT
Expires: Sat, 03 Dec 2022 18:50:25 GMT
Etag: "1b80fb02f1205489a92e5af19ce2bde18c49e3ee"
Cache-Control: max-age=523689,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770c7cd849fcb518-OSL
dimg04.c-ctrip.com/images/0102y12000a3kjdfv5BC0.gif
104.110.17.24200 OK 647 kB URL HTTP/2 dimg04.c-ctrip.com/images/0102y12000a3kjdfv5BC0.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 647 kB (646750 bytes)
Hash 72371f5b3f1ea1f932ea3882fd5aa02d
b07f955239aaace3a248b70e6137fc91e31bfe7c
f451864300cba47430ddb92cc3f6a9a6602ffacf2c52da2384cce41cb8927912
GET /images/0102y12000a3kjdfv5BC0.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 646750
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7580456
expires: Thu, 23 Feb 2023 10:53:11 GMT
date: Sun, 27 Nov 2022 17:12:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9eb8e7ca3228921fbfecafedf257b610
e83de138d99a587fcdb2d957f42ef01c2ad94d75
8957928c7a5db887e28b43d28bab44517d7b685f6018787eab96460eccd730f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:36:47 GMT
Expires: Sat, 03 Dec 2022 15:36:46 GMT
Etag: "e83de138d99a587fcdb2d957f42ef01c2ad94d75"
Cache-Control: max-age=512070,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770c7cd84c15fac8-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9eb8e7ca3228921fbfecafedf257b610
e83de138d99a587fcdb2d957f42ef01c2ad94d75
8957928c7a5db887e28b43d28bab44517d7b685f6018787eab96460eccd730f6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:36:47 GMT
Expires: Sat, 03 Dec 2022 15:36:46 GMT
Etag: "e83de138d99a587fcdb2d957f42ef01c2ad94d75"
Cache-Control: max-age=512070,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770c7cd84bd11c16-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0f62705f2cba79bf51b5e25def05ed85
b123cfa5434de6ee19d10307d97b069a58ba3b6e
524f5bec3cfa06168fb69679f4051e67a6264ef3975e376620173d8c97675286
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "524F5BEC3CFA06168FB69679F4051E67A6264EF3975E376620173D8C97675286"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7806
Expires: Sun, 27 Nov 2022 19:22:21 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13393
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13393
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
rootnetworksdv.ocsp-certum.com/
23.36.79.17200 OK 1.5 kB URL HTTP/1.1 rootnetworksdv.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash aeab35b1ea05a52a47185b41c4642283
d860e3f5e9ce7090e384d4548568a2b47ad7aa4f
1f17a62960e3ee5e5a0aa9d09951b36115af36022302e5673d6da2f3c3eadfd9
POST / HTTP/1.1
Host: rootnetworksdv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1490
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=36
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13393
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13393
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 69727
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 55527
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbe94a0092b59f533c52d253a1f8009
8e1571d8f0940b3a8625093a361b4ca368d3aa34
3e9ca6decaea0bccd4f63973be6afb9160591a9f848fec80a043a8ab9fb2ccd0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E9CA6DECAEA0BCCD4F63973BE6AFB9160591A9F848FEC80A043A8AB9FB2CCD0"
Last-Modified: Sun, 27 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10947
Expires: Sun, 27 Nov 2022 20:14:42 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82c1584c37d701b34c5dfba35f630935
9581e02bd11520a13eecadd75c126c23fd88f39c
71c13880a21f096878626496501315173d91afbc4065c24a1aafb377a757ead6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71C13880A21F096878626496501315173D91AFBC4065C24A1AAFB377A757EAD6"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19161
Expires: Sun, 27 Nov 2022 22:31:36 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 69634
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fae07dfb41bee584cfc89305d1b87bc5
21cf2f3c76ad36f065fbff55c4ead6d12f96f471
f03e8ef90c8e4c66fb88012296e3a4520da3b9e534b2560c09f26176bfe4d70e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F03E8EF90C8E4C66FB88012296E3A4520DA3B9E534B2560C09F26176BFE4D70E"
Last-Modified: Sat, 26 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13088
Expires: Sun, 27 Nov 2022 20:50:23 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 514b4077fad50ba782e4bbb2c95c6852
4770f56d4d9489df43f33952e4bfa84d8e46414e
a97ce7c911625345342731b96cf423ee36182e101e3039694a666d6508a702ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4374
x-amzn-requestid: 16fa9401-4b57-4300-9377-3a7d96de3a38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGB7uFWJIAMFfTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f16b1-3386c7b54d828c3b1393b9ce;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:01:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v8Bdyk4SLN0eSy5Ogkr2SbQAHWnbvRZJg7CD6-Xdzv3RDNlBwfoBHQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 08:10:48 GMT
age: 32487
etag: "4770f56d4d9489df43f33952e4bfa84d8e46414e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 69634
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 69638
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fae07dfb41bee584cfc89305d1b87bc5
21cf2f3c76ad36f065fbff55c4ead6d12f96f471
f03e8ef90c8e4c66fb88012296e3a4520da3b9e534b2560c09f26176bfe4d70e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F03E8EF90C8E4C66FB88012296E3A4520DA3B9E534B2560C09F26176BFE4D70E"
Last-Modified: Sat, 26 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13088
Expires: Sun, 27 Nov 2022 20:50:23 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 149b4f0aa975981e1a4d7cf417d3827d
b39f59bdaede098a563b69bb7acc68261d0b79c1
549e28f425cb9c2f271015c4617bde6ba6c01fb9dd7434caa55114488631679a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "549E28F425CB9C2F271015C4617BDE6BA6C01FB9DD7434CAA55114488631679A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3884
Expires: Sun, 27 Nov 2022 18:16:59 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc
IP 142.250.74.3:0
Hash 1052379e91e8bacbc04486d38f065fad
737312304a2282d51d883ef2c36f1bf51706ab2a
4893139feda0661f9577f6659b0a168af84a13447fda15dd5798f674f35062bc
POST /s/gts1p5/L_p3X2a3qXc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 192c0a762591f3522e05481fb54b450b
0000b60625bc8b8f794f9726a92c60c3e59b2ec1
b07ae523c9b22e07c1536db5216a5c5b5a79789b439b0608c3790023d5920008
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B07AE523C9B22E07C1536DB5216A5C5B5A79789B439B0608C3790023D5920008"
Last-Modified: Sat, 26 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8450
Expires: Sun, 27 Nov 2022 19:33:05 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
max003.top/805b36721b09ad0e4cb11e51a5f4ae2c.gif
104.21.83.141200 OK 271 kB URL HTTP/2 max003.top/805b36721b09ad0e4cb11e51a5f4ae2c.gif
IP 104.21.83.141:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 271 kB (271417 bytes)
Hash cfdea1c72fd59cf68b958b877cb9a46d
d2db538ef4fe1276fc3c40a35ce41abd5cafb671
35da66e002a18ec097995716e6724d2e1126dde19eda498c2b7af6bfdcbab644
GET /805b36721b09ad0e4cb11e51a5f4ae2c.gif HTTP/1.1
Host: max003.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 271417
last-modified: Sat, 05 Nov 2022 14:46:45 GMT
etag: "63667755-42439"
cache-control: max-age=14400
cf-cache-status: HIT
age: 693
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwvOXiHaNi6aKcVULs6QQ4l6DtKKvKvZvaRBTM%2FrV7Q0PtXvRpooi5eW8m2xRR%2FhwcWSgl6DlS10YM1JN9DucmQR7dfhNCHVhOXyAKfDXhF%2BdKpIAh8kREt%2F28z8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cda8b59b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b14c79f35ba17ec8f16f802d3ca9aba7
e2c4d382f011866e94b65ea0353af2a1e33dcf71
d6d3da8f6b9c9852391f4513a87505c84b0fe24bac618d5d39feb9bc35766475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6D3DA8F6B9C9852391F4513A87505C84B0FE24BAC618D5D39FEB9BC35766475"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19587
Expires: Sun, 27 Nov 2022 22:38:42 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
45.150.164.88301 Moved Permanently 162 B URL HTTP/2 kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP 45.150.164.88:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: text/html
content-length: 162
location: https://kvhxxx.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
172.67.222.73200 OK 864 kB URL HTTP/2 max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 172.67.222.73:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: max004.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Mon, 26 Dec 2022 12:02:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104969
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7P0tXDLu8kdVbqZEcqzuvzRFw3GiyQHR1A%2FU3zMLnTNBM0mDjWq8ymdF420yUycPXzO0h0CELhyWJWl35yEGJS3Xj2Jt1DyJrYDmQne0R%2FH8SEsBjjMR3X8Itu7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cdaaf31b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzeww.com/4f5ca562874d2b77c6c37263e48db5c6.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4f5ca562874d2b77c6c37263e48db5c6.gif HTTP/1.1
Host: kzeww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: text/html
content-length: 162
location: https://kvhqqq.top/4f5ca562874d2b77c6c37263e48db5c6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc
IP 142.250.74.3:0
Hash 1052379e91e8bacbc04486d38f065fad
737312304a2282d51d883ef2c36f1bf51706ab2a
4893139feda0661f9577f6659b0a168af84a13447fda15dd5798f674f35062bc
POST /s/gts1p5/L_p3X2a3qXc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 99e51a6bd6ea64e5341186ea238dd28b
ea852f41155d1f974f233cc1c51c81f062b96e67
4ab9ca36496449dc0bc884b392bee3629e76b296a7d911042da2b47aa2e2a3f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4AB9CA36496449DC0BC884B392BEE3629E76B296A7D911042DA2B47AA2E2A3F7"
Last-Modified: Fri, 25 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4616
Expires: Sun, 27 Nov 2022 18:29:11 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
98.126.214.50301 Moved Permanently 162 B URL HTTP/2 kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
IP 98.126.214.50:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvegg.com/add018a5b09f43561ca6c4803bf187ee.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvegg.com/add018a5b09f43561ca6c4803bf187ee.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /add018a5b09f43561ca6c4803bf187ee.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: text/html
content-length: 162
location: https://kvtooo.top/add018a5b09f43561ca6c4803bf187ee.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 192c0a762591f3522e05481fb54b450b
0000b60625bc8b8f794f9726a92c60c3e59b2ec1
b07ae523c9b22e07c1536db5216a5c5b5a79789b439b0608c3790023d5920008
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B07AE523C9B22E07C1536DB5216A5C5B5A79789B439B0608C3790023D5920008"
Last-Modified: Sat, 26 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8450
Expires: Sun, 27 Nov 2022 19:33:05 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/L_p3X2a3qXc
IP 142.250.74.3:0
Hash 1052379e91e8bacbc04486d38f065fad
737312304a2282d51d883ef2c36f1bf51706ab2a
4893139feda0661f9577f6659b0a168af84a13447fda15dd5798f674f35062bc
POST /s/gts1p5/L_p3X2a3qXc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
max001.top/145498385d51f6114f01924b07a536b5.gif
172.67.217.88200 OK 419 kB URL HTTP/2 max001.top/145498385d51f6114f01924b07a536b5.gif
IP 172.67.217.88:0
File type GIF image data, version 89a, 1000 x 70\012- data
Size 419 kB (419407 bytes)
Hash 1ad3a6e666c8887f86803257e9cd8e60
e2de9f10e84ac7bed0888a6c413f828cd821e363
d7ea8e56a04ae30d7b34c85f2251d385895e999f5f03ecfb03a9a98b4c6f3c92
GET /145498385d51f6114f01924b07a536b5.gif HTTP/1.1
Host: max001.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 419407
last-modified: Tue, 16 Aug 2022 11:20:14 GMT
etag: "62fb7d6e-6664f"
expires: Sun, 25 Dec 2022 15:09:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 180148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpJFOqsSY0FXdn1b7wpgLCVOERLz6kguLXZaXfAsg4XVTQUe1lv4FZUM7WTkTyYAJlHKzaDrHmbLg%2FW%2FwFLxo%2FdjiKby7JIlXdQpnpmseAbRwQfIL1MkNCRM3kPr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cdb7d7bb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif
104.21.233.167200 OK 631 kB URL HTTP/2 kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif
IP 104.21.233.167:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 631 kB (631088 bytes)
Hash 64fbc8087436743e9e2a7d252b9d261c
5ad442d4dda6ee04f4029fb0ada6249689bd7ff3
4a06886a49926cf2a0467794987e296de19189a1b3e6d2add0fd93be42d07e2f
GET /3d2937201b5e8815339d007a969c7bca.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 631088
last-modified: Mon, 03 Oct 2022 14:32:48 GMT
etag: "633af290-9a130"
expires: Sun, 18 Dec 2022 02:16:35 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 831340
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMlUmjgIUFsI7GXd85NxxIC3r10thPbwvDkImUoF1nL8sHenuDAYeLBxAjQsmBsg%2BYqY0TWDaTQRaudodVjiuk1sGyaYcvjC9CaqWMnFuLIrxsMMpHsndQq7gUmr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cda89be770b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
max005.top/e6fdfe6babffce68e22b9c38b992583e.gif
104.21.233.182200 OK 423 kB URL HTTP/2 max005.top/e6fdfe6babffce68e22b9c38b992583e.gif
IP 104.21.233.182:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 423 kB (423171 bytes)
Hash 870e11855fcf9b4543dd73b8c4d6553f
40547a8f18fe714fca987dc0e8d985ba46244ec1
3040d91b0666a0585ba9a75d3f77a1efd0c4b4bad85e18cc409fba03a7ed559a
GET /e6fdfe6babffce68e22b9c38b992583e.gif HTTP/1.1
Host: max005.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 423171
last-modified: Sat, 12 Nov 2022 01:03:29 GMT
etag: "636ef0e1-67503"
expires: Tue, 27 Dec 2022 07:20:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 35532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSkc0x9%2F7ARoGEtnETWDYVYJI8AaNFmCRQaAMN4KnRWBpvPBEb3MfG%2BgkxUVhSu6oRat9EUKY9brOE5fOkasTRoNkIxtmPJ%2F6d3QhTBUlJNrWbhutGkAlMhMCtlc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cda8ac188b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fae07dfb41bee584cfc89305d1b87bc5
21cf2f3c76ad36f065fbff55c4ead6d12f96f471
f03e8ef90c8e4c66fb88012296e3a4520da3b9e534b2560c09f26176bfe4d70e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F03E8EF90C8E4C66FB88012296E3A4520DA3B9E534B2560C09F26176BFE4D70E"
Last-Modified: Sat, 26 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13089
Expires: Sun, 27 Nov 2022 20:50:24 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
max005.top/3a51d5c56a7a748c2c25ca523628cc04.gif
104.21.233.182200 OK 524 kB URL HTTP/2 max005.top/3a51d5c56a7a748c2c25ca523628cc04.gif
IP 104.21.233.182:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 524 kB (524316 bytes)
Hash ab00ff5aa53f9c2ae0f048518e94911e
84cccff597b536d7d4bd462b369dd9bf42ea4a9a
cb96931b2f0f9a849cb8f6ea462315c9e8f7f648a49ddf284e6ed87ef9e36edc
GET /3a51d5c56a7a748c2c25ca523628cc04.gif HTTP/1.1
Host: max005.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 524316
last-modified: Sun, 21 Aug 2022 08:40:42 GMT
etag: "6301ef8a-8001c"
expires: Tue, 27 Dec 2022 07:19:44 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 35551
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHakd3vam6ZM2FWLzLpdX5WcS19JmNcarBQvRd%2BPN35hduA7uAt9511CCS5Nj%2BnODwfWPwm%2BcTHvsEsH8UFRzKXWiAPhmnAIOjL%2FmXtnAk%2FIVhSe%2Bf7d7ZJmryUD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cda6a7b88b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 149b4f0aa975981e1a4d7cf417d3827d
b39f59bdaede098a563b69bb7acc68261d0b79c1
549e28f425cb9c2f271015c4617bde6ba6c01fb9dd7434caa55114488631679a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "549E28F425CB9C2F271015C4617BDE6BA6C01FB9DD7434CAA55114488631679A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3884
Expires: Sun, 27 Nov 2022 18:16:59 GMT
Date: Sun, 27 Nov 2022 17:12:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 99e51a6bd6ea64e5341186ea238dd28b
ea852f41155d1f974f233cc1c51c81f062b96e67
4ab9ca36496449dc0bc884b392bee3629e76b296a7d911042da2b47aa2e2a3f7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4AB9CA36496449DC0BC884B392BEE3629E76B296A7D911042DA2B47AA2E2A3F7"
Last-Modified: Fri, 25 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11783
Expires: Sun, 27 Nov 2022 20:28:39 GMT
Date: Sun, 27 Nov 2022 17:12:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0264a72e2a0c041eab36990fb6856444
b7f8b2fec1a041e6560fcd1d4a24fd333daf5003
81d305f15e1629e2725f7b034f8d2080f6450fe841765fadfc9106834ec977f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81D305F15E1629E2725F7B034F8D2080F6450FE841765FADFC9106834EC977F9"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19133
Expires: Sun, 27 Nov 2022 22:31:09 GMT
Date: Sun, 27 Nov 2022 17:12:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d9a62d7b750de6a5c2e1b47bc5d40621
1fea436ec269593b68e497b97463641c9337a121
baadc21658c7c41dc11c0989fdca5b20eb8b10fe5c87dc821c0cc64a4fa70055
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BAADC21658C7C41DC11C0989FDCA5B20EB8B10FE5C87DC821C0CC64A4FA70055"
Last-Modified: Sun, 27 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16205
Expires: Sun, 27 Nov 2022 21:42:21 GMT
Date: Sun, 27 Nov 2022 17:12:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 81a93167ca7d923e2712b3cfa54b71aa
ec10eb513c34ebaf76da31926daabfb72eef4248
ab47d652d7d578feaaa57be6662f78c727df79645f193f84e7a3fb316fbf9454
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3508
Cache-Control: max-age=168420
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:16 GMT
Etag: "63837ba0-117"
Expires: Tue, 29 Nov 2022 15:59:16 GMT
Last-Modified: Sun, 27 Nov 2022 15:00:48 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 279
kvtooo.top/add018a5b09f43561ca6c4803bf187ee.gif
104.21.56.15200 OK 392 kB URL HTTP/2 kvtooo.top/add018a5b09f43561ca6c4803bf187ee.gif
IP 104.21.56.15:0
File type GIF image data, version 89a, 1000 x 80\012- data
Size 392 kB (392129 bytes)
Hash 7d1afd65fbf0aabcd0ff6d5eadd9ab04
3947c4098135c559415549e39cbe35ff2552d1d3
d5cd9a7f8e7e7fc9fa10d3fd23c39930d2a9f87f763905d7e86d6ca9c0fe3240
GET /add018a5b09f43561ca6c4803bf187ee.gif HTTP/1.1
Host: kvtooo.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:16 GMT
content-type: image/gif
content-length: 392129
last-modified: Tue, 22 Nov 2022 18:04:21 GMT
etag: "637d0f25-5fbc1"
expires: Sun, 25 Dec 2022 15:09:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 180150
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrqw4Gk1E0QLvMyq41CD9gsDqeJKfwCGcwSZiPSbVSJrTOUYWcxxlXxuVPo8BY3WEAlOpuwEv11riiw%2B2Ri0fxI4RVvgClRbFg63toAk9SnsS41ESEEUTpQOoSH%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cdc8ae10b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecf962012a224433d2b94a653d001e0c
f99f4c639973561ba1c8b734fe332dd44db9eaaa
a662e3401b2a26548104863d62708e85c5bb1e4dfdd7d7e52eb9216f4def2b72
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A662E3401B2A26548104863D62708E85C5BB1E4DFDD7D7E52EB9216F4DEF2B72"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8200
Expires: Sun, 27 Nov 2022 19:28:56 GMT
Date: Sun, 27 Nov 2022 17:12:16 GMT
Connection: keep-alive
kvhxxx.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
104.21.235.32200 OK 65 kB URL HTTP/2 kvhxxx.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP 104.21.235.32:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvhxxx.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:16 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 23:12:50 GMT
etag: "637c05f2-ff86"
expires: Mon, 26 Dec 2022 07:36:41 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 120935
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESajChQ2Q%2B%2F8wRagLxkSRusyOfsI9fzL%2BXAmAD%2F0KHo4evZZ%2FPz0zIQLtz6isBdqgfuKPKynlKG9aiRtCc9niRZQ%2FS%2BnSTfte%2Bl%2F4w3ViPHu0VQkjSFt15BXNaeI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cdcba6788ad-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f1a57c7703c070db210674b025a95db
de182f4617a0e6f175206cc7967086b4b79d0e90
403302dca34d86b7df3d0a0b34e922f3e9e83bbec638e56bb45e7c78a6291fbf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "403302DCA34D86B7DF3D0A0B34E922F3E9E83BBEC638E56BB45E7C78A6291FBF"
Last-Modified: Sun, 27 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2620
Expires: Sun, 27 Nov 2022 17:55:56 GMT
Date: Sun, 27 Nov 2022 17:12:16 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash b7c072ee294008708c2a210b00c5e786
1328b12fdb0313944006ab0a47c5daef47cb619d
0dad4ae32f176709442d65956f4753f833b4cfe057fdf0feedfdaac912852e18
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 01 Dec 2022 16:18:21 GMT
ETag: "1328b12fdb0313944006ab0a47c5daef47cb619d"
Last-Modified: Sun, 27 Nov 2022 16:18:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1516
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770c7cdd1e9db50f-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 0e8d32d395320638dc002a869177b365
a4f8791beb518111fdff24bde36d44914840d986
6b3965abae232ffbb4f9fff767f18da7f3634defd25d3feb938e439d04530426
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5742
Cache-Control: max-age=109108
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:16 GMT
Etag: "63828b37-2d7"
Expires: Mon, 28 Nov 2022 23:30:44 GMT
Last-Modified: Sat, 26 Nov 2022 21:55:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 727
img.u1557.com/images/636b5b5714dd2ea30a791029.gif
185.239.226.23302 Found 727 B URL HTTP/2 img.u1557.com/images/636b5b5714dd2ea30a791029.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
Hash 0e8d32d395320638dc002a869177b365
a4f8791beb518111fdff24bde36d44914840d986
6b3965abae232ffbb4f9fff767f18da7f3634defd25d3feb938e439d04530426
GET /images/636b5b5714dd2ea30a791029.gif HTTP/1.1
Host: img.u1557.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c
X-Firefox-Spdy: h2
jjx886.com/114av/css/b.css?75e71b363bb4d40d75c6ea831bb13db5
172.64.135.22200 OK 28 kB URL HTTP/2 jjx886.com/114av/css/b.css?75e71b363bb4d40d75c6ea831bb13db5
IP 172.64.135.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a88b21167408df3bd0467cbc30558a9f
b3f12317a1060d7d8cf795036a06d8490ec5614e
43464607faf855bcc1c7f343086456124cbcccdd07017c855d9413872a1a1e65
GET /114av/css/b.css?75e71b363bb4d40d75c6ea831bb13db5 HTTP/1.1
Host: jjx886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:13 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 10:42:28 GMT
vary: Accept-Encoding
etag: W/"635bb214-224c2"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
cache-control: public, max-age=31536000, stale-if-error=7200
cf-cache-status: HIT
age: 12424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyEbnqtmGQO1jlPchYwYgFK1KjuEaQs728oRoMwCnfQEwccuJXr5EzLulp8Ej340AYQWjRuIOQqn1ilabGmi8hhChGJqkfBrqOduDfwmqe4idq%2BNuSAV%2B7Eb3De0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770c7ccbc89871c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260
47.246.44.224200 OK 562 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (561802 bytes)
Hash 6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
GET /obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Thu, 17 Nov 2022 09:53:05 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:03 GMT
nw-session-id: 202211171753030101311360521EAF2ADAf5h2j02dy
nw-session-trace: 2022-11-17T17:53:03.607386669+08:00 72
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:03 GMT
x-tt-logid: 202211171753030101311360521EAF2ADA
via: n150-056-037, cache21.l2de2[0,0,206-0,H], cache11.l2de2[2,0], cache11.l2de2[2,0], cache8.se1[0,0,200-0,H], cache1.se1[2,0]
x-request-ip: fdbd:dc02:20:487::171
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01c183c9ad02fc137ee0bc2538a5ec32e48e06b1ea9b9f7ca52216d0d065f90e22d26f4a0af3d924e6753aa376363f25de93f5a74159eb1fbace21d469a21a004d852c1a4175d95ec3b7c8e5efa3e300b4725cb56ed1f2ca9d2afa60dec78f7555
x-response-lb: image
ali-swift-global-savetime: 1668678785
age: 890351
x-cache: HIT TCP_MEM_HIT dirn:10:1530023021 mlen:0
x-swift-savetime: Thu, 17 Nov 2022 09:54:21 GMT
x-swift-cachetime: 31535924
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516695691361907783e
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b407444fc65f86948d0f257a7a63c73c
2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1
300712a9df82ffbb5fd337feddd86f3b23bc602b78969fee87fda5d6de9b05f1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:19:39 GMT
Expires: Sat, 03 Dec 2022 15:19:38 GMT
Etag: "2f6e1dc63e1c9befda2c24cbbc4e0853fde41fb1"
Cache-Control: max-age=511041,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770c7cdd3a52b518-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c
47.246.44.224200 OK 475 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 475 kB (474754 bytes)
Hash 187c69beaa798211a2760f0e7944d8cc
645bc6d28abf2cf3756a014fb2fc9075d0f0fe20
50bc3ac7422522639cd47b65d6cb5683ba8f80395087ba0c105e47edb69b81d4
GET /obj/tos-cn-i-dy/63ca2339df8b42b18c7f33c62a869c1c HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 474754
date: Thu, 17 Nov 2022 09:53:03 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:03 GMT
nw-session-id: 202211171753030101750890682AACD1942b4ht02dy
nw-session-trace: 2022-11-17T17:53:03.23957836+08:00 67
x-bdcdn-cache-status: TCP_HIT
x-length: 474754
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:03 GMT
x-tt-logid: 202211171753030101750890682AACD194
via: n150-056-026, cache23.l2de2[0,0,206-0,H], cache23.l2de2[1,0], cache23.l2de2[1,0], cache4.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc02:22:46::67
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0178520ad27bd5d1cf50b17ae5b59e240aa30c95130e560e1e8d0a185386ae24ffb377b40daab87aafd94d72f89d61bd85544593fc41de8fb75c6e06fed521e7c61742629589c4047cac89508c4d043f85587c2fb862e879b70011b77f694a57f7
x-response-lb: image
ali-swift-global-savetime: 1668678783
age: 890353
x-cache: HIT TCP_MEM_HIT dirn:10:1416939761
x-swift-savetime: Thu, 17 Nov 2022 09:54:21 GMT
x-swift-cachetime: 31535922
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516695691361947786e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e
47.246.44.224200 OK 312 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 312 kB (311995 bytes)
Hash a78b1d3c4c374bd5a68ee79cd6a32092
78846daf14c2d75e5a82906ac98bdc199928344f
851a82f9cd3832f933509975a4f7a414a5ce9333af9865f8b383bd1851d7b816
GET /obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 311995
date: Sun, 20 Nov 2022 13:54:00 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 20 Nov 2022 06:36:31 GMT
nw-session-id: 202211201436310101381722022DDD7F9Fb6g8902dy
nw-session-trace: 2022-11-20T14:36:31.726034023+08:00 41
x-bdcdn-cache-status: TCP_HIT
x-length: 311995
x-powered-by: ImageX
x-response-date: Sun, 20 Nov 2022 14:36:31 GMT
x-tt-logid: 202211201436310101381722022DDD7F9F
via: n150-056-031, cache5.l2de2[0,0,206-0,H], cache9.l2de2[0,0], cache9.l2de2[1,0], cache7.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc02:19:491::165
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 016bea2383e942e705ce075fa9455599047b3d504f27e4cd54eb6165bfe97009043fe95aa99333313ffdc40041326a1944337247b80640b95b19e0e11b8290eacf8fc52150b89fdbebbec2858e8ae2c4e95469f952782afc40b4db5bc56f12f996
x-response-lb: image
ali-swift-global-savetime: 1668952441
age: 616695
x-cache: HIT TCP_MEM_HIT dirn:7:202607024
x-swift-savetime: Sun, 20 Nov 2022 14:24:15 GMT
x-swift-cachetime: 31534186
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516695691362007796e
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecf962012a224433d2b94a653d001e0c
f99f4c639973561ba1c8b734fe332dd44db9eaaa
a662e3401b2a26548104863d62708e85c5bb1e4dfdd7d7e52eb9216f4def2b72
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A662E3401B2A26548104863D62708E85C5BB1E4DFDD7D7E52EB9216F4DEF2B72"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8200
Expires: Sun, 27 Nov 2022 19:28:56 GMT
Date: Sun, 27 Nov 2022 17:12:16 GMT
Connection: keep-alive
n0622.com/af01a7e6be14422c825639a6e627e2e6.gif
20.222.165.74200 OK 80 kB URL HTTP/1.1 n0622.com/af01a7e6be14422c825639a6e627e2e6.gif
IP 20.222.165.74:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 900 x 90\012- data
Hash 99df1a44cf27d618e284221a0c10bd64
9083fb88ae0ed4f6b761a59917e4d6f77ea7cf38
a9d5df8d7177d45eeeabee9b69fca050c3db75daca74e14a6ddb38d5a383a19b
GET /af01a7e6be14422c825639a6e627e2e6.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 16:28:45 GMT
ETag: W/"6379043d-48df7"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 457e41c5fb627a8001b2238ca5181fb7
fae11cb10098fd03c2c95e55e175137a867e3649
56a9223f570861fc8ca156007f8b0d3648fc74b44b3cd902126f4a34bbd2dc8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=134668
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:16 GMT
Etag: "6383057c-117"
Expires: Tue, 29 Nov 2022 06:36:44 GMT
Last-Modified: Sun, 27 Nov 2022 06:36:44 GMT
Server: nginx
Content-Length: 279
kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
104.21.235.62200 OK 1.6 MB URL HTTP/2 kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
IP 104.21.235.62:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:16 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sat, 01 Oct 2022 05:56:30 GMT
etag: "6337d68e-1844d9"
expires: Fri, 09 Dec 2022 08:42:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1585802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voYaB8sncuM2IwyCD2NJrUMGmnHaYlvqdCgA8BQVe0EZm6HNevFxQAhi8bbcCxfbrviBjzvRaxKYv8296OTWBHcxW58uN6WTBre0GyMJ75Iooap5HXgsAWVp8My2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cdd0e3a76e7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d6fb527d0035e48d7e8dfde365021ea3
7e959b288cfc5912899230c500d94a468498ab0b
ad62a38509b1c4a0049551debcaf976cce319da53834d1484b7757bdefad7398
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:54:35 GMT
Expires: Sat, 03 Dec 2022 12:54:34 GMT
Etag: "7e959b288cfc5912899230c500d94a468498ab0b"
Cache-Control: max-age=502337,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770c7cdd690dfac8-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 81a93167ca7d923e2712b3cfa54b71aa
ec10eb513c34ebaf76da31926daabfb72eef4248
ab47d652d7d578feaaa57be6662f78c727df79645f193f84e7a3fb316fbf9454
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:16 GMT
Etag: "63822a22-117"
Server: ECS (amb/6B9D)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 457e41c5fb627a8001b2238ca5181fb7
fae11cb10098fd03c2c95e55e175137a867e3649
56a9223f570861fc8ca156007f8b0d3648fc74b44b3cd902126f4a34bbd2dc8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=134668
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:16 GMT
Etag: "6383057c-117"
Expires: Tue, 29 Nov 2022 06:36:44 GMT
Last-Modified: Sun, 27 Nov 2022 06:36:44 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
kvhqqq.top/4f5ca562874d2b77c6c37263e48db5c6.gif
104.21.235.198200 OK 845 kB URL HTTP/2 kvhqqq.top/4f5ca562874d2b77c6c37263e48db5c6.gif
IP 104.21.235.198:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /4f5ca562874d2b77c6c37263e48db5c6.gif HTTP/1.1
Host: kvhqqq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:16 GMT
content-type: image/gif
content-length: 845326
last-modified: Sat, 01 Oct 2022 05:25:56 GMT
etag: "6337cf64-ce60e"
expires: Fri, 23 Dec 2022 21:37:13 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 329703
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwZaifKPIe8Ig80C%2Bme8lDWjWYTPja%2Fnlv1oxG7%2FP74bJhf17Ri1Yv8iM4C0i1%2Bcx8fan%2B8Oz16K%2BsSKVbZD3R8JHj6Rp0bx0iDtiqWQCTs4ArbRYI1Be5TUM%2Bxb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cde680971c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3p8801.co/11-960x80.gif
142.0.131.26200 OK 312 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 312 kB (312168 bytes)
Hash 9d0e7356fff9dde88bf887c2f4525664
42556af8ed388e47eb898711485df393aeaa7ca6
53d0fb42ef9a1f70d6434ad60a01fda4ef840514d285445bbf3be41c823c0177
GET /11-960x80.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 312168
last-modified: Sat, 19 Nov 2022 11:23:08 GMT
etag: "6378bc9c-4c368"
expires: Tue, 27 Dec 2022 17:12:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
n0611.com/b5d740a03c0f480ba5e5338f65d74679.gif
20.222.117.184200 OK 101 kB URL HTTP/1.1 n0611.com/b5d740a03c0f480ba5e5338f65d74679.gif
IP 20.222.117.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 900 x 90\012- data
Size 101 kB (101366 bytes)
Hash 5d54824cef41b8a719a4289b7cf5d159
5ecaeea65581483c8f1164594caf625d31e6fdb0
b4a94593f6a48fd7e2dd2b7112e9e94813d1fdd665e5ec1a0e8c0caa526f2343
GET /b5d740a03c0f480ba5e5338f65d74679.gif HTTP/1.1
Host: n0611.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 03 Nov 2022 11:05:47 GMT
ETag: W/"6363a08b-73f79"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d73e198220cf42f25584c364b19d69f9
9e265142413c41b7d484efd9bc198f0ddfd3ec1b
a189a510826db46ea744d4e3685e37d428cf6abdcc3ab5f0655296e8d7bc36d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:16 GMT
Etag: "6382a488-117"
Server: ECS (amb/6B85)
Content-Length: 279
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
104.21.33.100200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 104.21.33.100:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://114av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:16 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Thu, 22 Dec 2022 00:38:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 491650
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BNV%2FU%2FwXlFpx7jx9meCvKw5qc5HoudL3D4YOqPF%2FeZ7bYMJYrYYncjjNFFco2zl35YlaRLzpIwmLqQhzJnOpmuJkUNWH6Y%2BBOgaGPryQ7CZqBMmbGgBsDL0uCP%2Bqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770c7cdfbe51b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
120.77.166.19200 OK 264 kB URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63839A6F703D5E3630EF2DB1
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3
n0622.com/b3f4ec9f2e7e43568ce7e4a83380bfbf.gif
20.222.165.74200 OK 182 kB URL HTTP/1.1 n0622.com/b3f4ec9f2e7e43568ce7e4a83380bfbf.gif
IP 20.222.165.74:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 900 x 90\012- data
Size 182 kB (182070 bytes)
Hash 995400c9715bce6e284a1537d89682fc
61bbb8f7b15c1095e9e02e28fb8585f19fe8ed6a
e9f4b89fcf20519446ed01f0382f3baa0ee783513f44e2efcfb1f61b2708a7b0
GET /b3f4ec9f2e7e43568ce7e4a83380bfbf.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 13 Nov 2022 13:48:00 GMT
ETag: W/"6370f590-5305b"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d73e198220cf42f25584c364b19d69f9
9e265142413c41b7d484efd9bc198f0ddfd3ec1b
a189a510826db46ea744d4e3685e37d428cf6abdcc3ab5f0655296e8d7bc36d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=109848
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:12:16 GMT
Etag: "6382a488-117"
Expires: Mon, 28 Nov 2022 23:43:04 GMT
Last-Modified: Sat, 26 Nov 2022 23:43:04 GMT
Server: nginx
Content-Length: 279
223969ufy.com/3f0caff920384531a90d6fa6548f7768.gif
103.170.15.85200 OK 452 kB URL HTTP/1.1 223969ufy.com/3f0caff920384531a90d6fa6548f7768.gif
IP 103.170.15.85:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 452 kB (452273 bytes)
Hash df16374d7e4ccf1c7ff3814012167dad
bf7f89f135684b9182f4dc5bd4dd296060427eef
670f99c726a10b701a44db00b29b694b79a4461185e623e3e8b5f766d287a54f
Analyzer Verdict Alert quad9 Sinkholed
GET /3f0caff920384531a90d6fa6548f7768.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6364f6e3-6e6b1"
Date: Sat, 26 Nov 2022 04:06:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 04 Nov 2022 11:26:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-15
Content-Length: 452273
278838mcu.com/cfc4342a0af24f079fa6b7559446feb8.gif
103.170.15.99200 OK 202 kB URL HTTP/1.1 278838mcu.com/cfc4342a0af24f079fa6b7559446feb8.gif
IP 103.170.15.99:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 202 kB (202119 bytes)
Hash 99973a5086ec9ecad6079e54ba989005
eb73602a0dee641759a7ba5849d4e81462f55ff6
e1323eee354085d9a0d259948945ffe484371a118941e98a99a2cfbf54e93e41
Analyzer Verdict Alert quad9 Sinkholed
GET /cfc4342a0af24f079fa6b7559446feb8.gif HTTP/1.1
Host: 278838mcu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637470e4-31587"
Date: Wed, 23 Nov 2022 10:31:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 16 Nov 2022 05:11:00 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-29
Content-Length: 202119
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 13834ee0df3587f84628b71d6944463c
bf19711d8787701a43a70c919c300093fd373066
84bd4d093873840dea592f41f83858ac13bfa1119e24e847af4e66b72a3c3b1c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 14:45:35 GMT
ETag: "bf19711d8787701a43a70c919c300093fd373066"
Last-Modified: Sun, 27 Nov 2022 14:45:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2127
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770c7ce3bcdeb506-OSL
jjx886.com/114av/js/t.114av.js?fda2e5518a714d489ba
172.64.135.22200 OK 477 kB URL HTTP/2 jjx886.com/114av/js/t.114av.js?fda2e5518a714d489ba
IP 172.64.135.22:0
File type Unicode text, UTF-8 text, with very long lines (64656), with no line terminators
Size 477 kB (477126 bytes)
Hash 93a41a5a7d59aee9afeddc6f2ea921f5
efeb23c57d5451fa07cb6484019800f2d52016e7
4b65c8c1e08a749cb0c345d2a78328ee5dbb328e2f58fee7ae590a338c36a0c5
GET /114av/js/t.114av.js?fda2e5518a714d489ba HTTP/1.1
Host: jjx886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:13 GMT
content-type: application/javascript
last-modified: Sun, 27 Nov 2022 12:45:53 GMT
vary: Accept-Encoding
etag: W/"63835c01-c0b26"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
cache-control: public, max-age=31536000, stale-if-error=7200
cf-cache-status: HIT
age: 12424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO14CRIbj7SLKRziPL%2B%2FSgET2L61W1NXsKAoivo3N7eDFNbi8pywqDCgt9E6MU7hG0ZbPZHgmZr3SOoLQbC4IZ4YgVqcwMwpGRvkLT63Ys640Bh029fgfme9AYdH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770c7ccbc89371c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINQVjyAsibg8licwbkKcqqaSdelXjFX2upYDw/0
43.129.255.47200 OK 263 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINQVjyAsibg8licwbkKcqqaSdelXjFX2upYDw/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 263 kB (263120 bytes)
Hash 9dace3256b07181fcc7441db25b3dc5b
9fdbf9a11ae083e0e0670c00b31e19a63d0a7117
c3699825cb8490d6d3aa936b4af0594f7b8ca6e99c8e1c6cd21f70cfd80f6bee
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINQVjyAsibg8licwbkKcqqaSdelXjFX2upYDw/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 263120
vary: Accept,Origin
last-modified: Thu, 24 Nov 2022 11:40:45 GMT
cache-control: max-age=2592000
x-delay: 158 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 263120
chid: 0
fid: 0
x-nws-log-uuid: d3d8c473-cda1-43ae-b519-31e6fb83821c
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqq2vGf2263n7EEKypG4Iq07c1K1D0BRK3y6AUQmibiaFXWo/0
43.129.255.47200 OK 324 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqq2vGf2263n7EEKypG4Iq07c1K1D0BRK3y6AUQmibiaFXWo/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 324 kB (323595 bytes)
Hash 2f8505fde97df017104d6c717f9e29a8
445dbf8879db328bffb9a7ad5771822dd4feb7cd
5170585cb0deb93db41c8db1ad34d06831feaaa4a6941dfeba14090c51870518
GET /qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqq2vGf2263n7EEKypG4Iq07c1K1D0BRK3y6AUQmibiaFXWo/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 323595
vary: Accept,Origin
last-modified: Sun, 09 Oct 2022 12:53:00 GMT
cache-control: max-age=2592000
x-delay: 40017 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 323595
chid: 0
fid: 0
x-nws-log-uuid: 68e88279-48e8-4c69-b41a-f6466436bdec
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x80-6.gif
120.77.166.72200 OK 562 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x80-6.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (562130 bytes)
Hash 8beed805ef37d0fa42646c105c8aadd8
48ce0717f037a6fb1f489ff1da3537a00ff0f47b
9df49f47b95763d2234554adf562f5a0ba5eb3910a9f7f01a5d90e5f425eccce
GET /af/q960x80-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 27 Nov 2022 17:12:16 GMT
Content-Type: image/gif
Content-Length: 562130
Connection: keep-alive
x-oss-request-id: 63839A70E0DCB93039E99D79
Accept-Ranges: bytes
ETag: "8BEED805EF37D0FA42646C105C8AADD8"
Last-Modified: Tue, 27 Sep 2022 07:43:47 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15479893720264865523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i+7YBe830PpCZGwQXIqt2A==
x-oss-server-time: 1
webs19.theavstatic.xyz/static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d
104.21.234.236200 OK 627 kB URL HTTP/2 webs19.theavstatic.xyz/static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d
IP 104.21.234.236:0
Size 627 kB (626737 bytes)
Hash 159b4324313efb6680798b61b4f0e79a
f5286f7daf95024969ca2a0ae99c42c27048422a
152e31213daebb885708f953e0145cb14e9a611c7fad73b62885970b26f28bf4
GET /static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d HTTP/1.1
Host: webs19.theavstatic.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:14 GMT
content-type: image/gif
last-modified: Wed, 07 Sep 2022 05:30:23 GMT
vary: Accept-Encoding
etag: W/"63182c6f-98d99"
expires: Wed, 30 Nov 2022 03:52:40 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2380774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7O1%2B2pF5QhUSqg4dAMgBpD3VISsg%2BiKIJldTmd%2BFtN6JrXWAIjvTIRsqc2OtcQIOkLaqpAxOZBXEdYuK5qmayRZAogCabJlh556%2Fhs3U0sIIzuD9avmCljgCRxIXXNHG2FDKZmc8SGF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770c7cd228abdc93-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.163200 OK 532 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.163:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 532 kB (531945 bytes)
Hash 904c4f51a02c9f03f27ac2593d4c061e
faa7b399e3dc1e36e450636f0fafcaaca901f59e
107d811d56db4017059b2c99a4829faa9e20ce7fa395b3182bdb456ff93fbee6
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 27 Nov 2022 17:12:15 GMT
Content-Type: image/gif
Content-Length: 531945
Connection: keep-alive
x-oss-request-id: 63839A6F22AAFC33342CC977
Accept-Ranges: bytes
ETag: "904C4F51A02C9F03F27AC2593D4C061E"
Last-Modified: Sun, 20 Nov 2022 05:06:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9035815038154931791
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgIC4ltzNpBgiIDdlODc5YmI4ZDVjNjQ3ZDk5OTI1NWRlZmIwMjk2Zjc5
Content-MD5: kExPUaAsnwPyesJZPUwGHg==
x-oss-server-time: 1
ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
47.110.23.69200 OK 432 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/ky/ky96080c.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 432 kB (432195 bytes)
Hash 66560dc1fbaeb67885a45dd7dc5831e1
38584ed6146b3cd7f220a7cf5db732f462cf1474
5586b90e8f142c31b3b89a89cd2630ed0bd5a2560074f7a58dda96bbc4abae32
GET /ky/ky96080c.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 27 Nov 2022 17:12:16 GMT
Content-Type: image/gif
Content-Length: 432195
Connection: keep-alive
x-oss-request-id: 63839A709BB9203235338AC3
Accept-Ranges: bytes
ETag: "66560DC1FBAEB67885A45DD7DC5831E1"
Last-Modified: Sun, 06 Nov 2022 07:48:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15586424114477953781
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZlYNwfuutniFpF3X3Fgx4Q==
x-oss-server-time: 2
p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqqJWFBRuS2jo2ZuMZ5OKNx4eqpeICU64DYOtVkwdBBkEA/0
43.129.255.47200 OK 1.4 MB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqqJWFBRuS2jo2ZuMZ5OKNx4eqpeICU64DYOtVkwdBBkEA/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.4 MB (1360388 bytes)
Hash 0ae6a6608409a84a0989e5f9d9513482
9ad09095cb4fc3ac1c6c969e96e05f5625b807e5
15c7308a0e529c41f4ff4f9bbc9ff24c9d7f9a23a774e9f5b46ad2bd48dd928f
GET /qqmail_head/PiajxSqBRaEJfYDGD2jBMjyn1zl31kDqqJWFBRuS2jo2ZuMZ5OKNx4eqpeICU64DYOtVkwdBBkEA/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
content-length: 1360388
vary: Accept,Origin
last-modified: Wed, 09 Nov 2022 13:41:49 GMT
cache-control: max-age=2592000
x-delay: 94593 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1360388
chid: 0
fid: 0
x-nws-log-uuid: 1e99dcf5-5a6d-4e08-9378-8ac5294aea5c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 18db75b0e5b6926f1dfadc75d7d3307b
ab815db60a45201f18402ecff5972a885be66ae6
792280128f223d23cece87293930d0170b67641286845c3442832c7313a4cde4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "792280128F223D23CECE87293930D0170B67641286845C3442832C7313A4CDE4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6249
Expires: Sun, 27 Nov 2022 18:56:27 GMT
Date: Sun, 27 Nov 2022 17:12:18 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.7 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document text\012- HTML document, ASCII text
Hash 75f10430ff86a00dbc5597365587b44e
e8afae9998c375d2e2840a5c9da2e8df2e13adb0
f316f83e7813d4099854e3557bb8446ff867e534e3f124d99c3b419935d07bb1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:03:39 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 234626134
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash ee023a51e8f16aff82793865b87cd5e7
9f75492ab5f008e1d4f9ced62d1c05996dd0023d
ca8acebc6b1503708a547c4efd3561c910675866b87055a6eea3cf69dbb10b77
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 15:23:29 GMT
ETag: "9f75492ab5f008e1d4f9ced62d1c05996dd0023d"
Last-Modified: Sun, 27 Nov 2022 15:23:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2930
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770c7ce9e9d0b506-OSL
p.qlogo.cn/qqmail_head/lMcAnJRIcllFJSuVWYmO1zSRC38FFTBScuV3CuKx1jFeNMqryZaLhiapDRlej0fAAHc1z517ZlB0/0
43.129.255.47200 OK 78 kB URL HTTP/2 p.qlogo.cn/qqmail_head/lMcAnJRIcllFJSuVWYmO1zSRC38FFTBScuV3CuKx1jFeNMqryZaLhiapDRlej0fAAHc1z517ZlB0/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 720 x 250\012- data
Hash 0f958bf94440977cc59112769c203e25
2d59daaa04c4a3b1f8c904bcb5d901b8fdd0fb02
a9d0b88e578badc4b507a9d073653efca7dc95ceb0603dc6b8d690e8cb368a54
GET /qqmail_head/lMcAnJRIcllFJSuVWYmO1zSRC38FFTBScuV3CuKx1jFeNMqryZaLhiapDRlej0fAAHc1z517ZlB0/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sun, 27 Nov 2022 17:12:18 GMT
content-type: image/gif
content-length: 78313
vary: Accept,Origin
last-modified: Thu, 24 Nov 2022 09:13:55 GMT
cache-control: max-age=2592000
x-delay: 17315 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 78313
chid: 0
fid: 0
x-nws-log-uuid: 3e24dd65-d952-470a-bad3-f4fa8ad151a0
X-Firefox-Spdy: h2
s4.histats.com/stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1669569137711&@k0&@l1&@m&@n0&@ohttps%3A%2F%2F114av.one%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:105009986&@b3:1669569138&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F114av.one%2Fanyalytics%3Fv%3D_b6e23ebc9e1&@w
198.27.80.143200 OK 54 B URL HTTP/1.1 s4.histats.com/stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1669569137711&@k0&@l1&@m&@n0&@ohttps%3A%2F%2F114av.one%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:105009986&@b3:1669569138&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F114av.one%2Fanyalytics%3Fv%3D_b6e23ebc9e1&@w
IP 198.27.80.143:0
File type ASCII text, with no line terminators
Hash 8d6b665ad6225802a711c763e55e3d35
b6ce85c9f78c82b2b5bb5ee8b08a2930a54e8c2f
89bbb095e27418e27c2b7c9d7a7bbb6ce2c2bce2809c726a13d6a61a4240d215
GET /stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1669569137711&@k0&@l1&@m&@n0&@ohttps%3A%2F%2F114av.one%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:105009986&@b3:1669569138&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F114av.one%2Fanyalytics%3Fv%3D_b6e23ebc9e1&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:18 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 54
Connection: close
s10.histats.com/counters/cc_100.js
46.105.201.240200 OK 7.7 kB URL HTTP/2 s10.histats.com/counters/cc_100.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (19234), with no line terminators
Hash eb2e335634e1d042469dc377a3989ff9
bfd517c0fb7e6fa042d4f6bd8b62655371d567ec
9045a6bdc5e51706e78bb09c79ae593f9d03142090e6931ff3e17a093dac89e9
GET /counters/cc_100.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:05:47 GMT
etag: "1473736416"
last-modified: Thu, 16 Apr 2020 10:44:22 GMT
x-request-id: 729842494
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 7662
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/sxpj96080d.gif
47.110.23.69200 OK 451 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/sxpj96080d.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 451 kB (450794 bytes)
Hash 4172d77293e54a5ddf4a87f1778cb155
1964277992ae541de680ddf9436984356e6b6e5a
3d4b31364c5f8aaabe6645955b134d5df4c75e98e73ac1707c6b7c51c5b21949
GET /xpj/sxpj96080d.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sun, 27 Nov 2022 17:12:17 GMT
Content-Type: image/gif
Content-Length: 450794
Connection: keep-alive
x-oss-request-id: 63839A7109E598363755CAB5
Accept-Ranges: bytes
ETag: "4172D77293E54A5DDF4A87F1778CB155"
Last-Modified: Thu, 17 Nov 2022 05:41:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8061095176570556502
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: QXLXcpPlSl3fSofxd4yxVQ==
x-oss-server-time: 3
jjx886.com/114av/css/web.114av.css?5e1446806a55c
172.64.135.22200 OK 531 kB URL HTTP/2 jjx886.com/114av/css/web.114av.css?5e1446806a55c
IP 172.64.135.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 531 kB (530837 bytes)
Hash 2e748247b116db723799d22641c3997d
1f370963e6412f9baafe610473587f10c05630c7
063cbbe21fd7da4b11db8ec8b5d668ee6c7ab8c435e964df5ac088d89a5e3d09
GET /114av/css/web.114av.css?5e1446806a55c HTTP/1.1
Host: jjx886.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:13 GMT
content-type: text/css
last-modified: Fri, 18 Nov 2022 16:09:10 GMT
vary: Accept-Encoding
etag: W/"6377ae26-122682"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
cache-control: public, max-age=31536000, stale-if-error=7200
cf-cache-status: HIT
age: 256158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEgHtb7A69w4KBj2NocINUKgXpTsqdXeGCcUWXYhHiXpm7zMrhln%2B7%2BBjaKZ9YOV8OEXp8enhU%2BxDqGqLqcdQK6jRFUBz6vzCsY1vc4IUwGOCuYr%2BOgBK0y1X50f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770c7ccbc89a71c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.crlocsp.cn/
101.198.193.5200 OK 472 B IP 101.198.193.5:0
ASN #55992 Beijing Qihu Technology Company Limited
Hash ff85acdfd64e403384fb4e8380855f31
057d8e90df3c218123ac932e88458ce966bb06c6
b9b91fcc2c85dfb8d13a165450de1ac7f323f9be0e61b2a54f6718e220c2f43f
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Sun, 27 Nov 2022 17:10:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Sat, 26 Nov 2022 07:32:09 GMT
Expires: Sat, 03 Dec 2022 07:32:08 GMT
ETag: "057D8E90DF3C218123AC932E88458CE966BB06C6"
cache-control: max-age=172800,public,no-transform,must-revalidate
ocsp.crlocsp.cn/
101.198.193.5200 OK 472 B IP 101.198.193.5:0
ASN #55992 Beijing Qihu Technology Company Limited
Hash bb5fc8034777824f07e980d8442be708
bd0f6f2dfcaf0adae5ad8f1b1c7b6a7a9630ade4
890f035dd8196ed6a5cd53c1345eb851c62b9ac668898ff913de160f9328ccf8
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Sun, 27 Nov 2022 17:10:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Thu, 24 Nov 2022 03:16:09 GMT
Expires: Thu, 01 Dec 2022 03:16:08 GMT
ETag: "BD0F6F2DFCAF0ADAE5AD8F1B1C7B6A7A9630ADE4"
cache-control: max-age=172800,public,no-transform,must-revalidate
ocsp.crlocsp.cn/
101.198.193.5200 OK 472 B IP 101.198.193.5:0
ASN #55992 Beijing Qihu Technology Company Limited
Hash bb5fc8034777824f07e980d8442be708
bd0f6f2dfcaf0adae5ad8f1b1c7b6a7a9630ade4
890f035dd8196ed6a5cd53c1345eb851c62b9ac668898ff913de160f9328ccf8
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Sun, 27 Nov 2022 17:10:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Thu, 24 Nov 2022 03:16:09 GMT
Expires: Thu, 01 Dec 2022 03:16:08 GMT
ETag: "BD0F6F2DFCAF0ADAE5AD8F1B1C7B6A7A9630ADE4"
cache-control: max-age=172800,public,no-transform,must-revalidate
s.360.cn/so/zz.gif?url=https%3A%2F%2F114av.one%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1e8n2ob.3vfa2481512/5/f:2sdpbt
101.198.2.147200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=https%3A%2F%2F114av.one%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1e8n2ob.3vfa2481512/5/f:2sdpbt
IP 101.198.2.147:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=https%3A%2F%2F114av.one%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1e8n2ob.3vfa2481512/5/f:2sdpbt HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sun, 27 Nov 2022 17:12:19 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Tue, 31 May 2022 08:31:45 GMT
Connection: keep-alive
ETag: "6295d271-0"
Accept-Ranges: bytes
kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif
182.140.218.3200 OK 1.0 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif
IP 182.140.218.3:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1021535 bytes)
Hash 3ee27568f25223c8d290eb4003e1916f
78a1cc6c8e4bca6cb26f7f2ae899ad5bc5154b7d
9d019eccd2bc0f713cab4e42e37f9f3d8fbb022526850ea87248a09bd1c215a4
GET /ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 17:12:18 GMT
content-type: image/gif
content-length: 1021535
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:51:41 GMT
last-modified: Fri, 25 Nov 2022 14:36:11 GMT
age: 181238
via: http/1.1 ORI-CLOUD-HUN-MIX-25 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-24 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387901977-0-0-0-12-12;200;200-1669456375746-0-0-0-1-1;200-1669569138338-0-0-0-1-1
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif
182.140.218.3200 OK 1.3 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif
IP 182.140.218.3:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 17:12:18 GMT
content-type: image/gif
content-length: 1296026
cache-control: max-age=315360000
expires: Tue, 23 Nov 2032 04:51:18 GMT
last-modified: Sat, 26 Nov 2022 04:47:38 GMT
age: 130860
via: http/1.1 ORI-CLOUD-HUN-MIX-30 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-24 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669438278501-0-0-14-62-62;200;200-1669473583091-0-0-0-1-1;200-1669569138941-0-0-0-0-0
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif
182.140.218.3200 OK 689 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif
IP 182.140.218.3:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 960 x 60\012- data
Size 689 kB (688878 bytes)
Hash 38adb06da8d7db34d62dfc1760cda2dd
862c5ecedd5add094b8dfb22c3087b09493a312a
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
GET /ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 17:12:18 GMT
content-type: image/gif
content-length: 688878
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:51:35 GMT
last-modified: Fri, 25 Nov 2022 14:41:35 GMT
age: 181243
via: http/1.1 ORI-CLOUD-HUN-MIX-21 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-24 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387895392-0-0-20-62-62;200;200-1669465846933-0-0-0-1-1;200-1669569138399-0-0-0-12-12
X-Firefox-Spdy: h2
zz.bdstatic.com/linksubmit/push.js
58.254.150.48200 OK 236 B URL HTTP/2 zz.bdstatic.com/linksubmit/push.js
IP 58.254.150.48:0
ASN #136958 China Unicom Guangdong IP network
File type ASCII text, with very long lines (308), with no line terminators
Hash b49ca4a2c03382b748acefdb884830ee
e312d930ec45b71e884a609a651eff7ce1ab151b
f3383229e60b98b1fb2a04c3216dad7873e54683ccb4929623d85eedac9ea6d9
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 27 Nov 2022 17:12:17 GMT
content-type: application/x-javascript
last-modified: Thu, 02 Jun 2022 02:13:32 GMT
etag: "62981ccc-134"
cache-control: max-age=86400
content-encoding: br
age: 50179
accept-ranges: bytes
tracecode: 31971424850553357066112710
ohc-global-saved-time: Sun, 27 Nov 2022 02:53:17 GMT
ohc-cache-hit: gz3un52 [2], zhuzuncache62 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
s4.histats.com/stats/4233012.php?4233012&@f16&@g1&@h1&@i1&@j1669569140368&@k0&@l1&@m%E6%88%90%E4%BA%BA%E7%A6%8F%E5%88%A9%E8%A7%86%E9%A2%91%EF%BC%8C%E5%9C%A8%E7%BA%BF%E6%92%AD%E6%94%BE%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%20-%20114AV&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:121410788&@b3:1669569140&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F114av.one%2F&@w
198.27.80.143200 OK 1.9 kB URL HTTP/1.1 s4.histats.com/stats/4233012.php?4233012&@f16&@g1&@h1&@i1&@j1669569140368&@k0&@l1&@m%E6%88%90%E4%BA%BA%E7%A6%8F%E5%88%A9%E8%A7%86%E9%A2%91%EF%BC%8C%E5%9C%A8%E7%BA%BF%E6%92%AD%E6%94%BE%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%20-%20114AV&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:121410788&@b3:1669569140&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F114av.one%2F&@w
IP 198.27.80.143:0
Hash bbb6c727fa4423e5d353e15b3e359dcc
43c2d612c96a50fd0495e01316bfcfd5de55fa32
98d78e355b5bf0b94c22b5340e03445f9c6709ab34a94168215f7065fd4f217f
GET /stats/4233012.php?4233012&@f16&@g1&@h1&@i1&@j1669569140368&@k0&@l1&@m%E6%88%90%E4%BA%BA%E7%A6%8F%E5%88%A9%E8%A7%86%E9%A2%91%EF%BC%8C%E5%9C%A8%E7%BA%BF%E6%92%AD%E6%94%BE%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%20-%20114AV&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:121410788&@b3:1669569140&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F114av.one%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:12:21 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
webs24.theavstatic.xyz/static/tmp/x99av/semm.gif?iv=d2d42baf6a47e80aff6b842f4abd561
104.21.234.236200 OK 0 B URL HTTP/2 webs24.theavstatic.xyz/static/tmp/x99av/semm.gif?iv=d2d42baf6a47e80aff6b842f4abd561
IP 104.21.234.236:0
GET /static/tmp/x99av/semm.gif?iv=d2d42baf6a47e80aff6b842f4abd561 HTTP/1.1
Host: webs24.theavstatic.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:12:15 GMT
content-type: image/gif
last-modified: Fri, 15 Apr 2022 12:43:13 GMT
vary: Accept-Encoding
etag: W/"62596861-4ad05"
expires: Sat, 10 Dec 2022 16:30:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1471319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGZej6DYg1l4f8KCtOymLPgPuYTy9IoyYIS0SrSEZS4w3zb%2F4096L2OkTBQEFXkZcqvPDZKObuSaquYFNkfcXr27vu5%2Bp5WjmlA0dPLnJ1yNDbo9KNh1MkUDgZdMTSZQSE6WEe6miEYU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770c7cd6ca1edc93-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
54.230.111.58200 OK 0 B URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP 54.230.111.58:0
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc03.lato;REVALIDATED from w-sc01.lato
date: Sun, 27 Nov 2022 17:04:18 GMT
cache-control: max-age=600
expires: Sun, 27 Nov 2022 17:14:08 GMT
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zYnYlsM6DOwevg4-uPNjkgGzonBmOqoUNgb1bsuzwP4Y5vLtzomubA==
age: 486
X-Firefox-Spdy: h2
img.9729x.com/images/6379cade0530cc58344548f5.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.9729x.com/images/6379cade0530cc58344548f5.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/6379cade0530cc58344548f5.gif HTTP/1.1
Host: img.9729x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/3041a19e4ce449299fae17b15a1d0d2e
X-Firefox-Spdy: h2
img.u2267.com/images/635287bc3ce47c907dcb1486.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.u2267.com/images/635287bc3ce47c907dcb1486.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/635287bc3ce47c907dcb1486.gif HTTP/1.1
Host: img.u2267.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://114av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/40183cc4a2364765a90e4ef75b6ee260
X-Firefox-Spdy: h2