r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10053
Expires: Mon, 26 Sep 2022 06:24:08 GMT
Date: Mon, 26 Sep 2022 03:36:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 19c560e684aecef6975e0cc8dd3778c9
9a672a2ab8c4ba5eefa68ef5c4d331f423dda3bf
80a5368c14f9c89b7c247eef70d98cc7886d0c1e1607cb39e061121603467265
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80A5368C14F9C89B7C247EEF70D98CC7886D0C1E1607CB39E061121603467265"
Last-Modified: Sun, 25 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14128
Expires: Mon, 26 Sep 2022 07:32:03 GMT
Date: Mon, 26 Sep 2022 03:36:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ps8J-tYhDP-lIAVMOL5h4UBHajEe5CPe1yE_1mgeMwrfNdrISPjXiQ==
age: 82881
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 38 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f8d0c9d551f81bbd5ed4f609ae595ab7
a8437e536edd3e334c5ff7dd6319742e6ebdc1f7
35acf16dbe6978729904824b93eab06942c7769334f99cee91cc7c9fa2e17520
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: b20Lpu0p4pThu7c1SuMq21si0XTzyuRVkpEccZsh1LK4GSaZLOiofQ==
content-encoding: gzip
via: 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 03:34:31 GMT
age: 124
content-type: application/json
content-length: 37776
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 03:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UpAB8O3CmxFajJCQB_3nXyBPcmRALLQ2-ukAVCCbQhpR8teg1wQYFw==
Age: 1277
ysca.top/
156.235.164.90301 Moved Permanently 0 B IP 156.235.164.90:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ysca.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 03:36:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.ysca.top/index.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 03:36:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 03:04:17 GMT
Expires: Mon, 26 Sep 2022 03:22:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SbCH6QC7uGxb-oaoqgVWctd-lxRXBBNhuCCq5JO86Ujm7ESN9kLbMg==
Age: 1938
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:35 GMT
Last-Modified: Mon, 26 Sep 2022 02:29:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.ysca.top/index.php
156.235.164.90200 OK 525 B IP 156.235.164.90:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (571), with CRLF line terminators
Hash 71881bbc64e2f23bdbea743118d5252c
4d99210750ab1b329f064a811512e6120277995b
776903d12bbd0fea6bacacc113de9b2769769f568998ede406e921423a9b79e1
GET /index.php HTTP/1.1
Host: www.ysca.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:36:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iYSrgs+4qZkznpNJIIztow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8/b3XSTOZB1HozfIn9eQZF8GelA=
www.ysca.top/common.js
156.235.164.90200 OK 561 B IP 156.235.164.90:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (499), with CRLF line terminators
Hash a011edcc17d8364fa885265194e8fe4f
30d676d46de135e8b89e43afac53242f150c1263
5e82f7dedaee7bbffdf4de92c71e59090e5e1a4ed8a33041d5cb688f31a6e5d6
GET /common.js HTTP/1.1
Host: www.ysca.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ysca.top/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:36:35 GMT
Content-Type: application/x-javascript
Content-Length: 561
Connection: keep-alive
www.ysca.top/tj.js
156.235.164.90200 OK 258 B IP 156.235.164.90:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash dd9075f5276cb7212cd73f2168b82290
65a2a45c811ef74999f44a827e9acdd306543e34
bb9173f07d0d2c5bfe60386fd0c05c7b9b56bafe843ce38222f23eba0d2b1d65
GET /tj.js HTTP/1.1
Host: www.ysca.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ysca.top/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:36:36 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.ysca.top/favicon.ico
156.235.164.90200 OK 1.2 kB IP 156.235.164.90:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.ysca.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ysca.top/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:36:36 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 01 Oct 2022 03:36:36 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
wkq.mmoz1.top/
122.10.14.248200 OK 191 B IP 122.10.14.248:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 74a04f7bc60aa75bd086c93593900311
34bb2c12b914b6e02e70fe91c9ed3c3b2199fb9c
74caf171c1146bc425ea2ef5c46e63e8bbebffc274035fcdb3898e4f43373903
GET / HTTP/1.1
Host: wkq.mmoz1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ysca.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sun, 04 Sep 2022 04:34:01 GMT
Accept-Ranges: bytes
ETag: "c67b5d8e17c0d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 03:36:36 GMT
Content-Length: 191
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13286
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 03:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13286
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 03:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13286
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 03:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13286
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 03:36:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 19581
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a75be68e82e6a0ba74932fbe74c7b30
36310320605833289e78cd248c45915363a0a0c3
56d709b77802037254b7922e3f85d1b1652b70dfc4b6c65b03e4149d3b1f22ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6443
x-amzn-requestid: b6f3be01-6086-4fc1-8bec-c4caa1fe806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKMG04IAMFRxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca41-5452d1805d3f4d71303142c9;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tx-lL61dT3iakJd8VZw31hzMklubUDBQxE6LBhxsJUqyMM0bqCk73g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:07:18 GMT
age: 19759
etag: "36310320605833289e78cd248c45915363a0a0c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:19 GMT
age: 21558
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 19211
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 720fc80bd0ff9b71f20c8e0c13e1084e
6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50
e84bcabd01425354050fe8ba5f4b29a97f05e6f5f15d26d0706c174136de30e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8931
x-amzn-requestid: 9255ee80-ae19-4b47-882b-01e663e857ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG-EmZoAMFyWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-70cc0bc87ed2480879ba081a;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dKd7twQASH_A1tvi8WwaArQfizf3FoLq-gIMvmcz0RAAPXLdhpK5Bw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:19:32 GMT
age: 19025
etag: "6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:14 GMT
age: 20363
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cgv.mmqk5.top/
122.10.49.246200 OK 191 B IP 122.10.49.246:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash efb93779a9110fdae081ef4976696b84
4e806574d1d731006da5b2f213c620d860abfef2
91961a5c8a1fe8ac6134ac92c34e4ef44f50a234496740aff990b3d04c7c8da0
GET / HTTP/1.1
Host: cgv.mmqk5.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wkq.mmoz1.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sun, 25 Sep 2022 15:00:41 GMT
Accept-Ranges: bytes
ETag: "c5d14194efd0d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 03:36:37 GMT
Content-Length: 191
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 5a445b0fccaed0d431a96d10938802c8
ff6b4716ff06c28256797c11eed8721259021b27
c11662e064e5f9203e83a564f6bcbf5474c994f8bf1738e9a13f401741c2858f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 30 Sep 2022 01:10:35 GMT
ETag: "ff6b4716ff06c28256797c11eed8721259021b27"
Last-Modified: Mon, 26 Sep 2022 01:10:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 931
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7508f4d45c6b1bfa-OSL
yyt.mmux11.top/
154.219.167.39200 OK 6.2 kB IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (515), with CRLF line terminators
Hash f8ca4077655af51edefc952de1028235
31cc63c8eda407e5fce47d051b75b6ec5aa0a692
62cbafdd8668b1511b06c70886f4629c9a43c0eeadc21126b10043a8737fcacd
GET / HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cgv.mmqk5.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:37 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=1lkopp5fn1r7bu2u5baql3ifj4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
yyt.mmux11.top/static/css/home.css
154.219.167.39200 OK 5.9 kB URL HTTP/1.1 yyt.mmux11.top/static/css/home.css
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (310), with CRLF line terminators
Hash 363ab79bd3cd42fd360bd10229a70042
9bc0232d1b50d5ae9fd981cefaf29324ee7a443d
c000deb565563d05f4285c70b58783e681e8147fd7933ffa9f87b9f93655c0fb
GET /static/css/home.css HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: text/css
Last-Modified: Mon, 08 Jul 2019 02:09:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5ee-5501"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/template/m1938pc/css/index.css
154.219.167.39200 OK 974 B URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/css/index.css
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 (with BOM) text, with CR line terminators
Hash 27bfe0d50c5e1610ff4661360ed982f5
3d244f9e9ffbe76bb8113979062ba813dd1df5ba
81f88ee71706482058cfc1d5a1f292fdb47c4ceffb1e1ae0b1553b367bf72f32
GET /template/m1938pc/css/index.css HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: text/css
Last-Modified: Fri, 27 Mar 2020 08:29:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db97c-989"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/template/m1938pc/css/main.css
154.219.167.39200 OK 2.7 kB URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/css/main.css
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash dbb4f0b37f594e75b2871148ca85a365
b9aea005ead775da72e94963c9bdce85c0cd6c21
00ee502a1d0744abe9346a7a99a69a9407d9e6f501a558c1d9184d2bb10c0d1c
GET /template/m1938pc/css/main.css HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: text/css
Last-Modified: Fri, 27 Mar 2020 08:29:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db97a-210b"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/static/js/jquery.lazyload.js
154.219.167.39200 OK 744 B URL HTTP/1.1 yyt.mmux11.top/static/js/jquery.lazyload.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2230)
Hash 6348619cde36c75bca818e8ac92837ac
f7fe9d84289deda6cd3e182ba5e744c8bc442c4f
c02b12be56711ac7752e9f4842b0b1bd3689fe5f357ed2eca198d8f5c0715d9e
GET /static/js/jquery.lazyload.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-8b8"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/static/js/jquery.autocomplete.js
154.219.167.39200 OK 6.3 kB URL HTTP/1.1 yyt.mmux11.top/static/js/jquery.autocomplete.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 017ab50786774a4a7fae3a5bc3d7ffbd
e49fa45c10bf04810f6fceb896c35042c88417f6
fd1ec0a20c8c5f196840fc9c2e29decf3889f183fa0f566977454d9956e2a4ba
GET /static/js/jquery.autocomplete.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-6215"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/template/m1938pc/js/jquery.superslide.js
154.219.167.39200 OK 2.9 kB URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/js/jquery.superslide.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type ISO-8859 text, with very long lines (9089)
Hash 2728d1c0b6f67113e4fd43bfe1c5fd9f
3c02fa0572cee1ff2050f36a6700b9d40a5bcd0a
1094d4cbd8570de92dbe8a1ed928d25e8f5edfc186de9319156c50ee1582cbaf
GET /template/m1938pc/js/jquery.superslide.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Mar 2020 08:30:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db994-24d8"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hm.baidu.com/hm.js?075614e86acd62808a95e08a977f9611
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?075614e86acd62808a95e08a977f9611
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash e282d10648e229168ad5b33a16241e57
16dfa1f7c72bb073a96242fd7988bcb74983c27d
319aee5480eddbdffc5795dd4ffc12cc72c44b0fec251d20d3fd46128c745c7a
GET /hm.js?075614e86acd62808a95e08a977f9611 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ysca.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Mon, 26 Sep 2022 03:36:38 GMT
Etag: f56865178f6efdd1ae00bb1588bc148b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D885BD66BD8D11DC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
yyt.mmux11.top/template/m1938pc/js/jquery.lazyload.js
154.219.167.39200 OK 744 B URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/js/jquery.lazyload.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2230)
Hash 6348619cde36c75bca818e8ac92837ac
f7fe9d84289deda6cd3e182ba5e744c8bc442c4f
c02b12be56711ac7752e9f4842b0b1bd3689fe5f357ed2eca198d8f5c0715d9e
GET /template/m1938pc/js/jquery.lazyload.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Mar 2020 08:30:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db990-8b8"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/template/m1938pc/js/jquery.base.js
154.219.167.39200 OK 2.2 kB URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/js/jquery.base.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
Hash e0bc5c26ea7f84a654cd7f3eadded5bc
eb806caf087af4435e03cd5701600d9dcf67f695
da42ceceb9a32cd547126d1d67ef79d7ec1f52cfdcd126a76815945bfa24e8a7
GET /template/m1938pc/js/jquery.base.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Mar 2020 08:30:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e7db98a-1835"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/static/js/jquery.js
154.219.167.39200 OK 37 kB URL HTTP/1.1 yyt.mmux11.top/static/js/jquery.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
GET /static/js/jquery.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-169d5"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/static/js/home.js
154.219.167.39200 OK 10 kB URL HTTP/1.1 yyt.mmux11.top/static/js/home.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators
Hash cf27875c07ac1742b6554d5c6369812f
d7a01a40e5144cdcd36a8588cbb929e317019a78
a558013b5c70dc000814a5045bd1988aec1ce0552617fbb38f3349b923119440
GET /static/js/home.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Apr 2020 14:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ea83d74-994e"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/template/m1938pc/ads/hfs.js?weese
154.219.167.39200 OK 1.1 kB URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/ads/hfs.js?weese
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 90b1a14e7117722ccd03d6d80cf003b7
6366a692c5ffd764cdcefdd3b8e08aefdef11124
fbbb7f59e3c9145b8669e96e428223ca6b46a437d56d079f368d354298eef98f
GET /template/m1938pc/ads/hfs.js?weese HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Sep 2022 11:29:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63285288-1e75"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/template/m1938pc/ads/wenzidb.js
154.219.167.39200 OK 676 B URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/ads/wenzidb.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 7430ac2764920ff8a0d83d62cd9f25e0
551a3830084044ae0db318d8a1443a9a5f0c521a
68ba6eb5e1d59518401a71e1f9fb3c0e173fb60198b4ea66075c6e4479c04ff9
GET /template/m1938pc/ads/wenzidb.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 13:44:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632c66b6-19a5"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9bdf98357039483e106da8f6dbe11d03
996fa74fb99302023d84ae35675f1e03531542e6
d5fb0787632eb7f95036eaad5c1660f3674f444c61ad4464d07e0dc2e4a6b064
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:39 GMT
Last-Modified: Mon, 26 Sep 2022 02:41:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9bdf98357039483e106da8f6dbe11d03
996fa74fb99302023d84ae35675f1e03531542e6
d5fb0787632eb7f95036eaad5c1660f3674f444c61ad4464d07e0dc2e4a6b064
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:39 GMT
Last-Modified: Mon, 26 Sep 2022 02:41:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2020/04-04/01/ulufskxx5fd0151ulufskxx5fd01735.jpg
172.64.140.29200 OK 8.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-04/01/ulufskxx5fd0151ulufskxx5fd01735.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 74e21fffa8dc9998e0ee6d430c44346a
0bee2c230d40c0a355c92f3cdd61c0ca4ff93d32
43a87145605aee89aaf3743ab6d8d875604e7bf7794c422b5776823aec855307
GET /upload/vod/2020/04-04/01/ulufskxx5fd0151ulufskxx5fd01735.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 8284
cf-bgj: h2pri
etag: "ac604a70e09d61:0"
last-modified: Fri, 03 Apr 2020 17:51:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5596
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2aiUL4hPUhQoMijFukYWCDEaMA53NMX6l6G%2BuCz6eKIK%2BUaKE7WA7GZ71%2Bhs7g5WjRArX9aMAAiKcWoHO9YeNO9dlhb4UxnoQ%2FKxp2sl%2Bme05gUiRdYyFL9PU2YLXo8w18K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4de997f928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-04/01/oitgqddhcwn0150oitgqddhcwn59731.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-04/01/oitgqddhcwn0150oitgqddhcwn59731.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash c38f8600b79197f9cd39f1e4ca8f293b
1bcbb403f66aa75a67aa7d4d3184be0ed975055c
69d96a1e63eaaefc256cb07e4b9a0fce5c9d23debadff35ed6f995dd8839f2f6
GET /upload/vod/2020/04-04/01/oitgqddhcwn0150oitgqddhcwn59731.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 10710
cf-bgj: h2pri
etag: "943d4b6fe09d61:0"
last-modified: Fri, 03 Apr 2020 17:50:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TZYHYdvn30R%2FMHDV3aCWThmu2Qr9aCz%2BoTjfplRfOkVyFJUJk%2FBpK1DUflC5zzqWiRXaBlS5uJNKf8x0fADTJPDfftD5%2FSlZqwHrHI4UVt5N1g8ykElpcIMQpvw6B%2BJ%2BPQX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4de9981928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/03-17/07/becm5kergl10708becm5kergl140483.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/becm5kergl10708becm5kergl140483.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash e24373b87f2f878c23eb528d6bccffc2
aa78431363b9b766bc95b2da288378146805ae00
ac612aa2661878deaa270a4817f048b2b5ad4432c8d4eee673a71bd51083a7ed
GET /upload/vod/2022/03-17/07/becm5kergl10708becm5kergl140483.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 10609
cf-bgj: h2pri
etag: "cdaf3fc68a39d81:0"
last-modified: Wed, 16 Mar 2022 23:08:40 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CkC%2BYOLnwaVJ90TX%2F48DLRQgOjPS9wP0ROFT1%2FxFwQNfXKqxTPi69cWdJo0%2FlR8XN1hT9W2xh0TcwWYdDA%2FhEQ3MB8%2Fd8f6FMOeJwGx%2BmHpK7WT6ZAd%2Bcb3xhsTCNrwnBt0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4de997e928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-04/01/5o4zvl3jyc001515o4zvl3jyc000733.jpg
172.64.140.29200 OK 9.6 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-04/01/5o4zvl3jyc001515o4zvl3jyc000733.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 2d790eb56ef16deaf159e4a4c8f93e6a
5e11e4f4aef438166bad0a0041429b88f4ca9892
1fd233343b6f5c770607473afdc1f3dbe8aa88d3fc078884d4c9c4dd9fbe97aa
GET /upload/vod/2020/04-04/01/5o4zvl3jyc001515o4zvl3jyc000733.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 9648
cf-bgj: h2pri
etag: "bfa0c96fe09d61:0"
last-modified: Fri, 03 Apr 2020 17:51:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6289
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iI%2BEp6fL%2FqV8wN2UOQ3if7vMeRltEUNRRzP0hLnFig%2FXLmPk0UdXCzx026nh63XHDrqTqfI%2F5m6SCm%2Fd0jnw5IFxPYAGIfGiqgF5L4m34HO7N51anaEh2ywzKh4nCbNJJ%2B7A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4de9980928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/03-17/07/jlrl040rfdk0708jlrl040rfdk39481.jpg
172.64.140.29200 OK 7.4 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/jlrl040rfdk0708jlrl040rfdk39481.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 6f0507788ba5b2810d0095519aff85e3
b7f82f2baeab76e3479aeb72c5187373e77ec1ca
d210880543e2269ad693a2bd992730e08ab57405239f64f2170182fee366b2a1
GET /upload/vod/2022/03-17/07/jlrl040rfdk0708jlrl040rfdk39481.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 7422
cf-bgj: h2pri
etag: "6317a7c58a39d81:0"
last-modified: Wed, 16 Mar 2022 23:08:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gTfxOSPoTbzajm0nlEr1MK0paiY08vdfCTmLthB3iYaEa1bnVqPdeSAh7nWlODY4w1oMWXwn%2BwSTOqFisg1P4yZ77lzg%2FNqC2%2BgzNvLSsw5HnLC9m7rC3TbLI9OOhCB%2FlVB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4de9986928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/03-17/07/hnef4mmu1ok0704hnef4mmu1ok28463.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/hnef4mmu1ok0704hnef4mmu1ok28463.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c9245bce3de685003bac1459bfa6ee7c
b1427c444d873a1bce70401a315b005c7583b25a
5baf7ec924035dfaa4c57d51077c006938da8dcd0816c47abd7db5320e384c4d
GET /upload/vod/2022/03-17/07/hnef4mmu1ok0704hnef4mmu1ok28463.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 11156
cf-bgj: h2pri
etag: "7f6b308a39d81:0"
last-modified: Wed, 16 Mar 2022 23:04:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ej4tip1a61rO7S8ZrSWPqoOYwuDeHaKBC5di2VipqqphfR2BaWPf6glTKCdBGE9t%2Fnmk8bW5NShQNdJnuQh46d3xPwTG%2FmmE9MCZey9NEu1GUQd5TbWyokHQniWg2fisfKzC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4de9983928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2020/04-04/01/wjtjaozkwdt0150wjtjaozkwdt58729.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-04/01/wjtjaozkwdt0150wjtjaozkwdt58729.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 19ccd1006250bbc38999d1180550fc6d
e309087b130840c0132325c477270e85c8c28201
c3a429745775f3f079c661ae2de5b2184671cd04fd8b1cbca5b18c35e16d3b7a
GET /upload/vod/2020/04-04/01/wjtjaozkwdt0150wjtjaozkwdt58729.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 12110
cf-bgj: h2pri
etag: "3ee1cc6ee09d61:0"
last-modified: Fri, 03 Apr 2020 17:50:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3aE%2F0m6WEa043THkPCp02yRjphf%2B6XomJ3FyUk9JtoJeLjHhSWMd4gCUntDMRK%2BjPUMF8T6W6BH3a57aWXcrDsJQYSLT%2F1YapSxKhpPNuaZTC0imvSEjnwPrjxjWG%2BYdLbB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4de997d928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yyt.mmux11.top/template/m1938pc/ads/hfz.js
154.219.167.39200 OK 404 B URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/ads/hfz.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash c72e1291663030103c00966416e8431f
7679048fc16ef5d053e7d7636d5403bc829cbe5e
aca2e7fd180b1da2cbb80cd60901feda0df72ecfc48fccadd1ddfad2d0bb70cb
GET /template/m1938pc/ads/hfz.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 13:43:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632c6682-4c5"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/template/m1938pc/ads/wenzi2.js
154.219.167.39200 OK 644 B URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/ads/wenzi2.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash c15df8f0b5d43a2cbab27fae9640bfe9
724bbd3e4ca7a098f2506df7996f018163b1e72c
17761f05794db1fde4a0435abc73a80f7106c2822c6cd7829da7cdd4663a199e
GET /template/m1938pc/ads/wenzi2.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 13:44:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632c66a2-1998"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
fmlb.netlbtu.com/upload/vod/2020/04-04/01/vruouwgbmld0150vruouwgbmld58727.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-04/01/vruouwgbmld0150vruouwgbmld58727.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 5b2b031d553754f47725eac921cf45e3
024b9b83452557103a4d4f73380386b3da4678e1
7d51de8a2fe9a424a0fa1eae57528e85d8aa02dee49de0467d4264d3ace80169
GET /upload/vod/2020/04-04/01/vruouwgbmld0150vruouwgbmld58727.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 11121
cf-bgj: h2pri
etag: "efce4d6ee09d61:0"
last-modified: Fri, 03 Apr 2020 17:50:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlAC3xIkDIz0Oy4orfGKk9c11D6Ai6W1q1n9CCmmmKnUQiAUQzIfrKRl3W%2BOOffxUFDzYC%2B48sHpU8ALmGLKsqKl4%2BbFAV6DhlHupqvj9XaUsxsMSzcXM5YI2XoRMfFieAq6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4de9985928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/03-17/07/5ofh535z2jg07085ofh535z2jg38479.jpg
172.64.140.29200 OK 7.3 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/5ofh535z2jg07085ofh535z2jg38479.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash b0a59aa88dcc7be9e9150cd47f2de317
16ce89a647b7e29f6ccdd7095fc4ec7db7fb58c8
2dad807728c6f6f357d2c81d45454eb7e038cfe3857aa01b33396763277054f5
GET /upload/vod/2022/03-17/07/5ofh535z2jg07085ofh535z2jg38479.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 7315
cf-bgj: h2pri
etag: "4cd8ffc48a39d81:0"
last-modified: Wed, 16 Mar 2022 23:08:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbKLYgjRcybHA9Kp6atr9Mti8GkdOj0tsi4CTxNP3PJEtbZbnO2LtzfpiDMTkkgv4QZKOPsiY8WOZEvceDHJDcfnKSe1hdxfoZk0afPd3oGqzi6Jx1%2BVj3yCb2nIieBD%2FQ0Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4deb99e928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/03-17/07/kjre3hltnge0708kjre3hltnge37477.jpg
172.64.140.29200 OK 6.8 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/kjre3hltnge0708kjre3hltnge37477.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 8c9592d38d99439490e0aa8f66d6e1d1
38e3bf60782c87c57ef9695bbfe15235ee78c29d
fdd26bbdbdde3ccd0787578336e73f7fbe29df3feb328f3391f580ee3ecf1507
GET /upload/vod/2022/03-17/07/kjre3hltnge0708kjre3hltnge37477.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 6765
cf-bgj: h2pri
etag: "452c73c48a39d81:0"
last-modified: Wed, 16 Mar 2022 23:08:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4t916bL3gdZ8NN4JpSV%2FbR2Ltr6c4F3uoWdvDviqEVi9tJAoijDTtG8qnDhmj93O3pl7YMKc5h0XayV1P8Ptms3oUWwQJELbBvZhTcJQmcHmbbIvrNhc%2BBZrPyNsyF6maFz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4deb99f928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yyt.mmux11.top/template/m1938pc/ads/sbxwz.js
154.219.167.39200 OK 554 B URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/ads/sbxwz.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 16eda0556c11d1c5a6de2cd83e019a10
b59d2381df6453a75aa53019433e1995f8a2eb23
41797bf21878632c00ee3630bbfd7e0b860353f23d78d4802d3c4a8805543aba
GET /template/m1938pc/ads/sbxwz.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 13:43:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632c668d-883"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
fmlb.netlbtu.com/upload/vod/2020/04-04/01/i1dr20jyxbc0151i1dr20jyxbc02737.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2020/04-04/01/i1dr20jyxbc0151i1dr20jyxbc02737.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 155322ef0a71643e7e359e1ae1f89ba5
03b2ac22114f04d6e93ef63f47bf01f4b18fa047
bf3eb01aa7ec619009da258e879b289447cf7838f25c6d7a52fa31807a3270ab
GET /upload/vod/2020/04-04/01/i1dr20jyxbc0151i1dr20jyxbc02737.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 12548
cf-bgj: h2pri
etag: "281ac770e09d61:0"
last-modified: Fri, 03 Apr 2020 17:51:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2dsSxsPdxt7IIWmXi94yAavQ80xtxuIthPl6tZv1zH2ma%2BNsG6RSuiEqnjo3kJzrJ%2FCZqb8ZY7V7SJYV6PhjgN54BydEYOM7AU8u54qRp6NAFb9be35MFHnuTnq%2BR4bO6ep"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4deb9a0928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/03-17/07/wgaeqgeawja0704wgaeqgeawja31469.jpg
172.64.140.29200 OK 9.9 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/wgaeqgeawja0704wgaeqgeawja31469.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash b3e7aaf919edcbc9a735a3272da5f497
0d5d3b1a43a309b69e2194e273f3853bace32562
4451baaf125b58dc3eb697a370c69938632bd418c9e09e12e7aa00266afdb170
GET /upload/vod/2022/03-17/07/wgaeqgeawja0704wgaeqgeawja31469.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 9850
cf-bgj: h2pri
etag: "ca9858328a39d81:0"
last-modified: Wed, 16 Mar 2022 23:04:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aPXjRvW3dZJseMwCX6y11h0mNZcmD%2BbU4N6IzM%2BBRdjv7wlQl06hAIyH%2F4di13Vowg%2FMjeMALeShbNdQV%2BKv18utxDEZwx74OHTzOevPSAMADFuV3mazK1rLCWrd4n3g30d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4deb9a1928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/03-17/07/lx2ga245arn0704lx2ga245arn29465.jpg
172.64.140.29200 OK 11 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/lx2ga245arn0704lx2ga245arn29465.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 6735b9adeb50ed6ccc212c30839910c1
43ee4ccdcd81cc3f6e6b36a59bb10b2eb8493fcb
f9250c04c330c3826c8eca84147b4dc5a7ee115697365cf2ac14f29f8d765c4a
GET /upload/vod/2022/03-17/07/lx2ga245arn0704lx2ga245arn29465.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 10654
cf-bgj: h2pri
etag: "84a63318a39d81:0"
last-modified: Wed, 16 Mar 2022 23:04:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8j46IyfVGnY0GUzdvc54xwbnI6fXiZfrtMghV9poL%2FgFqMDZxEMkvx8SzGVkkeZ8KQNmqrEr1S0aL9KMj7CmWm0cB4XLfDAxVfQg1h%2BLAbKPAnv2jMNHsIUtTqeeIP10Zzes"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4deb9a2928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yyt.mmux11.top/template/m1938pc/ads/77.js
154.219.167.39200 OK 629 B URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/ads/77.js
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash a9accd135d5ca7ba5589b207c6a1f731
e017e654500d9de8974a08e695eb199bc15afa69
acdf76fce02e603c566dff3720cb5c42754a1d6e0fc25e39634521aca46a8c3a
GET /template/m1938pc/ads/77.js HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 13:43:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632c666b-493"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yyt.mmux11.top/template/m1938pc/ads/hfx.js?qwweq
154.219.167.39200 OK 791 B URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/ads/hfx.js?qwweq
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 0a1fe49d86da356a092653ea10b203ea
51ae3ae7970d8147c97285c3758ceafd56491468
6971df8abcfe62ce06d41965edf0de1b887e7524aeb6e9cc0b69c7c9fe868923
GET /template/m1938pc/ads/hfx.js?qwweq HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Content-Length: 791
Last-Modified: Thu, 22 Sep 2022 13:43:18 GMT
Connection: keep-alive
ETag: "632c6676-317"
Expires: Mon, 26 Sep 2022 15:35:38 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9bdf98357039483e106da8f6dbe11d03
996fa74fb99302023d84ae35675f1e03531542e6
d5fb0787632eb7f95036eaad5c1660f3674f444c61ad4464d07e0dc2e4a6b064
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:39 GMT
Last-Modified: Mon, 26 Sep 2022 02:41:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9bdf98357039483e106da8f6dbe11d03
996fa74fb99302023d84ae35675f1e03531542e6
d5fb0787632eb7f95036eaad5c1660f3674f444c61ad4464d07e0dc2e4a6b064
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:39 GMT
Last-Modified: Mon, 26 Sep 2022 02:41:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9bdf98357039483e106da8f6dbe11d03
996fa74fb99302023d84ae35675f1e03531542e6
d5fb0787632eb7f95036eaad5c1660f3674f444c61ad4464d07e0dc2e4a6b064
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:39 GMT
Last-Modified: Mon, 26 Sep 2022 02:41:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2022/03-17/07/dor2e1vetnu0704dor2e1vetnu33471.jpg
172.64.140.29200 OK 15 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/dor2e1vetnu0704dor2e1vetnu33471.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 5c7b7abbda58e4f9b4221abef567c89c
cce99139dff870092a1e521fb993047a600592d1
ba5e0290c08be5bac4c81a2f477e0313c04e6a645965a5707012d28b7c5ae524
GET /upload/vod/2022/03-17/07/dor2e1vetnu0704dor2e1vetnu33471.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 14812
cf-bgj: h2pri
etag: "6e695a338a39d81:0"
last-modified: Wed, 16 Mar 2022 23:04:33 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ousgY%2FlcpYs7ZEijtT3WpDkgEtC8gaY2WhyBAmsIFZz%2FO81RU7qvpnwFC9W3gwsZT9YMqRjehP%2Fxyb6hXnYCoPvtAMuD9lR8D1YVuuF0izOlpv3mbqu3zVbJ176oAdLinqbJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4df5a08928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9bdf98357039483e106da8f6dbe11d03
996fa74fb99302023d84ae35675f1e03531542e6
d5fb0787632eb7f95036eaad5c1660f3674f444c61ad4464d07e0dc2e4a6b064
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:39 GMT
Last-Modified: Mon, 26 Sep 2022 02:41:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
fmlb.netlbtu.com/upload/vod/2022/03-17/07/nnypmzpkzum0704nnypmzpkzum31467.jpg
172.64.140.29200 OK 12 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/nnypmzpkzum0704nnypmzpkzum31467.jpg
IP 172.64.140.29:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 036de2903e17169410d1a62d02a2014f
d8233a2919185afd04216dc7ad6bcdc2e132e29d
6e12d24f656465ade2c014745db6ff26955bc8aad649a916e64fb393fae16342
GET /upload/vod/2022/03-17/07/nnypmzpkzum0704nnypmzpkzum31467.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 12293
cf-bgj: h2pri
etag: "3729c7318a39d81:0"
last-modified: Wed, 16 Mar 2022 23:04:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKB%2BbPy1FfpteGNuEajG%2FFhBX0R7aMfHcBg3gD2DFCR9TgBkN2ePfN1QOqeaiDEfYfyb4r%2FjvjY0Z8F25Mhvwzngap99VN2DMYQfZc1vRH%2BsW7UALd%2Bh9xUZ9OZZu59q26oi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4df7a22928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/03-17/07/spzeqfnkutw0708spzeqfnkutw45493.jpg
172.64.140.29200 OK 13 kB URL HTTP/2 fmlb.netlbtu.com/upload/vod/2022/03-17/07/spzeqfnkutw0708spzeqfnkutw45493.jpg
IP 172.64.140.29:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash b0f0d2ced02d2dcadd0dede0bb4b36fe
74fb802cdcab4e08016b641f07dabc21fedda9e3
c5107469f97c76f5049534b9fbe6b7c2c08b64c8f6c46cef44028101378d7113
GET /upload/vod/2022/03-17/07/spzeqfnkutw0708spzeqfnkutw45493.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:39 GMT
content-type: image/jpeg
content-length: 13424
cf-bgj: h2pri
etag: "e38d50c98a39d81:0"
last-modified: Wed, 16 Mar 2022 23:08:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFmRZy2fmVyC6lYukBH7XLdrjMg0eXlQfesdyxJf6M%2BkVtAJ1jKogYhjDbmRKQkwBy80jlCSbJ6WtcUc1nnFzEluOD2M9Ym6BxI9WCEMCYDgPLlgDJE7Lpu8uZY2EnrUXfFe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7508f4df8a36928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=117017871&si=075614e86acd62808a95e08a977f9611&v=1.2.97&lv=1&sn=33143&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.ysca.top%2Findex.php&tt=%E6%89%AC%E5%B7%9E%E4%BF%9A%E6%99%A8%E6%96%B0%E8%83%BD%E6%BA%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=117017871&si=075614e86acd62808a95e08a977f9611&v=1.2.97&lv=1&sn=33143&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.ysca.top%2Findex.php&tt=%E6%89%AC%E5%B7%9E%E4%BF%9A%E6%99%A8%E6%96%B0%E8%83%BD%E6%BA%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=117017871&si=075614e86acd62808a95e08a977f9611&v=1.2.97&lv=1&sn=33143&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.ysca.top%2Findex.php&tt=%E6%89%AC%E5%B7%9E%E4%BF%9A%E6%99%A8%E6%96%B0%E8%83%BD%E6%BA%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ysca.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Sep 2022 03:36:39 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B3B1EC192A25FFDE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
yyt.mmux11.top/template/m1938pc/images/bg.jpg
154.219.167.39200 OK 47 kB URL HTTP/1.1 yyt.mmux11.top/template/m1938pc/images/bg.jpg
IP 154.219.167.39:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=[*0*], xresolution=98, yresolution=106, resolutionunit=2, software=www.keniu.com], baseline, precision 8, 1600x583, components 3\012- data
Hash f6e910bf0053424675e51e19f0fad8fd
c7dbbd470144db81e6b50bd1ba7f875ab67f6703
7122fb73f05ad0b1243d3844e5809fd35e98fdb473c8742364391aaf37bf0c00
GET /template/m1938pc/images/bg.jpg HTTP/1.1
Host: yyt.mmux11.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/template/m1938pc/css/main.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 03:35:38 GMT
Content-Type: image/jpeg
Content-Length: 47019
Last-Modified: Sat, 28 Mar 2020 12:56:08 GMT
Connection: keep-alive
ETag: "5e7f4968-b7ab"
Expires: Wed, 26 Oct 2022 03:35:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash d3e46d934d4159b8941af39506c3dc5c
5dbbf47f6999373f78ad68cf452dbd55c17358ce
d4c714f5e67569d065a01491b5f304a99e9fb5d5e4e1a46104991c66c5734385
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Sep 2022 01:10:52 GMT
ETag: "5dbbf47f6999373f78ad68cf452dbd55c17358ce"
Last-Modified: Mon, 26 Sep 2022 01:10:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 773
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7508f4e229a6b527-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d5d5daeb64cc8966b587faccb2517677
ea80874d3d5e417af061175637d34f38097ab550
da924de22451f3e01b9a2d058cca3e6e39c14a4c13f100765c49c41b9b50e477
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 01:17:33 GMT
Expires: Sun, 02 Oct 2022 01:17:32 GMT
Etag: "ea80874d3d5e417af061175637d34f38097ab550"
Cache-Control: max-age=509451,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7508f4e278ccb4ee-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9009463b49b70eba9d72ce8200e8aee4
6df449d35ec86fd6122a216eabe37517e86b7a82
d9f92702f4b00e9b2b4d1ea4e93c42378f18867e5885937bfc4ab29d8b0eb779
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 15:53:07 GMT
Expires: Sat, 01 Oct 2022 15:53:06 GMT
Etag: "6df449d35ec86fd6122a216eabe37517e86b7a82"
Cache-Control: max-age=475585,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7508f4e27937fab4-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 028313d46599c8d47968c21504eb60de
507e1ebf5a039e1a9c35d1f4f5e57d47112e6b5a
3af6d9dcf0d930b7790192e7ef2b9884ee2180deed555484496989d07e932c6d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Sep 2022 01:51:12 GMT
ETag: "507e1ebf5a039e1a9c35d1f4f5e57d47112e6b5a"
Last-Modified: Mon, 26 Sep 2022 01:51:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7508f4e2c9feb527-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 46c0a8fd7b9eade8bb532b9ca4748b79
d30f46f12b48985b4b7069c6cc5e2aaace47f93a
7b5f2e509659337c633d04de5cb1308cfd32b68d754a8bdb44515e638e8c4002
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Sep 2022 00:57:54 GMT
ETag: "d30f46f12b48985b4b7069c6cc5e2aaace47f93a"
Last-Modified: Mon, 26 Sep 2022 00:57:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2197
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7508f4e37a44b527-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash a16063544a3f417724abdd49220d4235
8804b5afe62808e091d4bb5401536998e3059a3e
af4f3cc86be1e38e5a29a0578a2945bb5c524a764c9431aced62ea20f7a47868
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 30 Sep 2022 01:16:32 GMT
ETag: "8804b5afe62808e091d4bb5401536998e3059a3e"
Last-Modified: Mon, 26 Sep 2022 01:16:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7508f4e38a50b527-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 3815f45e9c58c1828793e9dd3a2ff0ac
144ff5c53ea7712dbe4bfadbc5b6bbabd67f33dd
e61f369d429282d8c9b4ea5cc9bef0e139a0291b52a35f158ce47c79ab200e70
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 11:05:30 GMT
Expires: Sat, 01 Oct 2022 11:05:29 GMT
Etag: "144ff5c53ea7712dbe4bfadbc5b6bbabd67f33dd"
Cache-Control: max-age=458328,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7508f4e18e23b4f9-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e2ae186d45a50d4d18112d6c330045d3
d20f77acad8a10c9f1527d96914022c75a3d526c
92962f24f33c06a3ff3a03ca0d780e091d25ce16ba407a90a9a9164cb8dd2085
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 18:21:32 GMT
Expires: Sun, 02 Oct 2022 18:21:31 GMT
Etag: "d20f77acad8a10c9f1527d96914022c75a3d526c"
Cache-Control: max-age=570890,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7508f4e44998fab4-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 24dfd624008b5dd947e50eb49a2eac97
8455d5fddbcf9e6081e77b276dede5891f7e69ff
c32614a3594b7f5a3a922553d3e54491c4f74b0d7e94ace09cd6943b3148a4cc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 15:45:44 GMT
Expires: Fri, 30 Sep 2022 15:45:43 GMT
Etag: "8455d5fddbcf9e6081e77b276dede5891f7e69ff"
Cache-Control: max-age=388742,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7508f4e44b9d0b4d-OSL
hm.baidu.com/hm.js?d2dcfef758bec3628a10d71714c04f20
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d2dcfef758bec3628a10d71714c04f20
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (628)
Hash 28ced700d656fc989003f096e4f1e91e
4a825c3c04880491ef5a8b98eed4194582011bd1
1821cde658f310dd2f410a27bc346280e530a26e8bb85453e8cb21cbb8e00924
GET /hm.js?d2dcfef758bec3628a10d71714c04f20 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11341
Content-Type: application/javascript
Date: Mon, 26 Sep 2022 03:36:39 GMT
Etag: 538fd3615763c7d5f28fcbb06587f06e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=367BF6EA5211DAAC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26898a55724b5656822515877ab238a
5113dc6f5f9ac77ec590d9108c3be2bc42d1f654
f6703e685037b62c394c03d16e386c1cece522bf3f4892e5ad0f23032e89fa18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6703E685037B62C394C03D16E386C1CECE522BF3F4892E5AD0F23032E89FA18"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4234
Expires: Mon, 26 Sep 2022 04:47:14 GMT
Date: Mon, 26 Sep 2022 03:36:40 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/03917120009z0w03uDAF1.gif
104.110.17.24200 OK 534 kB URL HTTP/2 dimg04.c-ctrip.com/images/03917120009z0w03uDAF1.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 534 kB (534311 bytes)
Hash d3bf6809a6a8fc553adc36091041ece3
bd73a2d6bf6d523dde40ed4de7dbc42804e2ae02
1a25b6969acc7ef5a3d6c3f7903edd923e25c7d86ca5f5969897380fb2477c58
GET /images/03917120009z0w03uDAF1.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 534311
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14959338
expires: Sat, 18 Mar 2023 06:58:58 GMT
date: Mon, 26 Sep 2022 03:36:40 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1aa6814f140852591fdf06fc19d145d1
27462438fe02652377d010b490a87fcd115d737e
a772d90fbddb1af2d12bac619b91749f844c0dc56538ca7687a95c44eee95788
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 14:54:11 GMT
Expires: Sat, 01 Oct 2022 14:54:10 GMT
Etag: "27462438fe02652377d010b490a87fcd115d737e"
Cache-Control: max-age=472049,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7508f4e44981b51e-OSL
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 26 Sep 2022 03:36:40 GMT
Etag: "4078521116"
Expires: Tue, 26 Sep 2023 03:36:40 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=305600B5DE46726A7A785CC495315DD1:FG=1; max-age=31536000; expires=Tue, 26-Sep-23 03:36:40 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash 2aa515699565ff1fa1400e91e65da2aa
d96aa67f7b94ef2d2e4f1915cb403098a89db129
4b3504cbcb52a7fbed2eebe21e679f61e8a3138b40a702ce75c6f92fe23de2fe
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Mon, 26 Sep 2022 03:36:39 GMT
Etag: 0dfefd06f39dc8c883d0b7dc6b50ebf1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E5FD97D74FEC5D30; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 260d5f228a7e490dda5555e5d1e5fab6
3c8e9d6b00910d97230894afa828a08ea21aef57
96e6f4a9ae37ef06dc12ac5e954e49cf8aa358fe6a3acb23bbf932806b8e7330
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3067
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:40 GMT
Last-Modified: Mon, 26 Sep 2022 02:45:34 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 631db52bc360cd542ab1c7d5454035a5
ebd1372c9acd99733f5cadb50bb2f84a55f1cc94
e5d3e0312016c4b7ee888f6628954f5bbed3af63115fbb4089c3152ac878ac7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 50
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:40 GMT
Last-Modified: Mon, 26 Sep 2022 03:35:50 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/344634db9b6a41158d93b908983d1ab7
47.246.44.231200 OK 440 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/344634db9b6a41158d93b908983d1ab7
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 440 kB (439790 bytes)
Hash 07ad6948d174b603a75e166a521bbb04
d08af2d0fc9693ce636e66cbb89277875d7954f4
40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b
GET /obj/tos-cn-i-dy/344634db9b6a41158d93b908983d1ab7 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 439790
date: Wed, 14 Sep 2022 14:25:08 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 14 Sep 2022 11:30:49 GMT
nw-session-id: 20220914193049010150137047032108997qjmf02dy
nw-session-trace: 2022-09-14T19:30:49.714447827+08:00 34
x-bdcdn-cache-status: TCP_HIT
x-length: 439790
x-powered-by: ImageX
x-response-date: Wed, 14 Sep 2022 19:30:49 GMT
x-tt-logid: 2022091419304901015013704703210899
via: n150-055-204, cache2.l2de2[0,-1,206-0,H], cache12.l2de2[2,0], cache12.l2de2[3,0], cache4.se1[0,0,200-0,H], cache8.se1[2,0]
x-request-ip: fdbd:dc02:22:96::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 012daabd0b40cb118ccb02c4517a5fe301689ac17f00a14349a170232414db99d0ad2cbcbdb177e5ac30d8e9fa388f72fa3454057693359b65deb49c307c734ba6278d10a0357c9e53a36026db8282bb98eb5b22c3ca93811d146643ebeda0f8b1
x-response-lb: image
ali-swift-global-savetime: 1663165508
age: 997892
x-cache: HIT TCP_MEM_HIT dirn:4:90928527
x-swift-savetime: Wed, 14 Sep 2022 14:34:25 GMT
x-swift-cachetime: 31535443
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16641634007887989e
X-Firefox-Spdy: h2
17271819.com/2c164007ac96497ab449d2196508803a.gif
20.239.191.22200 OK 70 kB URL HTTP/1.1 17271819.com/2c164007ac96497ab449d2196508803a.gif
IP 20.239.191.22:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Hash 827ca50cd0e8aa2e60411690f8612e09
0dad56117cc53cbc1311126155d8ae61a282223b
07c1e38c05611d710c70941cac15cb5c470bd04af0fcf1fb289311404c2be75c
GET /2c164007ac96497ab449d2196508803a.gif HTTP/1.1
Host: 17271819.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:21:37 GMT
ETag: W/"62936551-4898c"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=2067703168&si=d2dcfef758bec3628a10d71714c04f20&su=http%3A%2F%2Fcgv.mmqk5.top%2F&v=1.2.97&lv=1&sn=33144&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fyyt.mmux11.top%2F&tt=%E5%92%AA%E5%92%AA%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=2067703168&si=d2dcfef758bec3628a10d71714c04f20&su=http%3A%2F%2Fcgv.mmqk5.top%2F&v=1.2.97&lv=1&sn=33144&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fyyt.mmux11.top%2F&tt=%E5%92%AA%E5%92%AA%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=2067703168&si=d2dcfef758bec3628a10d71714c04f20&su=http%3A%2F%2Fcgv.mmqk5.top%2F&v=1.2.97&lv=1&sn=33144&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fyyt.mmux11.top%2F&tt=%E5%92%AA%E5%92%AA%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Sep 2022 03:36:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=95DB01BB1860761F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b85b077be4418276b1c2a8882e68e619
ca59678467dfdc5bc65a2725692aaf37413f659e
17adb986a896f5c97010115b81d0a7fc2ed43f2e0c7bb37bf3e454d3d0b70ce0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 07:05:03 GMT
Expires: Sat, 01 Oct 2022 07:05:02 GMT
Etag: "ca59678467dfdc5bc65a2725692aaf37413f659e"
Cache-Control: max-age=443901,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7508f4e48fc1b4f9-OSL
pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
185.10.104.115200 OK 159 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 159 kB (158841 bytes)
Hash 0fe2b657af16774b05246565ba38f750
f462d3e76599f914aa520aee1f9b022b2cf4c20d
09bf9bfc931fb7f7148485fdd621fb2894388da405c46230d6584f3e213f878d
GET /bjh/0fe2b657af16774b05246565ba38f750.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 26 Sep 2022 03:36:40 GMT
content-type: image/gif
content-length: 158841
expires: Sun, 18 Sep 2022 15:15:05 GMT
last-modified: Fri, 06 May 2022 07:12:41 GMT
etag: "0fe2b657af16774b05246565ba38f750"
age: 908112
accept-ranges: bytes
content-md5: D+K2V68Wd0sFJGVlujj3UA==
x-bce-content-crc32: 1847957523
x-bce-debug-id: LkDe7ELpS/HFvbW7rsucaCF0I6lETOythvYbJ4tPO3z/Ol3FG0dfLOEbH2JfEEROliO4yOGwGb/QtdL2Bye0zw==
x-bce-request-id: ea667217-d061-40f8-b1c5-0acc4524f7d2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [3], czix243 [1]
ohc-file-size: 158841
x-cache-status: HIT
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/95e83044cdf96ff929c2262729f49b38.gif
185.10.104.115200 OK 34 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/95e83044cdf96ff929c2262729f49b38.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 48\012- data
Hash 95e83044cdf96ff929c2262729f49b38
08b0ec9c809ff166cc338941b0dd9a256bf6236c
243c7b83e1a97b8beaff0b51aa3c1a60f76b9b7ba70b84dc34d3cf546b61f759
GET /bjh/95e83044cdf96ff929c2262729f49b38.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 26 Sep 2022 03:36:40 GMT
content-type: image/gif
content-length: 33954
expires: Sat, 03 Sep 2022 08:18:19 GMT
last-modified: Thu, 04 Aug 2022 04:37:27 GMT
etag: "95e83044cdf96ff929c2262729f49b38"
age: 413678
accept-ranges: bytes
content-md5: legwRM35b/kpwiYnKfSbOA==
x-bce-content-crc32: 2764241748
x-bce-debug-id: dF69SI6stZ/JJqSrs4RbFDWodCrmQCbG0KajBDlrWbVewekl14FU3Gxonf4dULOtsQ+MpwrWUnyVytcF24qprA==
x-bce-request-id: 7a2e2164-bf45-4956-b0f6-c37e7bc6066b
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-cache-hit: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache60 [2], csix82 [2]
ohc-file-size: 33954
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 8e46c4ac9413f7d9ce280e844f879812
298b93ca9a06637971f88b236896165cd24d922a
616272d7f27b9d71be3365a8abd97ad55d41f3faa2b3c1038765d3d7c284c24b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:40 GMT
Server: ECS (amb/6B9F)
Content-Length: 727
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 03:34:55 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Wed, 26 Oct 2022 03:34:55 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1791462776&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fcgv.mmqk5.top%2F&v=1.2.97&lv=1&sn=33144&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fyyt.mmux11.top%2F&tt=%E5%92%AA%E5%92%AA%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1791462776&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fcgv.mmqk5.top%2F&v=1.2.97&lv=1&sn=33144&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fyyt.mmux11.top%2F&tt=%E5%92%AA%E5%92%AA%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1791462776&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fcgv.mmqk5.top%2F&v=1.2.97&lv=1&sn=33144&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fyyt.mmux11.top%2F&tt=%E5%92%AA%E5%92%AA%E7%88%B1%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Sep 2022 03:36:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=3E57744B8D74B764; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
xpj08.oss-cn-beijing.aliyuncs.com/vip80.gif
59.110.185.220200 OK 264 kB URL HTTP/1.1 xpj08.oss-cn-beijing.aliyuncs.com/vip80.gif
IP 59.110.185.220:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /vip80.gif HTTP/1.1
Host: xpj08.oss-cn-beijing.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63311E484050BF333623DB3B
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Mon, 08 Aug 2022 07:28:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 2
vcwzfn.com/f157c264dffc4d99ab16a145dba669d0.gif
45.61.212.131200 OK 445 kB URL HTTP/2 vcwzfn.com/f157c264dffc4d99ab16a145dba669d0.gif
IP 45.61.212.131:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 445 kB (445140 bytes)
Hash 8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454
GET /f157c264dffc4d99ab16a145dba669d0.gif HTTP/1.1
Host: vcwzfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62c2fa8d-6cad4"
server: nginx
date: Sun, 25 Sep 2022 19:01:03 GMT
content-type: image/gif
last-modified: Mon, 04 Jul 2022 14:34:53 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-01
content-length: 445140
X-Firefox-Spdy: h2
17265111.com/6d618dd3947a4ced907fd3f9de728d43.gif
20.239.189.131200 OK 246 kB URL HTTP/1.1 17265111.com/6d618dd3947a4ced907fd3f9de728d43.gif
IP 20.239.189.131:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Size 246 kB (246449 bytes)
Hash 82116782c1bd2d5ca9ef21c9bc926dfb
52395ccedc32522b82807529e4654bd440fd1f7b
d64d661290ffaae5d22fdf5ee65f03c2ba664b5deb5677152f31693d3df6eae3
GET /6d618dd3947a4ced907fd3f9de728d43.gif HTTP/1.1
Host: 17265111.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 12:20:05 GMT
ETag: W/"629364f5-69b6f"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
vkhhjp.com/c01eb55b5a754966a2834c2b63b1cdc7.gif
103.170.15.50200 OK 237 kB URL HTTP/2 vkhhjp.com/c01eb55b5a754966a2834c2b63b1cdc7.gif
IP 103.170.15.50:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 237 kB (236734 bytes)
Hash 04ae2506dd3ee8de6576603470617984
230dde6f7d8e2a26ecc3fe1595dc77aa81b36344
5eb34df8673dc91b31988b6099d25a2bad7f52183b37f053f55c4590443d9416
GET /c01eb55b5a754966a2834c2b63b1cdc7.gif HTTP/1.1
Host: vkhhjp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e28a-39cbe"
server: nginx
date: Sun, 25 Sep 2022 01:58:34 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:23:22 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-40
content-length: 236734
X-Firefox-Spdy: h2
p5.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/d30397527b3845bd8558477731dd019d~noop.image
218.60.98.100200 OK 103 kB URL HTTP/2 p5.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/d30397527b3845bd8558477731dd019d~noop.image
IP 218.60.98.100:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 103 kB (103173 bytes)
Hash 6857bf5106087caf69a49c1ed738c573
0a1fe550e9134da6568b23d54079700ea0cb927d
7e67d29e4af77086b0ef5a1559f7f4046440e315f403e1620b3c38cdb9bdff54
GET /img/tos-cn-i-siecs4i2o7/d30397527b3845bd8558477731dd019d~noop.image HTTP/1.1
Host: p5.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Byte-nginx
content-type: image/gif
content-length: 103173
access-control-allow-origin: *
age: 20907832
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 25 Jan 2022 02:34:59 GMT
nw-session-id: 20220125103459010209087131042EB65Avg7r202tt
nw-session-trace: 2022-01-25T10:34:59.804517957+08:00 62
server-timing: inner; dur=3
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-length: 103173
x-powered-by: ImageX
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-response-date: Tue, 25 Jan 2022 10:34:59 GMT
x-response-lb: image
x-tt-logid: 20220125103459010209087131042EB65A
x-tt-trace-host: 014fca8a137ae27738317af937d7437438e9bf3968051eb62568ee72a856755f8cd792687b0708374553221b38ef524dfecc92ff56d999444380fc6e4888a3184d9e90824a02f70a18a6ebb0af46375fccb3fb22f6163b158826f63e3ce2ce4f554b7c92d863369c7d62f9be2b7d2da69120033c6a8a1fd472c50e5976b7c9bebe
x-tt-trace-tag: id=5
date: Mon, 26 Sep 2022 03:36:41 GMT
via: cache01.dlcu
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1034dba50dcd7f68e3466fe94b0368f5
82862c084bfee27ce27000a1856c5b4cc844f801
b090eff5c1946cbaf2dd1f3aed162dbfaf0722dc00eea2bc516f52e5446fa15d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B090EFF5C1946CBAF2DD1F3AED162DBFAF0722DC00EEA2BC516F52E5446FA15D"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 26 Sep 2022 09:36:41 GMT
Date: Mon, 26 Sep 2022 03:36:41 GMT
Connection: keep-alive
u0078.com/e77c975b3f77445eadefb2db455a0fc3.gif
20.239.186.41200 OK 349 kB URL HTTP/1.1 u0078.com/e77c975b3f77445eadefb2db455a0fc3.gif
IP 20.239.186.41:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 640 x 350\012- data
Size 349 kB (349395 bytes)
Hash 7491feb7b10d3e76ad9c91d81eb19fa0
b586df30dd9035a1432491b2e1f3cfaab7bba9a4
6593179e388f2e6a1c4027d772b1bda4cd60fa1254cf915637291894f1a05a39
GET /e77c975b3f77445eadefb2db455a0fc3.gif HTTP/1.1
Host: u0078.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 10:56:43 GMT
ETag: W/"6324566b-55c31"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
vgvjkw.com/babcbe3202ae4f5ab8487c2e5403f4a8.gif
45.61.212.165200 OK 252 kB URL HTTP/2 vgvjkw.com/babcbe3202ae4f5ab8487c2e5403f4a8.gif
IP 45.61.212.165:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 252 kB (251717 bytes)
Hash 86e0be4ef089ebe6804677bc492dc244
e123e51bed1727570d265d9a0730735e74b523d4
b6c59d4c3d1634429659e14b13858046f1c8880a2b8fd1ab38e6a384ad89569a
GET /babcbe3202ae4f5ab8487c2e5403f4a8.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6309e26c-3d745"
server: nginx
date: Mon, 26 Sep 2022 03:36:40 GMT
content-type: image/gif
last-modified: Sat, 27 Aug 2022 09:22:52 GMT
accept-ranges: bytes
x-cache: MISS from cloud-us5-cdnb-05
content-length: 251717
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash fac2cae50dbda07fafe415ab82e3ef3a
2011720ff3ec793880dc97eae072503e0a86af79
00626a9eb5ee07799d06cf600aae32ac678d976a2632c2d4121319187d59055b
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 03:36:41 GMT
Ali-Swift-Global-Savetime: 1664163401
Via: cache14.l2de2[472,471,200-0,M], cache14.l2de2[473,0], cache4.se1[495,494,200-0,M], cache4.se1[496,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 26 Sep 2022 03:36:41 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816641634009737713e
si1.go2yd.com/get-image/0yFUidjGHhQ
163.171.140.79200 OK 121 kB URL HTTP/2 si1.go2yd.com/get-image/0yFUidjGHhQ
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 500 x 280\012- data
Size 121 kB (121040 bytes)
Hash 72f445e66343e28d92a588cd7858f2dc
0138a721a5a93bdac4700c65cc6f6490009d3c19
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0
GET /get-image/0yFUidjGHhQ HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:41 GMT
content-type: image/gif
content-length: 121040
x-application-context: application
x-kss-request-id: 926b8f9ca982487692c4e63ce22e4a6e
etag: "72f445e66343e28d92a588cd7858f2dc"
content-md5: cvRF5mND4o2SpYjNeFjy3A==
last-modified: Mon, 28 Feb 2022 07:36:54 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:5 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:12 (Cdn Cache Server V2.0), 1.1 tb118:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
x-ws-request-id: 63311e49_PShlamstdAMS1cc96_5926-62718
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
vecukb.com/2719d72ca72d49cf8efc39e40a93e430.gif
45.61.212.131200 OK 259 kB URL HTTP/2 vecukb.com/2719d72ca72d49cf8efc39e40a93e430.gif
IP 45.61.212.131:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (259280 bytes)
Hash 53d090335e8e78b28c5a51a7bcd9f866
42c109960113d98371ae8b95c216ffd7ef1a2fcd
66f9448c9ef2eb689df4f89ac297e2aaaf55e7b7f8d49aa646ff5569b4441bcc
GET /2719d72ca72d49cf8efc39e40a93e430.gif HTTP/1.1
Host: vecukb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6324565d-3f4d0"
server: nginx
date: Sun, 25 Sep 2022 17:37:04 GMT
content-type: image/gif
last-modified: Fri, 16 Sep 2022 10:56:29 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-01
content-length: 259280
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96080a.gif
47.110.177.104200 OK 363 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96080a.gif
IP 47.110.177.104:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 363 kB (362966 bytes)
Hash fcfc7777cb7a6d9a5b49ef18d048adfa
0baeac12e788455badfd7938580a8b2b39565f00
a20ecfaed5583e914dcf3212dcb46ae36d6e8b8aa8b42d86a9448b7072de9590
GET /xpj/xpj96080a.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: image/gif
Content-Length: 362966
Connection: keep-alive
x-oss-request-id: 63311E4853BCC6383782F7D2
Accept-Ranges: bytes
ETag: "FCFC7777CB7A6D9A5B49EF18D048ADFA"
Last-Modified: Wed, 21 Sep 2022 10:06:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11395936085308828248
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: /Px3d8t6bZpbSe8Y0Eit+g==
x-oss-server-time: 4
api.share.baidu.com/s.gif?r=http%3A%2F%2Fcgv.mmqk5.top%2F&l=http://yyt.mmux11.top/
39.156.68.163200 OK 23 B URL HTTP/1.1 api.share.baidu.com/s.gif?r=http%3A%2F%2Fcgv.mmqk5.top%2F&l=http://yyt.mmux11.top/
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f
GET /s.gif?r=http%3A%2F%2Fcgv.mmqk5.top%2F&l=http://yyt.mmux11.top/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yyt.mmux11.top/
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Length: 23
Content-Type: image/gif
Server: bfe
Date: Mon, 26 Sep 2022 03:36:41 GMT
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 82d0d6324d2ec235eca748c2775d9c78
6b5971ddd9f600c73938163b57aebe34c9abd909
b0ce2cbe4144c839145255c4859c3e5c49c429ea5a87b082e141cc7ea86051ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4624
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:36:41 GMT
Last-Modified: Mon, 26 Sep 2022 02:19:37 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 727
sz88.oss-cn-shenzhen.aliyuncs.com/02.gif
120.77.166.72200 OK 672 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/02.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 100\012- data
Size 672 kB (672530 bytes)
Hash 6f6a6e13329668405fef1523540dee76
066acc7fc837eb673108ea5ff7aba0ff0efd8282
08fa32ed67b0ddc30e4dd772b797c649962fa6c04840bc75d48965217f3cdc49
GET /02.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 26 Sep 2022 03:36:40 GMT
Content-Type: image/gif
Content-Length: 672530
Connection: keep-alive
x-oss-request-id: 63311E480E395334318613A8
Accept-Ranges: bytes
ETag: "6F6A6E13329668405FEF1523540DEE76"
Last-Modified: Sun, 15 May 2022 13:34:03 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12368396201495379341
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: b2puEzKWaEBf7xUjVA3udg==
x-oss-server-time: 3
dsupt.top/20220718/960_80.gif
198.16.41.182200 OK 52 kB URL HTTP/2 dsupt.top/20220718/960_80.gif
IP 198.16.41.182:0
File type GIF image data, version 89a, 960 x 80\012- data
Hash ff56d3d0bb9eef4833d17a07fecadb08
7d85f47df4d86bc3b09155287b237b9c731da097
feb778d732571a0d5f520577a91c1065bff9cea062a9dc34962abc5619cb5d86
Analyzer Verdict Alert quad9 Sinkholed
GET /20220718/960_80.gif HTTP/1.1
Host: dsupt.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:41 GMT
content-type: image/gif
content-length: 52137
last-modified: Mon, 18 Jul 2022 13:00:19 GMT
etag: "62d55963-cba9"
expires: Tue, 25 Oct 2022 10:58:07 GMT
cache-control: max-age=2592000
server: cdn-ddos-cc
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ac3d6ec0fdb54dbcad3779cb9c1d5a2a~noop.image
182.118.39.171200 OK 40 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ac3d6ec0fdb54dbcad3779cb9c1d5a2a~noop.image
IP 182.118.39.171:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 750 x 46\012- data
Hash de7ac5fafd71547e77999f4895e1ff83
eae4c114fdaa02bcd5082bb37c4dd5cebab807e6
d0b3d4d456a00c78e446d652b53f73b4d42b45ee253962ef54b1782d55259dc5
GET /img/tos-cn-i-siecs4i2o7/ac3d6ec0fdb54dbcad3779cb9c1d5a2a~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:36:42 GMT
content-type: image/gif
content-length: 39796
server: openresty
age: 232005
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 06 Apr 2022 13:27:27 GMT
nw-session-id: 2022040621272601020908716307E57619pmrr702tt
nw-session-trace: 2022-04-06T21:27:27.105544474+08:00 227
x-bdcdn-cache-status: TCP_HIT
x-ccdn-cachettl: 31536000
x-length: 39796
x-powered-by: ImageX
x-response-date: Wed, 06 Apr 2022 21:27:27 GMT
x-response-lb: image
x-tt-logid: 2022040621272601020908716307E57619
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=3
via: CHN-HAzhengzhou-AREACUCC1-CACHE52[3],CHN-HAzhengzhou-AREACUCC1-CACHE33[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE95[20],CHN-TJ-GLOBAL1-CACHE33[0,TCP_HIT,19]
x-hcs-proxy-type: 1
x-tt-trace-host: 01c596a485e3f8155e7980deb4a63d583da9ff9cbb3862e323cd7e227ae271a2cc0e8110a705517ae2c99992d8663e4d43bbb128901a4e9d7480c87677c8f7432d758699a9aff57e5fe763aa61084cf22cc379943e70b9e0c6ba618293ffea95ed1978f7535f6fb18000e7e11ab79e8fc282c3074a3b005a34d7ed3746808a7f0dbf64270f3f01eb0472ee0bd1b7ac9cc7
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
93533557591.com/00946a445772401895ecee2223297e7c.gif
103.170.15.100200 OK 818 kB URL HTTP/1.1 93533557591.com/00946a445772401895ecee2223297e7c.gif
IP 103.170.15.100:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 818 kB (817676 bytes)
Hash 2c0914501592136ef2d10a4111e355ed
d927d360f758036d51f4876f2ab97ac6d8ed5181
688662d5acf1c6584aa70e4a8ae273489b3a3b33e6b38f93571d85e99856d793
Analyzer Verdict Alert quad9 Sinkholed
GET /00946a445772401895ecee2223297e7c.gif HTTP/1.1
Host: 93533557591.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6326eca5-c7a0c"
Date: Sun, 18 Sep 2022 16:22:15 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 18 Sep 2022 10:02:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-30
Content-Length: 817676
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9febc0cc818534a786fdb2b90996abd9
d8ddad9e06ceed1eae53a71d5b46e614d3cb08c5
44cb213a54234504ed2d8b54abe66a7fd6ddb853362e2e725bd36fb63a924e63
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:36:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 16:29:50 GMT
Expires: Sun, 02 Oct 2022 16:29:49 GMT
Etag: "d8ddad9e06ceed1eae53a71d5b46e614d3cb08c5"
Cache-Control: max-age=564186,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7508f4e3f96cb4ee-OSL
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png
43.154.254.32200 OK 1.5 MB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.5 MB (1495356 bytes)
Hash af737e86fc083a958d9f25203333f0be
cb0ee5d9a71efdf61b622bd4175998bdeecca900
e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5cd5c322c76272c5e26cad46e1f3c6ce7/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 26 Sep 2022 03:36:40 GMT
content-type: image/gif
content-length: 1495356
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:08:11 GMT
cache-control: max-age=2592000
x-delay: 700 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1495356
chid: 0
fid: 0
x-nws-log-uuid: dcab64ef-e93b-49be-b4cc-dcff84a24ea5
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.png
43.154.254.32200 OK 894 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 26 Sep 2022 03:36:40 GMT
content-type: image/gif
content-length: 893726
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:38 GMT
cache-control: max-age=2592000
x-delay: 483 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 893726
chid: 0
fid: 0
x-nws-log-uuid: 5f7666d1-3c5f-492f-a4db-8af95588196c
X-Firefox-Spdy: h2
p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
43.154.254.32200 OK 456 kB URL HTTP/2 p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 650 x 350\012- data
Size 456 kB (456390 bytes)
Hash 24f8d711ff99c1b9e8eda597e520496d
0349e3b205f0e62dd5aa818e856efe8e7e1fe1d2
9079d8c7d39c6db6ab2e3421748cdfd1a55366b99304d2670fc3cfd48252f363
GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b58a032ac4afb4e3c2b8b36dd7d3e56948/0.png HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 26 Sep 2022 03:36:40 GMT
content-type: image/gif
content-length: 456390
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 17:11:26 GMT
cache-control: max-age=2592000
x-delay: 217 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 456390
chid: 0
fid: 0
x-nws-log-uuid: ccfc8741-0317-4aaf-be5e-71c123598b58
X-Firefox-Spdy: h2
img.999971.co/images/6321bb5e89514da47f19c375.gif
38.47.102.248302 Found 0 B URL HTTP/2 img.999971.co/images/6321bb5e89514da47f19c375.gif
IP 38.47.102.248:0
GET /images/6321bb5e89514da47f19c375.gif HTTP/1.1
Host: img.999971.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yyt.mmux11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/344634db9b6a41158d93b908983d1ab7
cache-control: max-age=3600
X-Firefox-Spdy: h2