r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3160
Expires: Mon, 05 Dec 2022 13:42:07 GMT
Date: Mon, 05 Dec 2022 12:49:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 447
Cache-Control: max-age=164959
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:27 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:38:46 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 12:18:29 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1858
alt-svc: clear
X-Firefox-Spdy: h2
www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw
107.187.227.202200 OK 789 B URL HTTP/1.1 www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw
IP 107.187.227.202:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 67512162f76eb93a917c3c2dc5ee2951
566f684243a91112b57ffd8d7670c896cdc4e53f
79487ee2abb24b06ce8fd1667e3583771b0d8dba33cbee18679d57b44038f99b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw HTTP/1.1
Host: www.elaswany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 12:49:26 GMT
Content-Type: text/html
Content-Length: 789
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2729
Expires: Mon, 05 Dec 2022 13:34:56 GMT
Date: Mon, 05 Dec 2022 12:49:27 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: neuT3uDY8uSWs+3KjeZY7uG5El87SximKmDVhTnJppHcdwN315WQLzzK2DiJlY0t6Z4rDOngmwc=
x-amz-request-id: QWS4DZGNM4QYJDKS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 12:47:25 GMT
age: 122
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.elaswany.com/common.js
107.187.227.202200 OK 935 B URL HTTP/1.1 www.elaswany.com/common.js
IP 107.187.227.202:0
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 21a6036f8e0357e3740098a52086c923
ac640e09918f10ffca3fd68e0ce19861bccaa1d4
63b7ef2152d345223a5d0bcbcb70057daab4b6c2035e9f308c26384fc7007701
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /common.js HTTP/1.1
Host: www.elaswany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 12:49:26 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.elaswany.com/tj.js
107.187.227.202200 OK 524 B IP 107.187.227.202:0
File type ASCII text, with CRLF line terminators
Hash da0b6f83bb4a656c032a5f89f2c7722f
595f460ae8e420120418de0f91d457cbe77c4beb
d55e0476329e2964fad7a73e79305ec910dc9612cef8b6ec9fabb92267727242
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /tj.js HTTP/1.1
Host: www.elaswany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 12:49:26 GMT
Content-Type: application/x-javascript
Content-Length: 524
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 12:08:58 GMT
cache-control: public,max-age=3600
age: 2429
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 438
Cache-Control: max-age=159882
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:28 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:14:10 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
api.share.baidu.com/s.gif?l=http://www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elaswany.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 05 Dec 2022 12:49:28 GMT
www.elaswany.com/favicon.ico
107.187.227.202200 OK 1.2 kB URL HTTP/1.1 www.elaswany.com/favicon.ico
IP 107.187.227.202:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.elaswany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 12:49:27 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 10 Dec 2022 12:49:27 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HR0BbArtNkGnv1hpvgDaAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TwkO38b4jLOLvZL1yO1U/lb7nJc=
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 76fc253a778ebd72b03dd4d9eabc2140
5481ca6ed0ae932a3fbf8334c02b53567f1c9c6e
2c93351f5892fcd35b360809c8910d4748d763293d19af9a8945ca5dc49cf8dd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 09 Dec 2022 10:10:50 GMT
ETag: "5481ca6ed0ae932a3fbf8334c02b53567f1c9c6e"
Last-Modified: Mon, 05 Dec 2022 10:10:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1535
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774ce6e9ea810b51-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 76fc253a778ebd72b03dd4d9eabc2140
5481ca6ed0ae932a3fbf8334c02b53567f1c9c6e
2c93351f5892fcd35b360809c8910d4748d763293d19af9a8945ca5dc49cf8dd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 09 Dec 2022 10:10:50 GMT
ETag: "5481ca6ed0ae932a3fbf8334c02b53567f1c9c6e"
Last-Modified: Mon, 05 Dec 2022 10:10:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1535
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774ce6e9efeab50b-OSL
hm.baidu.com/hm.js?08fdf5dc9ded3c4159445f1a6aea7feb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?08fdf5dc9ded3c4159445f1a6aea7feb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (628)
Hash 2013e5aa0aca14d40b926bda4e5e217b
1d9bcd5c1e73bbdf905036b77531afbeb09c816c
006e403a6a5560c70dc8f5bb4062825ecdca861cd1346359b65bbe9f32228d20
GET /hm.js?08fdf5dc9ded3c4159445f1a6aea7feb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elaswany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11266
Content-Type: application/javascript
Date: Mon, 05 Dec 2022 12:49:29 GMT
Etag: 6e91a7169acb9a24dbe615e548d732ae
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6FCD2540559592A6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?5cef0a348cf6f8492b9b6183536d10e5
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?5cef0a348cf6f8492b9b6183536d10e5
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 0d3d0ef842921252d863752c111065de
3fce91fe26046c87cdf84d718136bf958cd28b92
4f32f0de35a46eb97ed0368d21e6f0266dbb42af519289f52baad2c2d371768d
GET /hm.js?5cef0a348cf6f8492b9b6183536d10e5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elaswany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 05 Dec 2022 12:49:29 GMT
Etag: e1e9fa68ec31875258824900cc33b358
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=28F3A1F1C4D741B2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4835
Expires: Mon, 05 Dec 2022 14:10:04 GMT
Date: Mon, 05 Dec 2022 12:49:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4835
Expires: Mon, 05 Dec 2022 14:10:04 GMT
Date: Mon, 05 Dec 2022 12:49:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4835
Expires: Mon, 05 Dec 2022 14:10:04 GMT
Date: Mon, 05 Dec 2022 12:49:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 53985
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 54324
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kf_hcK2d2YFhladZn1S4cyGq7vLTSKdWgPUTNT0M9LwHXuOV-nlgGw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 53842
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J5nMfQKgT-FYVTurkqi_1CM7gu_aDiAN9NLP7hocqQ10UixVzQcq5w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:47:08 GMT
age: 54141
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557fea28a0a540d2ffdadd828e03de0b
c314368e2e73dabf2c5d856e2c3e1fae610a3005
0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v2OgP5Rhp06ijoZU2F8vOhLjBfHdBMPa2mOIg6EiYJrgCRbrKgJz2g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 53842
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d5IKLNblcA9AzCoGMpGmIGwUu-kQlHlouju5mm2NwsSOin4MFT40mg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:56:21 GMT
age: 53588
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=638072335&si=08fdf5dc9ded3c4159445f1a6aea7feb&v=1.3.0&lv=1&sn=19557&r=0&ww=1280&u=http%3A%2F%2Fwww.elaswany.com%2Findex.php%3Fepl%3D7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E8%B5%AB%E5%BA%A6%E4%BF%A1%E7%94%A8%E6%8B%85%E4%BF%9D%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=638072335&si=08fdf5dc9ded3c4159445f1a6aea7feb&v=1.3.0&lv=1&sn=19557&r=0&ww=1280&u=http%3A%2F%2Fwww.elaswany.com%2Findex.php%3Fepl%3D7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E8%B5%AB%E5%BA%A6%E4%BF%A1%E7%94%A8%E6%8B%85%E4%BF%9D%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=638072335&si=08fdf5dc9ded3c4159445f1a6aea7feb&v=1.3.0&lv=1&sn=19557&r=0&ww=1280&u=http%3A%2F%2Fwww.elaswany.com%2Findex.php%3Fepl%3D7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E8%B5%AB%E5%BA%A6%E4%BF%A1%E7%94%A8%E6%8B%85%E4%BF%9D%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elaswany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 05 Dec 2022 12:49:29 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6CA05737FFF6C22E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=837121254&si=5cef0a348cf6f8492b9b6183536d10e5&v=1.3.0&lv=1&sn=19557&r=0&ww=1280&u=http%3A%2F%2Fwww.elaswany.com%2Findex.php%3Fepl%3D7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E8%B5%AB%E5%BA%A6%E4%BF%A1%E7%94%A8%E6%8B%85%E4%BF%9D%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=837121254&si=5cef0a348cf6f8492b9b6183536d10e5&v=1.3.0&lv=1&sn=19557&r=0&ww=1280&u=http%3A%2F%2Fwww.elaswany.com%2Findex.php%3Fepl%3D7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E8%B5%AB%E5%BA%A6%E4%BF%A1%E7%94%A8%E6%8B%85%E4%BF%9D%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=837121254&si=5cef0a348cf6f8492b9b6183536d10e5&v=1.3.0&lv=1&sn=19557&r=0&ww=1280&u=http%3A%2F%2Fwww.elaswany.com%2Findex.php%3Fepl%3D7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw&tt=%E5%91%BC%E5%92%8C%E6%B5%A9%E7%89%B9%E8%B5%AB%E5%BA%A6%E4%BF%A1%E7%94%A8%E6%8B%85%E4%BF%9D%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elaswany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 05 Dec 2022 12:49:29 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=094A07307B60CC3E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e5fffc03f3ac87e31cab78e6a6f90873
51c22d9580a989630912a5502fb01f1cfc131fef
945ac591ac7f574566625c1a8904a63f84c41de4c28e8c4278028aa31052a7af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "945AC591AC7F574566625C1A8904A63F84C41DE4C28E8C4278028AA31052A7AF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 18:49:29 GMT
Date: Mon, 05 Dec 2022 12:49:29 GMT
Connection: keep-alive
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elaswany.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 05 Dec 2022 12:49:30 GMT
Etag: "4078521116"
Expires: Tue, 05 Dec 2023 12:49:30 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=7EB7DDE3AD147CDCB2117635952A04B8:FG=1; max-age=31536000; expires=Tue, 05-Dec-23 12:49:30 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
api.share.baidu.com/s.gif?l=http://www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.elaswany.com/index.php?epl=7Xa6b3ULM5oftlRTjT2CIZTiX8pBQuEUyV3shYlB9TaMWBfVhKGOyKRDGL0JGg-QFHE-DMmtoLipFnkwCgEUFIZR172KGhWEiSF8io3cCkksR3PQCNXpQQdWqq4gbp7l7W0otQ8PlX9O8sSkh9SeYiONUE9TA015NICmNuppglENdQAgsN6vvwAA4H0BAABAgNsKAACl-JdyWVMmWUExNmhaQpEAAADw HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.elaswany.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 05 Dec 2022 12:49:30 GMT
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a8364d36f24f00b7edd3d6f550aaba23
29f35176581c11821bf644387c84531278d3b87a
ff396f2d63f24f07d7c116deb23faf538d085afeef1b17794d921ad2c1246740
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF396F2D63F24F07D7C116DEB23FAF538D085AFEEF1B17794D921AD2C1246740"
Last-Modified: Sat, 03 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 18:49:31 GMT
Date: Mon, 05 Dec 2022 12:49:31 GMT
Connection: keep-alive
i.91p47.com//thumb/676652.jpg
104.27.195.88200 OK 77 kB URL HTTP/2 i.91p47.com//thumb/676652.jpg
IP 104.27.195.88:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 400x224, components 3\012- data
Hash bba0a8f6310805799041d23616bf0b21
b98d5848c7a61de44d94605914a2cca8ef6c34a9
26390dfc6439802aee32d1fe8735e8c7e2c7ab271f6198101d2f761610d10431
GET //thumb/676652.jpg HTTP/1.1
Host: i.91p47.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: image/jpeg
content-length: 76667
cf-bgj: h2pri
etag: "62e006a1-12b7b"
last-modified: Tue, 26 Jul 2022 15:22:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJaZetuJET8ZVL4d3BghTHIhA9z0q5jsUdifRcDZr%2FkNDTETdGKqpmKknHqkEP0OcKxWp4ZnVgYVVKuQTR3fvPRYSQUcX91ccJMXXRg3XzhI6k6IyaWtG0Uy8DSw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774ce7010f45b52d-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3e5e0765fda7e56d651c079b6a75adf8
1a09f929372063ae61c105dcf73fb3c176d32382
4d5bebdfbcde277a1287875c6b9272ba595e01fb21dbdfdcaad32041bbe85309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4812
Cache-Control: max-age=154147
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:32 GMT
Etag: "638d8d33-117"
Expires: Wed, 07 Dec 2022 07:38:39 GMT
Last-Modified: Mon, 05 Dec 2022 06:18:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3e5e0765fda7e56d651c079b6a75adf8
1a09f929372063ae61c105dcf73fb3c176d32382
4d5bebdfbcde277a1287875c6b9272ba595e01fb21dbdfdcaad32041bbe85309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1007
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:32 GMT
Etag: "638d8d33-117"
Last-Modified: Mon, 05 Dec 2022 12:32:45 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279
www.bb6622.xyz/res/kj/hf1111.js?v=iki8ehxinr5
103.142.9.106200 OK 387 B URL HTTP/2 www.bb6622.xyz/res/kj/hf1111.js?v=iki8ehxinr5
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 2e6e9290195b4b563f01431ca7a0d717
d20bef026fae419819a710ec1dee39ed9df16ab0
7949d72f30f6722f487a8eeef428301883693280d5e2d1e19f1b9fc9706696d6
GET /res/kj/hf1111.js?v=iki8ehxinr5 HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: application/javascript
content-length: 387
last-modified: Sat, 12 Nov 2022 14:05:23 GMT
etag: "636fa823-183"
expires: Tue, 06 Dec 2022 00:49:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bb6622.xyz/res/img/re.gif
103.142.9.106200 OK 254 B URL HTTP/2 www.bb6622.xyz/res/img/re.gif
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /res/img/re.gif HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: image/gif
content-length: 254
last-modified: Thu, 09 Jun 2022 11:02:42 GMT
etag: "62a1d352-fe"
expires: Wed, 04 Jan 2023 12:49:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bb6622.xyz/res/kj/hf222.js?v=nlkxinnn95
103.142.9.106200 OK 381 B URL HTTP/2 www.bb6622.xyz/res/kj/hf222.js?v=nlkxinnn95
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 8271697e03072cd5d365129d0ae0e5d6
ce4fdbb153cd963dff429f0527710876d27dcfc1
a34636d6dc82278f76d1e00283bcd4d3d9c89911cae29ca24466d94700677ad9
GET /res/kj/hf222.js?v=nlkxinnn95 HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: application/javascript
content-length: 381
last-modified: Sat, 12 Nov 2022 14:15:28 GMT
etag: "636faa80-17d"
expires: Tue, 06 Dec 2022 00:49:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bb6622.xyz/res/kj/hf33.js?v=kaisxin3d3
103.142.9.106200 OK 384 B URL HTTP/2 www.bb6622.xyz/res/kj/hf33.js?v=kaisxin3d3
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 180e652de57338ce813c05cb59300edc
2ceef8748e6ef6d46010a43db0dfc1a18161010f
646c4729ae8f2ec1dee0543bfa87f50b6b5530c797a96f3cc6623ee7f2eabc3a
GET /res/kj/hf33.js?v=kaisxin3d3 HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: application/javascript
content-length: 384
last-modified: Sat, 12 Nov 2022 14:20:32 GMT
etag: "636fabb0-180"
expires: Tue, 06 Dec 2022 00:49:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3e5e0765fda7e56d651c079b6a75adf8
1a09f929372063ae61c105dcf73fb3c176d32382
4d5bebdfbcde277a1287875c6b9272ba595e01fb21dbdfdcaad32041bbe85309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1008
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:33 GMT
Last-Modified: Mon, 05 Dec 2022 12:32:45 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
s2.loli.net/2022/11/29/Bg4fyh2TFGQiUta.gif
172.67.69.40200 OK 375 kB URL HTTP/2 s2.loli.net/2022/11/29/Bg4fyh2TFGQiUta.gif
IP 172.67.69.40:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 375 kB (374641 bytes)
Hash 623bbed8517585b1244e51bfade63f86
7bc8817aefa764fdc12ffa7cf709aac8d31d091d
f5409db1108c2ae67f6ee1f95cad63fdb1c83a60da02c4d489d7be1bcd7b7766
GET /2022/11/29/Bg4fyh2TFGQiUta.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: image/gif
content-length: 374641
last-modified: Tue, 29 Nov 2022 08:29:41 GMT
etag: "6385c2f5-5b771"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RV5wMwfWJtpYO1yaOFMDyF0Sz%2FrqBWT1Nswlxib4j7Wpzo62pPQulxCtozBHaGfiDNIa2bppVOubamvIgvpa%2Bpv1KbjGg63goFhNgSGVE5giAO1fEaCKjs5L506R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774ce703efedb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?59dbcade758b7bc9dba4872c93f5b0da
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?59dbcade758b7bc9dba4872c93f5b0da
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 261afdd816ea65972384f5726eeaa51c
6e21b1f5f788a7a1fd6afcc5ee81793f226ca9d4
063a976a1d92c5dad1da8d904aaa13737c7ef9bfff6c62316dfcdb99ecdb101e
GET /hm.js?59dbcade758b7bc9dba4872c93f5b0da HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Mon, 05 Dec 2022 12:49:33 GMT
Etag: c003d64d2811107f2968edfabe051802
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6CF5004F35D440A0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.bb6622.xyz/res/img/zs.jpg
103.142.9.106200 OK 68 kB URL HTTP/2 www.bb6622.xyz/res/img/zs.jpg
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 966x60, components 3\012- data
Hash baf3ead116697719af11a6338b9c06ef
878caf7124ab95c66229744d4f3928d47ef21eed
4610d108db80b54e2386d21d95bd80463a6082bd1c7af2c23c2a69969b9e4ea4
GET /res/img/zs.jpg HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: image/jpeg
content-length: 68106
last-modified: Wed, 08 Jun 2022 03:05:19 GMT
etag: "62a011ef-10a0a"
expires: Wed, 04 Jan 2023 12:49:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bb6622.xyz/images/video-play.png
103.142.9.106200 OK 1.6 kB URL HTTP/2 www.bb6622.xyz/images/video-play.png
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /images/video-play.png HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/css/zui.css?t=g6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: image/png
content-length: 1567
last-modified: Thu, 21 Apr 2022 12:26:06 GMT
etag: "62614d5e-61f"
expires: Wed, 04 Jan 2023 12:49:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?37680f06eee88d214b006fb475560c30
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?37680f06eee88d214b006fb475560c30
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash c23587d66fdbe6cd46d9a490f05fde2f
7636502b821eb60ae675ac14688eee132661b59a
62a3c644fb02a7b52162fa3711e8a8dbdaf9e9165c30233cfedda35fdeb8a422
GET /hm.js?37680f06eee88d214b006fb475560c30 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Mon, 05 Dec 2022 12:49:33 GMT
Etag: 461b1ac69b9976a125a45d3ca9c096a1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3003C6627127C68C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a02b0d457bfedc42f9f93ee95e8a582c
f6002834b06abc040e7d7c5911d4eb0586ab1408
e4789beb3da5f0fab76299a7a5f355e1effa62607a5f24e643484ce8c27e4214
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4789BEB3DA5F0FAB76299A7A5F355E1EFFA62607A5F24E643484CE8C27E4214"
Last-Modified: Sun, 04 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14666
Expires: Mon, 05 Dec 2022 16:53:59 GMT
Date: Mon, 05 Dec 2022 12:49:33 GMT
Connection: keep-alive
s2.loli.net/2022/09/08/1fLxUlZTQmpajSr.gif
172.67.69.40200 OK 76 kB URL HTTP/2 s2.loli.net/2022/09/08/1fLxUlZTQmpajSr.gif
IP 172.67.69.40:0
File type GIF image data, version 89a, 960 x 80\012- data
Hash 84d231a1ac28293b8d23767a8bc4f13f
02ac654dea8ac726aafe7103b36d886c7aef2551
d8b1c260085d0345637b1d28cdbd1c726bbefa2073a257dcf8b85dee14fbac64
GET /2022/09/08/1fLxUlZTQmpajSr.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 12:49:33 GMT
content-type: image/gif
content-length: 76506
last-modified: Thu, 08 Sep 2022 08:15:32 GMT
etag: "6319a4a4-12ada"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XeJi6dpifeX%2BMv9bzfyQsAv5GEyaM2Ya0F6JlTCJ0pMz30NTNU3tLJJsyPbyI8ZxDzKbPNMDJVDrM7WzaBnOtkWw%2BqBWV%2B6SejsaNH252KgbNA2t8ljOIH3RXaE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774ce7037f78b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a02b0d457bfedc42f9f93ee95e8a582c
f6002834b06abc040e7d7c5911d4eb0586ab1408
e4789beb3da5f0fab76299a7a5f355e1effa62607a5f24e643484ce8c27e4214
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4789BEB3DA5F0FAB76299A7A5F355E1EFFA62607A5F24E643484CE8C27E4214"
Last-Modified: Sun, 04 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7391
Expires: Mon, 05 Dec 2022 14:52:44 GMT
Date: Mon, 05 Dec 2022 12:49:33 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=372038642&si=59dbcade758b7bc9dba4872c93f5b0da&su=http%3A%2F%2Fwww.elaswany.com%2F&v=1.3.0&lv=1&sn=19561&r=0&ww=1280&u=https%3A%2F%2Fwww.bb6622.xyz%2Findex.html&tt=%E6%B3%A2%E6%B3%A2%E5%BD%B1%E9%99%A2
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=372038642&si=59dbcade758b7bc9dba4872c93f5b0da&su=http%3A%2F%2Fwww.elaswany.com%2F&v=1.3.0&lv=1&sn=19561&r=0&ww=1280&u=https%3A%2F%2Fwww.bb6622.xyz%2Findex.html&tt=%E6%B3%A2%E6%B3%A2%E5%BD%B1%E9%99%A2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=372038642&si=59dbcade758b7bc9dba4872c93f5b0da&su=http%3A%2F%2Fwww.elaswany.com%2F&v=1.3.0&lv=1&sn=19561&r=0&ww=1280&u=https%3A%2F%2Fwww.bb6622.xyz%2Findex.html&tt=%E6%B3%A2%E6%B3%A2%E5%BD%B1%E9%99%A2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 05 Dec 2022 12:49:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7D30C16DA2179295; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash e6c97da69167e641d7dfd9e132e3ea59
1336e35ab01cafc87cb78a7a635ac654a62e652d
af773104bf1956247b98fd51adf3867fb0b2dbee8b462fb0d82f7e855dc86c79
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 09 Dec 2022 11:04:20 GMT
ETag: "1336e35ab01cafc87cb78a7a635ac654a62e652d"
Last-Modified: Mon, 05 Dec 2022 11:04:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1543
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774ce709eccab515-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash e6c97da69167e641d7dfd9e132e3ea59
1336e35ab01cafc87cb78a7a635ac654a62e652d
af773104bf1956247b98fd51adf3867fb0b2dbee8b462fb0d82f7e855dc86c79
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 09 Dec 2022 11:04:20 GMT
ETag: "1336e35ab01cafc87cb78a7a635ac654a62e652d"
Last-Modified: Mon, 05 Dec 2022 11:04:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1543
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774ce709ecccb515-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 6c6344e61aff312ca8df0a52d2e93fea
28513a309ae11de259943ae74ccfac5b8a2c483c
ec2085630fefde021f1d28394b7974760d2a1293f723d59583f31ed33bfe8141
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 09 Dec 2022 09:46:04 GMT
ETag: "28513a309ae11de259943ae74ccfac5b8a2c483c"
Last-Modified: Mon, 05 Dec 2022 09:46:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3476
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774ce709fcf6b515-OSL
kvmaa.com/7eac39bc4b497ca306e5bbb3999fe104.gif
137.175.13.78301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/7eac39bc4b497ca306e5bbb3999fe104.gif
IP 137.175.13.78:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7eac39bc4b497ca306e5bbb3999fe104.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 05 Dec 2022 12:49:38 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/7eac39bc4b497ca306e5bbb3999fe104.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a5e73ae633cecbc65d4929a188021ea6
8a612cd4f12fa0062270f13581c96ae67edae824
a77e66056b53df293e55763ad4364e41ec5ce375a19d5e25b8df163d39778599
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 01:54:29 GMT
Expires: Mon, 12 Dec 2022 01:54:28 GMT
Etag: "8a612cd4f12fa0062270f13581c96ae67edae824"
Cache-Control: max-age=564894,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce709da10b51e-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 782a0857bebad880cf25dbc86f0cdfd8
0cfa0bc92179f85d647cb7be3c78d01dd49fa4a6
556292e5dee756e00f1bad4504c6abf292ac8e5e1a29e57921b86219488aa4c6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 02:11:01 GMT
Expires: Mon, 12 Dec 2022 02:11:00 GMT
Etag: "0cfa0bc92179f85d647cb7be3c78d01dd49fa4a6"
Cache-Control: max-age=565886,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce709de09fab4-OSL
www.bb6622.xyz/res/kj/hf0000hf.js?v=hbhk9352sk96s
103.142.9.106200 OK 1.4 kB URL HTTP/2 www.bb6622.xyz/res/kj/hf0000hf.js?v=hbhk9352sk96s
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
Hash 845ed6938b27c948af167d7d57883e81
a1df00092f4dd8ec42baa688ed308cb78b0c5fd6
b8f6fbe02b174c7c4b9582a479499a31246689e229610afb34859946c1e1f002
GET /res/kj/hf0000hf.js?v=hbhk9352sk96s HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 13:05:14 GMT
vary: Accept-Encoding
etag: W/"6389f80a-15a1"
expires: Tue, 06 Dec 2022 00:49:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
s2.loli.net/2022/09/08/OwfSm9xd3N84yVo.gif
172.67.69.40200 OK 205 kB URL HTTP/2 s2.loli.net/2022/09/08/OwfSm9xd3N84yVo.gif
IP 172.67.69.40:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 205 kB (205005 bytes)
Hash 92333d1b27dc34d9d2954a9002b28430
dc171655c9f6679a37ed79505bfde28154b322b7
326dfa38159118ab18aa5dce0a9c10f4e19f2050a0bafeda7bfe7a0a4aca0cc5
GET /2022/09/08/OwfSm9xd3N84yVo.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 12:49:33 GMT
content-type: image/gif
content-length: 205005
last-modified: Thu, 08 Sep 2022 08:46:30 GMT
etag: "6319abe6-320cd"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYhjCxDIkwzMFnw5O7K%2BIpEnxnt%2Bt4TLkyT1xcYZlmrshjeNJPiDxnjJ5wF0LHRp3U4HEa%2FFNvltO78UhqkQYNHojFRPHqqd5W67bv13kcyq1t%2FDSBDT3rhgiDgC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774ce7036f65b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=306087699&si=37680f06eee88d214b006fb475560c30&su=http%3A%2F%2Fwww.elaswany.com%2F&v=1.3.0&lv=1&sn=19561&r=0&ww=1280&u=https%3A%2F%2Fwww.bb6622.xyz%2Findex.html&tt=%E6%B3%A2%E6%B3%A2%E5%BD%B1%E9%99%A2
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=306087699&si=37680f06eee88d214b006fb475560c30&su=http%3A%2F%2Fwww.elaswany.com%2F&v=1.3.0&lv=1&sn=19561&r=0&ww=1280&u=https%3A%2F%2Fwww.bb6622.xyz%2Findex.html&tt=%E6%B3%A2%E6%B3%A2%E5%BD%B1%E9%99%A2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=306087699&si=37680f06eee88d214b006fb475560c30&su=http%3A%2F%2Fwww.elaswany.com%2F&v=1.3.0&lv=1&sn=19561&r=0&ww=1280&u=https%3A%2F%2Fwww.bb6622.xyz%2Findex.html&tt=%E6%B3%A2%E6%B3%A2%E5%BD%B1%E9%99%A2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 05 Dec 2022 12:49:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F55F2A54A7048F77; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d113e53153d91704dd95d3dfa419169e
0e9a37c0f4fc305cf06d5aa41f306f690e6a165a
16a23c55df1f5863fedd13b70c72cc033baf101b8b9639d05c151a92a62e3b71
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 09:52:04 GMT
Expires: Fri, 09 Dec 2022 09:52:03 GMT
Etag: "0e9a37c0f4fc305cf06d5aa41f306f690e6a165a"
Cache-Control: max-age=334349,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce709d89e0b02-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5f6854230b45e697426669403f7bc9ce
b754322d440f8973fd2b45b8760cc9519cdff7f9
559f3d3aecce7623877d6898ab849c3ee6e3e9d2017deb32fd1f706461d644eb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 15:36:56 GMT
Expires: Sat, 10 Dec 2022 15:36:55 GMT
Etag: "b754322d440f8973fd2b45b8760cc9519cdff7f9"
Cache-Control: max-age=441441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce70a1a68b51e-OSL
www.bb6622.xyz/css/zui.css?t=g6
103.142.9.106200 OK 298 kB URL HTTP/2 www.bb6622.xyz/css/zui.css?t=g6
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
Size 298 kB (298050 bytes)
Hash 2f12e774fc3ec07cdbf5c6247e66d067
6012814af561b03f5c2abce6074e26d0fd237cc0
1f01f3af2bda1ca490aa5ee0d53b7ce1395da94b082a20ef96c2adb60276b060
GET /css/zui.css?t=g6 HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: text/css
last-modified: Sun, 23 Oct 2022 08:07:18 GMT
vary: Accept-Encoding
etag: W/"6354f636-1809f"
expires: Tue, 06 Dec 2022 00:49:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 00a6330cc3278b408555fbdccf1ad076
013362d888a688774b392403bd21d04e8f02276f
9aa0b0c5020ce6c90c6ff10c5ee5481d61193333f5dd37935a96a92a77ec79f3
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 09 Dec 2022 11:05:54 GMT
ETag: "013362d888a688774b392403bd21d04e8f02276f"
Last-Modified: Mon, 05 Dec 2022 11:05:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1665
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774ce70bffcab515-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c42f0af98683df5027f97178a1157a73
f37e42e9787f6dfe4f3c1a8dbc4dd657145fe5d9
3ee74c7c7b0c06701a671405efea388a3e470500df557328dadab636e2c975e5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 12:54:35 GMT
Expires: Sat, 10 Dec 2022 12:54:34 GMT
Etag: "f37e42e9787f6dfe4f3c1a8dbc4dd657145fe5d9"
Cache-Control: max-age=431699,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce70bfac10b02-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 532bad705b38108b6ffb6c81138d8760
aed30cc286e6fea0f559a84615eadabfc2ad491b
8a13ac8b93e791a1d7cc65177020434ed8a248a0f5ca78e24670d8398b8fd329
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:34 GMT
Etag: "638cb1dd-117"
Last-Modified: Mon, 05 Dec 2022 11:48:14 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279
nvhbbb.top/7eac39bc4b497ca306e5bbb3999fe104.gif
172.67.170.188200 OK 482 kB URL HTTP/2 nvhbbb.top/7eac39bc4b497ca306e5bbb3999fe104.gif
IP 172.67.170.188:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 482 kB (482190 bytes)
Hash 72e5bc9753b8b7df58fb7e722beda509
33d1e8ef4f3fb175565ba848d19f85e512a54319
c7b30c3f2343286ed68d60b2ae700755d51199427d4a22622ed3c866ee9e3057
GET /7eac39bc4b497ca306e5bbb3999fe104.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bb6622.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 12:49:34 GMT
content-type: image/gif
content-length: 482190
last-modified: Tue, 22 Nov 2022 15:41:06 GMT
etag: "637ced92-75b8e"
expires: Fri, 23 Dec 2022 16:08:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1024861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCzzTt5AAdqP80sszN4sUSN6J0Q%2B6rAfl3wIfy7uZ2PjV%2Bod1S1h9wYwA7UD0f3glDyUcdll8P5pyJRxekVMnkMBiYPc6kyZTYNRTdYEVciE8IDg56QJPbITMjSs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774ce70c7bd1b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 532bad705b38108b6ffb6c81138d8760
aed30cc286e6fea0f559a84615eadabfc2ad491b
8a13ac8b93e791a1d7cc65177020434ed8a248a0f5ca78e24670d8398b8fd329
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:34 GMT
Last-Modified: Mon, 05 Dec 2022 11:48:14 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
828239sam.com/67c51d1d5d2f469ab10c54a6c2fd6db1.gif
45.61.212.119200 OK 82 kB URL HTTP/1.1 828239sam.com/67c51d1d5d2f469ab10c54a6c2fd6db1.gif
IP 45.61.212.119:0
File type GIF image data, version 89a, 320 x 185\012- data
Hash 5b9fdd2599b326b9a953bb7486f130b6
4c9ce0d99fa7101c80dcf8dd22b1b9ec5d7adcbc
01ef753ce7a1bc4ac387a1a423990b150c516789a53b5f9065716fc560d55d91
GET /67c51d1d5d2f469ab10c54a6c2fd6db1.gif HTTP/1.1
Host: 828239sam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "636cf038-1400b"
Date: Thu, 10 Nov 2022 15:31:39 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 10 Nov 2022 12:36:08 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-19
Content-Length: 81931
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 532bad705b38108b6ffb6c81138d8760
aed30cc286e6fea0f559a84615eadabfc2ad491b
8a13ac8b93e791a1d7cc65177020434ed8a248a0f5ca78e24670d8398b8fd329
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93183
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:34 GMT
Etag: "638cb1dd-117"
Expires: Tue, 06 Dec 2022 14:42:37 GMT
Last-Modified: Sun, 04 Dec 2022 14:42:37 GMT
Server: nginx
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 3b621efea5f8fc4097b5a3732de7fc19
56ebada8e60a2377f5b9e0808d217899110c1cba
62d54372f3201a2ca503817dd701658a7df8eb483fed00199ab8b967f9de4323
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 05:12:54 GMT
Expires: Sun, 11 Dec 2022 05:12:53 GMT
Etag: "56ebada8e60a2377f5b9e0808d217899110c1cba"
Cache-Control: max-age=490398,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce70c3fdafab4-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c589666f6a5500da18ae84965b3fc734
f94f2108adcf3f6e2a13f4e40da836c6a1665061
0b055d42f4437c1de326c74ff4e4add81db4cf45fc0fd491f5b63358e2655c4b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 03:55:49 GMT
Expires: Sun, 11 Dec 2022 03:55:48 GMT
Etag: "f94f2108adcf3f6e2a13f4e40da836c6a1665061"
Cache-Control: max-age=485773,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce70cab700b02-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash c770341ea76b4b4d564224bfc28e2a85
c2e1849529b69b2b855919fcb89d28fa11694393
b67163cce1a777a4d46e3c65095b166ce8e099c2386d4ad4527e245b3c52b473
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5917
Cache-Control: max-age=125047
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:34 GMT
Etag: "638d1738-2d7"
Expires: Tue, 06 Dec 2022 23:33:41 GMT
Last-Modified: Sun, 04 Dec 2022 21:55:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 727
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 5765e3857d3ec568778e0a354dbcd2eb
16700c930330b3712a30cc3789bf7f6950f8d328
06dd010a1515e5d5ea52b287c43a612ff8d769e3c41c5f1f67a17aaf9d57eb63
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 11:09:40 GMT
Expires: Fri, 09 Dec 2022 11:09:39 GMT
Etag: "16700c930330b3712a30cc3789bf7f6950f8d328"
Cache-Control: max-age=339004,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce70d0dc50afa-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash c770341ea76b4b4d564224bfc28e2a85
c2e1849529b69b2b855919fcb89d28fa11694393
b67163cce1a777a4d46e3c65095b166ce8e099c2386d4ad4527e245b3c52b473
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1016
Cache-Control: max-age=120146
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:34 GMT
Etag: "638d1738-2d7"
Expires: Tue, 06 Dec 2022 22:12:00 GMT
Last-Modified: Sun, 04 Dec 2022 21:55:04 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash c770341ea76b4b4d564224bfc28e2a85
c2e1849529b69b2b855919fcb89d28fa11694393
b67163cce1a777a4d46e3c65095b166ce8e099c2386d4ad4527e245b3c52b473
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5917
Cache-Control: max-age=125047
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 12:49:34 GMT
Etag: "638d1738-2d7"
Expires: Tue, 06 Dec 2022 23:33:41 GMT
Last-Modified: Sun, 04 Dec 2022 21:55:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/e1a03f99b0214ec399cd3291676614bc
47.246.44.229200 OK 66 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/e1a03f99b0214ec399cd3291676614bc
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Hash 9d629444f249b855a94e8a882d5ec47d
c06f98e56cf9977aaa7addb0e0acee4d982f6248
a81c159959e121cf31b8fb9fff87a139cb549a928b07ff43306ac65a2dcb6a0c
GET /obj/tos-cn-i-dy/e1a03f99b0214ec399cd3291676614bc HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 65638
date: Tue, 22 Nov 2022 09:20:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 22 Nov 2022 09:16:23 GMT
nw-session-id: 202211221716230102090871313BD8497Ahl67b03dy
nw-session-trace: 2022-11-22T17:16:23.503111135+08:00 30
x-bdcdn-cache-status: TCP_HIT
x-length: 65638
x-powered-by: ImageX
x-response-date: Tue, 22 Nov 2022 17:16:23 GMT
x-tt-logid: 202211221716230102090871313BD8497A
via: n150-059-226, cache12.l2de2[0,0,206-0,H], cache5.l2de2[1,0], cache5.l2de2[1,0], cache8.se1[0,0,200-0,H], cache4.se1[3,0]
x-request-ip: fdbd:dc02:22:48::233
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 01433d0cd456e7a2b0fd3edf15f5cb5f3733cdcbb496d110bb4164e556dec41b0115d08965fe36ecfd1083d533f6ab1bb0ba0799d9a63d0c44edadc9a22f6b73ce30e5b5a1f90d8f4e4caa17e762d8f212b94d7009e216e60a808332fb3959b9ca
x-response-lb: image
ali-swift-global-savetime: 1669108832
age: 1135742
x-cache: HIT TCP_HIT dirn:11:338219429
x-swift-savetime: Tue, 22 Nov 2022 10:09:05 GMT
x-swift-cachetime: 31533087
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816702445744354260e
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 3b621efea5f8fc4097b5a3732de7fc19
56ebada8e60a2377f5b9e0808d217899110c1cba
62d54372f3201a2ca503817dd701658a7df8eb483fed00199ab8b967f9de4323
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 05:12:54 GMT
Expires: Sun, 11 Dec 2022 05:12:53 GMT
Etag: "56ebada8e60a2377f5b9e0808d217899110c1cba"
Cache-Control: max-age=490398,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce70d4ea1b51e-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/480383f92aef4afab03ef23a642339b0
47.246.44.229200 OK 237 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/480383f92aef4afab03ef23a642339b0
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 237 kB (236728 bytes)
Hash 46e3a9216ad052f434a43ade2a6a91bf
f4ca160b2484b75f151ef64eb7900f0868f6ca68
2ea38bd35a3c88ee874a75858a93559cadd324c4814ec9ab1af419b64cc9f5e2
GET /obj/tos-cn-i-dy/480383f92aef4afab03ef23a642339b0 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 236728
date: Mon, 05 Dec 2022 07:07:34 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 06:45:11 GMT
nw-session-id: 2022120514451101015110820809A833EF6n9ww03dy
nw-session-trace: 2022-12-05T14:45:11.133069603+08:00 30
x-bdcdn-cache-status: TCP_HIT
x-length: 236728
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 14:45:11 GMT
x-tt-logid: 2022120514451101015110820809A833EF
via: n132-067-168, cache4.l2de2[0,0,206-0,H], cache26.l2de2[0,0], cache26.l2de2[0,0], cache3.se1[0,0,200-0,H], cache4.se1[3,0]
x-request-ip: fdbd:dc03:8:577::15
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 019b7b994f6132c93fc01d30c577823c68fc8ca53904e3eb17a4c28b93a4c2a2951b77f13718fc3faa45797006672014ccce9d2a7cf7318970873698a147b09cdc8ba4c34f2e1d0c5fff717ea1079f6822eac3b7c98f37049f05d27e9adc719604
x-response-lb: image
ali-swift-global-savetime: 1670224054
age: 20520
x-cache: HIT TCP_HIT dirn:11:299660792
x-swift-savetime: Mon, 05 Dec 2022 07:27:26 GMT
x-swift-cachetime: 31534808
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816702445744394263e
X-Firefox-Spdy: h2
img.u1226.com/images/638d9653840bf2ee54dad693.gif
185.239.226.87302 Found 701 kB URL HTTP/2 img.u1226.com/images/638d9653840bf2ee54dad693.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
File type GIF image data, version 89a, 960 x 90\012- data
Size 701 kB (700902 bytes)
Hash a36a5d7852f96943e307929a79068ec2
15677aa05f2edf0500e683c1fe9e18f1346c5093
962252d47d64b9ebd1ff1f1683f5dfe33c75effbd28fa027fa44aab7c641eda1
GET /images/638d9653840bf2ee54dad693.gif HTTP/1.1
Host: img.u1226.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/367a61eddc794c9d953f4404ad091462
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/af61d5fd16d043b8bbcb53863cbd8b8f
47.246.44.229200 OK 502 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/af61d5fd16d043b8bbcb53863cbd8b8f
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 350\012- data
Size 502 kB (502038 bytes)
Hash 7e8fe5589966a147a990a04ab7a583a5
a60c247e813b13b65998abfdfc3b0a107c74faf9
7e5dd6ee352055acbdad1139603a6dbf5b5d161043585d12905dabfe937f38fc
GET /obj/tos-cn-i-dy/af61d5fd16d043b8bbcb53863cbd8b8f HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 502038
date: Mon, 05 Dec 2022 07:10:05 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 04 Dec 2022 07:49:16 GMT
nw-session-id: 202212041549160102081741604A460DC9nwxqd02dy
nw-session-trace: 2022-12-04T15:49:16.808865577+08:00 26
x-bdcdn-cache-status: TCP_HIT
x-length: 502038
x-powered-by: ImageX
x-response-date: Sun, 04 Dec 2022 15:49:16 GMT
x-tt-logid: 202212041549160102081741604A460DC9
via: n204-100-050, cache8.l2de2[0,0,206-0,H], cache15.l2de2[1,0], cache15.l2de2[1,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:26:287::138
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01d8a37559a42dab1df9ddb2359a3e1894e93f96bdfee90e7b59aafd95856bfa39a80cb3bd50ca11fc2405c6fe60a5e25134ac35cec0c6ed7073d90b9b556ca6a981c2688252e46bdf9c5968cc95f6c868a263ca5dd09c0f8f8d5eae0c76808ab2
x-response-lb: image
ali-swift-global-savetime: 1670224205
age: 20369
x-cache: HIT TCP_MEM_HIT dirn:2:281954512
x-swift-savetime: Mon, 05 Dec 2022 07:27:26 GMT
x-swift-cachetime: 31534959
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816702445744464268e
X-Firefox-Spdy: h2
287335kmu.com/6610ba9039cb4868b7e50f5355519a1b.gif
45.61.212.129200 OK 161 kB URL HTTP/1.1 287335kmu.com/6610ba9039cb4868b7e50f5355519a1b.gif
IP 45.61.212.129:0
File type GIF image data, version 89a, 320 x 185\012- data
Size 161 kB (160599 bytes)
Hash 1e6146135f463f9dd5a91b6ec27e6dc6
b4871d778c720ce51a7c0e9fef07230b6ac0935a
ee63a02abc03ac35bb66a8010518568351f9215b346ffdc244f6b8926ff08519
Analyzer Verdict Alert quad9 Sinkholed
GET /6610ba9039cb4868b7e50f5355519a1b.gif HTTP/1.1
Host: 287335kmu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "636cf1e0-27357"
Date: Sun, 13 Nov 2022 02:06:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 10 Nov 2022 12:43:12 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-29
Content-Length: 160599
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 8ad478c8d158a08313a82398817e9a01
3c28895268423c86997a1daa2b0b59c7a192acf4
ab9e8bac8904ab093d70758eb65059e46f3e47138585466ba00367c5cc50b621
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 21:48:54 GMT
Expires: Fri, 09 Dec 2022 21:48:53 GMT
Etag: "3c28895268423c86997a1daa2b0b59c7a192acf4"
Cache-Control: max-age=377358,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce70fe9a60afa-OSL
n0622.com/33d48135ba91449faa0a6ffd1f973337.gif
20.222.167.138200 OK 59 kB URL HTTP/1.1 n0622.com/33d48135ba91449faa0a6ffd1f973337.gif
IP 20.222.167.138:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Hash 695bc4df64c75ea597fe27ad7cc0a4dd
79d2119600da904806cc1583f7659b3c66f823bd
b4a93fa00323d4bd7c28a6362e38c088db937b418debda95f97c6d6f0af753d6
GET /33d48135ba91449faa0a6ffd1f973337.gif HTTP/1.1
Host: n0622.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 17:43:15 GMT
ETag: W/"637915b3-352e2"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 97d559ae734ef911c7d432ab0c64fa61
e2046568756708a4d24f0be125d1e7e4a1958f06
93a29c5fe4502ebf745e7a2703b1ee25b7c98b90904a0b77b50a950993f76762
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 22:31:45 GMT
Expires: Sun, 11 Dec 2022 22:31:44 GMT
Etag: "e2046568756708a4d24f0be125d1e7e4a1958f06"
Cache-Control: max-age=552729,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774ce70feb31fab4-OSL
www.bb6622.xyz/css/plus.css?v=9oiu8
103.142.9.106200 OK 424 kB URL HTTP/2 www.bb6622.xyz/css/plus.css?v=9oiu8
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
Size 424 kB (423929 bytes)
Hash 19c2ff7926ce431e4e973cb147d7469f
8f01ab6f7f6bfc43367dfbfdce0a963c0b9356c8
a52df57ca5d9e1a5cb469630284067f410117680fe996bd05cf5cb6f1f471557
GET /css/plus.css?v=9oiu8 HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: text/css
last-modified: Tue, 22 Nov 2022 05:11:04 GMT
vary: Accept-Encoding
etag: W/"637c59e8-d67"
expires: Tue, 06 Dec 2022 00:49:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.bb6622.xyz/res/addd/basebase.js
103.142.9.106200 OK 144 kB URL HTTP/2 www.bb6622.xyz/res/addd/basebase.js
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
Size 144 kB (143929 bytes)
Hash c9402ed2f5212f6d7cbc6ce45c0ffb5d
09c5fe1f3abb9a08366a533cba021f7422c6d577
de589fe55ed385cc703240c625ca8222879d8aa92ac325c8e072fb091a3f1489
GET /res/addd/basebase.js HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:32 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 11:33:21 GMT
vary: Accept-Encoding
etag: W/"6321bc01-e37"
expires: Tue, 06 Dec 2022 00:49:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
vesdsp.com/0cca93d1cf1443fe9895b7894e5d30aa.gif
103.170.15.53200 OK 348 kB URL HTTP/2 vesdsp.com/0cca93d1cf1443fe9895b7894e5d30aa.gif
IP 103.170.15.53:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 348 kB (347872 bytes)
Hash 1ace5409fd371542532d2c9a27131b87
98c7c29f6d64296235a6be4b8259ffce72fd6691
8794843b5991bae6c5224e7e49f7389e2560098704392c0b10dc621bf38e3113
GET /0cca93d1cf1443fe9895b7894e5d30aa.gif HTTP/1.1
Host: vesdsp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "632ef491-54ee0"
server: nginx
date: Mon, 26 Sep 2022 11:55:41 GMT
content-type: image/gif
last-modified: Sat, 24 Sep 2022 12:14:09 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-length: 347872
X-Firefox-Spdy: h2
8499483.com/8499/960x60.gif
172.247.50.227200 OK 331 kB URL HTTP/2 8499483.com/8499/960x60.gif
IP 172.247.50.227:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 12:49:34 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bb6622.xyz/index.html
103.142.9.106200 OK 523 kB URL HTTP/2 www.bb6622.xyz/index.html
IP 103.142.9.106:0
ASN #136933 Gigabitbank Global
Size 523 kB (523064 bytes)
Hash f96cb5aaf9b8ae841232a8ba803f29a6
42b3e59d29cb0893c7de4519793fbf0f27f26388
1a2b2d5f2b3a3982b62c41ed9c33a69ff0a5123c5df519170c8a7b19c4b8cffe
GET /index.html HTTP/1.1
Host: www.bb6622.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.elaswany.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:49:31 GMT
content-type: text/html
last-modified: Mon, 05 Dec 2022 12:33:02 GMT
vary: Accept-Encoding
etag: W/"638de4fe-dbc0"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96080e.gif
47.110.23.69200 OK 537 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/xpj/xpj96080e.gif
IP 47.110.23.69:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 537 kB (536755 bytes)
Hash ebadeb2f284d693132b280e4c52ccfd1
9f281d2645af9a6ef912b26014858f196d6e6245
44e4a3996ff5f4c956caf64dde0440a6475fe081e5681022af2ae917f17050ab
GET /xpj/xpj96080e.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: image/gif
Content-Length: 536755
Connection: keep-alive
x-oss-request-id: 638DE8DE6FB42B3336287140
Accept-Ranges: bytes
ETag: "EBADEB2F284D693132B280E4C52CCFD1"
Last-Modified: Thu, 10 Nov 2022 07:30:08 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9429669562912766999
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 663rLyhNaTEysoDkxSzP0Q==
x-oss-server-time: 3
p3.douyinpic.com/obj/tos-cn-i-dy/29426f43ad0f458c96a5d8c8272648a2
47.246.44.229200 OK 420 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/29426f43ad0f458c96a5d8c8272648a2
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 420 kB (420442 bytes)
Hash 7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
GET /obj/tos-cn-i-dy/29426f43ad0f458c96a5d8c8272648a2 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Tue, 22 Nov 2022 09:20:35 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 22 Nov 2022 09:01:30 GMT
nw-session-id: 202211221701300102100520223FD0C6ED6xnkl03dy
nw-session-trace: 2022-11-22T17:01:30.374923073+08:00 23
x-bdcdn-cache-status: TCP_HIT
x-length: 420442
x-powered-by: ImageX
x-response-date: Tue, 22 Nov 2022 17:01:30 GMT
x-tt-logid: 202211221701300102100520223FD0C6ED
via: n132-082-090, cache14.l2de2[0,0,206-0,H], cache25.l2de2[1,0], cache25.l2de2[1,0], cache5.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc03:15:231::134
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01433d0cd456e7a2b0fd3edf15f5cb5f37b85c38275d35b10f83e8f6b789efea9569d7be14c3023e768fafc1cf81484a5dc300912e3919478151f1141df59a330a0dc5b428d7bef9bf4a3081bb32a4bb5ba606552427c4398f497d1f259647647c
x-response-lb: image
ali-swift-global-savetime: 1669108835
age: 1135740
x-cache: HIT TCP_HIT dirn:1:194255425
x-swift-savetime: Tue, 22 Nov 2022 10:09:07 GMT
x-swift-cachetime: 31533088
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816702445754895010e
X-Firefox-Spdy: h2
897263tqs.com/bbd5a64f8b2c4335b17b315c5e5c7a10.gif
103.170.15.87200 OK 359 kB URL HTTP/1.1 897263tqs.com/bbd5a64f8b2c4335b17b315c5e5c7a10.gif
IP 103.170.15.87:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 359 kB (358672 bytes)
Hash 668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859
Analyzer Verdict Alert quad9 Sinkholed
GET /bbd5a64f8b2c4335b17b315c5e5c7a10.gif HTTP/1.1
Host: 897263tqs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "636cef0d-57910"
Date: Thu, 10 Nov 2022 12:48:04 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 10 Nov 2022 12:31:09 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-17
Content-Length: 358672
8499583.com/8499/320x185.gif
162.209.128.164200 OK 402 kB URL HTTP/2 8499583.com/8499/320x185.gif
IP 162.209.128.164:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 402 kB (401568 bytes)
Hash 967416f2f53402f2018bd2918ab01680
510d35c1865eaf24c5668a0754d0cd5fc88d9b2e
13d768510547e4ea8131abb8931d9b37eada7425c4d34f408b1640e0101eca21
GET /8499/320x185.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 12:49:34 GMT
content-type: image/gif
content-length: 401568
last-modified: Wed, 16 Nov 2022 06:20:57 GMT
etag: "620a0-5ed9079bd5019"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLCicUYDJXx8l3taszMicel2hSKtcRbrXpDiaZbI9Xs5LlnicrnBcMTAkFjSgM6UehD9Op4/0
43.154.254.32200 OK 494 kB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLCicUYDJXx8l3taszMicel2hSKtcRbrXpDiaZbI9Xs5LlnicrnBcMTAkFjSgM6UehD9Op4/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 494 kB (493718 bytes)
Hash 2b3af7d166dfdba67f045b9e942f57b1
f14c0eefb90e3b78b014e5545e36a70c026e557b
4a9667a4876652789c3796c6747c4f7d4e8735c335f6bd55ff54edc1ffa0ced2
GET /qqmail_head/ajNVdqHZLLCicUYDJXx8l3taszMicel2hSKtcRbrXpDiaZbI9Xs5LlnicrnBcMTAkFjSgM6UehD9Op4/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 05 Dec 2022 12:49:33 GMT
content-type: image/gif
content-length: 493718
vary: Accept,Origin
last-modified: Wed, 30 Nov 2022 11:06:43 GMT
cache-control: max-age=2592000
x-delay: 61057 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 493718
chid: 0
fid: 0
x-nws-log-uuid: eb8961e1-6bc9-4243-8511-6f7091bad255
X-Firefox-Spdy: h2
u1010.com/f22aaa346e404f16b003daf71b6b9ee2.gif
103.189.109.79200 OK 372 kB URL HTTP/2 u1010.com/f22aaa346e404f16b003daf71b6b9ee2.gif
IP 103.189.109.79:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 372 kB (372322 bytes)
Hash 7caa4ff7939328d5a85c687029268390
2fb6ba8a30538392b42f92270f2cec3fbe592163
d4aae0247ff186e1066810659514cff4b0f328e948abb6d90f03d86e3187d17c
GET /f22aaa346e404f16b003daf71b6b9ee2.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6363c083-5ae62"
server: nginx
date: Sat, 19 Nov 2022 12:46:13 GMT
content-type: image/gif
last-modified: Thu, 03 Nov 2022 13:22:11 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-069
content-length: 372322
X-Firefox-Spdy: h2
sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
120.77.166.119200 OK 614 kB URL HTTP/1.1 sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
IP 120.77.166.119:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 614 kB (614471 bytes)
Hash b5d129edaaaec2db9b9fbdbb13e162ff
65f3ce758707891ffd332f10aa834db951797eff
5d05e4e57c27de7a91acd77be5e011b27d207edf3125163ab66dc23af7dd2952
GET /tycsz.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 05 Dec 2022 12:49:34 GMT
Content-Type: image/gif
Content-Length: 614471
Connection: keep-alive
x-oss-request-id: 638DE8DE9B9202303561B3CD
Accept-Ranges: bytes
ETag: "B5D129EDAAAEC2DB9B9FBDBB13E162FF"
Last-Modified: Sun, 20 Nov 2022 08:15:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1485979328286445117
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: tdEp7aquwtubn727E+Fi/w==
x-oss-server-time: 1
gg72a1.com/gg/960x60-2.gif
137.175.13.103200 OK 567 kB URL HTTP/2 gg72a1.com/gg/960x60-2.gif
IP 137.175.13.103:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 567 kB (566629 bytes)
Hash c9fa1542af8b7e568dc7b3a56522b833
1449fff789834cb44c300d12d770eeb251a4bbd5
7db19a9e96ed52f61b3b4c76bf6cac9259ae0b3e9d18eb597320c30a0e4e1e90
GET /gg/960x60-2.gif HTTP/1.1
Host: gg72a1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 12:52:00 GMT
content-type: image/gif
content-length: 566629
last-modified: Tue, 01 Nov 2022 07:49:47 GMT
etag: "6360cf9b-8a565"
expires: Wed, 04 Jan 2023 12:52:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 569470653ae7d4cfaf3360d408d5bc5e
2ea6de359e17ba08f2335b69cb0361134c5c8a52
d000a4ca194e3182022444b2c4b7e7630b129b15fbd11b6f0b0b9692314f8d25
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 12:49:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 09 Dec 2022 10:33:47 GMT
ETag: "2ea6de359e17ba08f2335b69cb0361134c5c8a52"
Last-Modified: Mon, 05 Dec 2022 10:33:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1558
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774ce718fd4a0b51-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c37ed587ee5e3fbdc8cab86ef1345f9
364a32a224b2cacc26b138d57a8945c191e537b1
3c66654da4670e0d5ec87afb6c62f0a420d90875c57b280710f2592269a9303e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8285
x-amzn-requestid: 882c673f-4e3f-4f84-a51d-bbac56f716eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAEWUoAMFWuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-3a2c571d6272b3493ec2a1c5;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BEoWax807H5zIGhv6sFYUfrDgvEQQCIsQ1UQyAa-Sib04Ix7_vT6lw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:40 GMT
age: 53516
etag: "364a32a224b2cacc26b138d57a8945c191e537b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lines.njshunyi.com/lineone
103.142.9.99302 Found 0 B URL HTTP/2 lines.njshunyi.com/lineone
IP 103.142.9.99:0
ASN #136933 Gigabitbank Global
GET /lineone HTTP/1.1
Host: lines.njshunyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.elaswany.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 12:49:30 GMT
content-type: application/json; charset=UTF-8
location: https://www.bb6622.xyz/index.html
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img.1138555.com/images/637c8e856eee1763f7e03f1c.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.1138555.com/images/637c8e856eee1763f7e03f1c.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/637c8e856eee1763f7e03f1c.gif HTTP/1.1
Host: img.1138555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/e1a03f99b0214ec399cd3291676614bc
X-Firefox-Spdy: h2
img.u1887.com/images/638d95fc840bf2ee54dad68f.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.u1887.com/images/638d95fc840bf2ee54dad68f.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/638d95fc840bf2ee54dad68f.gif HTTP/1.1
Host: img.u1887.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/480383f92aef4afab03ef23a642339b0
X-Firefox-Spdy: h2
img.u2768.com/images/638d9636840bf2ee54dad692.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.u2768.com/images/638d9636840bf2ee54dad692.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/638d9636840bf2ee54dad692.gif HTTP/1.1
Host: img.u2768.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/af61d5fd16d043b8bbcb53863cbd8b8f
X-Firefox-Spdy: h2
img.1134555.com/images/637c8e3e6eee1763f7e03f1b.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.1134555.com/images/637c8e3e6eee1763f7e03f1b.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/637c8e3e6eee1763f7e03f1b.gif HTTP/1.1
Host: img.1134555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bb6622.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/29426f43ad0f458c96a5d8c8272648a2
X-Firefox-Spdy: h2