r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Sat, 03 Dec 2022 13:18:06 GMT
Date: Sat, 03 Dec 2022 11:58:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2766
Cache-Control: max-age=170348
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:58:10 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:17:18 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 11:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2291
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4718
Expires: Sat, 03 Dec 2022 13:16:48 GMT
Date: Sat, 03 Dec 2022 11:58:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: V8/iwujQiA8B9uz9WnVvB+Uq//sdec6TkqcA/QkibdOsYYngZ3imkSzMCVzIw4VWO6XdAfh+gWo=
x-amz-request-id: 64J6D2K2VNHAEHE2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 11:46:33 GMT
age: 697
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.kadinbebek.com/feed
142.111.177.192200 OK 501 B IP 142.111.177.192:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (694), with CRLF line terminators
Hash f10cd0aa77718f44d680e270c81481a1
d985a2ec492362b582438ddb8cbf97fa95084a28
0e74be86a3be353f9bb7e7a6a93c5a9d0587478449547e1757a95f8e6047f1c0
GET /feed HTTP/1.1
Host: www.kadinbebek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 11:58:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.kadinbebek.com/tj.js
142.111.177.192200 OK 364 B IP 142.111.177.192:0
File type HTML document, ASCII text, with CRLF line terminators
Hash c8c5ee3011b5c74bef5ccbc4d54ae8b0
28270ce895dc62435a9a832c7c91717e5585a59e
c8d5821b39068722b91971212c51612e5f0ffef8c6ef94c70e394c23db229c0e
GET /tj.js HTTP/1.1
Host: www.kadinbebek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kadinbebek.com/feed
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 11:58:12 GMT
Content-Type: application/x-javascript
Content-Length: 364
Connection: keep-alive
www.kadinbebek.com/common.js
142.111.177.192200 OK 1.9 kB URL HTTP/1.1 www.kadinbebek.com/common.js
IP 142.111.177.192:0
File type HTML document text\012- HTML document, ISO-8859 text, with very long lines (443), with CRLF line terminators
Hash 9d94513c79e3b5079a13d6fbfe30614d
a36b66d2452e750993d4a785cc52f362f311a022
77a91a3a01d73f4805831a17647b4fec6c39ad6299dab3b5a7abaec03e2c737f
GET /common.js HTTP/1.1
Host: www.kadinbebek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kadinbebek.com/feed
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 11:58:12 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 11:11:17 GMT
cache-control: public,max-age=3600
age: 2813
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
209.73.159.132/tianbi-common.php?val=tianbi2&t=0.6018284218421951?v=08892065565767681
209.73.159.132200 OK 90 B URL HTTP/1.1 209.73.159.132/tianbi-common.php?val=tianbi2&t=0.6018284218421951?v=08892065565767681
IP 209.73.159.132:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2955119d03b52e646c0b282f59e945c7
900332ef65d637ca67be8cef1dfd769047883bc4
bf4821095783d6dc28170315153b60d3d268188ab5fc71fa24fec8d79fd1fe41
Analyzer Verdict Alert quad9 Sinkholed
GET /tianbi-common.php?val=tianbi2&t=0.6018284218421951?v=08892065565767681 HTTP/1.1
Host: 209.73.159.132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.kadinbebek.com
Connection: keep-alive
Referer: http://www.kadinbebek.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 11:58:11 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
209.73.159.132/tianbi-common.php?val=tianbi2&t=0.36340976929724245?v=006391222306001931
209.73.159.132200 OK 90 B URL HTTP/1.1 209.73.159.132/tianbi-common.php?val=tianbi2&t=0.36340976929724245?v=006391222306001931
IP 209.73.159.132:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2955119d03b52e646c0b282f59e945c7
900332ef65d637ca67be8cef1dfd769047883bc4
bf4821095783d6dc28170315153b60d3d268188ab5fc71fa24fec8d79fd1fe41
Analyzer Verdict Alert quad9 Sinkholed
GET /tianbi-common.php?val=tianbi2&t=0.36340976929724245?v=006391222306001931 HTTP/1.1
Host: 209.73.159.132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.kadinbebek.com
Connection: keep-alive
Referer: http://www.kadinbebek.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 11:58:11 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2767
Cache-Control: max-age=165287
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:58:11 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:52:58 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash eb25c885465e0f2199b97d3d89045c59
85388bd6ebb2352a657b98d9005b265f89e46278
dcc842047042489843d8265c2543d51ff9bdb04679cbcbf3cc39c6e511fc3970
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DCC842047042489843D8265C2543D51FF9BDB04679CBCBF3CC39C6E511FC3970"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17319
Expires: Sat, 03 Dec 2022 16:46:50 GMT
Date: Sat, 03 Dec 2022 11:58:11 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash eb25c885465e0f2199b97d3d89045c59
85388bd6ebb2352a657b98d9005b265f89e46278
dcc842047042489843d8265c2543d51ff9bdb04679cbcbf3cc39c6e511fc3970
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DCC842047042489843D8265C2543D51FF9BDB04679CBCBF3CC39C6E511FC3970"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 03 Dec 2022 17:58:11 GMT
Date: Sat, 03 Dec 2022 11:58:11 GMT
Connection: keep-alive
push.services.mozilla.com/
54.71.202.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.71.202.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: o9HBFOirysQjZWL1qFeoFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0nFCGq4m6+XK2GPqvsFsTJHvr+s=
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash eb25c885465e0f2199b97d3d89045c59
85388bd6ebb2352a657b98d9005b265f89e46278
dcc842047042489843d8265c2543d51ff9bdb04679cbcbf3cc39c6e511fc3970
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DCC842047042489843D8265C2543D51FF9BDB04679CBCBF3CC39C6E511FC3970"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 03 Dec 2022 17:58:11 GMT
Date: Sat, 03 Dec 2022 11:58:11 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6918
Expires: Sat, 03 Dec 2022 13:53:30 GMT
Date: Sat, 03 Dec 2022 11:58:12 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6847
Expires: Sat, 03 Dec 2022 13:52:19 GMT
Date: Sat, 03 Dec 2022 11:58:12 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6919
Expires: Sat, 03 Dec 2022 13:53:31 GMT
Date: Sat, 03 Dec 2022 11:58:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12659
Expires: Sat, 03 Dec 2022 15:29:11 GMT
Date: Sat, 03 Dec 2022 11:58:12 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 60cf595b69627d6d3654654ce19cafb3
5b0e0aed0110b60ccc0717821550ef4123dfcfdc
c47ec602bca7cb470992a71bad54a80eb7cf29a2a2b2709daaec12c7766b0bf2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C47EC602BCA7CB470992A71BAD54A80EB7CF29A2A2B2709DAAEC12C7766B0BF2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Sat, 03 Dec 2022 17:57:14 GMT
Date: Sat, 03 Dec 2022 11:58:12 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6822
Expires: Sat, 03 Dec 2022 13:51:54 GMT
Date: Sat, 03 Dec 2022 11:58:12 GMT
Connection: keep-alive
klx12.zhgmjglh88k.com/template/m1938pc/css/zui.css
172.67.153.180200 OK 19 kB URL HTTP/2 klx12.zhgmjglh88k.com/template/m1938pc/css/zui.css
IP 172.67.153.180:0
File type assembler source, Unicode text, UTF-8 text, with CRLF, CR line terminators
Hash fbdc26d09a535199c2c7bb93bb7f60c2
b764eadc725ce24e5b5156759a33dc49f03b3888
4e8b036d08269c258c0e077840859525187e9be1981efdaa5c20be748ac0835f
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: klx12.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:12 GMT
content-type: text/css
last-modified: Sat, 26 Mar 2022 14:12:50 GMT
vary: Accept-Encoding
etag: W/"623f1f62-14f3a"
expires: Sat, 03 Dec 2022 23:58:12 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F80TEIKmZmngUM8sh9wKwhCLfb5cH7j7WiNkQWfxZAQNMln4cdL4wOTb5yl1rffSIHWZIcB2udS6YCDw3cc6Pps9Bjoh91mnLHfTFa2hTfj%2BZmSNt0rFHMXarxjG%2FDy%2FFPxco2N4cvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c210c6f03b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx12.zhgmjglh88k.com/template/m1938pc/css/ate.css
172.67.153.180200 OK 11 kB URL HTTP/2 klx12.zhgmjglh88k.com/template/m1938pc/css/ate.css
IP 172.67.153.180:0
File type ASCII text, with CRLF line terminators
Hash 880d7edd9289bcc75ca8ca4340a2f2e1
22ca3be181a21f023ae5993f3e681144a942d781
fa1d384c15817cc0850990d57de63fc767dae200e870e1315221d0d1709804c4
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: klx12.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:12 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
vary: Accept-Encoding
etag: W/"61be9b34-126e4"
expires: Sat, 03 Dec 2022 23:58:12 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A20V595kyfjvgLDOJ2UFC3thDmpMOEmLVrY2l4Bbg1He2dUlhRhbbP0GwBrgtV8T%2F14z1oxMKosfsuP05ggrDmSZZpOyMH1Gg70xqazXyNj98l0aeH4wMmduLD%2BM2EOm%2B%2FUd8A5fi80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c210c5f01b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GBhAilKMKo9RvIzqzF9V4jTZbvpa2rPZeoy6Jy8fMc1-JO078OAYzQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:53:40 GMT
age: 21872
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:54 GMT
age: 51618
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbee75c6c314655f738b57b828bef016
bb36d39c7adf764e8a7dcf7f91125001623975b4
fd40949b9711db01be746d1723f78c2bb04d356063c6249b8b5ae1470532367a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10877
x-amzn-requestid: bebc4f7f-7349-4973-99f5-d6c3b8a27072
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1G2uIAMFryg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-0637a1a946db78074bc19dc3;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wtaahzdJXnHSYwqIlHyqFy-LsdPl1Nh-CThm-x57bU3dUEgrfB1Gvw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 51625
etag: "bb36d39c7adf764e8a7dcf7f91125001623975b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 5442327b2795fd87e76e901d74b11910
3a9fe0d901971561a8723cc98ad030997109bf38
1337c40019ef9ba83ae34c3f14a2252d0ef668607929eef8780b1c22e792d026
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:58:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 07 Dec 2022 09:11:19 GMT
ETag: "3a9fe0d901971561a8723cc98ad030997109bf38"
Last-Modified: Sat, 03 Dec 2022 09:11:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2592
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c2111ee8bb4f7-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 51625
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6821
Expires: Sat, 03 Dec 2022 13:51:54 GMT
Date: Sat, 03 Dec 2022 11:58:13 GMT
Connection: keep-alive
js.users.51.la/21278763.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21278763.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash ed254b7f4d8a5069ee6b7688a0063ba5
e03716008ab5396334bf252224128b81ea50817e
01b302a58ad206f7109f14b25b821da3e68e9f5b692de1495490f3e2e5c31054
GET /21278763.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Sat, 03 Dec 2022 11:58:12 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=f7fca256e5ab288e06a; path=/
HWWAFSESTIME=1670068691752; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
178880.vip/index.gif
188.114.97.1403 Forbidden 1.8 kB IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash 0f193e472981a37abd6d7a045b11162d
7eaa1d4b123ff53222048da14814e2c47fb7f1fa
08852b3f4b3ab6bbec2e7d1330baf65ab03688e19d9869296d09400050c6151b
GET /index.gif HTTP/1.1
Host: 178880.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Sat, 03 Dec 2022 11:58:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwEVpvSRsKfpdwSE765Df5YO3fQ%2FwdJH8bHgxVwSqOHA1vJcMRo2pqyEfvKMg4UpYAXaYvIho8X%2FniYlZqXG9H3Jrft9n967l%2FRaW7paNPpj%2Beh7Djh64Rukp28q"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c21147a650b45-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9ebe1079a3b871c0da5481ef31aed862
17e011dff1f979918211de3a841c8b46248cc8d9
38331bfe1c23bc8e021dfb57ac6f51ee9f9b5918b6585abe96d233d01d95cff2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "38331BFE1C23BC8E021DFB57AC6F51EE9F9B5918B6585ABE96D233D01D95CFF2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3686
Expires: Sat, 03 Dec 2022 12:59:39 GMT
Date: Sat, 03 Dec 2022 11:58:13 GMT
Connection: keep-alive
tb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
172.67.221.78200 OK 1.9 kB URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
IP 172.67.221.78:0
File type HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e8fbccfb3285f01f421d4bcb90188ed3
de2bd70540a5625fc07701266a9a1a1e3c36ca23
daa73d98ce847a1ee0371f930c0b296b85e5910ea0f1295e42df3d871c741f9e
GET /yPS7hqfHgkFauS2djb/xx3.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:54:18 GMT
vary: Accept-Encoding
etag: W/"63885daa-481"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4fYw9Hra2%2F%2BYQ2MuCgttoLxHfj1scs4bTa4%2FWAvaWXHt2uXZ2h3s%2FM14saLpjYwNf9%2FGkq8UThQGXrWO9YrV%2FlTm50WU34w9qBYTUwilFRvXR9qKfjlwLzNuPdUoGCPrDJ%2FGqO7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c21119d6c0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
178880.vip/index.gif
188.114.97.1403 Forbidden 1.8 kB IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash 93f1a95d0b9b0d7b41e15d1b7b89f3fe
b09129d449698143a7a32113e94b7f0cc176c021
608520048edec670a443b58289b5c697e081d5648b74a66a3380c6f33b8a0142
GET /index.gif HTTP/1.1
Host: 178880.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Sat, 03 Dec 2022 11:58:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbUQ5SyLvUcHf6O2K4T5LY0TVSJHKdTOI1sF6cVLYIyRd5tbPYeoJTIjnIm%2Fb2bb7apnwuxymokNDAZ5MGK77DcDof5Yvo99njZQxwGNoIshUdzCnfIq%2B3N9FmYi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c21164bc70b45-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
tk.learning8808.com/images/zbcpa2.png
104.21.18.174200 OK 162 kB URL HTTP/2 tk.learning8808.com/images/zbcpa2.png
IP 104.21.18.174:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 162 kB (161572 bytes)
Hash 64c0f3edc7b3bfd2a2c009f3b93ebd7d
70dee1bf54047d14220328f8ab47d299a679a519
ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25
GET /images/zbcpa2.png HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/png
content-length: 161572
last-modified: Wed, 27 Apr 2022 12:03:23 GMT
etag: "6269310b-27724"
expires: Sun, 25 Dec 2022 17:01:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 673030
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xupSAfHn72H8NpfQdxXOASoqXJ7wMi4diHEIzm%2Bo95yuEk%2FK8fLebsuplKFLJOyPPcc7Z6Ky9UGFR%2FCpRB5mT2FkkTxYkhrWdNWS4ZNKwCFWzdFovzaha%2FiFoZE2e1QWVVEWtIN%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21167dd41c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
172.67.221.78200 OK 194 kB URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
IP 172.67.221.78:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Size 194 kB (193495 bytes)
Hash e25fd9c56cbe7d5cdbf733cd0029b31b
ca6041b27f8fb888e219850230484c7ec1379f4f
b8a13aaf30f7ef11c0f1c2b7e54eaf84660301491a4d68370c62eca851985ccc
GET /yPS7hqfHgkFauS2djb/wz1.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:05:00 GMT
etag: W/"638a3e4c-1bd"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGlWOSS2qU5ACSHtL16WFKiF75G%2BAjajvTwAL0jo9rSPlT7purfhKPI6oN7WF3UM5%2Bv4xsMGGBMB9b6gkSPxWs8vzTKLpKZw6N6ivUwfJBoEWvnsti%2FjUPSSmzUADRIs9WNRO0Kq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21119d660b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt7.gif
104.21.18.174200 OK 269 kB URL HTTP/2 tk.learning8808.com/images/xt7.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 269 kB (269177 bytes)
Hash 3be5bc895ae3e525bbcfbb2a2696ed0f
1f3d2c548412b47b65acf224f1a6b7bf89dcf876
59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
GET /images/xt7.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/gif
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
etag: "62693107-41b79"
expires: Sun, 04 Dec 2022 08:35:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2517762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJfmZdi8qERTuioxKD61KYIx%2FqCby%2BCutRFdr1Zq42RcZxvbmObByaHpIFpVgXm1SioFScweMPisQy6D1IJ4zt5fxKUo0GyHWpBQhRWOGNTHvmno7YJulsXkBBErVRFdN6pjT18O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21167ddf1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt9.gif
104.21.18.174200 OK 329 kB URL HTTP/2 tk.learning8808.com/images/xt9.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 329 kB (329331 bytes)
Hash 0982fef3f808ddf5925e60c39af631ba
80d6f27859a94c2c49b9175d2e9f84e6bd9b5605
bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d
GET /images/xt9.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/gif
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
etag: "62693109-50673"
expires: Thu, 08 Dec 2022 02:12:56 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2195117
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2B%2FCfGq5vUG%2B47OgFYHeFl1WXhaIIIbfRhPfOCBMgG0zf9SrCyyle%2FpanTlC5mzp3rxPONE0Cj43hbfcTTiEq2BZJ8AvyTsOnZgj8ih9m0%2Bw6P7pfGVLLIMI6Kgndt7Gaol9R4z1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21167de21c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
104.21.18.174200 OK 378 kB URL HTTP/2 sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
IP 104.21.18.174:0
File type ASCII text, with very long lines (1244), with CRLF line terminators
Size 378 kB (377599 bytes)
Hash 7f9f1e281c82354041f428978a08e394
d6d395001b446ca4deb92d92baa56363b5bc5bde
751b0767da0c8d176437b099aef47b14af29d9eb5e718616fb0c7c94eaaeca9e
GET /yPS7hqfHgkFauS2djb/gg.css HTTP/1.1
Host: sb.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: text/css
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
vary: Accept-Encoding
etag: W/"62bc1e37-c63"
expires: Sat, 03 Dec 2022 15:27:18 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 30655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5gs3ZEzvdhCLs%2FS9NReAs7srJkv4x9wTQE3BCXp4AUn3fhfYLzfGhe22rhYNQxNppSow8BPBZ6MwM%2F5Y0dBkSSrVFCKlROkxBJUTdsBWoKSY%2FD9jFSJW6r3kTDWT4qh8Bjp1MZN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c21158ce01c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
172.67.221.78200 OK 444 kB URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
IP 172.67.221.78:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Size 444 kB (443947 bytes)
Hash 304c0d079ffedd8671028b42b6965448
47d3c1934124d81da834b84a76f2f1e0c2c40267
4d8703923ffae7366418281c54cc09356947e26f4bb2f71f32e8b20f45f6386a
GET /yPS7hqfHgkFauS2djb/wz.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:05:00 GMT
etag: W/"638a3e4c-1ac"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zkw8vWCdiTuoXgsN60%2BtYMURP1Er9CrsDPJ90SwKmS%2Fy8KgYHOlh6xw9sabUfTVok%2BcMHFLkSJMOpWSd7HYcxbJKWUYPoau9MrQmJE30kfEx3klMQNDTSgt9X1kk%2FXbkA4GDlm6G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21119d650b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt10.gif
104.21.18.174200 OK 624 kB URL HTTP/2 tk.learning8808.com/images/xt10.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 145 x 145\012- data
Size 624 kB (623748 bytes)
Hash a32d51e341cd89abbece4c69d304f22d
66079b18e75f9469f4be074e9bc02ba0d85c4361
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
GET /images/xt10.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/gif
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
etag: "626930f8-98484"
expires: Sun, 11 Dec 2022 11:15:15 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1903378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LT94GFSvxtTjK%2FxewGDKKGvShD3jfjAHuGdnhdCh8khDnQLxxVm4Tf9BARDTYHMS5BSG%2Bw%2B%2BpT4xH1pqUCmitu%2Fj7nXboiZD04VQQO1yri8P8KEwWK8nZSw4pn2wMcqdyvdT9sa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21167dd71c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt12.gif
104.21.18.174200 OK 750 kB URL HTTP/2 tk.learning8808.com/images/xt12.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 750 kB (749706 bytes)
Hash 5b3e843ec7923ace3c8c52e7e3d71608
65b34236bdea1d3bb438b23eaa028df8b587cc45
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
GET /images/xt12.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/gif
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
etag: "626930fc-b708a"
expires: Wed, 28 Dec 2022 12:24:55 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 430397
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTa234Q2%2Bzs7Ojrfh%2FgHwVV%2F1PDd0lFR3O8Uyyrx0QahGsFGZkCE4KbOkAh5zqG8nkL0aXEZYfG175ACUtDdceE92AAjiXi8sl7GSFNio4DApFHdz3ntl09Co5TtKNnuqtcznnBx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21167dd61c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
172.67.221.78200 OK 1.6 MB URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
IP 172.67.221.78:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 1.6 MB (1640128 bytes)
Hash 8ea4fd621e20ac255ed32e490758ac23
b0f621188b06196897aafc4f9fba4fc9f2f7a8d7
cb89176c09d54c539b3bbe1a692ea0b912aa1d22c5ae04ede86c0cda853b0f0a
GET /yPS7hqfHgkFauS2djb/zylm.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 05:41:22 GMT
etag: W/"62a97102-3b7"
expires: Sat, 03 Dec 2022 23:58:12 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d47gdzrybJa%2FmfGmBl6MEMHB8JSeOxqkOw%2FynFUMfSki0ySElPPJ9XRKVQ7AjZWH6fno2hr9MLKUvay5pNC6uOQTrFtA3HcTpwQXoPHTx%2BrPe7aoXqN0nEgpM4ZMlRxun4tjESuj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21119d6a0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9ebe1079a3b871c0da5481ef31aed862
17e011dff1f979918211de3a841c8b46248cc8d9
38331bfe1c23bc8e021dfb57ac6f51ee9f9b5918b6585abe96d233d01d95cff2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "38331BFE1C23BC8E021DFB57AC6F51EE9F9B5918B6585ABE96D233D01D95CFF2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3686
Expires: Sat, 03 Dec 2022 12:59:39 GMT
Date: Sat, 03 Dec 2022 11:58:13 GMT
Connection: keep-alive
tk.learning8808.com/images/xt5.gif
104.21.18.174200 OK 1.7 MB URL HTTP/2 tk.learning8808.com/images/xt5.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 1.7 MB (1693315 bytes)
Hash 036bdfc6224659a646168502a1742fb5
69ca9749e1a5f16d97d91c5c28f8c5d541093fd4
6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94
GET /images/xt5.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/gif
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
etag: "62693103-19d683"
expires: Sun, 04 Dec 2022 08:35:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2517762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FLfWJlKdZ%2FgBSvV%2Fw9%2BRSDUddiATe0OTCGfbjINVXJxpq3iOVcb2QXoIDI8FLH9zhMgoNJP1q0lATpsF9TNAzYbPyM%2F3%2BM%2FHMf7IlEBfJ5V0yCg9Gg7I9oSoMhPlVnz28lYXz61"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21167ddc1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt6.gif
104.21.18.174200 OK 2.2 MB URL HTTP/2 tk.learning8808.com/images/xt6.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 2.2 MB (2168710 bytes)
Hash a0d945b4c30bc77735161545d1e00072
87c77a030ae771c3010d1215f73d1426e03f48dd
8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb
GET /images/xt6.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/gif
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
etag: "62693105-211786"
expires: Sun, 04 Dec 2022 08:35:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2517762
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iTQGToVNhG%2ByHr%2BRmNS2aSU8jzIvI1Vu%2FNntQ2DDWEG8z6LlWzlk5JC%2FxkbmQyrhJ3uW8%2BSMfjlQL4eFbcddLms4gvuR5t5Tcnj%2B08WFNCfOK5EFeJKkz8Nvc5yxU%2F5603kd56h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21167ddd1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b5869022f16de011183c5c56c21eebf
853b62a9166a38e6408840b6b790ae4634456700
85df72cee8caf80f74c696c192b1e5f933be1f9451053b7c721d941ce0361f24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF72CEE8CAF80F74C696C192B1E5F933BE1F9451053B7C721D941CE0361F24"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3649
Expires: Sat, 03 Dec 2022 12:59:02 GMT
Date: Sat, 03 Dec 2022 11:58:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b5869022f16de011183c5c56c21eebf
853b62a9166a38e6408840b6b790ae4634456700
85df72cee8caf80f74c696c192b1e5f933be1f9451053b7c721d941ce0361f24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF72CEE8CAF80F74C696C192B1E5F933BE1F9451053B7C721D941CE0361F24"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3674
Expires: Sat, 03 Dec 2022 12:59:27 GMT
Date: Sat, 03 Dec 2022 11:58:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b5869022f16de011183c5c56c21eebf
853b62a9166a38e6408840b6b790ae4634456700
85df72cee8caf80f74c696c192b1e5f933be1f9451053b7c721d941ce0361f24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF72CEE8CAF80F74C696C192B1E5F933BE1F9451053B7C721D941CE0361F24"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3622
Expires: Sat, 03 Dec 2022 12:58:35 GMT
Date: Sat, 03 Dec 2022 11:58:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b5869022f16de011183c5c56c21eebf
853b62a9166a38e6408840b6b790ae4634456700
85df72cee8caf80f74c696c192b1e5f933be1f9451053b7c721d941ce0361f24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF72CEE8CAF80F74C696C192B1E5F933BE1F9451053B7C721D941CE0361F24"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3637
Expires: Sat, 03 Dec 2022 12:58:50 GMT
Date: Sat, 03 Dec 2022 11:58:13 GMT
Connection: keep-alive
tb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
172.67.221.78200 OK 815 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
IP 172.67.221.78:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5f0d020ee12b072cc7a4865e3f0bae71
8680cb7377252ffcf639460bec05590707c05ee1
a63103e9c031588374dec1197c35cbf6c13ab8278a97c958e92fae6b7ec38a1b
GET /yPS7hqfHgkFauS2djb/254.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:54:41 GMT
etag: W/"63885dc1-3ca"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tl97odlJnBIcdrXfWVj%2Bsmt0l4nBx0df6O%2F0uB0yfnt5YG%2FRz%2FXeoJgk0p6RXCM7%2BSm4my2yyUUr3e7v27tmeHTyQmo1QCav8R%2FIbfxfq8b1P5jCZWzXLvmmS3iE4IkMyFjvj1Q1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21119d620b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89f2b8bb6a7126e27f3fcf3debef25d4
aa8fdaa263cafc3460e232868689d92b0cd70ded
200524e915b52ac1d1e4dbcc1903c00e3813938e16142c637791e57990a29dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "200524E915B52AC1D1E4DBCC1903C00E3813938E16142C637791E57990A29DCE"
Last-Modified: Sat, 03 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7688
Expires: Sat, 03 Dec 2022 14:06:22 GMT
Date: Sat, 03 Dec 2022 11:58:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdbd0cf9671c9bf749f4d147e27a66a6
8afa0676587c942562858ef37467e714c60fdabc
bd707bc1f6a8e7274f5a7dd7c9a2dccb2516e00b1ae05961c544ca94f6922c5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD707BC1F6A8E7274F5A7DD7C9A2DCCB2516E00B1AE05961C544CA94F6922C5A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9295
Expires: Sat, 03 Dec 2022 14:33:09 GMT
Date: Sat, 03 Dec 2022 11:58:14 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 98a96979290d0eef677894be60299aad
5c3786a34d587b40a70235505cac3747b0cdcaef
e678d08ddb56adaa9a1f85d5bef274cc950e1a418cb50de731fa34688a64c2b7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:58:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 07 Dec 2022 08:24:41 GMT
ETag: "5c3786a34d587b40a70235505cac3747b0cdcaef"
Last-Modified: Sat, 03 Dec 2022 08:24:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2626
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c211a7996b4f7-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8f09732969decf5f76f7cfac6a5f92e4
8d37212805cecf230e88b977894ffb73d7d815bd
3bbc9b226e280b35a137760ee3d538d9df94a524049a53143b5ce4cfcd89dcf4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BBC9B226E280B35A137760EE3D538D9DF94A524049A53143B5CE4CFCD89DCF4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13529
Expires: Sat, 03 Dec 2022 15:43:43 GMT
Date: Sat, 03 Dec 2022 11:58:14 GMT
Connection: keep-alive
kveii.com/f67b410855efed07dc1783436baaa5f7.gif
137.175.11.239301 Moved Permanently 162 B URL HTTP/2 kveii.com/f67b410855efed07dc1783436baaa5f7.gif
IP 137.175.11.239:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kveii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Dec 2022 19:58:08 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /80425b77b9bd0cff2005378bab6643ed.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: text/html
content-length: 162
location: https://kvkppp.top/80425b77b9bd0cff2005378bab6643ed.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/ccdbab14f10a000895da95671a62bdf5.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/ccdbab14f10a000895da95671a62bdf5.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 524953656c0af8af64c8c09c48969374
2e86744a4045b19fb13005ed09cdbae40487e1d6
aec363496696b20d07829ca9b161ad371db196f43c59e7e4bdd325e0676cf3c1
GET //upload/vod/20221203-1/ccdbab14f10a000895da95671a62bdf5.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/jpeg
content-length: 12274
last-modified: Sat, 03 Dec 2022 02:30:10 GMT
etag: "638ab4b2-2ff2"
expires: Mon, 02 Jan 2023 11:58:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/f1707ef492ce7f67c6e3219a3e0c9b45.jpg
136.0.141.5200 OK 8.1 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/f1707ef492ce7f67c6e3219a3e0c9b45.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 4962d4c71eaaae5e1e433e2fc71aa038
43252ba2a37b7d3ec9f3b8b8dd43ef7b217ce630
9eac93584f6ba751b46dccc1151f3807847631f09c7deef41251c64a5e4f272b
GET //upload/vod/20221203-1/f1707ef492ce7f67c6e3219a3e0c9b45.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/jpeg
content-length: 8053
last-modified: Sat, 03 Dec 2022 02:30:09 GMT
etag: "638ab4b1-1f75"
expires: Mon, 02 Jan 2023 11:58:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/a13d5bbebef841b4a599307c2880f6e7.jpg
136.0.141.5200 OK 6.5 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/a13d5bbebef841b4a599307c2880f6e7.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash bbf5e574cceb3f842723d6aaecc5541b
68419ebaddd971312c447d11485dccd735f833ca
33b0b764ccd53672916ea97d0f062202ed8094c7dcc04d660dc4a8b5e383805e
GET //upload/vod/20221203-1/a13d5bbebef841b4a599307c2880f6e7.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/jpeg
content-length: 6515
last-modified: Sat, 03 Dec 2022 02:30:09 GMT
etag: "638ab4b1-1973"
expires: Mon, 02 Jan 2023 11:58:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
klx12.zhgmjglh88k.com/
172.67.153.180200 OK 14 kB IP 172.67.153.180:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 359f0029657874c30f85a7d467039c4d
40b684b56a87ad33f859e9cbfed2a04a2214e67a
61c6ef8e7c44208046036345cafa036ea59450a6ab44d69efff7e2ae0cd472a2
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: klx12.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kadinbebek.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0g%2B%2BEFyofuYqMpHQUrPqqb%2BQXd0JWsf6DNcEJUA9B4JndG4Him0xIS6lxwPz8z2RO7nR6I%2F7%2Fxd15OHvGtzaEn41XLsuPihnVekxoFe5Ahj%2BiHyMF6ZMfIdMGwGx7kwPUxflFJd9ps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c21094bd0b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/ce5803d7d44712ac0479484edeb37c87.jpg
136.0.141.5200 OK 9.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/ce5803d7d44712ac0479484edeb37c87.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 246f6305bb434736cbc0ee9b89c7d504
5e89a7552046ab78167dac305024ba2e0da02ad1
022c2187371cf3f8d1c3ee8316fcd3cdcde342b690d3994b71f18bdcbb60838c
GET //upload/vod/20221203-1/ce5803d7d44712ac0479484edeb37c87.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/jpeg
content-length: 9218
last-modified: Sat, 03 Dec 2022 02:30:08 GMT
etag: "638ab4b0-2402"
expires: Mon, 02 Jan 2023 11:58:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221130-1/44b3567abfcce2e9c36ce59016b32962.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221130-1/44b3567abfcce2e9c36ce59016b32962.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e173cf9e5907a073e62bd7c536f34097
24ebc5ef0698a252aeb997de623b559fcd81e85a
94815d48431d500bc5776e2c615fb34f4386a96dc729b56075445228f14eaf90
GET //upload/vod/20221130-1/44b3567abfcce2e9c36ce59016b32962.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/jpeg
content-length: 13058
last-modified: Wed, 30 Nov 2022 09:30:48 GMT
etag: "638722c8-3302"
expires: Mon, 02 Jan 2023 11:58:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/6bde6af03eb16acbfbc1e3655ba750b9.jpg
136.0.141.5200 OK 16 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/6bde6af03eb16acbfbc1e3655ba750b9.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 7748ee442e27cc440fdef1c065078fdc
6af1082f5fadbc88e21d17f5e73da4b5d938741c
baf595a957fa12e29dacf3b1de1284271506a95f5f214bf0d1df69ea9af46eca
GET //upload/vod/20221128-1/6bde6af03eb16acbfbc1e3655ba750b9.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/jpeg
content-length: 16162
last-modified: Sun, 27 Nov 2022 19:30:05 GMT
etag: "6383babd-3f22"
expires: Mon, 02 Jan 2023 11:58:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
172.67.221.78200 OK 2.3 kB URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
IP 172.67.221.78:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9caa486310026ec9ab4fc62aaf8aec32
a3479fcb8534033c194144d13379a0479e3adbae
ee308e9d84574efdb6bc4173914fcd98c321fb21f7cf70c38e536dd0758c8292
GET /yPS7hqfHgkFauS2djb/xtb.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:05:00 GMT
vary: Accept-Encoding
etag: W/"638a3e4c-f4e"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9IxcBI9qHd1dB8%2B%2BTCI0kBDE%2B1uBIRoNe%2BlyKWNLspunlBO3a2KalJUDBIaoDmDAcMmVt50c8T4405jjoXZxn5kFlXputVRyxcSGhsbZJTcRoVR6hY5FQraB7enw2zXPxhD%2FsXM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c2111edc90b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 05c5eec78f1a7babb2a487febf4199a1
72885b71439d2e95f733fcca4252da35a81da798
35c8a2f4f1a250e09d333bbd5b71875122f67466d5c59e245e2c948642678c44
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:58:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 07 Dec 2022 10:21:42 GMT
ETag: "72885b71439d2e95f733fcca4252da35a81da798"
Last-Modified: Sat, 03 Dec 2022 10:21:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1240
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c211cab0cb50b-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ec3bd2e4133885adb9ba8495e83049c9
512bba13f8f3f49db8bfe1cc57cd324b5e33d7b1
54012e469e66ffee423291b2077f35bcc94577c5a8469b1494a1179c9a21e7c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141266
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:58:14 GMT
Etag: "638abea8-117"
Expires: Mon, 05 Dec 2022 03:12:40 GMT
Last-Modified: Sat, 03 Dec 2022 03:12:40 GMT
Server: nginx
Content-Length: 279
kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
172.67.136.55200 OK 29 kB URL HTTP/2 kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
IP 172.67.136.55:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash a763cce2c7bc3f7bfaa94981d8d9ff47
085da887b67947c8b1e486137be2300dfabf4a69
9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kvhfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/gif
content-length: 29082
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
etag: "62544489-719a"
expires: Sun, 25 Dec 2022 21:23:18 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 657296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=db0YnY2WTBiJU4aPHfeTCi7Zvx7tCuUxaXXUz4Fnv%2BmVIrs%2B1McEpJn59NV79Z8uYTg9Xg2cVFaW7NM%2BFGO5JcwbYp66oAbAs4lSwzoRh4eaaAanzSUM0XKI8WEb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c211cbc7bb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b8e1ff9b0b001667e31b606860d29ee2
f710b1a66ae4a5cc084927caee711390142f505b
11a36ef98799a59469bc0295d2f1ef340a367b1efbf5877c575b5a5f46733227
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "11A36EF98799A59469BC0295D2F1EF340A367B1EFBF5877C575B5A5F46733227"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15795
Expires: Sat, 03 Dec 2022 16:21:29 GMT
Date: Sat, 03 Dec 2022 11:58:14 GMT
Connection: keep-alive
www.gg123456789gg.com//upload/vod/20221128-1/c57ad9665598da05921f248be507a121.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/c57ad9665598da05921f248be507a121.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0df25efb500b48c303479657c33f59c3
4fd3778c64ff9173da01f5291cc55e112aa1ad8d
ed7aecf2cce7b56f507f697e9c6b7bc0a966bae5b52e07f903a152d1716f6e76
GET //upload/vod/20221128-1/c57ad9665598da05921f248be507a121.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: image/jpeg
content-length: 13786
last-modified: Sun, 27 Nov 2022 19:30:05 GMT
etag: "6383babd-35da"
expires: Mon, 02 Jan 2023 11:58:13 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/bba9b1334662c6957507aa2b85071240.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/bba9b1334662c6957507aa2b85071240.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 97c394238af3cd2697ea428d05e1e4d5
84d2308d1b3898c4017a435bf3613d1a6cee3976
b057b313de21e5f7d7b50a2ae3a0a02289b5471a983fbca7bedf4d17cd03b8ee
GET //upload/vod/20221128-1/bba9b1334662c6957507aa2b85071240.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 13478
last-modified: Sun, 27 Nov 2022 19:30:05 GMT
etag: "6383babd-34a6"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ec3bd2e4133885adb9ba8495e83049c9
512bba13f8f3f49db8bfe1cc57cd324b5e33d7b1
54012e469e66ffee423291b2077f35bcc94577c5a8469b1494a1179c9a21e7c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=141266
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:58:14 GMT
Etag: "638abea8-117"
Expires: Mon, 05 Dec 2022 03:12:40 GMT
Last-Modified: Sat, 03 Dec 2022 03:12:40 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
kvkppp.top/80425b77b9bd0cff2005378bab6643ed.gif
104.21.57.216200 OK 1.2 MB URL HTTP/2 kvkppp.top/80425b77b9bd0cff2005378bab6643ed.gif
IP 104.21.57.216:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.2 MB (1217913 bytes)
Hash c705096a9fde58f82d85c91bbe72924a
52a49d3a5df458538c61fe3b8d50c12cc09796e4
be2b36a7353b79c2578b4ac0704ae20bb8441147fc2810b88e01dd156a52d66b
GET /80425b77b9bd0cff2005378bab6643ed.gif HTTP/1.1
Host: kvkppp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klx12.zhgmjglh88k.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/gif
content-length: 1217913
last-modified: Mon, 10 Oct 2022 13:23:30 GMT
etag: "63441cd2-129579"
expires: Sun, 11 Dec 2022 14:03:44 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1893270
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8x1ztYwcxRP1NfCkgf2k5idpWE2ietJ21C3LdRuusEPqsYI%2BgJoFspvo9Oxax%2BxC7J%2FBPbaPBgOeigozOdkxYwWSxDF8cRPM8EiHbWW7lz%2BXfKp1ZlFZ%2BiaLWoR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c211cd91e0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b8e1ff9b0b001667e31b606860d29ee2
f710b1a66ae4a5cc084927caee711390142f505b
11a36ef98799a59469bc0295d2f1ef340a367b1efbf5877c575b5a5f46733227
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "11A36EF98799A59469BC0295D2F1EF340A367B1EFBF5877C575B5A5F46733227"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15795
Expires: Sat, 03 Dec 2022 16:21:29 GMT
Date: Sat, 03 Dec 2022 11:58:14 GMT
Connection: keep-alive
www.gg123456789gg.com//upload/vod/20221128-1/0772c967d24d4ac40cb15f981c751e66.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/0772c967d24d4ac40cb15f981c751e66.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a7d336d7284626449980f9d973012985
a2e453b02b02f5279d059122d1438e94cfff13b2
35b2aae2c4d0b1afb2b980b74b08b12a6032ea49f8491cfdfbd2efba1c7044c1
GET //upload/vod/20221128-1/0772c967d24d4ac40cb15f981c751e66.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 14646
last-modified: Sun, 27 Nov 2022 19:30:05 GMT
etag: "6383babd-3936"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/a348fb16a9bc062030fbb09b030ec935.jpg
136.0.141.5200 OK 9.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/a348fb16a9bc062030fbb09b030ec935.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash ea5aa6a5bba37b22c616eabfa31daf9b
c6cd7a35ca3fdc91bf02d1252a013cf968d6267d
08e76f0bc53d328902b0f365ba457b985eb18e29567f2084b60e71a6cb0a0108
GET //upload/vod/20221128-1/a348fb16a9bc062030fbb09b030ec935.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 9591
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-2577"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/2677d2b5b40c67bae98bea14a3f48bd7.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/2677d2b5b40c67bae98bea14a3f48bd7.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 53e62ed3d8f7809170252373ec8db144
c89531dc66413afcfac5c4bd51e01fa9fd0a554a
67febdc6a91504852b05037fedddccd522c50d8e576448f6877da821c3dbeca3
GET //upload/vod/20221128-1/2677d2b5b40c67bae98bea14a3f48bd7.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 10682
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-29ba"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/e3e2a87b7b716b77ee420db011d457b5.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/e3e2a87b7b716b77ee420db011d457b5.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 5532271a1fd54d100d41ac9eb8638b45
108991c4153610e9b95645c4595b340723401934
3bc06272322b320d9e7e82f5c76bd5b61c8d48e2652f7e2949e8501ce17a80db
GET //upload/vod/20221128-1/e3e2a87b7b716b77ee420db011d457b5.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 11400
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-2c88"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/605bd94ca7b633e92ab1f42b76fcde49.jpg
136.0.141.5200 OK 9.3 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/605bd94ca7b633e92ab1f42b76fcde49.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6aa56ba1a18adba8987f4736eacbdbb9
34c4ed3899615e4d898755217d0b3788b61767a1
c90ba919530377357f2c7e6248bf3e9f475f2b56d4852897b4b670b48276b605
GET //upload/vod/20221128-1/605bd94ca7b633e92ab1f42b76fcde49.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 9274
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-243a"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/7717a2bd45386c51b3ce75407d763347.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/7717a2bd45386c51b3ce75407d763347.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 1d0c1fcf0dc0d11fdbd3786bc5f77956
4625022033da511cc7b41b6aca413344e590033c
888b69e40004ce4f242306057641a43c1d7b697e827d98f7223f13961d0ed5e0
GET //upload/vod/20221128-1/7717a2bd45386c51b3ce75407d763347.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 11564
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-2d2c"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/28e480845a9be0e87b9373c53c370435.jpg
136.0.141.5200 OK 9.8 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/28e480845a9be0e87b9373c53c370435.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash fa71bdffea6ea43f3130cf6ffc892c5d
13df56a8f18400c00fa413aee208723300a11b79
cf77301c6959ac4a3b25fb3821a84e19d41e657ce6655b2c97b0b9d8ab7901c2
GET //upload/vod/20221203-1/28e480845a9be0e87b9373c53c370435.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 9845
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-2675"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/b4753ccd0c222ee09945f7e48913e914.jpg
136.0.141.5200 OK 9.3 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/b4753ccd0c222ee09945f7e48913e914.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 9c09d24aeb0aa7b866758bcecd0b8b31
01def35b0926059bb50d7d99e2ae5ec582fc90c6
d7404edad658c6f20df061d67d94ad89ef384bf6cf682ce4c9027a4447fa3bf0
GET //upload/vod/20221203-1/b4753ccd0c222ee09945f7e48913e914.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 9274
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-243a"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/14899a7bbde84131aa0248e091fbae87.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/14899a7bbde84131aa0248e091fbae87.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a87b1b54cd854961b4e5ae4ab85f58f4
0861e2fab42c0b571e80e80a935aacc34714e116
1f2d0fe43592e94fb540788498c5edac216fa362419daf19f700415cdfb01aaf
GET //upload/vod/20221203-1/14899a7bbde84131aa0248e091fbae87.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 10540
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-292c"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/ad2e67eb32e19e97d8a5edbc4e58796b.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/ad2e67eb32e19e97d8a5edbc4e58796b.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 3d1c1e95e9b0480f60f1ee559155a9e0
d55c3710daeae33a7f442fb85d5d6e75206d2691
6c338275903471b82fb2756b8c8858ce18709e24b63c6ef8e31a78d712b18fc2
GET //upload/vod/20221203-1/ad2e67eb32e19e97d8a5edbc4e58796b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 13940
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-3674"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/0bc5efacbaaff12e33c50f939714da00.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/0bc5efacbaaff12e33c50f939714da00.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6889422398442f56b559d1226859345d
bfd54189f4f6f98d7eda88fe37ba4ba5ec918e25
fe23e388bb9d45471882c3f16e40d145d2793dc8ad9c8ba9b8d577e555e07ce1
GET //upload/vod/20221203-1/0bc5efacbaaff12e33c50f939714da00.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 10723
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-29e3"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/001ce55c66a4dd1390afd478cb53588f.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/001ce55c66a4dd1390afd478cb53588f.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 8cc41725361b162dc60c7dcb71ec0c5c
cec0c61d4909ac67ebea4d5f1e41ce7b1de4b3f6
e1621907a7fb894c5b809b9967843b4da204e12f4e5f0eabe7c94fcf50633856
GET //upload/vod/20221203-1/001ce55c66a4dd1390afd478cb53588f.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 11294
last-modified: Sat, 03 Dec 2022 02:30:13 GMT
etag: "638ab4b5-2c1e"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/37abd88f6ff7ca8251f58c204e000ab5.jpg
136.0.141.5200 OK 9.1 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/37abd88f6ff7ca8251f58c204e000ab5.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash c82c01b54fe3a3cbcb4e54541fdb32cc
a0b969906117d7c47588dbb67283300c8fffbd88
0f0c83ce7bd9f7a2aef2a242084011927bc44e07a35ae0376cbe5d8d1628a690
GET //upload/vod/20221203-1/37abd88f6ff7ca8251f58c204e000ab5.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 9065
last-modified: Sat, 03 Dec 2022 02:30:13 GMT
etag: "638ab4b5-2369"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/d65a401eaa5ed1480d07580acc019f5d.jpg
136.0.141.5200 OK 9.4 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/d65a401eaa5ed1480d07580acc019f5d.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 9e54a36231af42b16499e9f3f288db4d
4427fa5a05d62bda7c97ff15162e4a8028b2a23e
7ca2065e441ca80edcca79ce2c60033d75dfd09d02ccf82b99c30f4b50f89264
GET //upload/vod/20221203-1/d65a401eaa5ed1480d07580acc019f5d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 9397
last-modified: Sat, 03 Dec 2022 02:30:13 GMT
etag: "638ab4b5-24b5"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/17170ffabfa3831c27188436a75a64f0.jpg
136.0.141.5200 OK 8.7 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/17170ffabfa3831c27188436a75a64f0.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash cd25a24dcdd2489ba1fbb3976f23eed9
2c03cdbfa9df958c892961299b4661344abfe8f5
04dff41f20eff6bbcfb454cc5062fda5ac4d9904d849bf5fdc83f32d8db1bedc
GET //upload/vod/20221203-1/17170ffabfa3831c27188436a75a64f0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 8688
last-modified: Sat, 03 Dec 2022 02:30:13 GMT
etag: "638ab4b5-21f0"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/445a4e71cd0fc95d373df77f19f4a282.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/445a4e71cd0fc95d373df77f19f4a282.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 3d6de22b1925f8c9b7964cc07bddb112
b0bc29b4dd7d63dee2469d90b5f9ee8794ef0b2b
e5c7b717d669c1a69646a15fb8b8dc64dd88bfba02f58c9abc0f47d89c753416
GET //upload/vod/20221203-1/445a4e71cd0fc95d373df77f19f4a282.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 10496
last-modified: Sat, 03 Dec 2022 02:30:12 GMT
etag: "638ab4b4-2900"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash c9b4e900de3fc933eb18330e8fd0bc70
131614c879463f8065aa28a4397946a4ea2d5fdd
b452e755af3621dadf1c40b1d8e07840dd3f048d60cec290b44abfb5e5ff620b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:58:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 07 Dec 2022 10:26:16 GMT
ETag: "131614c879463f8065aa28a4397946a4ea2d5fdd"
Last-Modified: Sat, 03 Dec 2022 10:26:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773c211d4bc5fac0-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c46e60202a3ccb47be621167e4668b93
002c08004939242b84616b060bf3e762d7313936
b659481ddf26c6babdfbae8cb3737c06db49247bc95a286a2a554a38ff20b2c8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:58:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 23:52:08 GMT
Expires: Thu, 08 Dec 2022 23:52:07 GMT
Etag: "002c08004939242b84616b060bf3e762d7313936"
Cache-Control: max-age=474232,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773c211d993cb524-OSL
www.gg123456789gg.com//upload/vod/20221203-1/2987519218f11e5898ca2a99e5337958.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/2987519218f11e5898ca2a99e5337958.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0bd3a547cd2689297cc021100dfe636c
81d1c9cbd5551786487c1c25c762b951e6a42ada
5d23d27e850af43c6b186a031f70c838afd1e0d062b55eeee9e272f4d721681a
GET //upload/vod/20221203-1/2987519218f11e5898ca2a99e5337958.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 11550
last-modified: Fri, 02 Dec 2022 23:30:04 GMT
etag: "638a8a7c-2d1e"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/4e85bb76b5cbbd692c544af1757e6993.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/4e85bb76b5cbbd692c544af1757e6993.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e7b8b775a0924264207cb9789faa009a
1e2c23e0afc5ee5d1b79b7338bc3c61c175386f6
f7705d93a4302ebacd54c5d40b0b024acccee49f80b76e35a76dc030a281bfaf
GET //upload/vod/20221203-1/4e85bb76b5cbbd692c544af1757e6993.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 12920
last-modified: Fri, 02 Dec 2022 23:30:04 GMT
etag: "638a8a7c-3278"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/9c17ce802e18093de20f34514930136a.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/9c17ce802e18093de20f34514930136a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 7b89ea9d808cdf1f0b8f4241a39094fe
ffa3a9f25e638679a114aafebc17394b7bf0b9c8
1183afa88e3bfe9617c4eb9fca6559a259a9915a40abee29af7e4c0ee05612d9
GET //upload/vod/20221203-1/9c17ce802e18093de20f34514930136a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 11951
last-modified: Fri, 02 Dec 2022 23:30:04 GMT
etag: "638a8a7c-2eaf"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/5beefbdba5173d0f7bf587cf5dab9cd9.jpg
136.0.141.5200 OK 18 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/5beefbdba5173d0f7bf587cf5dab9cd9.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 925caab8acf37d96d74043d5ac857907
daa495ffbe383a5f64a2fcf1379a4224747ccd8e
c6273fb61761d792581beacfa73a7c1f234be68664668b284e47a7a775325304
GET //upload/vod/20221203-1/5beefbdba5173d0f7bf587cf5dab9cd9.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 18047
last-modified: Fri, 02 Dec 2022 23:30:03 GMT
etag: "638a8a7b-467f"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/8e08ed8f92508d477678a5aaf3f9e72a.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/8e08ed8f92508d477678a5aaf3f9e72a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 514-514, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 38706221056.000000\012- data
Hash 5c4339ccdd5605a0e32b42728e6a3114
3ad7296c9c9a92e24566f65424cafae13b29ac29
28df31fa64f44800623fe355e000f503389080f255330479895ad757fe635619
GET //upload/vod/20221203-1/8e08ed8f92508d477678a5aaf3f9e72a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 13538
last-modified: Fri, 02 Dec 2022 23:30:03 GMT
etag: "638a8a7b-34e2"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/d743a5476459bc83c668e03c1ab50327.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/d743a5476459bc83c668e03c1ab50327.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f2fe2b0bf13251004dbe11e3e1e6c39e
dbff4cdbceb862a1ded9ee95ca998a9bd8e950b0
418219f2ccbd127a25e192507a28ad815a1f71c5ef22d728d69cac6f02a5dc30
GET //upload/vod/20221203-1/d743a5476459bc83c668e03c1ab50327.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 12704
last-modified: Fri, 02 Dec 2022 23:30:03 GMT
etag: "638a8a7b-31a0"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/6d0d3ec5a32d9e7db26ae6867d7f9a00.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/6d0d3ec5a32d9e7db26ae6867d7f9a00.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f5b70f44357e7f170ce4316f82229ee5
b9bb7034d0f438340dc75bbc51192d627254ecfc
fc913886706440039b7da0846323edd10aadcb61fec3047089a37a8828db0cc2
GET //upload/vod/20221203-1/6d0d3ec5a32d9e7db26ae6867d7f9a00.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 13233
last-modified: Fri, 02 Dec 2022 23:30:03 GMT
etag: "638a8a7b-33b1"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/218ce2ad5505e3e347c14d0b1a9d1825.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/218ce2ad5505e3e347c14d0b1a9d1825.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash cbd76fe39c33bd865520b97471e0d96f
e5b8f9bf3c0e654f4a7a500225d1fd1f7672f94f
0f21ff7108a70a49a31c3632b0c955dc505e525f689f83b090e3c69208397f43
GET //upload/vod/20221203-1/218ce2ad5505e3e347c14d0b1a9d1825.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 13669
last-modified: Fri, 02 Dec 2022 23:30:03 GMT
etag: "638a8a7b-3565"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c4ef33491ef7d12d190b0e0d4ca5882e
3bb40997858ef719331d2e5b3b8994cd8019637a
202617174aec413c8ef39aa75e9bdf4d1765b8119492cd45136028b505127cb2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:58:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 05:50:02 GMT
Expires: Sat, 10 Dec 2022 05:50:01 GMT
Etag: "3bb40997858ef719331d2e5b3b8994cd8019637a"
Cache-Control: max-age=582106,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773c211f6bfdb524-OSL
www.gg123456789gg.com//upload/vod/20221203-1/0b64c9eb01c1c9209f93304097edd8d6.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/0b64c9eb01c1c9209f93304097edd8d6.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 34323a1083c47808183a13ce3b028521
f384c212b86c7cea9d3ad1183e9864e5a2909af9
3ee3c67ffd23bd5cbda6dfbe87b68c35ae9960db83a3cf6accb9c0840975ecf1
GET //upload/vod/20221203-1/0b64c9eb01c1c9209f93304097edd8d6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 15323
last-modified: Fri, 02 Dec 2022 23:30:02 GMT
etag: "638a8a7a-3bdb"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/3ff929e5b2176be18e3fa89030450c33.jpg
136.0.141.5200 OK 16 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/3ff929e5b2176be18e3fa89030450c33.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash da078665b4739e9892f0ba45a96e8358
356009cff55d9acb5bee7cad96525123d977b78e
87cedf239727bb26e23ed7b1898e16d33182a0c4666a6678d094ca685dffcd82
GET //upload/vod/20221203-1/3ff929e5b2176be18e3fa89030450c33.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 16273
last-modified: Fri, 02 Dec 2022 23:30:02 GMT
etag: "638a8a7a-3f91"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 1e2dbbd9ce11fa40d488f69435a8050d
17e647ee8d7e435ba4038590131f81bdf29910a3
1e836f129ab861fb7e1688c45374b1336d11af9ff3f3121e41f78d7a24c3f398
GET //upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 12063
last-modified: Fri, 02 Dec 2022 01:30:02 GMT
etag: "6389551a-2f1f"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 768-769, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 10.011994\012- data
Hash be311ae69aa806e335bf3f486c9c1742
1f03f482ff608cab3163afdeab73c2ed62cf2de0
385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03
GET //upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 12628
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3154"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 15016e4dc41923e35678f6879d6c2eb2
56522e64a0e2257181aa35e32e9023801e3dfeb2
b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb
GET //upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 14145
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3741"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e102994da73de1c4f40db37257545fb5
348d2ece7d32a7ed1c2af957c22eebb8863377d0
4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9
GET //upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 15357
last-modified: Mon, 30 May 2022 22:30:20 GMT
etag: "6295457c-3bfd"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
172.67.221.78200 OK 496 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
IP 172.67.221.78:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 89367f8d0e4714260e115051b76df6ae
5f7d4dc7d63119cd9e5a2d90076a387284d86ac3
ed8cd94f569bfa28026da32ec7670dd57b1a92a1d8ac370929fe1b48ddf3f283
GET /yPS7hqfHgkFauS2djb/foot.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 08:42:42 GMT
vary: Accept-Encoding
etag: W/"633d4382-44d"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21zEnrFZHpOyPP6yE6SpqVIFULOTWJb09%2BRE1CiJsVprzYz2z0%2BV8ctqZAd%2FzcW1ijkJHXuzGmARTHjIcMnYiq7PEyPht6mfeyuEwqWz%2Bx2sRfUpBXXpUEiocRgb4ghzsfv99ORl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c2111ad7e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
172.67.221.78200 OK 656 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
IP 172.67.221.78:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash a2e198586ec4477da2ea62b1a2b45e4d
67b258230d08de840d5bbd757077e260e951d15d
fe61c9d1a29dcb65f57be938e6346ec08d7369b807f461aa7049b160deaac35c
GET /yPS7hqfHgkFauS2djb/xx1.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:54:10 GMT
vary: Accept-Encoding
etag: W/"63885da2-753"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rix%2FQkhKb89wdaoO6xZjpxkwPXfThnJ6dzFffNFFnEM3Ue2tRwjwHiwydqOc%2BKaynBjqW%2F0Mk6wYDWYsOclRrhhl%2Fh7HfqYae3qum7nB9ZN2in3%2B7QSD6o0yF10axJyzAUo7AgG8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c2111edc40b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:55:45 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Mon, 02 Jan 2023 11:55:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b8f959cc02193f5adb283bc77e98a2dd
2bd274ecd4fdb7e1ddabb5955165a7357eac44f1
cf55ba87b77b708e03a639bc092fa51afc64139dc25775668ef2bab5fad26c1e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:58:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 01:44:17 GMT
Expires: Fri, 09 Dec 2022 01:44:16 GMT
Etag: "2bd274ecd4fdb7e1ddabb5955165a7357eac44f1"
Cache-Control: max-age=480960,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773c211f7fb10b41-OSL
www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
136.0.141.5200 OK 33 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
IP 136.0.141.5:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a1fc7657b8d6926a53055671bee349d
68ab1bc12c02da3a8def2daa09a789991b8c54e7
a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa
GET //upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 32778
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-800a"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
136.0.141.5200 OK 34 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
IP 136.0.141.5:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02fe4fa1cab54aa6afa13de6a5ec35a1
f6ad518dfccb3aeff5d5f809d288fdb7ab177519
e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348
GET //upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 33634
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-8362"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
136.0.141.5200 OK 24 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
IP 136.0.141.5:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e76298247b86c93518d6084cb4cccfe
c5da11c703b36e9415121d1e9f6ae7179c004ec3
95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9
GET //upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 23462
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-5ba6"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash bec220b3b49b05c6b75d762efb631eb7
fd0f46d366a98e8b5c8a51f2062b648a688b1252
d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7
GET //upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 12353
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-3041"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
136.0.141.5200 OK 18 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash d6c8ad2c7eac5b55275ad3906346b9b1
b4e791297c2aa69be4ee4166fc70f15b76c1103b
35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6
GET //upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 18119
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-46c7"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash 94b5b1daadd41006bd3c5673df744233
c6e8bfda782a593ef6e24be3ced6c3504d99ce75
a8f2fe0e906170d40aa57aeec128d4838cf650bf61f67d20ca29b1d6b5f428ff
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 11:58:14 GMT
Etag: f490ba46f55e087377c5e9792deac968
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9A2FDCF7CD04A1D8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.gg123456789gg.com//upload/vod/20221203-1/40a83dbcb1a66903ac916b82da1f3ea6.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/40a83dbcb1a66903ac916b82da1f3ea6.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 74f7a123ff8767cfdefa5cb41fa04adf
24b173349054cacd2ad25c3e3ad3610ca5b0c09f
2fc7297ef0397f1e024103653f00d80973043f3c8f1a7b60cffd77321c27e9ca
GET //upload/vod/20221203-1/40a83dbcb1a66903ac916b82da1f3ea6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 13139
last-modified: Sat, 03 Dec 2022 02:30:10 GMT
etag: "638ab4b2-3353"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/0fdf63f0138442c470103ab49681e2a2.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/0fdf63f0138442c470103ab49681e2a2.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 6a1f35de0426f2809da033c789b8032d
eaf40bce9dd3d87a4a719c97230020090faae615
288956ea1f118dae6b69e80d8e2165c5088a01d3f8ef578fe2e740ce19654825
GET //upload/vod/20221203-1/0fdf63f0138442c470103ab49681e2a2.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 10725
last-modified: Sat, 03 Dec 2022 02:30:10 GMT
etag: "638ab4b2-29e5"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/58f0420ef84f7e86d6b30536bac34ad8.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/58f0420ef84f7e86d6b30536bac34ad8.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash f5228990d6dda1d9e9d0c3d013208c31
f080c6f9198141daab7157b73f5f45ef133e41d6
8ad50b1064d8228db8956213fceb52e69d49dea3ad4ab626b9e6b840d7f417e3
GET //upload/vod/20221203-1/58f0420ef84f7e86d6b30536bac34ad8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 10250
last-modified: Sat, 03 Dec 2022 02:30:09 GMT
etag: "638ab4b1-280a"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/f4f4d0c5ad28c6828141b0c03bb71d56.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/f4f4d0c5ad28c6828141b0c03bb71d56.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash e5e2b7bd42666c5a063da938d364b514
da422e000a712078aff28afa6714ac80243d30fc
19c5d117becfa001c5adc1da72fd71f32bbd2154a599952a0cc855126ad01785
GET //upload/vod/20221203-1/f4f4d0c5ad28c6828141b0c03bb71d56.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 13400
last-modified: Sat, 03 Dec 2022 02:30:10 GMT
etag: "638ab4b2-3458"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/f348f176b9e3ad29bbd713a2a4dc30d8.jpg
136.0.141.5200 OK 8.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/f348f176b9e3ad29bbd713a2a4dc30d8.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 565c8410623a52b91a545fbcb64ce9be
b7d87422a77db3615c91c2e7c6e95fc21659ee3c
24079d1eaeb5ac1f8f2e9bb023f51a387154c84ea58982a55a6d60240572b2ba
GET //upload/vod/20221203-1/f348f176b9e3ad29bbd713a2a4dc30d8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 8607
last-modified: Sat, 03 Dec 2022 02:30:09 GMT
etag: "638ab4b1-219f"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
136.0.141.5200 OK 76 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 625x900, components 3\012- data
Hash 8df7397c01f50d1a0216d5aa5df5b616
8d6f18e7901340760b112b8ee25487d732b64e3c
c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1
GET //upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:58:14 GMT
content-type: image/jpeg
content-length: 76403
last-modified: Sun, 15 May 2022 04:30:19 GMT
etag: "628081db-12a73"
expires: Mon, 02 Jan 2023 11:58:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
u0082.com/a16bc2eba9394ff7a8d1fd21227d4ad0.png
52.140.202.5200 OK 33 kB URL HTTP/1.1 u0082.com/a16bc2eba9394ff7a8d1fd21227d4ad0.png
IP 52.140.202.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash c68756950b165d949465544db87323c3
a6f663c50873e805a857db98503107f215d3ebcf
d57da097cdea62f33ce4c300ef9308db4cc73e3647d219b8cf6bc06884a4a3fa
GET /a16bc2eba9394ff7a8d1fd21227d4ad0.png HTTP/1.1
Host: u0082.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:58:15 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 05 Oct 2022 08:35:07 GMT
ETag: W/"633d41bb-80a4"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 7623aef042a77103cfdc2d91e383762d
df4c204fada1c282bcc26ffd21540f4befe05234
3b3c0224e51b0758183151ef326a9504de244235c0c6d347c058ceb058be09b4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:58:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 23:31:05 GMT
Expires: Wed, 07 Dec 2022 23:31:04 GMT
Etag: "df4c204fada1c282bcc26ffd21540f4befe05234"
Cache-Control: max-age=386568,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773c21215e84b524-OSL
bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
45.61.212.225200 OK 121 kB URL HTTP/1.1 bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
IP 45.61.212.225:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 121 kB (120937 bytes)
Hash 49275d96974a0e7a765eba878974e990
a072e28e13413dad5a5c2db03d27e4cbe8b0b220
f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f
GET /ad57239e363d4a2f96c2e91f27d2aefb.gif HTTP/1.1
Host: bob5379.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62bc27d3-1d869"
Date: Tue, 29 Nov 2022 11:35:39 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-25
Content-Length: 120937
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=405435067&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.kadinbebek.com%2F&v=1.3.0&lv=1&sn=40288&r=0&ww=1268&u=https%3A%2F%2Fklx12.zhgmjglh88k.com%2F&tt=tianbiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=405435067&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.kadinbebek.com%2F&v=1.3.0&lv=1&sn=40288&r=0&ww=1268&u=https%3A%2F%2Fklx12.zhgmjglh88k.com%2F&tt=tianbiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=405435067&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.kadinbebek.com%2F&v=1.3.0&lv=1&sn=40288&r=0&ww=1268&u=https%3A%2F%2Fklx12.zhgmjglh88k.com%2F&tt=tianbiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 11:58:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=48E5E87A34072337; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
103.170.15.110200 OK 141 kB URL HTTP/1.1 585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
IP 103.170.15.110:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 240\012- data
Size 141 kB (140712 bytes)
Hash 62aca5f86547ebf8aba956425356874b
d9ecdbe6202ddee69d57658be2d54a0312c1cb55
3be630a28e559a5dd07a2e9e3bf8280a8e20dda60eda7dce947fad9716e2eba8
Analyzer Verdict Alert quad9 Sinkholed
GET /1825aadc7435489f87c5b35903b8d679.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63763814-225a8"
Date: Tue, 29 Nov 2022 13:45:46 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 17 Nov 2022 13:33:08 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 140712
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash 2bcf0a63f6b72f6ac503589b42209a64
cf2e60729283c4cc6e6037d8559413d94c6635d3
5bc42e1c54a1742ea5a294d66058013e909b5c6de9074ce845800979a6ba918d
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: f490ba46f55e087377c5e9792deac968
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 11:58:15 GMT
Etag: b32889d104fb4a9a38086bc14aa22719
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F80B9DB120E6294A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
vcawmm.com/69a77fdc94014ce6a6a1c95eafa17df7.gif
103.189.109.77200 OK 5.4 kB URL HTTP/2 vcawmm.com/69a77fdc94014ce6a6a1c95eafa17df7.gif
IP 103.189.109.77:0
File type GIF image data, version 89a, 128 x 128\012- data
Hash a0438d7c62b550cd7ddd9e2e610985c5
30ce913fb9d79ff3d3d3c0416d4f23273db581ea
f79805b07dd476b307facd24cd474fff1007d5241bc3a4aaba3f9bb2a63a5273
GET /69a77fdc94014ce6a6a1c95eafa17df7.gif HTTP/1.1
Host: vcawmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "633c38f9-1519"
server: nginx
date: Thu, 24 Nov 2022 16:01:42 GMT
content-type: image/gif
last-modified: Tue, 04 Oct 2022 13:45:29 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-067
content-length: 5401
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 385797edac1d836eff60d899f2c2bf50
66a002020f849693377673a3938435f77330d701
1a731e7e002981839b20fc7960f11abc3bf990f7c1a8022bd7d21449c820415c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1777
Cache-Control: max-age=123984
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:58:15 GMT
Etag: "638a7436-2d7"
Expires: Sun, 04 Dec 2022 22:24:39 GMT
Last-Modified: Fri, 02 Dec 2022 21:55:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/dfac7fde683043228d3cd0be967f696b
47.246.44.226200 OK 124 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/dfac7fde683043228d3cd0be967f696b
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 90 x 90\012- data
Size 124 kB (124531 bytes)
Hash 9f234ea79f93eb13036eac3d77feb577
772d65f2bc35ae8e372403d0f41a759367a0c587
e333bc4c2e600c9e60819a46a6115ca06a5ca88353d45c67d85c90f63bdc2919
GET /obj/tos-cn-i-dy/dfac7fde683043228d3cd0be967f696b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 124531
date: Thu, 01 Dec 2022 07:57:02 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 01 Dec 2022 07:55:01 GMT
nw-session-id: 202212011555000102121540774AEBD2FAr8psg01dy
nw-session-trace: 2022-12-01T15:55:01.152867076+08:00 77
x-bdcdn-cache-status: TCP_HIT
x-length: 124531
x-powered-by: ImageX
x-response-date: Thu, 01 Dec 2022 15:55:01 GMT
x-tt-logid: 202212011555000102121540774AEBD2FA
via: n204-100-014, cache5.l2de2[0,0,206-0,H], cache19.l2de2[1,0], cache19.l2de2[1,0], cache8.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:25:635::160
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01913bc4c26ab3e0478e8fc7c69976526b1aaab7347ad3dc33434cf4a7dbe2a6f17d81e8d8910a76a33f645ca1032edee05effa6abec553e9ef3a20e336499e6228c6e9520bfaa904a2fc24e31e7bf210c37829c940970cb0022c8113eedf3e134
x-response-lb: image
ali-swift-global-savetime: 1669881422
age: 187273
x-cache: HIT TCP_MEM_HIT dirn:1:264810930
x-swift-savetime: Thu, 01 Dec 2022 08:09:19 GMT
x-swift-cachetime: 31535263
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816700686959825862e
X-Firefox-Spdy: h2
img.1170555.com/images/63885c1ce2b7e59d9aade2d4.gif
185.239.226.87302 Found 43 B URL HTTP/2 img.1170555.com/images/63885c1ce2b7e59d9aade2d4.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /images/63885c1ce2b7e59d9aade2d4.gif HTTP/1.1
Host: img.1170555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/dfac7fde683043228d3cd0be967f696b
X-Firefox-Spdy: h2
img.1129555.com/images/63885b8fe2b7e59d9aade2d2.gif
185.239.226.87302 Found 674 kB URL HTTP/2 img.1129555.com/images/63885b8fe2b7e59d9aade2d2.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
File type GIF image data, version 89a, 960 x 240\012- data
Size 674 kB (673815 bytes)
Hash ca0fb55d08be2c3c4b6f96cb1709b42e
f495bcc54aea25d82f8f63afc86bcd0ef30cb612
e4fd98ca001857c2c2ae8aef1d4b474c905cf75a37806fa1cf0c9e82ee0c963a
GET /images/63885b8fe2b7e59d9aade2d2.gif HTTP/1.1
Host: img.1129555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/79b06e3d6f814a17a9b2ad463a215430
X-Firefox-Spdy: h2
701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
47.75.19.251200 OK 298 kB URL HTTP/1.1 701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
IP 47.75.19.251:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 298 kB (298536 bytes)
Hash 9c3ba66a41c99ffee01405a837610cca
6e1ed01e150ddeb219b2917dd1f5230e8a703da5
d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5
GET /gg/200x200.gif HTTP/1.1
Host: 701.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Dec 2022 11:58:15 GMT
Content-Type: image/gif
Content-Length: 298536
Connection: keep-alive
x-oss-request-id: 638B39D74C8B373836B125B9
Accept-Ranges: bytes
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8250722550151430017
x-oss-storage-class: Standard
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
x-oss-server-time: 1
tb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
172.67.221.78200 OK 0 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
IP 172.67.221.78:0
GET /yPS7hqfHgkFauS2djb/dh.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:05:00 GMT
vary: Accept-Encoding
etag: W/"638a3e4c-19db"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6B7Q0pgOfmUWHr0ogeNfxNCAxYjhRS0fHraoMjN5LPxiSPrd3Ml%2F2IoAu7hYtn1ZIAJpcOmr34FPp98MIgYtdc00IUw7KGZ8v8KnzmfUef2OvqUS8tl3%2BWRsOkhhl84QBtGhEjk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c21119d5b0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
172.67.221.78200 OK 0 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
IP 172.67.221.78:0
GET /yPS7hqfHgkFauS2djb/251.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:05:00 GMT
vary: Accept-Encoding
etag: W/"638a3e4c-401"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yql7TO%2FbFWCTXf007wuS40ibWObJ9Te0dx%2Bhh8zZ8i9H8SiVC%2FvS0tN0HaboI2EB8hPW1BuG%2Bmal%2FQ7nMPOtkJY5ApdC0n7WCv0cBfyTCemdrJYdPsYkjnzLFhtVq7kBUNHMJIT3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c21119d5e0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
172.67.221.78200 OK 0 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
IP 172.67.221.78:0
GET /yPS7hqfHgkFauS2djb/250.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:05:00 GMT
vary: Accept-Encoding
etag: W/"638a3e4c-405"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7Gzacc95AkeHWOsNG0LmLmXbEo7EyMDPthWNUGiYbAWIK4uvbkWY%2BvF7LvRPy9qM8EAdIhFEZKmpwNEx4werU%2FWJ9QR0pec0rkGzqbqxkzmreN3DjBpKw857NeI0UaFp2TFF5fK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c2111ad8b0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
172.67.221.78200 OK 0 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
IP 172.67.221.78:0
GET /yPS7hqfHgkFauS2djb/252.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 03:29:41 GMT
etag: W/"6376fc25-3cd"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QR7o8eumCarWJr2vzObdMG7v9FotizHs9dLbdMrUDzP8R0zQgKemx%2F2XE7e79UXNFl34U109Z%2BfYWBA1mQjws9HdR1wIbX6eC7QmHNeXpg0TfJOMWop5uwaIS81ZPwlTX4swGARg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773c21119d5f0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
172.67.221.78200 OK 0 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
IP 172.67.221.78:0
GET /yPS7hqfHgkFauS2djb/xx2.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:54:14 GMT
vary: Accept-Encoding
etag: W/"63885da6-481"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9AJQePd%2FRh4SMsmd7L%2Fkg1AbBT2w6IpSGV6NQfiZuyVZ92I5W2RrL8P5arRcbHD2t3uUBLrSeOF33wamD%2Fayv53I0a%2FgALmScRTztRRbgBtuOredFpV7hroNExMKM9SpIhEmey%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c2111cda20b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx12.zhgmjglh88k.com/
172.67.153.180200 OK 0 B IP 172.67.153.180:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: klx12.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kadinbebek.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nffgjA7ROVKn56%2FJvbNQwzO7BmZBqIWrM4fXOaAz4J4dX5es1ZNl6%2BcQJUrRV9G5LJamPSGX5zYRYzoRoSbOM8gP6xYrLCtdyiMMG1dxqq721pwwsUMFldhVQuP%2B8Qya27euldbx%2Bvo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c210c2edeb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
172.67.221.78200 OK 0 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
IP 172.67.221.78:0
GET /yPS7hqfHgkFauS2djb/253.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Sun, 20 Nov 2022 07:03:23 GMT
vary: Accept-Encoding
etag: W/"6379d13b-421"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muB6l7Nf6mGq7WKxz55U6tcF%2BNroO9Q5odQ8rFcDHS4wg7UmOJqPiYIuEDWUgHqlbJrDFMUehCPeWPc2BtECcxTxyzcjDtlxCY2O1h3Y1SxS2nsfaRb5NhekzBvyReorYVrn4ngj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c21119d600b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
172.67.221.78200 OK 0 B URL HTTP/2 tb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
IP 172.67.221.78:0
GET /yPS7hqfHgkFauS2djb/dh1.js HTTP/1.1
Host: tb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx12.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:58:13 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 08:42:42 GMT
vary: Accept-Encoding
etag: W/"633d4382-972"
expires: Sat, 03 Dec 2022 23:58:13 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7%2BNMZLSlJTn1ua1QpSfgxdcYDT8aAXQz0LTXXPKW7Dbgs9yZyo5zAXr5Twekvd8ltoo1JF7uDRkTPfszeh9mCreORgpCeJ0ym7AZtKmodiLvAmq6RUueUegaYWHJHK50J6H4jO4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773c2111bd970b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2