firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 31 Aug 2022 14:17:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KV3DxkWTC5jULtm2ELctH3KLdqHWXF9Qf5q89y34pl42jdZ7zNlPGQ==
Age: 1605
5dahu.com/
142.111.44.170301 Moved Permanently 0 B IP 142.111.44.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 5dahu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: nginx
Location: http://www.5dahu.com/
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8607
Expires: Wed, 31 Aug 2022 17:07:35 GMT
Date: Wed, 31 Aug 2022 14:44:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 31 Aug 2022 02:27:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oooj_JFC5nNVMliiFpvPp5cw_7on7RqAKLjAS0iF8K80Z4bt-sTCPw==
age: 44224
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 14:44:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.5dahu.com/
142.111.44.170200 OK 799 B IP 142.111.44.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash bda25508c721820dad4e79ed27d24ef2
dedc6bf1d1ff8c1c2da8145c42a9656f4cf988da
3206730389cd2a2e0fd5814f5c176c2eb500bf0a072f7f73376cd77c7173fea5
GET / HTTP/1.1
Host: www.5dahu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:01 GMT
Content-Length: 799
Content-Type: text/html
Server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 31 Aug 2022 14:17:12 GMT
Expires: Wed, 31 Aug 2022 14:44:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ac9cx09gh5zhFHZ64F4YNPLypXQb-xmraidK_HNI1jFSPB5dflp5CA==
Age: 1617
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5559
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 14:44:09 GMT
Last-Modified: Wed, 31 Aug 2022 13:11:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.5dahu.com/tj.js
142.111.44.170200 OK 6.1 kB IP 142.111.44.170:0
File type ASCII text, with very long lines (4898), with CRLF line terminators
Hash 02a3d1112c28731439179acc00d511f2
f093c254d19bad336565466280fb64ec4f255891
c29304735682d546b44e3721b43401c3a8256afc1c5c47686dc46f695ecd981f
GET /tj.js HTTP/1.1
Host: www.5dahu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.5dahu.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:02 GMT
Content-Length: 6090
Content-Type: application/x-javascript
Server: nginx
www.5dahu.com/common.js
142.111.44.170200 OK 4.0 kB IP 142.111.44.170:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (466), with CRLF line terminators
Hash ff69f1e1044801500523119b373990fa
5581df40f97c3de3bdb1ed1f8584cbe28024bafe
e4c47d296f44417b65ccb3fb97527325495ac4b52cb8ad1b5bdba4998a925de5
GET /common.js HTTP/1.1
Host: www.5dahu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.5dahu.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:02 GMT
Content-Length: 3989
Content-Type: application/x-javascript
Server: nginx
push.services.mozilla.com/
34.212.13.96101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.13.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y5E7zi9oH/wyPAvhPBFU9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8WVv6cgCcQEaoja8z2BK5KbcWCI=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 496a03f2a9da681466dabfb9a9554203
e04692acc638760d1baea160a8efd36221631a5b
05e6e44fedb18baff9ddc4c89687f23baaa7a3cbdd171687e7895ab7ffed1e42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05E6E44FEDB18BAFF9DDC4C89687F23BAAA7A3CBDD171687E7895AB7FFED1E42"
Last-Modified: Tue, 30 Aug 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2447
Expires: Wed, 31 Aug 2022 15:24:56 GMT
Date: Wed, 31 Aug 2022 14:44:09 GMT
Connection: keep-alive
www.5dahu.com/favicon.ico
142.111.44.170200 OK 799 B URL HTTP/1.1 www.5dahu.com/favicon.ico
IP 142.111.44.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash bda25508c721820dad4e79ed27d24ef2
dedc6bf1d1ff8c1c2da8145c42a9656f4cf988da
3206730389cd2a2e0fd5814f5c176c2eb500bf0a072f7f73376cd77c7173fea5
GET /favicon.ico HTTP/1.1
Host: www.5dahu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.5dahu.com/
Cookie: __tins__21256283=%7B%22sid%22%3A%201661957049288%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201661958849288%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:03 GMT
Content-Length: 799
Content-Type: text/html
Server: nginx
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 824e2d98e79aef41fb80ac4eae0e5a17
6e38eea342c86b9654c4c432e93c9f915623c417
111899bd7b9c334d6232db649f0ca8ea7d0dd2a83be3ff42b21d726d7f0465e7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 04 Sep 2022 11:25:15 GMT
ETag: "6e38eea342c86b9654c4c432e93c9f915623c417"
Last-Modified: Wed, 31 Aug 2022 11:25:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2830
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74368aec5bee0b02-OSL
ccapi.api-daxiangjiao.com/common.php?val=daxiangjiao&t=0.3977939361510471?v=0029836917657160456
156.243.30.171200 OK 103 B URL HTTP/1.1 ccapi.api-daxiangjiao.com/common.php?val=daxiangjiao&t=0.3977939361510471?v=0029836917657160456
IP 156.243.30.171:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f7de19b33d4c1842d3dc4ae96a9ea0d6
1df36df7b2d17701be8bbe81002063ffa3a5f94f
0b69de48d0b509d3cbb90e149fca61e1ed9ac330b2f105c841a2a0bb13083b9f
GET /common.php?val=daxiangjiao&t=0.3977939361510471?v=0029836917657160456 HTTP/1.1
Host: ccapi.api-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.5dahu.com
Connection: keep-alive
Referer: http://www.5dahu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:09 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Strict-Transport-Security: max-age=31536000
Server: RielCDN
X-Cache-Status: MISS
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9324
Expires: Wed, 31 Aug 2022 17:19:34 GMT
Date: Wed, 31 Aug 2022 14:44:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9324
Expires: Wed, 31 Aug 2022 17:19:34 GMT
Date: Wed, 31 Aug 2022 14:44:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 084c7b9f1244ec72236ab517787af1e2
18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb
2ea7697ebc332bec201ffeaed54a738869b6c64784916574db2c7e6a7990fb3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5911
x-amzn-requestid: ff3b12df-1798-40bb-bf02-ad198710da96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdcGHFGYoAMFw_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630873c0-00cd86e97d0687c702a49ecb;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:18:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bdUkkt8QyTXI_NN4R4tJ3pGrDwNpoLC_aS17xUIe7623fE5xNQucrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:59:37 GMT
age: 60273
etag: "18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dcb5acc5186b678254184c5dac12079
d7c84b42a0dd5b86a0668127698fd5f25b647fcb
8173103eda58bf2f1af2d077fc90c2c1b6d2a93265092a9c3152b686e05a4f9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5910
x-amzn-requestid: 935b97da-1473-4863-bad2-a732709de9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslNHEfTIAMFWrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e8253-150847db7280350c19e2e464;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0RN7uc1rCMPWabmuO7QRLxIQ2mv0PFqTfL-dF7a6a3i1gFn0TtF8Nw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:19 GMT
age: 61131
etag: "d7c84b42a0dd5b86a0668127698fd5f25b647fcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 03y3JoF38R7gjBYS3gHyOsivob68ykKlwvAIFEwiat2FjYfKWh-afA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 22:47:54 GMT
age: 57376
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9843fcd5eb49c75b942e3dd042f3a931
ff6de19656bc0ee5649c1367448116a9576a690a
8e9679e05e1b2194e44a962a19f226793b5d7fc2334df64f8dd560498532ad3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6266
x-amzn-requestid: 82231f45-328a-479a-b346-108fe6a0c190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjU6bEP5IAMFaGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630acea8-6545154a39b44bb04d3bc18c;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P_a-E2SVJUpYrlOzoX9kDtHoAeyEpcqEXau-5wDupR-9AAk3gQgaHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 10:00:10 GMT
age: 17040
etag: "ff6de19656bc0ee5649c1367448116a9576a690a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:44:23 GMT
age: 61187
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcd3e268-6d16-4b6c-8bbc-5bcb9ef71e9c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcd3e268-6d16-4b6c-8bbc-5bcb9ef71e9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 286b49af9de15865f8e553a1a2d2dc10
06c88dd6a30d74912c9f4d87fd83153efac4463d
bfdb4944459b031838db851b2b6ffdae8908fdd4a11c532f9a2fa6fffc540f77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcd3e268-6d16-4b6c-8bbc-5bcb9ef71e9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13381
x-amzn-requestid: eb5e61b9-b40d-4181-92b7-5e971351ad78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XinM4FnfoAMF0_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8585-5971a5d9533c9f26234edea3;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 20:58:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nBW5uNGtVIsTIL4nFO5Qg1A8AxypBu_wdm586F1mpQisEWduWRV5qw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:59:14 GMT
age: 60296
etag: "06c88dd6a30d74912c9f4d87fd83153efac4463d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 4f2939c4007d3c398189222398d5dc0f
de0fd6b28431612d65d243f32157dc05bc998132
388a29ba267e17b0b5bfa13e7cb0bcf5635d359f62ff5b213688586d983668ab
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:10 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 13:47:42 GMT
Expires: Sun, 04 Sep 2022 13:47:41 GMT
Etag: "de0fd6b28431612d65d243f32157dc05bc998132"
Cache-Control: max-age=341610,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74368aefca531c02-OSL
ii9.ii9-daxiangjiao.com/1661957216.html
156.243.30.203200 OK 505 B URL HTTP/1.1 ii9.ii9-daxiangjiao.com/1661957216.html
IP 156.243.30.203:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6c684bb794bb00a6251f2617449af8d3
eac493df8eeb9cb1207a69741a4a67533343d4af
c620ead79878470e8c66e0854583934a53a741bed52c15cf3ad0d07a5951fc0d
GET /1661957216.html HTTP/1.1
Host: ii9.ii9-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.5dahu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Dec 2021 07:18:36 GMT
Vary: Accept-Encoding
ETag: W/"61bd8b4c-427"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: MISS
ii9.ii9-daxiangjiao.com/js/jquery.js
156.243.30.203200 OK 1.4 kB URL HTTP/1.1 ii9.ii9-daxiangjiao.com/js/jquery.js
IP 156.243.30.203:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 7c08f484864eb614a85d95b3b79cdeab
0963907377dd6a0e76f1018ea42ebdcde10f6f93
d567fea4edf9fade59486ad7e7f8ffc0177ff436a8531eaa6aedc7e46956f42c
GET /js/jquery.js HTTP/1.1
Host: ii9.ii9-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ii9.ii9-daxiangjiao.com/1661957216.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Dec 2021 07:35:02 GMT
Vary: Accept-Encoding
ETag: W/"61cabe26-109b"
Expires: Tue, 30 Aug 2022 10:48:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: HIT
ii9.ii9-daxiangjiao.com/js/jquery.min.js
156.243.30.203200 OK 35 kB URL HTTP/1.1 ii9.ii9-daxiangjiao.com/js/jquery.min.js
IP 156.243.30.203:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash c56535729aed5e1ac1e61df181688858
7c467634b1d5cdf771be53dfff9960dc03930741
94b201a4dbd5e8432bdfd9591e04a6495935c0e8b97d50585ebbcac1ba9cc952
GET /js/jquery.min.js HTTP/1.1
Host: ii9.ii9-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ii9.ii9-daxiangjiao.com/1661957216.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 13:00:00 GMT
Vary: Accept-Encoding
ETag: W/"617012d0-15d84"
Expires: Tue, 30 Aug 2022 10:48:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: HIT
ii9.ii9-daxiangjiao.com/js/api.php
156.243.30.203200 OK 60 B URL HTTP/1.1 ii9.ii9-daxiangjiao.com/js/api.php
IP 156.243.30.203:0
File type ASCII text, with no line terminators
Hash 8c82be3ddce04c59f27706aeba820640
4ee1f8fcffa5c8102f99f437ac71a1c420dc2cfd
694795ca2a7a248daeadb220e70db7c37ced0666f2701673b2a5583d96f01770
POST /js/api.php HTTP/1.1
Host: ii9.ii9-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://ii9.ii9-daxiangjiao.com
Connection: keep-alive
Referer: https://ii9.ii9-daxiangjiao.com/1661957216.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: MISS
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51533a08caed13a40f2623770059d048
ba211cc5900c1e2d51c55880fe75aca592e57ae5
bd7092bc7f9085bfa5823f2820901eac4662ad7f5bbac9461bb890decac544e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD7092BC7F9085BFA5823F2820901EAC4662AD7F5BBAC9461BB890DECAC544E0"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Wed, 31 Aug 2022 20:43:47 GMT
Date: Wed, 31 Aug 2022 14:44:12 GMT
Connection: keep-alive
api.q5wefsf1.life/?tt=1661957218
156.243.30.204200 OK 777 B URL HTTP/1.1 api.q5wefsf1.life/?tt=1661957218
IP 156.243.30.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (500)
Hash 369f42c170f12c212b5ccc7533949245
9cadcbd048b7a2918ff43c72cd1017b2e64e8119
f8b169fa22b258f526f4d637fd812bfa918d768eb2de4769d1dea223e3197cba
Analyzer Verdict Alert quad9 Sinkholed
GET /?tt=1661957218 HTTP/1.1
Host: api.q5wefsf1.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ii9.ii9-daxiangjiao.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:11 GMT
Content-Type: text/html
Content-Length: 777
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2022 08:42:40 GMT
ETag: "62f4c100-309"
Accept-Ranges: bytes
Server: RielCDN
X-Cache-Status: MISS
api.q5wefsf1.life/static/index.2772579d.css
156.243.30.204200 OK 29 kB URL HTTP/1.1 api.q5wefsf1.life/static/index.2772579d.css
IP 156.243.30.204:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4f73e8c70d3d1fd54f6011dd5b8787c6
a7ca3aec29de53f34477b667fb7d7412de6c2f68
ffd9b2457faf328be5c5370d6483c85c28336a033b36b24e4a32690842d17eee
Analyzer Verdict Alert quad9 Sinkholed
GET /static/index.2772579d.css HTTP/1.1
Host: api.q5wefsf1.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/?tt=1661957218
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2022 08:42:40 GMT
Vary: Accept-Encoding
ETag: W/"62f4c100-17031"
Expires: Tue, 30 Aug 2022 10:49:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: HIT
api.q5wefsf1.life/static/js/index.21fb267f.js
156.243.30.204200 OK 27 kB URL HTTP/1.1 api.q5wefsf1.life/static/js/index.21fb267f.js
IP 156.243.30.204:0
File type Unicode text, UTF-8 text, with very long lines (65270), with no line terminators
Hash b2d762ff94d7ea8b685ec194e08a0af9
2c25ceede6ada235adf7cce5857726b77f57b905
fce7e66b12d118ace8aeb613e4815ef02e0a91774b0110e01d9f1dabbe316033
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/index.21fb267f.js HTTP/1.1
Host: api.q5wefsf1.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/?tt=1661957218
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2022 08:42:40 GMT
Vary: Accept-Encoding
ETag: W/"62f4c100-1bb78"
Expires: Tue, 30 Aug 2022 10:49:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: HIT
api.q5wefsf1.life/static/js/chunk-vendors.cfd417ac.js
156.243.30.204200 OK 260 kB URL HTTP/1.1 api.q5wefsf1.life/static/js/chunk-vendors.cfd417ac.js
IP 156.243.30.204:0
File type Unicode text, UTF-8 text, with very long lines (65037), with no line terminators
Size 260 kB (260148 bytes)
Hash 8de5ecb106b5d7626188c237da5315ad
2c5ecd0fd5cc580fb2cd0c521097e869a3e59199
afbf63e42143e7347e5c441b4c64db2e14ab42f5f063dc696040783f250e94cc
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/chunk-vendors.cfd417ac.js HTTP/1.1
Host: api.q5wefsf1.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/?tt=1661957218
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2022 08:42:40 GMT
Vary: Accept-Encoding
ETag: W/"62f4c100-b48ff"
Expires: Tue, 30 Aug 2022 10:49:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: HIT
api.q5wefsf1.life/static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.8f674fad.js
156.243.30.204200 OK 18 kB URL HTTP/1.1 api.q5wefsf1.life/static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.8f674fad.js
IP 156.243.30.204:0
File type Unicode text, UTF-8 text, with very long lines (54430), with no line terminators
Hash 6a25cb38fd6f024e4d28ef938c7bd6c3
2adbe83c2ca24813c97b9fb39f9f30cfbef250eb
2f171257c903a8780b0064908879dac2aab48781a94dbca532292e8b7a2ab626
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.8f674fad.js HTTP/1.1
Host: api.q5wefsf1.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/?tt=1661957218
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2022 08:42:40 GMT
Vary: Accept-Encoding
ETag: W/"62f4c100-d9e2"
Expires: Tue, 30 Aug 2022 10:49:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: HIT
api.q5wefsf1.life/static/js/pages-index-index.c2312e26.js
156.243.30.204200 OK 1.6 kB URL HTTP/1.1 api.q5wefsf1.life/static/js/pages-index-index.c2312e26.js
IP 156.243.30.204:0
File type Unicode text, UTF-8 text, with very long lines (5082), with no line terminators
Hash 39357207bb0096fb27da1412b8848b6b
1587e07239a1dd1a93816308370ec2667d6076a9
5a0f43712aad25bad5b318c91d53b4193f6d2c9056bdcfe68c47aa68c08e5ed3
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/pages-index-index.c2312e26.js HTTP/1.1
Host: api.q5wefsf1.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/?tt=1661957218
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2022 08:42:40 GMT
Vary: Accept-Encoding
ETag: W/"62f4c100-13e4"
Expires: Tue, 30 Aug 2022 10:49:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: HIT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9085cdfe35f380e3e17fae6ac544e7b5
5fb3793055be3f9182b9075d632eede501ed4efc
afe849feaf92bbfccd24cf18b18e122760a0c4b1a0ad50276e46e984f9c66596
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFE849FEAF92BBFCCD24CF18B18E122760A0C4B1A0AD50276E46E984F9C66596"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8384
Expires: Wed, 31 Aug 2022 17:03:59 GMT
Date: Wed, 31 Aug 2022 14:44:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9085cdfe35f380e3e17fae6ac544e7b5
5fb3793055be3f9182b9075d632eede501ed4efc
afe849feaf92bbfccd24cf18b18e122760a0c4b1a0ad50276e46e984f9c66596
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFE849FEAF92BBFCCD24CF18B18E122760A0C4B1A0AD50276E46E984F9C66596"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8384
Expires: Wed, 31 Aug 2022 17:03:59 GMT
Date: Wed, 31 Aug 2022 14:44:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9085cdfe35f380e3e17fae6ac544e7b5
5fb3793055be3f9182b9075d632eede501ed4efc
afe849feaf92bbfccd24cf18b18e122760a0c4b1a0ad50276e46e984f9c66596
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFE849FEAF92BBFCCD24CF18B18E122760A0C4B1A0AD50276E46E984F9C66596"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8384
Expires: Wed, 31 Aug 2022 17:03:59 GMT
Date: Wed, 31 Aug 2022 14:44:15 GMT
Connection: keep-alive
api.q5wefsf1.life/static/search.png
156.243.30.204200 OK 690 B URL HTTP/1.1 api.q5wefsf1.life/static/search.png
IP 156.243.30.204:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a179ac8d63fa71c8339fd4d30d48c64e
76635704a1ad75435f8bf1fe924e36281258df49
1f6da2f31a4af79a702fa2a594600a3308c0d0f251c8c7ccba2dd03139c33e1e
Analyzer Verdict Alert quad9 Sinkholed
GET /static/search.png HTTP/1.1
Host: api.q5wefsf1.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/?tt=1661957218
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:14 GMT
Content-Type: image/png
Content-Length: 690
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2022 08:42:40 GMT
ETag: "62f4c100-2b2"
Expires: Wed, 28 Sep 2022 22:49:11 GMT
Cache-Control: max-age=2592000
Server: RielCDN
X-Cache-Status: HIT
Accept-Ranges: bytes
api.7zhrrhpp.life/web.php/index/showType
156.243.30.155200 OK 551 B URL HTTP/1.1 api.7zhrrhpp.life/web.php/index/showType
IP 156.243.30.155:0
File type JSON data\012- , ASCII text, with very long lines (680), with no line terminators
Hash aa782342bfa062da6d95ac8f4b5e132a
bbc7f3ace4af1cea7d23c4baca02bce06a17cc43
500378b756e07c90a17352ddc26fa337c3c61c8453c0f4a97d730c7c07e4f13b
Analyzer Verdict Alert quad9 Sinkholed
GET /web.php/index/showType HTTP/1.1
Host: api.7zhrrhpp.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.q5wefsf1.life
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: MISS
api.7zhrrhpp.life/web.php/index/config
156.243.30.155200 OK 591 B URL HTTP/1.1 api.7zhrrhpp.life/web.php/index/config
IP 156.243.30.155:0
File type JSON data\012- , ASCII text, with very long lines (729), with no line terminators
Hash 197956ce98b65a441dc9c8bb110d1bf2
e2c5e320c084385d1155c521dab237dd8835d18b
2a3d3cb83b63ebb9e9ea929026629d0b5493259aa6bf65378ccad2f788fc095f
Analyzer Verdict Alert quad9 Sinkholed
GET /web.php/index/config HTTP/1.1
Host: api.7zhrrhpp.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.q5wefsf1.life
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: MISS
api.7zhrrhpp.life/web.php/index/type
156.243.30.155200 OK 7.8 kB URL HTTP/1.1 api.7zhrrhpp.life/web.php/index/type
IP 156.243.30.155:0
File type JSON data\012- , ASCII text, with very long lines (15243), with no line terminators
Hash 3d4e8265ae4b0f6d1f93d3dd6be1894f
88f37d39a4e856a269e0318635acf3cb9a253b23
982ed265336e57c9f9f30d013c415e5ca65029da12b13311a1bab4466082d63d
Analyzer Verdict Alert quad9 Sinkholed
GET /web.php/index/type HTTP/1.1
Host: api.7zhrrhpp.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.q5wefsf1.life
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:14 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: MISS
dxjbar.github.io/dxj/logo.png
185.199.111.153200 OK 7.4 kB URL HTTP/2 dxjbar.github.io/dxj/logo.png
IP 185.199.111.153:0
File type PNG image data, 558 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 6dff4818f659a9931d6422729c79c1c0
6fe249b74c53bddca7b418c4a24ea007e2e1ba3d
36d048f954a26361ea2081106246c43f288b2963ee0f2ca94b26bfa065b28a71
GET /dxj/logo.png HTTP/1.1
Host: dxjbar.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 11 Aug 2022 08:56:12 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62f4c42c-1ccd"
expires: Wed, 31 Aug 2022 13:33:38 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: 2B60:6F50:64A055:68CDB4:630F6114
accept-ranges: bytes
date: Wed, 31 Aug 2022 14:44:16 GMT
via: 1.1 varnish
age: 64
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1661957056.371787,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: ead8f3c7349902f637cb937b8dda6118beae1ad8
content-length: 7373
X-Firefox-Spdy: h2
api.7zhrrhpp.life/web.php/index/tj
156.243.30.155200 OK 455 B URL HTTP/1.1 api.7zhrrhpp.life/web.php/index/tj
IP 156.243.30.155:0
File type JSON data\012- , ASCII text, with very long lines (536), with no line terminators
Hash 6c55cc690606d7816894e53f787496f4
9f9c348483b58bc3d6a77b1d5b5015b0e8a7da0e
9a981b670ad4c7d0d0fbadf3ae64e5925ca1e17332d45b79b4649790d2957f08
Analyzer Verdict Alert quad9 Sinkholed
GET /web.php/index/tj HTTP/1.1
Host: api.7zhrrhpp.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.q5wefsf1.life
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: MISS
api.7zhrrhpp.life/web.php/index/base
156.243.30.155200 OK 28 kB URL HTTP/1.1 api.7zhrrhpp.life/web.php/index/base
IP 156.243.30.155:0
File type JSON data\012- , ASCII text, with very long lines (62843), with no line terminators
Hash f83bbe054e49cdd9fa2d81cab7dcdb37
848ba100145217d3b9535b08b83d6a2a767726e2
3415077c4639ed053062533b94902cdf446506a5c6c9d706b8223ab2a29519e3
Analyzer Verdict Alert quad9 Sinkholed
GET /web.php/index/base HTTP/1.1
Host: api.7zhrrhpp.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.q5wefsf1.life
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:14 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: MISS
api.7zhrrhpp.life/web.php/index/index
156.243.30.155200 OK 27 kB URL HTTP/1.1 api.7zhrrhpp.life/web.php/index/index
IP 156.243.30.155:0
File type JSON data\012- , ASCII text, with very long lines (47784), with no line terminators
Hash 17f49c7b28e4b8265aadfcd2ffbde4de
f7ee9b4c42e39cdbbfd253704e8e0b3e8ec0c3c2
a179217b918abc9a4b9af3e8659f1855a726c57054089cc2486c24c1ddf689ad
Analyzer Verdict Alert quad9 Sinkholed
GET /web.php/index/index HTTP/1.1
Host: api.7zhrrhpp.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.q5wefsf1.life
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:14 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip
Server: RielCDN
X-Cache-Status: MISS
api.q5wefsf1.life/static/loading.svg
156.243.30.204200 OK 1.8 kB URL HTTP/1.1 api.q5wefsf1.life/static/loading.svg
IP 156.243.30.204:0
File type exported SGML document, ASCII text
Hash 91762b2af9bdefdd58f5a5b6e7387361
0a511968514d38a4702c5585ead7c01d4f20def0
d887368f18aa4483d5a267a86d1ff5d26a09048bb1c93c0ac9d374e438014342
Analyzer Verdict Alert quad9 Sinkholed
GET /static/loading.svg HTTP/1.1
Host: api.q5wefsf1.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/?tt=1661957218
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 14:44:15 GMT
Content-Type: image/svg+xml
Content-Length: 1784
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2022 08:42:40 GMT
ETag: "62f4c100-6f8"
Server: RielCDN
X-Cache-Status: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42b8545af754fab4b32b6c88209217b4
8ccab1ea72352ffbc1ee262bd81b0d06eaa75356
2602ee264c9495721ec232f656f03d1c6201c0e329561ef8481ed65de7689c8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2602EE264C9495721EC232F656F03D1C6201C0E329561EF8481ED65DE7689C8B"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15100
Expires: Wed, 31 Aug 2022 18:55:57 GMT
Date: Wed, 31 Aug 2022 14:44:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 91c488dd9863def6eb6de2b920c4c474
64a932b1a5fdec6c11bea1b6dfdfadc075876c54
a4b5c468edfb9a01ff290caf8aaf0d4c7ebf74f0f82ebd0b397455e2b54dbd30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4B5C468EDFB9A01FF290CAF8AAF0D4C7EBF74F0F82EBD0B397455E2B54DBD30"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5761
Expires: Wed, 31 Aug 2022 16:20:18 GMT
Date: Wed, 31 Aug 2022 14:44:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42b8545af754fab4b32b6c88209217b4
8ccab1ea72352ffbc1ee262bd81b0d06eaa75356
2602ee264c9495721ec232f656f03d1c6201c0e329561ef8481ed65de7689c8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2602EE264C9495721EC232F656F03D1C6201C0E329561EF8481ED65DE7689C8B"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15100
Expires: Wed, 31 Aug 2022 18:55:57 GMT
Date: Wed, 31 Aug 2022 14:44:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f893895274db02546224e24e26e8a7c8
5b7ce2b7224ed4b718a84c174a14f99651932832
473b1026f98486e002a6d61a22131f905320370cb2c09a79e37f3133122fa06e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "473B1026F98486E002A6D61A22131F905320370CB2C09A79E37F3133122FA06E"
Last-Modified: Mon, 29 Aug 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10981
Expires: Wed, 31 Aug 2022 17:47:18 GMT
Date: Wed, 31 Aug 2022 14:44:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e3727022dce5e229c26f8ba2152dffbb
07ab033f0de83645cec3add2c429bb29d149cef1
12cb1e614f3cd02ad6a6e5ff8dccb04cbc4228701a457b21fb13260be4817bc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12CB1E614F3CD02AD6A6E5FF8DCCB04CBC4228701A457B21FB13260BE4817BC2"
Last-Modified: Mon, 29 Aug 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10335
Expires: Wed, 31 Aug 2022 17:36:32 GMT
Date: Wed, 31 Aug 2022 14:44:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db45d4859ec7728f9387e5815fb56e75
850eb324f346080e72b46b4d8f741018c983e3fc
86ff2a57bcdb3803915699e82e11fcd4c64449eed3e63590f4645d2d7bb91c4d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86FF2A57BCDB3803915699E82E11FCD4C64449EED3E63590F4645D2D7BB91C4D"
Last-Modified: Tue, 30 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1366
Expires: Wed, 31 Aug 2022 15:07:03 GMT
Date: Wed, 31 Aug 2022 14:44:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3793bb019c528767be226a951f30fec0
8aa9e4d61eca72b04838ad12f6bf8320a378c2c2
110b09ff257393e690df617ee6da461374e36bb98586388c90e81274398a9d59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "110B09FF257393E690DF617EE6DA461374E36BB98586388C90E81274398A9D59"
Last-Modified: Mon, 29 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11806
Expires: Wed, 31 Aug 2022 18:01:03 GMT
Date: Wed, 31 Aug 2022 14:44:17 GMT
Connection: keep-alive
kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /712c8059cb44f5944e47108c6b8dd5bd.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 31 Aug 2022 14:44:17 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/712c8059cb44f5944e47108c6b8dd5bd.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 31 Aug 2022 14:44:17 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 31 Aug 2022 14:44:17 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/ca302b14c051bf41d75347daaf6e7ab3.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 31 Aug 2022 14:44:17 GMT
content-type: text/html
content-length: 162
location: https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kveii.com/dc0247b33019ed0ca09c321bb6fb4656.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveii.com/dc0247b33019ed0ca09c321bb6fb4656.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /dc0247b33019ed0ca09c321bb6fb4656.gif HTTP/1.1
Host: kveii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 31 Aug 2022 14:44:17 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/dc0247b33019ed0ca09c321bb6fb4656.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?7e5e3dfa6de61bfd4b1abb18528745ab
103.235.46.191200 OK 0 B URL HTTP/1.1 hm.baidu.com/hm.js?7e5e3dfa6de61bfd4b1abb18528745ab
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /hm.js?7e5e3dfa6de61bfd4b1abb18528745ab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.q5wefsf1.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Wed, 31 Aug 2022 14:44:17 GMT
Etag: 557ddc7a60e6100b0dfffa1997abc64c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6B5C8AC684BEC340; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800