r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3601
Expires: Thu, 01 Dec 2022 12:51:33 GMT
Date: Thu, 01 Dec 2022 11:51:32 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1177
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:32 GMT
Last-Modified: Thu, 01 Dec 2022 11:31:55 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 11:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1906
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6578
Expires: Thu, 01 Dec 2022 13:41:10 GMT
Date: Thu, 01 Dec 2022 11:51:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m6FKR3Nv27V9w/ssHMYIysXP5tQMHa/TB68rpzBE5jvNOshw6ywWH/9vvtMAPgsAWhLI6dKJFsI=
x-amz-request-id: PKK2NDMKTBN8HYQK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 11:46:15 GMT
age: 317
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 11:51:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 11:11:15 GMT
cache-control: public,max-age=3600
age: 2418
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.mdfsyy.com/news/6798/%3E
200 OK 41 kB URL HTTP/1.1 www.mdfsyy.com/news/6798/%3E
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 0b20ced0dd8acc38e070a03af8982cba
6532466c8ca24f28c9cac692d16895050fcc0d02
f2307f0ac805bd0156f6cde7da3366a55e07ecb9f5fc90a0c371bdacddcd0ee0
GET /news/6798/%3E HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:32 GMT
Content-Type: text/html
Content-Length: 40904
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
www.mdfsyy.com/atic/css/iconfont.css
200 OK 928 B URL HTTP/1.1 www.mdfsyy.com/atic/css/iconfont.css
IP
File type Unicode text, UTF-8 (with BOM) text
Hash d6f5821d0866c5ef4329519076096849
a006c2ca7493b9cd1954e2cc106fb72e361b8540
b8145589bb54c721a56e293facb2f6204779c4c3824e6b628c38dcf83c76150d
GET /atic/css/iconfont.css HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: text/css
Last-Modified: Tue, 07 Sep 2021 04:59:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c4-e41"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1161
Cache-Control: max-age=164077
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:33 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:26:10 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.mdfsyy.com/atic/js/stui_default.js
200 OK 1.8 kB URL HTTP/1.1 www.mdfsyy.com/atic/js/stui_default.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 88309ab2087abf77ffd6cd362306bdc2
a70ca083de465cd44c46d1522ed0a398da145fed
c1ee1083469f5915240855919148a951ad49493d2f0bf6ef62a587715eb727ce
GET /atic/js/stui_default.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c4-11b6"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.mdfsyy.com/atic/js/jquery.lazyload.min.js
200 OK 1.3 kB URL HTTP/1.1 www.mdfsyy.com/atic/js/jquery.lazyload.min.js
IP
File type ASCII text, with very long lines (3309)
Hash 107610b0db6edb28f23fa6225715d7b8
126dbbafb6d950bdad39ed43252935662102c427
d66c70427c0ca29dd4ca5649cb50c2f4c72e03506309ead0bbf9ca0d18d82f18
GET /atic/js/jquery.lazyload.min.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c2-d35"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.mdfsyy.com/atic/js/jquery.cookie.min.js
200 OK 707 B URL HTTP/1.1 www.mdfsyy.com/atic/js/jquery.cookie.min.js
IP
File type ASCII text, with very long lines (1266)
Hash 58dbd5fe203290a568f56b67b661e002
76f8bf540b3df5c5ec21957ce3d3f221fa4925b3
7965786891d81a4d8a5e9211cdc4db9b586c1dfb3b9c65d1079ba7999f980822
GET /atic/js/jquery.cookie.min.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c2-514"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.mdfsyy.com/atic/js/daohang1.js
200 OK 573 B URL HTTP/1.1 www.mdfsyy.com/atic/js/daohang1.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7647444489e3e5e4f73938b3eaa7fad5
468acfd7e68e9f9f9c26e8d4b9a5621b34cb2a78
5b5cd378d093d5dc781ec807bf0f299d18a4f8f680a275ac30a6948dcee62010
GET /atic/js/daohang1.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Content-Length: 573
Last-Modified: Mon, 17 Oct 2022 08:05:06 GMT
Connection: keep-alive
ETag: "634d0cb2-23d"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.mdfsyy.com/atic/js/sousuo.js
200 OK 548 B URL HTTP/1.1 www.mdfsyy.com/atic/js/sousuo.js
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash fde93dfe27be84150a7c077a6c074b74
d3784d53c5907f9701a596e514342357c2367b20
4c2ad07101b136934ccde328cb494f7f5c548edeef547b0ffdf52dc9a4925343
GET /atic/js/sousuo.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Content-Length: 548
Last-Modified: Fri, 25 Nov 2022 09:15:48 GMT
Connection: keep-alive
ETag: "638087c4-224"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.mdfsyy.com/atic/js/home.js
200 OK 8.9 kB URL HTTP/1.1 www.mdfsyy.com/atic/js/home.js
IP
Hash ef5684d1a2af89012b3f0c76e654ca77
92f8faba52aa48931d94d25d9d368af6a91fbce1
17f2053129817790271a8fce4d6a19dfdc31d322fc5707c7e3d30b82af8b2ac0
GET /atic/js/home.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Last-Modified: Tue, 31 May 2022 10:51:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6295f340-84cc"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.mdfsyy.com/atic/js/daohang2.js
200 OK 468 B URL HTTP/1.1 www.mdfsyy.com/atic/js/daohang2.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0408b817be8c5a105c8ba02dabcb9a9b
8ca6a32596b8ad17ea68ed2b5cd9061586254854
c4b2b5babe5e715567f13dbf35c3fdddcd7535dac865fedf031afe50421c7c90
GET /atic/js/daohang2.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 09:15:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"638087b0-a2c"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.mdfsyy.com/atic/js/daohang3.js
200 OK 643 B URL HTTP/1.1 www.mdfsyy.com/atic/js/daohang3.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 24e1acd45ae44a2670e969059fce56ca
2be5d88cd746d2f06e511468c9f0f5b266718323
ab253ef8f448babdd27359ffd8a7b8939fda518c1653a9216fa20302d2579790
GET /atic/js/daohang3.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Content-Length: 643
Last-Modified: Mon, 17 Oct 2022 08:05:41 GMT
Connection: keep-alive
ETag: "634d0cd5-283"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.mdfsyy.com/gg7f5kv/shang1i7d3.php
200 OK 144 B URL HTTP/1.1 www.mdfsyy.com/gg7f5kv/shang1i7d3.php
IP
File type ASCII text, with no line terminators
Hash d41bc10a453eb0f781cefeee8d956f1f
6e0d9397a28ef3841605c2a6b733527f3d0f4003
d7cf4b03c4512a36cf8de7a68c4995b006828b6307984e6c191b4fc46a104278
GET /gg7f5kv/shang1i7d3.php HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.mdfsyy.com/gg7f5kv/sxpf.js
200 OK 970 B URL HTTP/1.1 www.mdfsyy.com/gg7f5kv/sxpf.js
IP
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (509), with CRLF line terminators
Hash 6536ca21c71ae990e6ab6868fe7f89a1
1eecdf2b2956a322c774cc4bf3608d7b18175cf4
67eee7f71b43c72557162a9a24d0b3bf82383dbb722bbbadafeb058903328a26
GET /gg7f5kv/sxpf.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Nov 2022 05:39:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636de015-d9d"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.mdfsyy.com/gg7f5kv/shipinqiangg.js
200 OK 562 B URL HTTP/1.1 www.mdfsyy.com/gg7f5kv/shipinqiangg.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 82fca3cf8fffc2b261650c24540ed105
97b524c6fb46a5cf441a1db52ccb6b5f45985afe
c88345d5d103d9c9ed5bdbf7c88d6e94c6ea7043101fd36b3cb85f5f773ca152
GET /gg7f5kv/shipinqiangg.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Last-Modified: Tue, 29 Nov 2022 07:33:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6385b5af-71c"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.mdfsyy.com/atic/css/stui_default.css
200 OK 4.9 kB URL HTTP/1.1 www.mdfsyy.com/atic/css/stui_default.css
IP
File type assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (310), with CRLF line terminators
Hash ffe86c65a45f4c1ce9f2729525c38610
fd54b3d1657e177e4eb3a0a22c8c9a59fd4cfd1b
e7c6d5d66dd623d6ff41e792b919b42a3508c7005fadb0e19d8ffb94eb9350d1
GET /atic/css/stui_default.css HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: text/css
Last-Modified: Mon, 01 Nov 2021 08:29:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"617fa57c-4b1d"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jhOS9o/kOAn6QboY/JEAsw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L6R3XhPNqBqDj52DyZ1HwH46ypQ=
www.mdfsyy.com/atic/js/tj.js
200 OK 258 B URL HTTP/1.1 www.mdfsyy.com/atic/js/tj.js
IP
File type ASCII text, with CRLF line terminators
Hash 5827d678f2eee9b7eaf26c34de246360
eb4b89c30b2b46c2595ee0ff3f589b7a83fc835a
2f62b3cdd9c96d4365930320673f55fffd087e99d3ba495488cd5fa1f720b2ad
GET /atic/js/tj.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Content-Length: 258
Last-Modified: Wed, 31 Aug 2022 09:15:57 GMT
Connection: keep-alive
ETag: "630f26cd-102"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.mdfsyy.com/atic/js/jquery.min.js
200 OK 33 kB URL HTTP/1.1 www.mdfsyy.com/atic/js/jquery.min.js
IP
File type ASCII text, with very long lines (32061)
Hash 86e98aeb7b032f4d77c7417cf01804c2
6dac186a17a276a44ab10be97ce7a7e68ea0f4ca
25122f689abc9b607b190b64254c6f70daa217593624db865e0a763d05aa4d28
GET /atic/js/jquery.min.js HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:33 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Sep 2021 04:59:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6136f1c2-14938"
Expires: Thu, 01 Dec 2022 23:51:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 279 B IP
Hash 1cacb1bca84d0d7f8f47f74857d0425e
ace1b469d1c4894be4e491f983706dcee2007659
5fb6c447586f63cb14a1cbb75f139a2d000b31751b98ab2dda0a6737f5668463
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:34 GMT
Etag: "63884731-117"
Last-Modified: Thu, 01 Dec 2022 10:43:14 GMT
Server: ECS (amb/6B94)
X-Cache: HIT
Content-Length: 279
www.mdfsyy.com/gg7f5kv/shouyeshang.html
200 OK 4.3 kB URL HTTP/1.1 www.mdfsyy.com/gg7f5kv/shouyeshang.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash ad59e7455ac8ce808290ebfb36bd0767
01907e2e6d02ff6883cdd11caf6c05aa1cdb140e
a2e1b6a473be0599494d44eeb0ad0361d1f3670a3492222a1458f838ed3b9d83
GET /gg7f5kv/shouyeshang.html HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:34 GMT
Content-Type: text/html
Last-Modified: Wed, 30 Nov 2022 05:39:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6386eca2-4875"
Content-Encoding: gzip
www.mdfsyy.com/atic/images/150x50.gif
200 OK 6.5 kB URL HTTP/1.1 www.mdfsyy.com/atic/images/150x50.gif
IP
File type GIF image data, version 89a, 150 x 50\012- data
Hash 234bdd5dc2570a5ab1dc9c708245b395
375b93c3bc8f4382991d2ff4af446685e429bf2c
77cab73693745ce7a57f4e10d5b7213019939be397f526fd709e759bde032aa9
GET /atic/images/150x50.gif HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/atic/css/stui_default.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:34 GMT
Content-Type: image/gif
Content-Length: 6450
Last-Modified: Tue, 07 Sep 2021 04:59:40 GMT
Connection: keep-alive
ETag: "6136f1bc-1932"
Expires: Sat, 31 Dec 2022 11:51:34 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.mdfsyy.com/atic/images/load.gif
200 OK 65 kB URL HTTP/1.1 www.mdfsyy.com/atic/images/load.gif
IP
File type GIF image data, version 89a, 150 x 210\012- data
Hash 1fbb5556099254502571ddee76ec3683
8d1bc81d78d45b97e0c031f813c338cf22043978
1a41d8b1fe312bd93ad4ce35db83af7647ab0ebef9d60c45d211cda7340ec4c8
GET /atic/images/load.gif HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/atic/css/stui_default.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:34 GMT
Content-Type: image/gif
Content-Length: 65214
Last-Modified: Tue, 07 Sep 2021 04:59:40 GMT
Connection: keep-alive
ETag: "6136f1bc-febe"
Expires: Sat, 31 Dec 2022 11:51:34 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bb4a62e892efb7acf786726639db9b3b
916d427b9051a292e1c8ed0ad8b0d62fe84f84e5
4df2a0cc6cb0272bc0f9b63d69890b8b493975670a8cbf33da9d635ba51c58eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DF2A0CC6CB0272BC0F9B63D69890B8B493975670A8CBF33DA9D635BA51C58EB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5460
Expires: Thu, 01 Dec 2022 13:22:34 GMT
Date: Thu, 01 Dec 2022 11:51:34 GMT
Connection: keep-alive
s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
200 OK 9.2 kB URL HTTP/2 s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /2022/05/21/zAxwCKkLnFjlaQ8.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:34 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Sat, 21 May 2022 11:42:12 GMT
etag: "6288d014-23ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BUcn4GuG4Io%2Fj7EYWKgYP3YTzqdz4XL3PPwoiauHLHNhvMzYf8O5EfxVJv9zuoNuEErY1d4E2jNwPyysHrlaRhqo1xtmrgHWHTlOZJUwRRk7B%2FZzSZTe7LL1QEW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b9c95b88c0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mdfsyy.com/atic/fonts/c8e1344f3d584efebecd98ce9573c7b8.woff
200 OK 183 kB URL HTTP/1.1 www.mdfsyy.com/atic/fonts/c8e1344f3d584efebecd98ce9573c7b8.woff
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size 183 kB (182603 bytes)
Hash cadf1d6dce0ddad0ad74720273d5ecf7
0fb6a6617ab0ceab72dd7c5916b1f23307519084
8b710483c01a53f6c6f3dc987a6c09c59e8973b02ddcf9e787eb7f8e9b75cbdb
GET /atic/fonts/c8e1344f3d584efebecd98ce9573c7b8.woff HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.mdfsyy.com/atic/css/iconfont.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d27e0525e331a4c3ae096be1a00433af
764b36118b987432e13dd88b9b446a8ec0dc13e9
0929458f0ff0dceccb96bfc844263380c5424939c2e03a59bc4d71d764c4271c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0929458F0FF0DCECCB96BFC844263380C5424939C2E03A59BC4D71D764C4271C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=725
Expires: Thu, 01 Dec 2022 12:03:39 GMT
Date: Thu, 01 Dec 2022 11:51:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d27e0525e331a4c3ae096be1a00433af
764b36118b987432e13dd88b9b446a8ec0dc13e9
0929458f0ff0dceccb96bfc844263380c5424939c2e03a59bc4d71d764c4271c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0929458F0FF0DCECCB96BFC844263380C5424939C2E03A59BC4D71D764C4271C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=725
Expires: Thu, 01 Dec 2022 12:03:39 GMT
Date: Thu, 01 Dec 2022 11:51:34 GMT
Connection: keep-alive
www.mdfsyy.com/atic/fonts/iconfont-15417656157251.ttf
200 OK 22 kB URL HTTP/1.1 www.mdfsyy.com/atic/fonts/iconfont-15417656157251.ttf
IP
File type TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh, \012- data
Hash ac82e9b2caf4353072767003329646d5
6711419177b4fd005c1c69900517af042504bb60
12cfa0fe87f6160e5fc1d1dd699e701e6c55f36b5c6a86a2e1fbcbf12f7b688e
GET /atic/fonts/iconfont-15417656157251.ttf HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/atic/css/iconfont.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:34 GMT
Content-Type: application/octet-stream
Content-Length: 21940
Last-Modified: Tue, 07 Sep 2021 04:59:38 GMT
Connection: keep-alive
ETag: "6136f1ba-55b4"
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2407bce7f479414a44ac764a4b56fbb3
d41cfcd80b63de62dc36c6a127ef4f9d6399c020
6b1ec32a3ce6d986ba2693569191df148e5b9eff019a18336a98a955b0dfbe3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B1EC32A3CE6D986BA2693569191DF148E5B9EFF019A18336A98A955B0DFBE3D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2755
Expires: Thu, 01 Dec 2022 12:37:30 GMT
Date: Thu, 01 Dec 2022 11:51:35 GMT
Connection: keep-alive
www.mdfsyy.com/atic/images/favicon.ico
200 OK 4.3 kB URL HTTP/1.1 www.mdfsyy.com/atic/images/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 11bf57dec75674ec9af4351125a77667
a95e2eb332bcf60a29bf2ff9ad27a9e7acb9dcbd
d5edeeecd4f0ce96dd5ea591726b17a090b843e9a4dbc83cf98f216a73e835b1
GET /atic/images/favicon.ico HTTP/1.1
Host: www.mdfsyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/news/6798/%3E
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:35 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Sat, 27 Aug 2022 07:44:58 GMT
Connection: keep-alive
ETag: "6309cb7a-10be"
Accept-Ranges: bytes
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:35 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yh.133svip.com/tu/960%C3%97120.gif
200 OK 726 kB URL HTTP/1.1 yh.133svip.com/tu/960%C3%97120.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 726 kB (726222 bytes)
Hash 130b7105c146e3147938a30b95438d0b
43102c80cf43db03028d5c306ed9d9fd7b3d16cb
e40f0165bbd173dd3598ff685bc966d38c24f9552eaaeaf7d562e2d45d4efe02
GET /tu/960%C3%97120.gif HTTP/1.1
Host: yh.133svip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
ETag: "1eaa4ba0f4bad81:0"
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2022 15:41:23 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Thu, 01 Dec 2022 11:04:57 GMT
X-Cache: HIT from dhostname
Content-Length: 726222
Connection: keep-alive
s2.loli.net/2022/11/29/CWMb5wy7czgFl2H.gif
200 OK 322 kB URL HTTP/2 s2.loli.net/2022/11/29/CWMb5wy7czgFl2H.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 322 kB (322063 bytes)
Hash 3d561aec4b19499cbe6caa3a4da86ced
993594495bb645712cc8c7f2632b01fc88aa72dc
76c31c00bbca98c29b1a488216310f2a510860be279f455019c15f4ee594dd38
GET /2022/11/29/CWMb5wy7czgFl2H.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:35 GMT
content-type: image/gif
content-length: 322063
last-modified: Mon, 28 Nov 2022 19:01:55 GMT
etag: "638505a3-4ea0f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ymqMRYioxbflFFHB9flXASPO4af8MMYGJ%2BroGec8HjkQ%2FnL7itFrYie2ja5wVtTyQPavxgLPyYrXsSjtfC86NKOVjDdCkSoIctTcnCsOpGVHzDUyBwrwj07FNmP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b9c97bac90b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 11:49:07 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sat, 31 Dec 2022 11:49:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 48b748ef16618b3b4bad9811e89899d4
89a22c1702ce61414d5ad01ce16f123bce2655c9
9d091066cc334886c827eb645714a8c2c444f5f89757c2899e3c0886d0ac7e89
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 08:11:33 GMT
ETag: "89a22c1702ce61414d5ad01ce16f123bce2655c9"
Last-Modified: Thu, 01 Dec 2022 08:11:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3082
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b9ca29ae11c02-OSL
kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
200 OK 65 kB URL HTTP/1.1 kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 65414
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:27:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 01 Dec 2022 06:41:36 GMT
ETag: "514c48163ce5b65fb6bf16d8578b478b"
X-Cache: Hit from cloudfront
Via: 1.1 40346f3f2e6491f9dd0c511645b5834c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN2-C1
X-Amz-Cf-Id: qWW_FjVWO8L207MfxzSP4iB7Ztgf1fW4Uc8jU9fdepouEXBTgQxC_w==
Age: 18600
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 48b748ef16618b3b4bad9811e89899d4
89a22c1702ce61414d5ad01ce16f123bce2655c9
9d091066cc334886c827eb645714a8c2c444f5f89757c2899e3c0886d0ac7e89
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 08:11:33 GMT
ETag: "89a22c1702ce61414d5ad01ce16f123bce2655c9"
Last-Modified: Thu, 01 Dec 2022 08:11:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3082
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b9ca29ab7b515-OSL
de88deggtp.com/100tp/%E5%BC%80%E5%85%83960-60.gif
200 OK 375 kB URL HTTP/1.1 de88deggtp.com/100tp/%E5%BC%80%E5%85%83960-60.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 375 kB (374641 bytes)
Hash 623bbed8517585b1244e51bfade63f86
7bc8817aefa764fdc12ffa7cf709aac8d31d091d
f5409db1108c2ae67f6ee1f95cad63fdb1c83a60da02c4d489d7be1bcd7b7766
GET /100tp/%E5%BC%80%E5%85%83960-60.gif HTTP/1.1
Host: de88deggtp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:35 GMT
Content-Type: image/gif
Content-Length: 374641
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 07:10:34 GMT
ETag: "6385b06a-5b771"
Expires: Fri, 30 Dec 2022 23:00:41 GMT
Cache-Control: max-age=2592000
Server: qq.com
X-Cache-Status: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ca261ea010b4af2f27b1fbd24898f363
bbd87f90eb2fdbe5f2f6107e226740dca7d8ac5e
5167ce86a78bbe1e8a7cb385935d3352d496c8b188bb5034326a6b86fd9d466e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5167CE86A78BBE1E8A7CB385935D3352D496C8B188BB5034326A6B86FD9D466E"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18815
Expires: Thu, 01 Dec 2022 17:05:11 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 5684514439e630d5149b96fab9db2e98
9970e51aa25682d98d10e7707a4390a420865022
aeb59bc60c6d8cf4868355ee6a01d0ea4e15619936192c1c84f9dcc934443e8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 00:53:47 GMT
Expires: Tue, 06 Dec 2022 00:53:46 GMT
Etag: "9970e51aa25682d98d10e7707a4390a420865022"
Cache-Control: max-age=391929,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca2dee6b4fa-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 86855959b35d662d4cebc1c49a12e20e
f2f061fae8dba11c4d2cb785127886f69a4754d3
2d7566ad81fa7e2ef85384611a7e0acc8bc82a89c93c9a9262a79506113c1676
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 22:22:01 GMT
Expires: Wed, 07 Dec 2022 22:22:00 GMT
Etag: "f2f061fae8dba11c4d2cb785127886f69a4754d3"
Cache-Control: max-age=555623,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca2dfecb500-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b36f57fcd30e678f1abaad6fd63aef86
99c725fc41b78d13643e08e457ddff886418cf8d
0fbd177a750d33db6d734f580540f6d52d96094c75177fc3663634fcaee1d929
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FBD177A750D33DB6D734F580540F6D52D96094C75177FC3663634FCAEE1D929"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1444
Expires: Thu, 01 Dec 2022 12:15:40 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fdbd0cf9671c9bf749f4d147e27a66a6
8afa0676587c942562858ef37467e714c60fdabc
bd707bc1f6a8e7274f5a7dd7c9a2dccb2516e00b1ae05961c544ca94f6922c5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD707BC1F6A8E7274F5A7DD7C9A2DCCB2516E00B1AE05961C544CA94F6922C5A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14781
Expires: Thu, 01 Dec 2022 15:57:57 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
de88deggtp.com/100tp/95%E6%A3%8B%E7%89%8C1200-60.gif
200 OK 431 kB URL HTTP/1.1 de88deggtp.com/100tp/95%E6%A3%8B%E7%89%8C1200-60.gif
IP
File type GIF image data, version 89a, 1200 x 60\012- data
Size 431 kB (430839 bytes)
Hash 8348e14dd25f312ea9152f608c682962
3d77927f7e01dc50c7b52b82087ad05226f681e0
4ae59659be553e3703f8847b520a7e557dd9aec51f83a5ea99d08934f6c55b38
GET /100tp/95%E6%A3%8B%E7%89%8C1200-60.gif HTTP/1.1
Host: de88deggtp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mdfsyy.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:35 GMT
Content-Type: image/gif
Content-Length: 430839
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 07:10:35 GMT
ETag: "6385b06b-692f7"
Expires: Fri, 30 Dec 2022 23:00:42 GMT
Cache-Control: max-age=2592000
Server: qq.com
X-Cache-Status: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c52661f5772428c359520310b3ff1dc4
f63419ab33ed4229d827f1c313a7c916741293da
1b9a05e8474b3c798041e64d51eb98b44921d26026a95dc6ed9c1a6b7b58294a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B9A05E8474B3C798041E64D51EB98B44921D26026A95DC6ED9C1A6B7B58294A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19792
Expires: Thu, 01 Dec 2022 17:21:28 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 0ffc7b134f2bbb2d8c7bc05489bd1014
d61ca7089bcc5c07ddd559c7595cc0961ea1876d
bb4e3784f9fa0eac69b5acf76f31662414909242eff0e88e2add02c2eeff155b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 14:24:39 GMT
Expires: Tue, 06 Dec 2022 14:24:38 GMT
Etag: "d61ca7089bcc5c07ddd559c7595cc0961ea1876d"
Cache-Control: max-age=440581,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca2df40b52d-OSL
hm.baidu.com/hm.js?407969696e5b97243ad469fe9ac56e95
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?407969696e5b97243ad469fe9ac56e95
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 117107cba0d9ffea045d69c90bc71d1e
34c4dda596c6fa98d8f6a7468616854137dfa83a
adb8e4bcae661b5c727976b2b9a2a35e2723bb85281dd91e9c084ca7d10ce174
GET /hm.js?407969696e5b97243ad469fe9ac56e95 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Thu, 01 Dec 2022 11:51:35 GMT
Etag: cf5aa7ac867e9888f07bfa1e47c5f0a9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F65CB097D52B8CB1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ea266e1f9c4014d21f10ef1acc761a6a
d44341ff56d8bc1f6a3bdca35a3aea81ef771fe2
f37a79dc06e7990f202589ee9ae7a852b51ff9642b1856cd4c8cc656bdd7264b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F37A79DC06E7990F202589EE9AE7A852B51FF9642B1856CD4C8CC656BDD7264B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16047
Expires: Thu, 01 Dec 2022 16:19:03 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 5684514439e630d5149b96fab9db2e98
9970e51aa25682d98d10e7707a4390a420865022
aeb59bc60c6d8cf4868355ee6a01d0ea4e15619936192c1c84f9dcc934443e8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 00:53:47 GMT
Expires: Tue, 06 Dec 2022 00:53:46 GMT
Etag: "9970e51aa25682d98d10e7707a4390a420865022"
Cache-Control: max-age=391929,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca2daf2b515-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 02e3a106a8f52c86b20080a6efcd0a8d
15fbb38c8a76b6df9e7c31e2abcb75b806181268
cc11ff40e33cde8fd9cb2fc2b42c7ac1ee24a4aa58f4b0db10f538f4ab413835
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC11FF40E33CDE8FD9CB2FC2B42C7AC1EE24A4AA58F4B0DB10F538F4AB413835"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1930
Expires: Thu, 01 Dec 2022 12:23:46 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
301 Moved Permanently 162 B URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: text/html
content-length: 162
location: https://max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: text/html
content-length: 162
location: https://max007.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
301 Moved Permanently 162 B URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105j12000a16nl1n59E7.gif?proc=autoorient
200 OK 477 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105j12000a16nl1n59E7.gif?proc=autoorient
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 477 kB (477289 bytes)
Hash 760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd
GET /images/0105j12000a16nl1n59E7.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 477289
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7525861
expires: Sun, 26 Feb 2023 14:22:37 GMT
date: Thu, 01 Dec 2022 11:51:36 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
301 Moved Permanently 162 B URL HTTP/2 kzemm.com/bb7f858c0dad171784517c02e7bff891.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 18fa023a6607e13ad764a42f8b4feabe
aa66cbf419b6506d127759822b78c81f05326c20
ac207ecbf4ec61e8a2d565e437df9990da45ce4131a4bd567a3a2b991db58838
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC207ECBF4EC61E8A2D565E437DF9990DA45CE4131A4BD567A3A2B991DB58838"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18472
Expires: Thu, 01 Dec 2022 16:59:28 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash a898f556efee5e265f5bd447d71ef3c3
0127cb5761ea57b3fbaab9462e45903f5576e44e
8cca8a012a89ac4d109651353d47d4cf3d86adadf9f496ae2797eb59d41bce52
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:52:33 GMT
Expires: Tue, 06 Dec 2022 08:52:32 GMT
Etag: "0127cb5761ea57b3fbaab9462e45903f5576e44e"
Cache-Control: max-age=420655,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca2d9c0b4ff-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 02f1c9fcfee48a1993ab9a833cb29a6b
1298e04a70b4cb370835f808b8d737b137f0e9bf
589c7b2eb78d33563fb5cd7f6a4603351307aba78714244f7f7c065f9eac18dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "589C7B2EB78D33563FB5CD7F6A4603351307ABA78714244F7F7C065F9EAC18DC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13473
Expires: Thu, 01 Dec 2022 15:36:09 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4bd1a7e398548f2bdf106a135d7fed91
e013fa33f7ecca0ef28611d62439267f447b4ed9
c924f8e685ffeffa282852aaba960b985027594252dbfa2593d8d0f73ebc3135
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 15:24:53 GMT
Expires: Tue, 06 Dec 2022 15:24:52 GMT
Etag: "e013fa33f7ecca0ef28611d62439267f447b4ed9"
Cache-Control: max-age=444195,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca388c1b500-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash a79ac765075efd28343ced078b01042d
ca3f2283df343a6f42ce1695141b8bd11c652c86
adc914c632b1344c3a3d2ddd3edf74c9ddba10fd56f7acab760d77a2f2cbbd45
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 05:33:18 GMT
Expires: Tue, 06 Dec 2022 05:33:17 GMT
Etag: "ca3f2283df343a6f42ce1695141b8bd11c652c86"
Cache-Control: max-age=408700,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca37f9ab4fa-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6063
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
kvexx.com/03c3cb047014f05117117e4a924df90d.gif
301 Moved Permanently 162 B URL HTTP/2 kvexx.com/03c3cb047014f05117117e4a924df90d.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 60810
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 24d731c4aea4739d240afee3f695e33a
61496b13ad7a6d851290d5d9b13be9aa999bbc50
dbd8ec6eed91fba1a613547e0825c7e573211e1169cd8ec781849a3e1e4f5a32
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 05 Dec 2022 09:41:49 GMT
ETag: "61496b13ad7a6d851290d5d9b13be9aa999bbc50"
Last-Modified: Thu, 01 Dec 2022 09:41:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 823
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b9ca52d3fb4ed-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash a3a84f53f83f8909c14818b44ce83be6
422ba2dafe824c34aa77049aad4fd460ca64200d
cf20e425a333b4d0e898e74c98bc3b9d5895b3f4ccb6ff1802fc2a56804ce730
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 05 Dec 2022 10:12:21 GMT
ETag: "422ba2dafe824c34aa77049aad4fd460ca64200d"
Last-Modified: Thu, 01 Dec 2022 10:12:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 443
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b9ca52b2bb517-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:57 GMT
age: 50319
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:43:35 GMT
age: 47281
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: 2711a135-b390-43ef-9e95-92438058bc27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81FIpIAMFs9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-742f7f293df074340ab6a217;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ygs-Qd7UU_k4t4_breZTyqkHqGjJzlH1UMa9ncww5_IGpJ1n781jfg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:51:55 GMT
age: 50381
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 50646
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4bd1a7e398548f2bdf106a135d7fed91
e013fa33f7ecca0ef28611d62439267f447b4ed9
c924f8e685ffeffa282852aaba960b985027594252dbfa2593d8d0f73ebc3135
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 15:24:53 GMT
Expires: Tue, 06 Dec 2022 15:24:52 GMT
Etag: "e013fa33f7ecca0ef28611d62439267f447b4ed9"
Cache-Control: max-age=444195,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca46880b52d-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 50376
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe88fefcadc31dc5284c48143b9d446b
5b3cc09720489c31eeae72481bbfdb606272a9fb
47c7ed39784f221a46b7b2c9a8ce65108ad1bc6688914733afa2d7b9810f5cec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47C7ED39784F221A46B7B2C9A8CE65108AD1BC6688914733AFA2D7B9810F5CEC"
Last-Modified: Tue, 29 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2883
Expires: Thu, 01 Dec 2022 12:39:39 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
200 OK 400 kB URL HTTP/2 acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Thu, 22 Dec 2022 00:38:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 818010
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mf%2BubuBlgSXrR9U%2FBaKprFmRzPdFQFrhh3bJPrk1NeWgMS8t2OdZRsJAIaGf4b8g20do4Q3XxgiwmrVfVHfePxCiZl8Ctb6Ynv1wR7ZzWFp7G%2BenQhC8AHfaunlzDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca5cff50afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c56cecb3cac442594db8b9f616f34daf
07e2b1948c04442df6c52faf4efaec8e886e08b5
05ff7994528c4f9d30128200595794df7902943ecf607c67aa97519ad58c4c81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05FF7994528C4F9D30128200595794DF7902943ECF607C67AA97519AD58C4C81"
Last-Modified: Tue, 29 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=250
Expires: Thu, 01 Dec 2022 11:55:46 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: text/html
content-length: 162
location: https://kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kveww.com/99462c01e85acc1311bebac224df6cce.gif
301 Moved Permanently 162 B URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: text/html
content-length: 162
location: https://kvhxxx.top/99462c01e85acc1311bebac224df6cce.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5e4936b2c24e4ab6668790c2b93816ed
c8f27ad205ba2752770e491646be8a1a24b2ea55
1c2fbc1b93041aa0ce4df0423dc7494f80d02da7556b55a0de2699992f9b3e69
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 16:45:19 GMT
Expires: Mon, 05 Dec 2022 16:45:18 GMT
Etag: "c8f27ad205ba2752770e491646be8a1a24b2ea55"
Cache-Control: max-age=362621,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca4fdceb515-OSL
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash f71f7a00b8e4a8a38783791423511ac8
94c975b07a2e6867a733b0f85af4b6fa1455a43e
00ef201fff25e509002e95bda27733ad9ff9cb86b2b4645ba6326d552a064e1e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "00EF201FFF25E509002E95BDA27733AD9FF9CB86B2B4645BA6326D552A064E1E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5692
Expires: Thu, 01 Dec 2022 13:26:28 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
max007.top/92f0c144d76dd785f7c04f84ae149b33.gif
200 OK 65 kB URL HTTP/2 max007.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: max007.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 22:57:02 GMT
etag: "637c023e-ff86"
expires: Mon, 26 Dec 2022 12:24:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 430025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA%2Bg40zCt3Kaq8djZFJY9v9XORFtDyk1BoKu3s2u3TSYKDvT0WF8JE8u5mAxuFl3KTkDh4ZLgzYUjnSLSMmci20%2BEgyZwgqYVWyEOuRy0byydwrslb1qej6Cyg3a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca64d3a1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvevv.com/4b6dde2b3f39cee4956a18a192534906.gif
200 OK 325 kB URL HTTP/1.1 kvevv.com/4b6dde2b3f39cee4956a18a192534906.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 325 kB (325185 bytes)
Hash f6abc830b4c6c36a82db7bc9c87d79db
deda6d00011a2f90e666ce239ce43139f8e8b2ef
eca7c8dc365cd60e9fc4076bce5e618d6cf1ed7176d2da027be2b23f065109a9
GET /4b6dde2b3f39cee4956a18a192534906.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 325185
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:06:14 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 01 Dec 2022 08:06:15 GMT
ETag: "f6abc830b4c6c36a82db7bc9c87d79db"
X-Cache: Hit from cloudfront
Via: 1.1 fe526590cbb2126b4baee2eb7ee38048.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN2-C1
X-Amz-Cf-Id: rqQvDzuQovmAogRBLa17OETq1umplsnjWFR9VFSqydWB5sk2fY1TAg==
Age: 13521
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 78bd90691c3b7d1a116b712d04d55c1c
7f7f44c164b14e28dc5061f6bac8ac6be37b600f
bbe91ea3e608060e1a47bd356ff847e5ce9c3e4c4a023df7fb8f10421529338b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BBE91EA3E608060E1A47BD356FF847E5CE9C3E4C4A023DF7FB8F10421529338B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7519
Expires: Thu, 01 Dec 2022 13:56:55 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=920537734&si=407969696e5b97243ad469fe9ac56e95&v=1.3.0&lv=1&sn=63695&r=0&ww=1280&u=http%3A%2F%2Fwww.mdfsyy.com%2Fnews%2F6798%2F%253E&tt=%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95v%E5%A4%A7%E4%B9%B1%E4%BA%A4_%E6%83%B3%E7%9C%8B%E5%85%8D%E8%B4%B9%E7%9A%84%E6%A8%A1%E7%89%B9%E6%93%8D%E9%80%BC%E7%89%87_%E4%B9%85996%E4%B9%85%E8%A7%86%E9%A2%91%E7%B2%BE%E5%93%81%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B6-%E8%9C%9C%E6%9C%88av
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=920537734&si=407969696e5b97243ad469fe9ac56e95&v=1.3.0&lv=1&sn=63695&r=0&ww=1280&u=http%3A%2F%2Fwww.mdfsyy.com%2Fnews%2F6798%2F%253E&tt=%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95v%E5%A4%A7%E4%B9%B1%E4%BA%A4_%E6%83%B3%E7%9C%8B%E5%85%8D%E8%B4%B9%E7%9A%84%E6%A8%A1%E7%89%B9%E6%93%8D%E9%80%BC%E7%89%87_%E4%B9%85996%E4%B9%85%E8%A7%86%E9%A2%91%E7%B2%BE%E5%93%81%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B6-%E8%9C%9C%E6%9C%88av
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=920537734&si=407969696e5b97243ad469fe9ac56e95&v=1.3.0&lv=1&sn=63695&r=0&ww=1280&u=http%3A%2F%2Fwww.mdfsyy.com%2Fnews%2F6798%2F%253E&tt=%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95v%E5%A4%A7%E4%B9%B1%E4%BA%A4_%E6%83%B3%E7%9C%8B%E5%85%8D%E8%B4%B9%E7%9A%84%E6%A8%A1%E7%89%B9%E6%93%8D%E9%80%BC%E7%89%87_%E4%B9%85996%E4%B9%85%E8%A7%86%E9%A2%91%E7%B2%BE%E5%93%81%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B6-%E8%9C%9C%E6%9C%88av HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Dec 2022 11:51:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7BFAA2FEBB8C4338; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
200 OK 864 kB URL HTTP/2 max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: max004.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Mon, 26 Dec 2022 12:02:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 431330
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW2Z%2F4dm06f6qZ%2FYWfOq%2Bkj5OYShmYdVVHW5ZcV9Y8qDGC8y0J5AmujTvXzy0rRcnW2FGjoN5EhDh%2FHyld3gTohLaYmxKCc05tjVguTN%2BFKzFKfHQwrL6XPigUyH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca69ce6b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash e1cbb54678b7069690e6b14fa521bd19
3b1f69e5381f3fb2abf2dd94443a1b07d3f5136b
c06958d835de22b2b99de61d1fb9f2467ef93ff4e30acb7f2e53dad40d44831f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 06:12:20 GMT
Expires: Thu, 08 Dec 2022 06:12:19 GMT
Etag: "3b1f69e5381f3fb2abf2dd94443a1b07d3f5136b"
Cache-Control: max-age=583842,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca58b0db500-OSL
kvmaa.com/7eac39bc4b497ca306e5bbb3999fe104.gif
301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/7eac39bc4b497ca306e5bbb3999fe104.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7eac39bc4b497ca306e5bbb3999fe104.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:38 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/7eac39bc4b497ca306e5bbb3999fe104.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhaa.com/cf4287991556df0490caf209d0ed91fe.gif
301 Moved Permanently 162 B URL HTTP/2 kvhaa.com/cf4287991556df0490caf209d0ed91fe.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /cf4287991556df0490caf209d0ed91fe.gif HTTP/1.1
Host: kvhaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:38 GMT
content-type: text/html
content-length: 162
location: https://nvhaaa.top/cf4287991556df0490caf209d0ed91fe.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 3faea67e786ba637adb5e94ea781837f
79435248c4285c963d6651ed080a13dc606f0455
ca26a3053d1fb504aa65bdd2b927701fa51163b92490057e212e9a33f1b50f8b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CA26A3053D1FB504AA65BDD2B927701FA51163B92490057E212E9A33F1B50F8B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6668
Expires: Thu, 01 Dec 2022 13:42:44 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 4ba9ead5022a249215ab39f7aed842f1
668c1f6466de098d881e1fa1a711c6b0c5f8d84b
cde62025ff650a17922d76365616d2d1bceeea060708628a5a40848350277266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135926
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:36 GMT
Etag: "6388053e-117"
Expires: Sat, 03 Dec 2022 01:37:02 GMT
Last-Modified: Thu, 01 Dec 2022 01:37:02 GMT
Server: nginx
Content-Length: 279
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash bd2a0bff44ab7a90660e4e7ca2c2c807
d2ffd9c038260a329c6d45b54153a5df55eb0592
a30b6967e18a4346e51fd87e73a4ea18e7f76f5b1b6d16e60ba76b5cc3f37cc5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 09:09:17 GMT
Expires: Fri, 02 Dec 2022 09:09:17 GMT
ETag: "d2ffd9c038260a329c6d45b54153a5df55eb0592"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
200 OK 406 kB URL HTTP/2 cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 406 kB (406419 bytes)
Hash 91949a67089d61d1c111d50f6e101660
fab540d8a71b28159836bf995e398a9569314e47
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
GET /happy/newyear/kongkong/960x60ns.gif HTTP/1.1
Host: cdn.jsjsjs.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: image/gif
content-length: 406419
last-modified: Wed, 16 Feb 2022 13:39:39 GMT
etag: "620cfe9b-63393"
expires: Sun, 04 Dec 2022 03:02:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 2364567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmAvhnc0oe2uwzeMZaXYHAZAxDVyd2lzNeDpsY36cYN%2FW%2FUw6XFS%2F41D5Suu7YJI0KM4qlvmpCG%2BQGp49vayiWrbZyIILw9WCcOoyAh34ypiSky6aeiH6oHixQD1Fre4gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca77ca9b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 20bc01f2cdab7119767a40d715eb280f
8432d9d44f967c83f00de4fb62a7245f670e52bf
3853253338b9cee39877aac2386b40a2acbe16192cd090eea95a83d71e4726d8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3853253338B9CEE39877AAC2386B40A2ACBE16192CD090EEA95A83D71E4726D8"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10384
Expires: Thu, 01 Dec 2022 14:44:40 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash bd2a0bff44ab7a90660e4e7ca2c2c807
d2ffd9c038260a329c6d45b54153a5df55eb0592
a30b6967e18a4346e51fd87e73a4ea18e7f76f5b1b6d16e60ba76b5cc3f37cc5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 09:09:17 GMT
Expires: Fri, 02 Dec 2022 09:09:17 GMT
ETag: "d2ffd9c038260a329c6d45b54153a5df55eb0592"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
200 OK 278 B IP
Hash f8c6b99f8d2bfba370249bb5e97fbfd5
f6d6d6fc7ea1fc26f2550ca3a61938a24b1fc482
77c0d05442780a0a6286a8251b05ec4ab687d8b9c7fc99f661ae20274595ae51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141666
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:36 GMT
Etag: "63881baa-116"
Expires: Sat, 03 Dec 2022 03:12:42 GMT
Last-Modified: Thu, 01 Dec 2022 03:12:42 GMT
Server: nginx
Content-Length: 278
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash f71f7a00b8e4a8a38783791423511ac8
94c975b07a2e6867a733b0f85af4b6fa1455a43e
00ef201fff25e509002e95bda27733ad9ff9cb86b2b4645ba6326d552a064e1e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "00EF201FFF25E509002E95BDA27733AD9FF9CB86B2B4645BA6326D552A064E1E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5692
Expires: Thu, 01 Dec 2022 13:26:28 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
200 OK 507 kB URL HTTP/1.1 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 507 kB (506851 bytes)
Hash 720e80d2a7ff4cf1bbf0b1608c2f35de
bf0a987ac8d4c7728171fe41e5c45b61b45a2f73
e177aeb64efe8103f8af0afc0a768394d970bbe60edcf103a083d56b915c18b1
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 506851
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 11:39:01 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 01 Dec 2022 06:41:35 GMT
ETag: "720e80d2a7ff4cf1bbf0b1608c2f35de"
X-Cache: Hit from cloudfront
Via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN2-C1
X-Amz-Cf-Id: mFzz-osVDVbWdYysm1NqmPji8Ee0gId4_jF0sK5faDmtZX-KtYUCkA==
Age: 18600
kvhfff.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
200 OK 566 kB URL HTTP/2 kvhfff.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kvhfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: image/gif
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
etag: "63441a05-8a16f"
expires: Fri, 09 Dec 2022 15:05:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1889179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8fwYds6szUENnnDz6grwiZC8jSkWHfDdizzWY7a3XPvdUJan4NKcj4BDzxI%2BUjDEQPpNH8OxI6h6EmUVAM9bc8CZGSMxmGjdsG3maM91XK0T2R4LH1yVhSdmDOk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca7f9970b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
200 OK 65 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 22:57:57 GMT
etag: "637c0275-ff86"
expires: Thu, 22 Dec 2022 05:10:56 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 801640
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hodQ%2FbgNx8URuQ3iDWwLDzedp5wApLS3Dfxl0TmHMl9Q5rxwTKRU%2BdcvdbkGcQ2H%2Bf36WpsaF%2BY7Wj0pybLzHUmEQ0mU4hm%2F1bQU0Yynpp3SEzgtleJsrXJYygnx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca7fc9cfac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash f5ccf43f129f276f1a5ea2a4771efb9f
77b578d094937ab52b510be77502e49e0d241868
507de79d875dd322806b735624ef0db25c9645612efff14b9b02a40e61cf1b5f
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 05 Dec 2022 10:51:10 GMT
ETag: "77b578d094937ab52b510be77502e49e0d241868"
Last-Modified: Thu, 01 Dec 2022 10:51:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 729
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b9ca80e88b517-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 25dbbd2f29397635585b81a5203b806d
4260e848f384f93bde13afd5ffbd34232f04d2cd
ab67d1cc965a6d5a37e05c3df092e07a79799d75cc0c4bdc4a6871bf182e6cb0
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 05 Dec 2022 10:14:30 GMT
ETag: "4260e848f384f93bde13afd5ffbd34232f04d2cd"
Last-Modified: Thu, 01 Dec 2022 10:14:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1817
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b9ca8098bb4ed-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 233e57f60023d3cdf4dfa75d53a03eb3
9dac5203260858b4de4682f9f610618454b5bb01
7f1b74086414ff31f9ab16fd18a8dadb7d7b77023e6bde0b9bbd5aa749a53d93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F1B74086414FF31F9AB16FD18A8DADB7D7B77023E6BDE0B9BBD5AA749A53D93"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6002
Expires: Thu, 01 Dec 2022 13:31:38 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 78bd90691c3b7d1a116b712d04d55c1c
7f7f44c164b14e28dc5061f6bac8ac6be37b600f
bbe91ea3e608060e1a47bd356ff847e5ce9c3e4c4a023df7fb8f10421529338b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BBE91EA3E608060E1A47BD356FF847E5CE9C3E4C4A023DF7FB8F10421529338B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7519
Expires: Thu, 01 Dec 2022 13:56:55 GMT
Date: Thu, 01 Dec 2022 11:51:36 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash ac9cf0ed2042731e3a8eb2cec32252d9
6c653d140be9dbd22bef81aa04681420280a008d
a70af9de436aca48bfd64498aa4f36191206d0c392ed5f26982d238539e4fb08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116135
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:36 GMT
Etag: "6387b7ef-117"
Expires: Fri, 02 Dec 2022 20:07:11 GMT
Last-Modified: Wed, 30 Nov 2022 20:07:11 GMT
Server: nginx
Content-Length: 279
kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
200 OK 1.6 MB URL HTTP/2 kvtddd.top/bb7f858c0dad171784517c02e7bff891.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /bb7f858c0dad171784517c02e7bff891.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sat, 01 Oct 2022 05:56:30 GMT
etag: "6337d68e-1844d9"
expires: Fri, 09 Dec 2022 08:42:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1912162
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knSaV7S7FfSI2peRyVKpNdhHP4ADjAb6o3ZBYBtOSy4rR0Zeit4ztUZTDJw%2BYnOiIdRqYC%2BZHjlUK3a9BPIjTCSYTIbldAi5voacWrFonGJBheM%2FM0njxblsfhDr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca75871775c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u1102.com/d97fe322993444ccb8fa7cd5a76002c9.gif
200 OK 348 kB URL HTTP/2 u1102.com/d97fe322993444ccb8fa7cd5a76002c9.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 348 kB (347872 bytes)
Hash 1ace5409fd371542532d2c9a27131b87
98c7c29f6d64296235a6be4b8259ffce72fd6691
8794843b5991bae6c5224e7e49f7389e2560098704392c0b10dc621bf38e3113
GET /d97fe322993444ccb8fa7cd5a76002c9.gif HTTP/1.1
Host: u1102.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "635ce297-54ee0"
server: nginx
date: Wed, 30 Nov 2022 13:30:50 GMT
content-type: image/gif
last-modified: Sat, 29 Oct 2022 08:21:43 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-55
content-length: 347872
X-Firefox-Spdy: h2
u1102.com/e78dae76ab72458a805527bea2c08236.gif
200 OK 262 kB URL HTTP/2 u1102.com/e78dae76ab72458a805527bea2c08236.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 262 kB (262190 bytes)
Hash 1a8e3a0619f31ef8f6c1fc4929b111df
5e0aa3f1847a89e281f54895ec6bdf95a1a907f9
eb28b213fc0196269abe1f9cfb6ce42f8fc3b2d6362828a91ec32fb99c63bfe2
GET /e78dae76ab72458a805527bea2c08236.gif HTTP/1.1
Host: u1102.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6363bb28-4002e"
server: nginx
date: Wed, 30 Nov 2022 13:30:50 GMT
content-type: image/gif
last-modified: Thu, 03 Nov 2022 12:59:20 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-55
content-length: 262190
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 53d761b9cf8861b212064ab14d074223
084b0e626753830ae9ce8f4e3fc603f1e99eb97f
82d0ab200258c3f5f59f63de2979302868f5a2f2cde949b87c18266ddb6cca82
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6318
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "63876be0-116"
Last-Modified: Thu, 01 Dec 2022 10:06:19 GMT
Server: ECS (amb/6B72)
X-Cache: HIT
Content-Length: 278
362728tdg.com/f5cbf05f255e4fd0b931ba2a20d2534c.gif
200 OK 709 kB URL HTTP/1.1 362728tdg.com/f5cbf05f255e4fd0b931ba2a20d2534c.gif
IP
File type GIF image data, version 89a, 960 x 80\012- data
Size 709 kB (708914 bytes)
Hash 81b52b9a83a90be8ae7e060ca470f9fd
e021e8764dfcaba6cf69c374c29f13b09c2c3f5e
b0e6924d24812d25d86ae15677857eea32a9dcd5ff6e5a00a8033986508d5526
Analyzer Verdict Alert quad9 Sinkholed
GET /f5cbf05f255e4fd0b931ba2a20d2534c.gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63773234-ad132"
Date: Sat, 26 Nov 2022 15:30:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 18 Nov 2022 07:20:20 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-20
Content-Length: 708914
ocsp.digicert.com/
200 OK 279 B IP
Hash 99ad09ffba38b3cb829d8928c36bb4ee
2551fb85ccdfd528d92bff3c191759a97d826ddb
03c23545b714addbb1321c8e962bfed526c15df1e5153b2030caea327bffb6b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5703
Cache-Control: max-age=103455
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "63877021-117"
Expires: Fri, 02 Dec 2022 16:35:52 GMT
Last-Modified: Wed, 30 Nov 2022 15:00:49 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 3faea67e786ba637adb5e94ea781837f
79435248c4285c963d6651ed080a13dc606f0455
ca26a3053d1fb504aa65bdd2b927701fa51163b92490057e212e9a33f1b50f8b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CA26A3053D1FB504AA65BDD2B927701FA51163B92490057E212E9A33F1B50F8B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6667
Expires: Thu, 01 Dec 2022 13:42:44 GMT
Date: Thu, 01 Dec 2022 11:51:37 GMT
Connection: keep-alive
nvhbbb.top/7eac39bc4b497ca306e5bbb3999fe104.gif
200 OK 482 kB URL HTTP/2 nvhbbb.top/7eac39bc4b497ca306e5bbb3999fe104.gif
IP
File type GIF image data, version 89a, 960 x 80\012- data
Size 482 kB (482190 bytes)
Hash 72e5bc9753b8b7df58fb7e722beda509
33d1e8ef4f3fb175565ba848d19f85e512a54319
c7b30c3f2343286ed68d60b2ae700755d51199427d4a22622ed3c866ee9e3057
GET /7eac39bc4b497ca306e5bbb3999fe104.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:37 GMT
content-type: image/gif
content-length: 482190
last-modified: Tue, 22 Nov 2022 15:41:06 GMT
etag: "637ced92-75b8e"
expires: Fri, 23 Dec 2022 16:08:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 675784
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLAXJwzOOBTP17%2BvN%2FCFQFsrY0KiWfndptS%2FX18r0qIfDibu95oLk6s3Qdj1lTmwquc2%2BUEMPdRZl4%2BnNpNnq0%2F41SjIbfFwC5KI0NAKpBJBpiVrz60zi7XM3I9C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca9cc1cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
301 Moved Permanently 162 B URL HTTP/2 kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 11:51:37 GMT
content-type: text/html
content-length: 162
location: https://max002.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 4fdbf903d0c2f1ddfdca8d9bf1b34771
7a3923e2d232880a032622999052e4c2694d9f53
c1a9eb5d0ccead5804d30b51c82ec16ec288447341aaa3fd9f63d7bd45d9a5b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121171
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "6387cb9c-117"
Expires: Fri, 02 Dec 2022 21:31:08 GMT
Last-Modified: Wed, 30 Nov 2022 21:31:08 GMT
Server: nginx
Content-Length: 279
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 20bc01f2cdab7119767a40d715eb280f
8432d9d44f967c83f00de4fb62a7245f670e52bf
3853253338b9cee39877aac2386b40a2acbe16192cd090eea95a83d71e4726d8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3853253338B9CEE39877AAC2386B40A2ACBE16192CD090EEA95A83D71E4726D8"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10383
Expires: Thu, 01 Dec 2022 14:44:40 GMT
Date: Thu, 01 Dec 2022 11:51:37 GMT
Connection: keep-alive
kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
200 OK 310 kB URL HTTP/2 kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310102 bytes)
Hash aaaee07863e1fab7724d3b6698c0b4b3
1f75ba89585a8844a2c1e41625f88bae649be17d
41ac392c3cca5e4434c0f80595838a48338c94f8a9c691d4141c7ecb68acb24e
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:37 GMT
content-type: image/gif
content-length: 310102
last-modified: Wed, 13 Jul 2022 15:28:42 GMT
etag: "62cee4aa-4bb56"
expires: Thu, 29 Dec 2022 05:20:40 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 196257
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sB3LID6UHxZOdw%2Bs3b7dK98pcv49nTB5Ojtgn5nsTdUAFjzms7zW2sCDfhiKmrMgXaKjbJyGiOTkyCLBuvs1lyfHW6Eqnl5WGecB14K5zE7U3fCz8o7KcrtxOV7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca99ad9dc83-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash f853d38e4389fbf0a556f686a634334e
0babee29e37a9867ab91df5adf912d8dc6be016b
0b42bdceda93b9164cc5ef089ee1c5909d056fa20f154ce42d70fbce0e8e6251
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 01:10:42 GMT
Expires: Wed, 07 Dec 2022 01:10:41 GMT
Etag: "0babee29e37a9867ab91df5adf912d8dc6be016b"
Cache-Control: max-age=479343,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b9ca90e82b4fa-OSL
kvhxxx.top/99462c01e85acc1311bebac224df6cce.gif
200 OK 845 kB URL HTTP/2 kvhxxx.top/99462c01e85acc1311bebac224df6cce.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kvhxxx.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:37 GMT
content-type: image/gif
content-length: 845326
last-modified: Mon, 15 Aug 2022 06:10:27 GMT
etag: "62f9e353-ce60e"
expires: Thu, 29 Dec 2022 11:07:01 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 175476
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8WUxM5ZedyqCl6TCjN8LOzRa4oOz2IcX2YWV4R%2BJ3lP%2BHwtIfJqrjTwPGpWEkMSPbLgVIwBxn9cbtDQxGgYGM68c%2B4fnKkb9UkQ28OvFLrATxm9BNmEmqnz%2BMBx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9ca9cb13dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9eda5dc0babdbcce46d8ab375df1d6ec
6f3d1c1819530cf04a5f435bcfdad6df623f39a6
153e8c7c04557c6c3ee3977b4affecd0a4f5fa534c6cbe6795758b3613dca3d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "153E8C7C04557C6C3EE3977B4AFFECD0A4F5FA534C6CBE6795758B3613DCA3D7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10313
Expires: Thu, 01 Dec 2022 14:43:30 GMT
Date: Thu, 01 Dec 2022 11:51:37 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 727 B IP
Hash b39eb5745fdd564a2a9138becd9ba6ce
79ddb1c9a6bd08f1ac059dbb5ddd2385a8c5a96f
1c74fb181d77e1a0c2db76c68b36f38a2bdf76ec8ed7b7a95975dcf89d308193
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 979
Cache-Control: max-age=123585
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "6387d137-2d7"
Expires: Fri, 02 Dec 2022 22:11:22 GMT
Last-Modified: Wed, 30 Nov 2022 21:55:03 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 727
nvhaaa.top/cf4287991556df0490caf209d0ed91fe.gif
200 OK 318 kB URL HTTP/2 nvhaaa.top/cf4287991556df0490caf209d0ed91fe.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 318 kB (317903 bytes)
Hash fb3f1f47e7cd3c017411f4a08cb222b7
9ef0eebfa48d7d3c66398066ad781c2e4c5c2fce
864310898b7de94e28b82e0e318d801e6537365a75078d2f94b98a25c81e98a9
GET /cf4287991556df0490caf209d0ed91fe.gif HTTP/1.1
Host: nvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:37 GMT
content-type: image/gif
content-length: 317903
last-modified: Sat, 13 Aug 2022 11:03:31 GMT
etag: "62f78503-4d9cf"
expires: Fri, 30 Dec 2022 00:03:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 128903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5OAQbKoq32vCRxb%2BJbakJXDqIVmpZS%2FgufH2aLyA71SW5mFUrTjlH%2FAWOB4TIH0LBIqwWoe1RE2LLp5hy3l9pIw5IG2uDs%2FR5gGlUguYEVoOE4wMGoUA88ErN2R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9caa7adaf423-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash f8c6b99f8d2bfba370249bb5e97fbfd5
f6d6d6fc7ea1fc26f2550ca3a61938a24b1fc482
77c0d05442780a0a6286a8251b05ec4ab687d8b9c7fc99f661ae20274595ae51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141665
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "63881baa-116"
Expires: Sat, 03 Dec 2022 03:12:42 GMT
Last-Modified: Thu, 01 Dec 2022 03:12:42 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
200 OK 279 B IP
Hash 4ba9ead5022a249215ab39f7aed842f1
668c1f6466de098d881e1fa1a711c6b0c5f8d84b
cde62025ff650a17922d76365616d2d1bceeea060708628a5a40848350277266
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135925
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "6388053e-117"
Expires: Sat, 03 Dec 2022 01:37:02 GMT
Last-Modified: Thu, 01 Dec 2022 01:37:02 GMT
Server: nginx
Content-Length: 279
538936vxn.com/d435373888944b359330ac8c9bcff8c1.gif
200 OK 553 kB URL HTTP/1.1 538936vxn.com/d435373888944b359330ac8c9bcff8c1.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /d435373888944b359330ac8c9bcff8c1.gif HTTP/1.1
Host: 538936vxn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9374-86f72"
Date: Thu, 24 Nov 2022 08:44:47 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:31:48 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-22
Content-Length: 552818
p3.douyinpic.com/obj/tos-cn-i-dy/25734dd0a0ae4f84a048930526bb0fce
200 OK 289 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/25734dd0a0ae4f84a048930526bb0fce
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 289 kB (288676 bytes)
Hash 74eb142fa1087dc2eee9cd3543ee965d
8a9b2861643c64c7e131d39c5d6aed4988051659
5c7331b29c2563a925053e0f06c845b805583cf3d79231201528d4ca64df7085
GET /obj/tos-cn-i-dy/25734dd0a0ae4f84a048930526bb0fce HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 288676
date: Sun, 27 Nov 2022 04:53:06 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 27 Nov 2022 04:49:13 GMT
nw-session-id: 2022112712491301017507313401FA7D60h7sn903dy
nw-session-trace: 2022-11-27T12:49:13.376926808+08:00 34
x-bdcdn-cache-status: TCP_HIT
x-length: 288676
x-powered-by: ImageX
x-response-date: Sun, 27 Nov 2022 12:49:13 GMT
x-tt-logid: 2022112712491301017507313401FA7D60
via: n150-059-226, cache14.l2de2[0,0,206-0,H], cache26.l2de2[1,0], cache26.l2de2[1,0], cache1.se1[0,0,200-0,H], cache7.se1[2,0]
x-request-ip: fdbd:dc02:22:54::97
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 0132e78a20cdc5e4606e2729a267d57aeb5877b67b2c5b0bbea090332cb60002fbefbcf6eefb06e048ca8143a02f51c73245c5b5a82cb00ffd74c19e786799dddbded906af23a06cf930de24c4862345e5a342a9398757193eb7f0ebb2343a4576
x-response-lb: image
ali-swift-global-savetime: 1669524786
age: 370711
x-cache: HIT TCP_MEM_HIT dirn:2:409690259
x-swift-savetime: Sun, 27 Nov 2022 04:56:11 GMT
x-swift-cachetime: 31535815
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16698954974338297e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d
200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 21 Oct 2022 06:45:44 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:39:38 GMT
nw-session-id: 202210211439380101311360293842A52Fgx4cc03dy
nw-session-trace: 2022-10-21T14:39:38.59145035+08:00 28
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:39:38 GMT
x-tt-logid: 202210211439380101311360293842A52F
via: n132-067-168, cache19.l2de2[0,0,206-0,H], cache11.l2de2[2,0], cache11.l2de2[2,0], cache1.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc03:14:130::18
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010bb5ec5b1b5f1e47ca91c2b81197a74f8048ba6c9105f29b60a5a5654edfd2e74a44ae94b6f429eb61763780aa091400b761df5690404fbe40d4d865710f70cd7a52fd33d8906f8ae44a9cba323b06e589132522b5dde5de19e056fb46c2d0ef
x-response-lb: image
ali-swift-global-savetime: 1666334744
age: 3560753
x-cache: HIT TCP_MEM_HIT dirn:2:269246083
x-swift-savetime: Fri, 21 Oct 2022 07:27:56 GMT
x-swift-cachetime: 31533468
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16698954974388301e
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fe1d437611a1b93a26efb15d145615b
10e5b0285fe95d2d29fcce5b27016f3a3c870a28
e118cbebccaff27027752d5787153c06ba495684a1fdcd1fbaa5b0cb81465520
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E118CBEBCCAFF27027752D5787153C06BA495684A1FDCD1FBAA5B0CB81465520"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 17:51:37 GMT
Date: Thu, 01 Dec 2022 11:51:37 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash ac9cf0ed2042731e3a8eb2cec32252d9
6c653d140be9dbd22bef81aa04681420280a008d
a70af9de436aca48bfd64498aa4f36191206d0c392ed5f26982d238539e4fb08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 858
Cache-Control: max-age=116992
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "6387b7ef-117"
Expires: Fri, 02 Dec 2022 20:21:29 GMT
Last-Modified: Wed, 30 Nov 2022 20:07:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
zmhmaz8.com/f7c7ff277fc946dab898f4ae7c2c4be0.gif
200 OK 1.0 MB URL HTTP/1.1 zmhmaz8.com/f7c7ff277fc946dab898f4ae7c2c4be0.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.0 MB (1020091 bytes)
Hash b3aedc862671b2fa2e2922fadaa38add
8134113e40aa47b7b0508e81c447ccea8c10e7c0
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
GET /f7c7ff277fc946dab898f4ae7c2c4be0.gif HTTP/1.1
Host: zmhmaz8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee2dc7-f90bb"
Date: Wed, 23 Nov 2022 03:05:59 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 09:00:55 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-18
Content-Length: 1020091
ocsp.digicert.com/
200 OK 278 B IP
Hash 53d761b9cf8861b212064ab14d074223
084b0e626753830ae9ce8f4e3fc603f1e99eb97f
82d0ab200258c3f5f59f63de2979302868f5a2f2cde949b87c18266ddb6cca82
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2966
Cache-Control: max-age=99629
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "63876be0-116"
Expires: Fri, 02 Dec 2022 15:32:06 GMT
Last-Modified: Wed, 30 Nov 2022 14:42:40 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 279 B IP
Hash 99ad09ffba38b3cb829d8928c36bb4ee
2551fb85ccdfd528d92bff3c191759a97d826ddb
03c23545b714addbb1321c8e962bfed526c15df1e5153b2030caea327bffb6b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5703
Cache-Control: max-age=103455
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "63877021-117"
Expires: Fri, 02 Dec 2022 16:35:52 GMT
Last-Modified: Wed, 30 Nov 2022 15:00:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash c3eff4ea8bd63d340bb71d06186d1fa1
20f9c58c2a49721adcbd7d7974d3882b4ff69c58
5e44631bb2be5e54bdc4a2b92fbb23acefe482b6fb55d778698eb247c0714fed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=97751
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "63877020-117"
Expires: Fri, 02 Dec 2022 15:00:48 GMT
Last-Modified: Wed, 30 Nov 2022 15:00:48 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de8be3a01d31f16743f6a672ac55d0c3
5d7642cb5eeb09103c0284678f5d5b2f046fcbbf
6bef76ee7ee7ea3ba016886118444fa6d257c914b5dcce653a48d81525f15acb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BEF76EE7EE7EA3BA016886118444FA6D257C914B5DCCE653A48D81525F15ACB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=102
Expires: Thu, 01 Dec 2022 11:53:19 GMT
Date: Thu, 01 Dec 2022 11:51:37 GMT
Connection: keep-alive
p3.douyinpic.com/obj/tos-cn-i-dy/64d6cfeafe0a4a55a26b315797f5e8cd
200 OK 388 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/64d6cfeafe0a4a55a26b315797f5e8cd
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 388 kB (387606 bytes)
Hash 04bc69335db1b91582f64bc1adcb769e
44effbe6c09a5adf67c3f9580df271d3478768c5
a8241af6dcc79ffed2ffa411ef731ad50e083d8482e9592982ea848d0460276e
GET /obj/tos-cn-i-dy/64d6cfeafe0a4a55a26b315797f5e8cd HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 387606
date: Tue, 22 Nov 2022 14:24:47 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 22 Nov 2022 12:26:21 GMT
nw-session-id: 2022112220262101013817220210E92FE2bn7zf02dy
nw-session-trace: 2022-11-22T20:26:21.845484402+08:00 30
x-bdcdn-cache-status: TCP_HIT
x-length: 387606
x-powered-by: ImageX
x-response-date: Tue, 22 Nov 2022 20:26:21 GMT
x-tt-logid: 2022112220262101013817220210E92FE2
via: n132-069-106, cache23.l2de2[0,0,206-0,H], cache9.l2de2[7,0], cache9.l2de2[7,0], cache2.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc03:11:628::202
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c971c1ca014bc78d3381c9c2c669bfc3ac030e8f491b3e9d9c36df54941c4d91c511637c9b4424b18b1e62209b489eb19e40dc8ce97f3ffe0e481e2f1c8aeeb02ad168d8f2c819d81979f509fad874eaf4bf8e03b10a81255fcf6a0919921ade
x-response-lb: image
ali-swift-global-savetime: 1669127088
age: 768409
x-cache: HIT TCP_MEM_HIT dirn:1:591986777
x-swift-savetime: Tue, 22 Nov 2022 16:12:02 GMT
x-swift-cachetime: 31529566
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16698954975538380e
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de8be3a01d31f16743f6a672ac55d0c3
5d7642cb5eeb09103c0284678f5d5b2f046fcbbf
6bef76ee7ee7ea3ba016886118444fa6d257c914b5dcce653a48d81525f15acb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BEF76EE7EE7EA3BA016886118444FA6D257C914B5DCCE653A48D81525F15ACB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=102
Expires: Thu, 01 Dec 2022 11:53:19 GMT
Date: Thu, 01 Dec 2022 11:51:37 GMT
Connection: keep-alive
u1033.com/8b73f3976477486d9b4ad5d0adda6a8a.gif
200 OK 218 kB URL HTTP/2 u1033.com/8b73f3976477486d9b4ad5d0adda6a8a.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 218 kB (217826 bytes)
Hash 27ec5c83cb9575b31075dcd71389974e
681c71534d8c5bc8ec8526db4d56f63099809e69
b53d8f0e3870208d18544443eb3f76870a4c79e9a7c745b699bd8060e84fde01
GET /8b73f3976477486d9b4ad5d0adda6a8a.gif HTTP/1.1
Host: u1033.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63791710-352e2"
server: nginx
date: Thu, 24 Nov 2022 14:31:34 GMT
content-type: image/gif
last-modified: Sat, 19 Nov 2022 17:49:04 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-067
content-length: 217826
X-Firefox-Spdy: h2
9366qq.com/3be4171f45964b3795b8b02e1da84c25.gif
200 OK 584 kB URL HTTP/1.1 9366qq.com/3be4171f45964b3795b8b02e1da84c25.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
GET /3be4171f45964b3795b8b02e1da84c25.gif HTTP/1.1
Host: 9366qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "631ee6a4-8e959"
Date: Wed, 30 Nov 2022 12:54:12 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 12 Sep 2022 07:58:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-23
Content-Length: 584025
573569djd.com/1038b59f6e67442798d683c22d8c3bc2.gif
200 OK 709 kB URL HTTP/1.1 573569djd.com/1038b59f6e67442798d683c22d8c3bc2.gif
IP
File type GIF image data, version 89a, 960 x 80\012- data
Size 709 kB (708914 bytes)
Hash 81b52b9a83a90be8ae7e060ca470f9fd
e021e8764dfcaba6cf69c374c29f13b09c2c3f5e
b0e6924d24812d25d86ae15677857eea32a9dcd5ff6e5a00a8033986508d5526
Analyzer Verdict Alert quad9 Sinkholed
GET /1038b59f6e67442798d683c22d8c3bc2.gif HTTP/1.1
Host: 573569djd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63808f7f-ad132"
Date: Fri, 25 Nov 2022 13:29:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 25 Nov 2022 09:48:47 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-18
Content-Length: 708914
829355rff.com/6010fb1531bd41f4a889ff19c6f74dea.gif
200 OK 359 kB URL HTTP/1.1 829355rff.com/6010fb1531bd41f4a889ff19c6f74dea.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 359 kB (358672 bytes)
Hash 668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859
Analyzer Verdict Alert quad9 Sinkholed
GET /6010fb1531bd41f4a889ff19c6f74dea.gif HTTP/1.1
Host: 829355rff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "636753b8-57910"
Date: Tue, 29 Nov 2022 08:43:52 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 06 Nov 2022 06:27:04 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-22
Content-Length: 358672
ocsp.digicert.com/
200 OK 279 B IP
Hash 4fdbf903d0c2f1ddfdca8d9bf1b34771
7a3923e2d232880a032622999052e4c2694d9f53
c1a9eb5d0ccead5804d30b51c82ec16ec288447341aaa3fd9f63d7bd45d9a5b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121171
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:37 GMT
Etag: "6387cb9c-117"
Expires: Fri, 02 Dec 2022 21:31:08 GMT
Last-Modified: Wed, 30 Nov 2022 21:31:08 GMT
Server: nginx
Content-Length: 279
kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
200 OK 902 kB URL HTTP/2 kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 902 kB (902313 bytes)
Hash 8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvhiii.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:37 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Fri, 30 Dec 2022 10:39:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 90728
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCClGV6uUl%2FvcPkqM8Nyt1dHEmRxPU%2BVVe5B9PZjnXWIT543JXaPn1so9h7FHhhSHJiNv1uld3ieYgIVoYMcWevQLcA1KVaW6W2rsDkoizHNhVeVLHc2OiCQEvvr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9cae4e837320-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
max002.top/68a7807de3933bf7079116fa9df99e6f.gif
200 OK 366 kB URL HTTP/2 max002.top/68a7807de3933bf7079116fa9df99e6f.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: max002.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mdfsyy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:37 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Fri, 30 Dec 2022 21:26:29 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 51908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMnHTtswDu3wkD6Vr%2B%2F99GeQixMyS8Rm%2BPnylhX22%2BEdPt4QAAHG%2FfXsK3Zk8HOI5E1d3almmMCz%2FTWdmpwzj6HgDj6h6tSDUcaKGSyKhcBya%2FB6tN19o3LoTggB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772b9cae68597545-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
383tupian.oss-cn-shenzhen.aliyuncs.com/960x60.gif
200 OK 299 kB URL HTTP/1.1 383tupian.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /960x60.gif HTTP/1.1
Host: 383tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 63889548B98BDD3738A2F290
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Sun, 23 Oct 2022 07:06:26 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 3
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINRru4b21YojTW6q020iaekYV7qCNGJIdR9o/0
200 OK 208 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINRru4b21YojTW6q020iaekYV7qCNGJIdR9o/0
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 208 kB (208040 bytes)
Hash 192c74d36701b586f3201dfd6d080d9b
e5b46de78b75c72974ba4a73638a581e7114d55b
b02c98fd0349520c864b26c96f998aa1814c1342db3e694568a437d90a523df0
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINRru4b21YojTW6q020iaekYV7qCNGJIdR9o/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 01 Dec 2022 11:51:36 GMT
content-type: image/gif
content-length: 208040
vary: Accept,Origin
last-modified: Thu, 24 Nov 2022 12:26:53 GMT
cache-control: max-age=2592000
x-delay: 30027 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 208040
chid: 0
fid: 0
x-nws-log-uuid: f43710a5-a438-4a6a-a835-da0039f98b68
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash c3eff4ea8bd63d340bb71d06186d1fa1
20f9c58c2a49721adcbd7d7974d3882b4ff69c58
5e44631bb2be5e54bdc4a2b92fbb23acefe482b6fb55d778698eb247c0714fed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=97750
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:51:38 GMT
Etag: "63877020-117"
Expires: Fri, 02 Dec 2022 15:00:48 GMT
Last-Modified: Wed, 30 Nov 2022 15:00:48 GMT
Server: nginx
Content-Length: 279
tpkj2222.com/img/k80m/oJ8rVeomP.gif
200 OK 213 kB URL HTTP/1.1 tpkj2222.com/img/k80m/oJ8rVeomP.gif
IP
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 80\012- data
Size 213 kB (212917 bytes)
Hash d1931dd316b9ac2d1bd98a9c89bb2c77
5660ca5156b14a4b0df59089738774977eab5357
48886aed2c4e673776c75db728e4fddc8647a559dee0d8f3549cc6d7a5062053
GET /img/k80m/oJ8rVeomP.gif HTTP/1.1
Host: tpkj2222.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:37 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"423944-1669660103000"
Last-Modified: Mon, 28 Nov 2022 18:28:23 GMT
Expires: Fri, 16 Dec 2022 11:51:37 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: EXPIRED, HIT
tpcdnde88de.com/79tp/960x60-2.gif
200 OK 322 kB URL HTTP/2 tpcdnde88de.com/79tp/960x60-2.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 322 kB (322376 bytes)
Hash c41a909fa1e62a4ebc583626a93c05c1
10adfd5b6d78d04cc93c76b14a29fc93ce4f2708
b60310fa346cdc56ed271a244d9c4f1e137e0fd46571802f25c0c8e09131aa4e
GET /79tp/960x60-2.gif HTTP/1.1
Host: tpcdnde88de.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:37 GMT
content-type: image/gif
content-length: 322376
last-modified: Sat, 25 Jun 2022 12:15:37 GMT
etag: "62b6fc69-4eb48"
expires: Fri, 30 Dec 2022 23:00:39 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
200 OK 339 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 339 kB (339049 bytes)
Hash 120f3a01e40b1e58017422e07a358e7b
201b8030f1dc57e1c5f503ab15459990f49c0850
f834cdc6d3baa837bcd3cb5dd42ddafbb903ccc07022dcca2822b451c6a0f7a1
GET /js960x80%20.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 01 Dec 2022 11:51:37 GMT
Content-Type: image/gif
Content-Length: 339049
Connection: keep-alive
x-oss-request-id: 63889549511B143634C5B5D1
Accept-Ranges: bytes
ETag: "120F3A01E40B1E58017422E07A358E7B"
Last-Modified: Sun, 20 Nov 2022 08:09:52 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11820530545471216528
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: Eg86AeQLHlgBdCLgejWOew==
x-oss-server-time: 1
99997aaa.com/00702b282a9246e099c5412dba35712d.gif
200 OK 507 kB URL HTTP/1.1 99997aaa.com/00702b282a9246e099c5412dba35712d.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 507 kB (506835 bytes)
Hash c2cddffb5f5e2dd4d800ae4671b0048b
2106357d4d4ebe6eb5274f0162f59c78d37bda2d
965d287691956a389cc665dbbfa99d4a329594b74d765c74325ca4aabf3588f8
GET /00702b282a9246e099c5412dba35712d.gif HTTP/1.1
Host: 99997aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6385bdfa-7bbd3"
Date: Tue, 29 Nov 2022 09:42:12 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 29 Nov 2022 08:08:26 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-30
Content-Length: 506835
tpcdnde88de.com/235tp/960x60.gif
200 OK 590 kB URL HTTP/2 tpcdnde88de.com/235tp/960x60.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 590 kB (590255 bytes)
Hash d9d8d54236add0a03997175e250e51ef
b65ebc88346d3a308dbf4791ade0637330df8895
81954cd3768276219bbf7aca8ce82881fbda51a1721ef78d559cdd7772800571
GET /235tp/960x60.gif HTTP/1.1
Host: tpcdnde88de.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:51:37 GMT
content-type: image/gif
content-length: 590255
last-modified: Wed, 15 Jun 2022 13:02:58 GMT
etag: "62a9d882-901af"
expires: Fri, 30 Dec 2022 23:00:44 GMT
cache-control: max-age=2592000
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ggt999.oss-cn-hangzhou.aliyuncs.com/hg/hg96080a.gif
200 OK 399 kB URL HTTP/1.1 ggt999.oss-cn-hangzhou.aliyuncs.com/hg/hg96080a.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 399 kB (399206 bytes)
Hash f2e9cc36b47c7f932fa8579dba054222
fe251f9b1eaa2b39a67b933f6372cfe83c2b15c7
5cdb36ececd70313ae6325f545414b76f126414732d15935dc72460c5988d339
GET /hg/hg96080a.gif HTTP/1.1
Host: ggt999.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 01 Dec 2022 11:51:37 GMT
Content-Type: image/gif
Content-Length: 399206
Connection: keep-alive
x-oss-request-id: 6388954994C77F3035353C8D
Accept-Ranges: bytes
ETag: "F2E9CC36B47C7F932FA8579DBA054222"
Last-Modified: Tue, 18 Oct 2022 05:03:18 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13201565670073930560
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 8unMNrR8f5MvqFedugVCIg==
x-oss-server-time: 3
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 98993aff8818dd26d16062dbc5dcd8d0
67252f8cd91740ac616e2b6b99121d393ec582c4
2bf5d2ddc6968a440c54e82a495b7750873b3adc0f783a88ea2b0e393ed4497b
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 09:40:05 GMT
ETag: "67252f8cd91740ac616e2b6b99121d393ec582c4"
Last-Modified: Thu, 01 Dec 2022 09:40:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3016
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b9cb33dd31c02-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 98993aff8818dd26d16062dbc5dcd8d0
67252f8cd91740ac616e2b6b99121d393ec582c4
2bf5d2ddc6968a440c54e82a495b7750873b3adc0f783a88ea2b0e393ed4497b
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 09:40:05 GMT
ETag: "67252f8cd91740ac616e2b6b99121d393ec582c4"
Last-Modified: Thu, 01 Dec 2022 09:40:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3016
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b9cb34e8fb515-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 98993aff8818dd26d16062dbc5dcd8d0
67252f8cd91740ac616e2b6b99121d393ec582c4
2bf5d2ddc6968a440c54e82a495b7750873b3adc0f783a88ea2b0e393ed4497b
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:51:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 09:40:05 GMT
ETag: "67252f8cd91740ac616e2b6b99121d393ec582c4"
Last-Modified: Thu, 01 Dec 2022 09:40:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3016
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b9cb35de41c02-OSL
72agg.com/gg/960x60-2.gif
200 OK 567 kB URL HTTP/2 72agg.com/gg/960x60-2.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 567 kB (566629 bytes)
Hash c9fa1542af8b7e568dc7b3a56522b833
1449fff789834cb44c300d12d770eeb251a4bbd5
7db19a9e96ed52f61b3b4c76bf6cac9259ae0b3e9d18eb597320c30a0e4e1e90
GET /gg/960x60-2.gif HTTP/1.1
Host: 72agg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 11:54:00 GMT
content-type: image/gif
content-length: 566629
last-modified: Tue, 01 Nov 2022 07:49:47 GMT
etag: "6360cf9b-8a565"
expires: Sat, 31 Dec 2022 11:54:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
200 OK 251 kB URL HTTP/1.1 sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 251 kB (250863 bytes)
Hash 146302635db0d447d3779d91b77d8389
281b62ad456eee28791ca926602b14ac6e84d9d7
efd5d5f699b6633ef18e5bb91fe5fd45604d6648f7249bfb1b5a29acc7b9f9b2
GET /3658-365-960x80.gif HTTP/1.1
Host: sezantp.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 01 Dec 2022 11:51:37 GMT
Content-Type: image/gif
Content-Length: 250863
Connection: keep-alive
x-oss-request-id: 6388954922AAFC3531D86419
Accept-Ranges: bytes
ETag: "146302635DB0D447D3779D91B77D8389"
Last-Modified: Fri, 18 Nov 2022 08:30:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3277067101677540170
x-oss-storage-class: Standard
Content-MD5: FGMCY12w1EfTd52Rt32DiQ==
x-oss-server-time: 2
tpkj2222.com/img/k80m/oJ8gSN3XG.gif
200 OK 411 kB URL HTTP/1.1 tpkj2222.com/img/k80m/oJ8gSN3XG.gif
IP
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 80\012- data
Size 411 kB (411242 bytes)
Hash 972dff9020b5183d3bbc1bef7a735ff3
3105e896ca256fd9960e60529d48e098bd7e6caf
c67fabbd022197da96eaf18631d6e23b1ea3331706df28e643ee7fb24ffcc374
GET /img/k80m/oJ8gSN3XG.gif HTTP/1.1
Host: tpkj2222.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 11:51:36 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"573283-1669660290000"
Last-Modified: Mon, 28 Nov 2022 18:31:30 GMT
Expires: Fri, 16 Dec 2022 11:51:36 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X60.gif
200 OK 254 kB URL HTTP/1.1 kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X60.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 254 kB (253519 bytes)
Hash f744e995971941b6a95fcd2636f5a545
ac9c1230e04eab9e31512d2afe440fe5f0367dc5
59b1a138fa72df587e61916179965cbd819f91aec53ce6ab606949a7e06b3063
GET /960X60.gif HTTP/1.1
Host: kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 01 Dec 2022 11:51:37 GMT
Content-Type: image/gif
Content-Length: 253519
Connection: keep-alive
x-oss-request-id: 63889549FDBA0C3730267F88
Accept-Ranges: bytes
ETag: "F744E995971941B6A95FCD2636F5A545"
Last-Modified: Tue, 29 Nov 2022 08:27:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17987192695826819902
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: 90TplZcZQbapX80mNvWlRQ==
x-oss-server-time: 2
kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
200 OK 894 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 11:51:38 GMT
content-type: image/gif
content-length: 893726
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:44:40 GMT
last-modified: Fri, 25 Nov 2022 14:40:05 GMT
age: 508019
via: http/1.1 ORI-CLOUD-HUN-MIX-16 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-29 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387480861-0-0-20-47-47;200;200-1669390040148-0-0-0-1-1;200-1669895498849-0-0-0-1-1
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
200 OK 1.2 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 11:51:38 GMT
content-type: image/gif
content-length: 1197751
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:50:06 GMT
last-modified: Fri, 25 Nov 2022 14:36:03 GMT
age: 507692
via: http/1.1 ORI-CLOUD-HUN-MIX-117 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-29 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387806409-0-0-0-35-35;200;200-1669387831644-0-0-0-1-1;200-1669895498872-0-0-1-1-1
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/186869/1/30207/414559/6380d0eeEe5d321f3/d814360fbc3be0d8.gif
200 OK 415 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/186869/1/30207/414559/6380d0eeEe5d321f3/d814360fbc3be0d8.gif
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /ott/jfs/t1/186869/1/30207/414559/6380d0eeEe5d321f3/d814360fbc3be0d8.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 11:51:38 GMT
content-type: image/gif
content-length: 414559
cache-control: max-age=315360000
expires: Mon, 22 Nov 2032 14:48:35 GMT
last-modified: Fri, 25 Nov 2022 14:27:58 GMT
age: 507784
via: http/1.1 ORI-CLOUD-HUN-MIX-33 (jcs [cRs f ]), http/1.1 SCchengdu-CT-11-MIX-29 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669387714839-0-0-0-467-467;200;200-1669399489677-0-0-0-1-1;200-1669895498878-0-0-0-3-3
X-Firefox-Spdy: h2
img.1202555.com/images/637cbef257b922de4f030a7f.gif
302 Found 0 B URL HTTP/2 img.1202555.com/images/637cbef257b922de4f030a7f.gif
IP
ASN #134835 Starry Network Limited
GET /images/637cbef257b922de4f030a7f.gif HTTP/1.1
Host: img.1202555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/64d6cfeafe0a4a55a26b315797f5e8cd
X-Firefox-Spdy: h2
img.u1669.com/images/63523ea35fe50f0585d3ef84.gif
302 Found 0 B URL HTTP/2 img.u1669.com/images/63523ea35fe50f0585d3ef84.gif
IP
ASN #134835 Starry Network Limited
GET /images/63523ea35fe50f0585d3ef84.gif HTTP/1.1
Host: img.u1669.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/3809564fecbe4e9c8845a85d95c7a81d
X-Firefox-Spdy: h2
img.9399x.com/images/6382eb31facd0b841a8e767a.gif
302 Found 0 B URL HTTP/2 img.9399x.com/images/6382eb31facd0b841a8e767a.gif
IP
ASN #134835 Starry Network Limited
GET /images/6382eb31facd0b841a8e767a.gif HTTP/1.1
Host: img.9399x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mdfsyy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/25734dd0a0ae4f84a048930526bb0fce
X-Firefox-Spdy: h2
23.224.194.143
93.184.220.29
104.110.17.24
104.21.233.253
188.114.96.1
47.75.19.45
43.154.254.32
47.246.44.229
120.77.166.72
103.170.15.65