r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9732
Expires: Sat, 03 Dec 2022 13:17:50 GMT
Date: Sat, 03 Dec 2022 10:35:38 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4422
Cache-Control: max-age=90559
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:35:38 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:44:57 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 10:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 939
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8483
Expires: Sat, 03 Dec 2022 12:57:01 GMT
Date: Sat, 03 Dec 2022 10:35:38 GMT
Connection: keep-alive
nadinter.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: nadinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 03 Dec 2022 10:34:42 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.nadinter.com/index.php
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3K/OX1Ayba1XGp6B0aXB+Y+uv5GM2EFlqr6ZMn2xU9H6GC3eUt7wbGueHLouISyCvygeTLfXp/Y=
x-amz-request-id: 1FP167GT40XH4VN2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 09:46:31 GMT
age: 2947
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 10:08:58 GMT
cache-control: public,max-age=3600
age: 1601
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.nadinter.com/index.php
200 OK 475 B URL HTTP/1.1 www.nadinter.com/index.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (544), with CRLF line terminators
Hash e100f046a2ecd6b9577753e8de8bb131
dedbbc3564fbd0427cd893d7d21798f575fc9097
65aafe9ddd212a195a71fca99017f957b94486934f79d7073e67bdb46593678b
GET /index.php HTTP/1.1
Host: www.nadinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 10:34:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4409
Cache-Control: max-age=171881
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:35:39 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:20:20 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.nadinter.com/common.js
200 OK 1.9 kB URL HTTP/1.1 www.nadinter.com/common.js
IP
File type HTML document text\012- HTML document, ISO-8859 text, with very long lines (443), with CRLF line terminators
Hash 4e6199d34c214b339a11e6eafeb3ee49
133d97581c588cc800edb73d49d2a05d48f27bd5
de06b497bd8230df6397c5903088ce0263a656ca2a88b3d46303b609370bffcf
GET /common.js HTTP/1.1
Host: www.nadinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nadinter.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 10:34:43 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NWtoHrleti0sBUtnYT1zpA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pe3ZoimFFZvPVCxs1caSpPB38H4=
www.nadinter.com/tj.js
200 OK 364 B IP
File type HTML document, ASCII text, with CRLF line terminators
Hash 15a2862f7be6d8202a044f1d96e5b8f0
e4880cd34ba5108c35cd78f5467f31ea7fd88547
8ca50ca70d7e23e5865018150211c5c8a109b04cb55b0731a0cdd35c0241f393
GET /tj.js HTTP/1.1
Host: www.nadinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nadinter.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 10:34:43 GMT
Content-Type: application/x-javascript
Content-Length: 364
Connection: keep-alive
209.73.159.131/shebi-common.php?val=shebi17&t=0.8369200179206552?v=07252253475138802
200 OK 90 B URL HTTP/1.1 209.73.159.131/shebi-common.php?val=shebi17&t=0.8369200179206552?v=07252253475138802
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2bece4b76af9a61de9e92280a8a2b51f
08ab6cda810d56d28cbe523db0ea1df65b889ef6
994ff408a3629297c84b6475c546235f2950729cb7b538a2248b0f5d58911788
Analyzer Verdict Alert quad9 Sinkholed
GET /shebi-common.php?val=shebi17&t=0.8369200179206552?v=07252253475138802 HTTP/1.1
Host: 209.73.159.131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.nadinter.com
Connection: keep-alive
Referer: http://www.nadinter.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 10:35:39 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
209.73.159.131/shebi-common.php?val=shebi17&t=0.9581458260241424?v=013054130656461027
200 OK 90 B URL HTTP/1.1 209.73.159.131/shebi-common.php?val=shebi17&t=0.9581458260241424?v=013054130656461027
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2bece4b76af9a61de9e92280a8a2b51f
08ab6cda810d56d28cbe523db0ea1df65b889ef6
994ff408a3629297c84b6475c546235f2950729cb7b538a2248b0f5d58911788
Analyzer Verdict Alert quad9 Sinkholed
GET /shebi-common.php?val=shebi17&t=0.9581458260241424?v=013054130656461027 HTTP/1.1
Host: 209.73.159.131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.nadinter.com
Connection: keep-alive
Referer: http://www.nadinter.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 10:35:39 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 10d17c9ac2d219e2871893ef75f43736
ff516a239c06f745772a48900d89834091221035
c3e4c28b72057a4c4cf2b927e3b4ba279b711ce0282a262b230c968f8d2d47da
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C3E4C28B72057A4C4CF2B927E3B4BA279B711CE0282A262B230C968F8D2D47DA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11849
Expires: Sat, 03 Dec 2022 13:53:09 GMT
Date: Sat, 03 Dec 2022 10:35:40 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 10d17c9ac2d219e2871893ef75f43736
ff516a239c06f745772a48900d89834091221035
c3e4c28b72057a4c4cf2b927e3b4ba279b711ce0282a262b230c968f8d2d47da
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C3E4C28B72057A4C4CF2B927E3B4BA279B711CE0282A262B230C968F8D2D47DA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21527
Expires: Sat, 03 Dec 2022 16:34:27 GMT
Date: Sat, 03 Dec 2022 10:35:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2350
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:35:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2350
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:35:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2350
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:35:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2350
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:35:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 45973
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 20012
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ffa12df550123f63b20f67437cd8a04
398fd2d837c73f54c4591b69cd683f29bdf9184a
fd9ac4396488098923c27531295e64475047dd008a901e59915109a73a69f305
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6119
x-amzn-requestid: cac5842e-2b57-4eda-9b09-27ec8a0b1bf8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMiE7Hq0oAMFzHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381b085-151f123551f999a918de8a3a;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 06:21:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mrS561ug59NStQyD3cH4ndqGvY3QiLVeMFOoC86ktj52PghNjeYa5w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 20:55:39 GMT
age: 49201
etag: "398fd2d837c73f54c4591b69cd683f29bdf9184a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b77186d0d93f7ccfe729edd9d184af3
458aa485b9abef3b72427d308a172d1c24eceabd
8bed5a8e56e8c43fcbdc807245c2b651d014a06368574e57a25b718399a4a701
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6966
x-amzn-requestid: 2b40c185-e050-4bfd-9b08-bb70e6f89824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfAb7Ev3oAMFnrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389144c-65301ace20da6f580ed77e82;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 20:53:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBRZ6xulfveO7b5ZY8ApNbQJ1Sz8LbzEAb3YqxOEaZGYem-ZRaar_Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:56:31 GMT
age: 16749
etag: "458aa485b9abef3b72427d308a172d1c24eceabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 34696
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 11:01:04 GMT
age: 84876
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 10d17c9ac2d219e2871893ef75f43736
ff516a239c06f745772a48900d89834091221035
c3e4c28b72057a4c4cf2b927e3b4ba279b711ce0282a262b230c968f8d2d47da
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C3E4C28B72057A4C4CF2B927E3B4BA279B711CE0282A262B230C968F8D2D47DA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21527
Expires: Sat, 03 Dec 2022 16:34:27 GMT
Date: Sat, 03 Dec 2022 10:35:40 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12706
Expires: Sat, 03 Dec 2022 14:07:27 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12706
Expires: Sat, 03 Dec 2022 14:07:27 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12706
Expires: Sat, 03 Dec 2022 14:07:27 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12706
Expires: Sat, 03 Dec 2022 14:07:27 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b5869022f16de011183c5c56c21eebf
853b62a9166a38e6408840b6b790ae4634456700
85df72cee8caf80f74c696c192b1e5f933be1f9451053b7c721d941ce0361f24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF72CEE8CAF80F74C696C192B1E5F933BE1F9451053B7C721D941CE0361F24"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8578
Expires: Sat, 03 Dec 2022 12:58:39 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b5869022f16de011183c5c56c21eebf
853b62a9166a38e6408840b6b790ae4634456700
85df72cee8caf80f74c696c192b1e5f933be1f9451053b7c721d941ce0361f24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF72CEE8CAF80F74C696C192B1E5F933BE1F9451053B7C721D941CE0361F24"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8578
Expires: Sat, 03 Dec 2022 12:58:39 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12706
Expires: Sat, 03 Dec 2022 14:07:27 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1b5869022f16de011183c5c56c21eebf
853b62a9166a38e6408840b6b790ae4634456700
85df72cee8caf80f74c696c192b1e5f933be1f9451053b7c721d941ce0361f24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF72CEE8CAF80F74C696C192B1E5F933BE1F9451053B7C721D941CE0361F24"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8578
Expires: Sat, 03 Dec 2022 12:58:39 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
sb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
200 OK 815 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5f0d020ee12b072cc7a4865e3f0bae71
8680cb7377252ffcf639460bec05590707c05ee1
a63103e9c031588374dec1197c35cbf6c13ab8278a97c958e92fae6b7ec38a1b
GET /yPS7hqfHgkFauS2djb/254.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:48:38 GMT
etag: W/"63885c56-3ca"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDSSRDTV%2F808TE5A9WuZw6Xfm1jY%2BNKc3gcE177PnPJkZ1k1fUxwpDtNvBjOX4oRsjsm5R18WvvesFTtjC5Z5hhf%2BrSSvFX5gjHbIikAgZumMul06dnJKp9FRTBPpVv0G58wb89Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ba8314ca60af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 21c5a08651c1987ca1b745bd0d90af90
fb6b334b642fad930d4b245884b67e84ef87bd43
f76a7092f873c749c95e23950273a30f84b3916259b6a87e67ef0631064e8ca0
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:35:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 07 Dec 2022 07:57:39 GMT
ETag: "fb6b334b642fad930d4b245884b67e84ef87bd43"
Last-Modified: Sat, 03 Dec 2022 07:57:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2267
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773ba831b8b1b4f4-OSL
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 5d0d98609c30463cb1a6e143bb1d85c3
8b204c4626f2ac4ee6f7e3aa5c6489c1cec2c482
8aea774e714c0a063f8188a75e156c68b77117042163f0afad1552152c3c82cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8AEA774E714C0A063F8188A75E156C68B77117042163F0AFAD1552152C3C82CC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12706
Expires: Sat, 03 Dec 2022 14:07:27 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
sb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
200 OK 602 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash ab4383c84e8dc88a86f874a731355ee3
c2f9d0d579f9bc61189f8ffc258a23df5cad25b6
3716c39dd8dee776eb03844e35db2167ad2ca38f0bbef58df71e36ff8b650bab
GET /yPS7hqfHgkFauS2djb/wz1.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:02:37 GMT
etag: W/"638a3dbd-1bd"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc5eb0qp0GCXSfE0ErtoOr5KH7%2BAHYecnYd4zwpJC5%2BITJYNqlAKQ%2FT%2FrOoPzxGGfzckY3jpPdeuA3ZjVPssdk5jGnC00Ni1xG7%2FpxXHe%2FWyotoeQnl0fFgSCopCsysohca9DNVm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ba8314ca80af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 9ebe1079a3b871c0da5481ef31aed862
17e011dff1f979918211de3a841c8b46248cc8d9
38331bfe1c23bc8e021dfb57ac6f51ee9f9b5918b6585abe96d233d01d95cff2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "38331BFE1C23BC8E021DFB57AC6F51EE9F9B5918B6585ABE96D233D01D95CFF2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8629
Expires: Sat, 03 Dec 2022 12:59:30 GMT
Date: Sat, 03 Dec 2022 10:35:41 GMT
Connection: keep-alive
www.gg123456789gg.com//upload/vod/20221203-1/06801af325239a1d5707fa9de6a9e9e5.jpg
200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/06801af325239a1d5707fa9de6a9e9e5.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 969ee6f63eae0c6589e2d6a9eba59876
e8b7618f41d78a5ae028f48b1d3908f43e7a201a
08ccddcc770d16872a8390c73857b6dcdfa53b2b4a8d9764e6802bced75988d0
GET //upload/vod/20221203-1/06801af325239a1d5707fa9de6a9e9e5.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 10032
last-modified: Sat, 03 Dec 2022 02:30:05 GMT
etag: "638ab4ad-2730"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/a0e2500b97bcf42de3c92931773f8db1.jpg
200 OK 9.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/a0e2500b97bcf42de3c92931773f8db1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash ca23dbe9c91c0a86d5c54804d4c345cd
469fea4bf6fb455f4efc31beb76bd211460f51ef
f451aef911ab0b1eade636051e4ddc1de8b1b3ccd22351e853eb6c33f4dd1bd9
GET //upload/vod/20221203-1/a0e2500b97bcf42de3c92931773f8db1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9578
last-modified: Sat, 03 Dec 2022 02:30:05 GMT
etag: "638ab4ad-256a"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/509d9592078797e313c5867efd824bef.jpg
200 OK 8.8 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/509d9592078797e313c5867efd824bef.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash dda50bdc1d8bb3c39ea637a80e767ad1
55061805a3c0314293faae4877f0a3d0bb54271b
5b15ddc5c5989c817e42b8d08afefba82806f54c59a501e4c5f924e48b8e8251
GET //upload/vod/20221203-1/509d9592078797e313c5867efd824bef.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 8811
last-modified: Sat, 03 Dec 2022 02:30:04 GMT
etag: "638ab4ac-226b"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
js.users.51.la/21278761.js
200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21278761.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash f699a4e503fc96bb448fbeeacd19e72b
02d1fa6a3772ec3c809a06b2c67abd16f2c1469c
3865324eadef796b018a5eee7bbdd260fd2ee812abe42204517b2ac6c07d779e
GET /21278761.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Sat, 03 Dec 2022 10:35:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=8caa3616453c1fdc9c7; path=/
HWWAFSESTIME=1670063738063; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.gg123456789gg.com//upload/vod/20221203-1/3e4998efabe0c84ce48ad7e40e6ddde1.jpg
200 OK 9.9 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/3e4998efabe0c84ce48ad7e40e6ddde1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 4a7632910a9bc1ef3207aafb6c6c91e5
e5a1e2c1b9ad943a7a6c432603fd38eb0d66cd71
d637032d80a69d3a7f525aa372d3f4309232a62810fc543b01db420b0a6cb9e4
GET //upload/vod/20221203-1/3e4998efabe0c84ce48ad7e40e6ddde1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9869
last-modified: Sat, 03 Dec 2022 02:30:04 GMT
etag: "638ab4ac-268d"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/3359e1087a7f6b62757e4ebbaf07d986.jpg
200 OK 9.8 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/3359e1087a7f6b62757e4ebbaf07d986.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 8f73c639520e161222f0afac5de4e500
ad81bd74534ab66618397cf7c64c89dcf77e6ee6
1b7ee5492a9a092d0ce56117793f233c328d0896cce6d71b0bb618920f074599
GET //upload/vod/20221203-1/3359e1087a7f6b62757e4ebbaf07d986.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9845
last-modified: Sat, 03 Dec 2022 02:30:04 GMT
etag: "638ab4ac-2675"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/f4f4d0c5ad28c6828141b0c03bb71d56.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/f4f4d0c5ad28c6828141b0c03bb71d56.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash e5e2b7bd42666c5a063da938d364b514
da422e000a712078aff28afa6714ac80243d30fc
19c5d117becfa001c5adc1da72fd71f32bbd2154a599952a0cc855126ad01785
GET //upload/vod/20221203-1/f4f4d0c5ad28c6828141b0c03bb71d56.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 13400
last-modified: Sat, 03 Dec 2022 02:30:10 GMT
etag: "638ab4b2-3458"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/ccdbab14f10a000895da95671a62bdf5.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/ccdbab14f10a000895da95671a62bdf5.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 524953656c0af8af64c8c09c48969374
2e86744a4045b19fb13005ed09cdbae40487e1d6
aec363496696b20d07829ca9b161ad371db196f43c59e7e4bdd325e0676cf3c1
GET //upload/vod/20221203-1/ccdbab14f10a000895da95671a62bdf5.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 12274
last-modified: Sat, 03 Dec 2022 02:30:10 GMT
etag: "638ab4b2-2ff2"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/40a83dbcb1a66903ac916b82da1f3ea6.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/40a83dbcb1a66903ac916b82da1f3ea6.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 74f7a123ff8767cfdefa5cb41fa04adf
24b173349054cacd2ad25c3e3ad3610ca5b0c09f
2fc7297ef0397f1e024103653f00d80973043f3c8f1a7b60cffd77321c27e9ca
GET //upload/vod/20221203-1/40a83dbcb1a66903ac916b82da1f3ea6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 13139
last-modified: Sat, 03 Dec 2022 02:30:10 GMT
etag: "638ab4b2-3353"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/0fdf63f0138442c470103ab49681e2a2.jpg
200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/0fdf63f0138442c470103ab49681e2a2.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 6a1f35de0426f2809da033c789b8032d
eaf40bce9dd3d87a4a719c97230020090faae615
288956ea1f118dae6b69e80d8e2165c5088a01d3f8ef578fe2e740ce19654825
GET //upload/vod/20221203-1/0fdf63f0138442c470103ab49681e2a2.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 10725
last-modified: Sat, 03 Dec 2022 02:30:10 GMT
etag: "638ab4b2-29e5"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/58f0420ef84f7e86d6b30536bac34ad8.jpg
200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/58f0420ef84f7e86d6b30536bac34ad8.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash f5228990d6dda1d9e9d0c3d013208c31
f080c6f9198141daab7157b73f5f45ef133e41d6
8ad50b1064d8228db8956213fceb52e69d49dea3ad4ab626b9e6b840d7f417e3
GET //upload/vod/20221203-1/58f0420ef84f7e86d6b30536bac34ad8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 10250
last-modified: Sat, 03 Dec 2022 02:30:09 GMT
etag: "638ab4b1-280a"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/f348f176b9e3ad29bbd713a2a4dc30d8.jpg
200 OK 8.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/f348f176b9e3ad29bbd713a2a4dc30d8.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 565c8410623a52b91a545fbcb64ce9be
b7d87422a77db3615c91c2e7c6e95fc21659ee3c
24079d1eaeb5ac1f8f2e9bb023f51a387154c84ea58982a55a6d60240572b2ba
GET //upload/vod/20221203-1/f348f176b9e3ad29bbd713a2a4dc30d8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 8607
last-modified: Sat, 03 Dec 2022 02:30:09 GMT
etag: "638ab4b1-219f"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/f1707ef492ce7f67c6e3219a3e0c9b45.jpg
200 OK 8.1 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/f1707ef492ce7f67c6e3219a3e0c9b45.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 4962d4c71eaaae5e1e433e2fc71aa038
43252ba2a37b7d3ec9f3b8b8dd43ef7b217ce630
9eac93584f6ba751b46dccc1151f3807847631f09c7deef41251c64a5e4f272b
GET //upload/vod/20221203-1/f1707ef492ce7f67c6e3219a3e0c9b45.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 8053
last-modified: Sat, 03 Dec 2022 02:30:09 GMT
etag: "638ab4b1-1f75"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/a13d5bbebef841b4a599307c2880f6e7.jpg
200 OK 6.5 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/a13d5bbebef841b4a599307c2880f6e7.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash bbf5e574cceb3f842723d6aaecc5541b
68419ebaddd971312c447d11485dccd735f833ca
33b0b764ccd53672916ea97d0f062202ed8094c7dcc04d660dc4a8b5e383805e
GET //upload/vod/20221203-1/a13d5bbebef841b4a599307c2880f6e7.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 6515
last-modified: Sat, 03 Dec 2022 02:30:09 GMT
etag: "638ab4b1-1973"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/6e9128e27cacb3216d1877ed548ff911.jpg
200 OK 7.8 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/6e9128e27cacb3216d1877ed548ff911.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 972ebc47f59b04eb51d540c9c5bdc038
d521a42c072ae423bd4a05f882247a68c80c89d7
16675f51d2e93e454d9b7301e7f8f8e815b18c3ef64793c5937e414bb3fee080
GET //upload/vod/20221203-1/6e9128e27cacb3216d1877ed548ff911.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 7769
last-modified: Sat, 03 Dec 2022 02:30:09 GMT
etag: "638ab4b1-1e59"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/ce5803d7d44712ac0479484edeb37c87.jpg
200 OK 9.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/ce5803d7d44712ac0479484edeb37c87.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 246f6305bb434736cbc0ee9b89c7d504
5e89a7552046ab78167dac305024ba2e0da02ad1
022c2187371cf3f8d1c3ee8316fcd3cdcde342b690d3994b71f18bdcbb60838c
GET //upload/vod/20221203-1/ce5803d7d44712ac0479484edeb37c87.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9218
last-modified: Sat, 03 Dec 2022 02:30:08 GMT
etag: "638ab4b0-2402"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221130-1/44b3567abfcce2e9c36ce59016b32962.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221130-1/44b3567abfcce2e9c36ce59016b32962.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e173cf9e5907a073e62bd7c536f34097
24ebc5ef0698a252aeb997de623b559fcd81e85a
94815d48431d500bc5776e2c615fb34f4386a96dc729b56075445228f14eaf90
GET //upload/vod/20221130-1/44b3567abfcce2e9c36ce59016b32962.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 13058
last-modified: Wed, 30 Nov 2022 09:30:48 GMT
etag: "638722c8-3302"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
200 OK 162 kB URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 162 kB (161888 bytes)
Hash c26e4253c9e5b52efd137c06ba589b9f
c8e06e062dadf4fca553a61cd59ae46b92461ec2
0acf286e8d4b883caf9e948e206a5bd72acf082d22354f5621d8d7ab8c5828f6
GET /yPS7hqfHgkFauS2djb/zylm.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 04:14:42 GMT
etag: W/"62cf9832-3b7"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrxX7YrnLhXS%2B8G2ppgZdeqMYZgBrdFh7aXj098%2FxTg6z%2BAqxXkxB9mHNSKeHMY%2FQB9NXbbBAipl%2FnkTFeOkFlrxXkr%2B%2BPa4BzKcBR%2B%2FHNNN68ywiChfM5IgNtqq8ulywf0FLyHM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ba8314caa0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
200 OK 751 kB URL HTTP/2 sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
IP
File type ASCII text, with very long lines (1244), with CRLF line terminators
Size 751 kB (750611 bytes)
Hash 1260840546c027b9a68d4229eb7d7186
0aa4408fe8b320a1ac131fe3a1f9a4fab5f0d8b4
69cbffbdce0508653e9b169b812a7f542177de77872bf083f080dfb50cb26b35
GET /yPS7hqfHgkFauS2djb/gg.css HTTP/1.1
Host: sb.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: text/css
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
vary: Accept-Encoding
etag: W/"62bc1e37-c63"
expires: Sat, 03 Dec 2022 15:27:18 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25703
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4FmZS7iU4Rp9v7DhAjVTex599KLqBnSv3JbK8LfjGD4qbiD8PQcT%2BRmNoiSX8EG8vIkty8eXxz07rn%2BrcRlAPMaBY1AnbdvfXtLu%2FBFm6%2BKnZlyovmmEfTDPZtRvFFSbZBs4BxZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba832cc8cb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/6bde6af03eb16acbfbc1e3655ba750b9.jpg
200 OK 16 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/6bde6af03eb16acbfbc1e3655ba750b9.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 7748ee442e27cc440fdef1c065078fdc
6af1082f5fadbc88e21d17f5e73da4b5d938741c
baf595a957fa12e29dacf3b1de1284271506a95f5f214bf0d1df69ea9af46eca
GET //upload/vod/20221128-1/6bde6af03eb16acbfbc1e3655ba750b9.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 16162
last-modified: Sun, 27 Nov 2022 19:30:05 GMT
etag: "6383babd-3f22"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/c57ad9665598da05921f248be507a121.jpg
200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/c57ad9665598da05921f248be507a121.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0df25efb500b48c303479657c33f59c3
4fd3778c64ff9173da01f5291cc55e112aa1ad8d
ed7aecf2cce7b56f507f697e9c6b7bc0a966bae5b52e07f903a152d1716f6e76
GET //upload/vod/20221128-1/c57ad9665598da05921f248be507a121.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 13786
last-modified: Sun, 27 Nov 2022 19:30:05 GMT
etag: "6383babd-35da"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/bba9b1334662c6957507aa2b85071240.jpg
200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/bba9b1334662c6957507aa2b85071240.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 97c394238af3cd2697ea428d05e1e4d5
84d2308d1b3898c4017a435bf3613d1a6cee3976
b057b313de21e5f7d7b50a2ae3a0a02289b5471a983fbca7bedf4d17cd03b8ee
GET //upload/vod/20221128-1/bba9b1334662c6957507aa2b85071240.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 13478
last-modified: Sun, 27 Nov 2022 19:30:05 GMT
etag: "6383babd-34a6"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/0772c967d24d4ac40cb15f981c751e66.jpg
200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/0772c967d24d4ac40cb15f981c751e66.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a7d336d7284626449980f9d973012985
a2e453b02b02f5279d059122d1438e94cfff13b2
35b2aae2c4d0b1afb2b980b74b08b12a6032ea49f8491cfdfbd2efba1c7044c1
GET //upload/vod/20221128-1/0772c967d24d4ac40cb15f981c751e66.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 14646
last-modified: Sun, 27 Nov 2022 19:30:05 GMT
etag: "6383babd-3936"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/a348fb16a9bc062030fbb09b030ec935.jpg
200 OK 9.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/a348fb16a9bc062030fbb09b030ec935.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash ea5aa6a5bba37b22c616eabfa31daf9b
c6cd7a35ca3fdc91bf02d1252a013cf968d6267d
08e76f0bc53d328902b0f365ba457b985eb18e29567f2084b60e71a6cb0a0108
GET //upload/vod/20221128-1/a348fb16a9bc062030fbb09b030ec935.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9591
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-2577"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/2677d2b5b40c67bae98bea14a3f48bd7.jpg
200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/2677d2b5b40c67bae98bea14a3f48bd7.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 53e62ed3d8f7809170252373ec8db144
c89531dc66413afcfac5c4bd51e01fa9fd0a554a
67febdc6a91504852b05037fedddccd522c50d8e576448f6877da821c3dbeca3
GET //upload/vod/20221128-1/2677d2b5b40c67bae98bea14a3f48bd7.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 10682
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-29ba"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/e3e2a87b7b716b77ee420db011d457b5.jpg
200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/e3e2a87b7b716b77ee420db011d457b5.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 5532271a1fd54d100d41ac9eb8638b45
108991c4153610e9b95645c4595b340723401934
3bc06272322b320d9e7e82f5c76bd5b61c8d48e2652f7e2949e8501ce17a80db
GET //upload/vod/20221128-1/e3e2a87b7b716b77ee420db011d457b5.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 11400
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-2c88"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/605bd94ca7b633e92ab1f42b76fcde49.jpg
200 OK 9.3 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/605bd94ca7b633e92ab1f42b76fcde49.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6aa56ba1a18adba8987f4736eacbdbb9
34c4ed3899615e4d898755217d0b3788b61767a1
c90ba919530377357f2c7e6248bf3e9f475f2b56d4852897b4b670b48276b605
GET //upload/vod/20221128-1/605bd94ca7b633e92ab1f42b76fcde49.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9274
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-243a"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221128-1/7717a2bd45386c51b3ce75407d763347.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221128-1/7717a2bd45386c51b3ce75407d763347.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 1d0c1fcf0dc0d11fdbd3786bc5f77956
4625022033da511cc7b41b6aca413344e590033c
888b69e40004ce4f242306057641a43c1d7b697e827d98f7223f13961d0ed5e0
GET //upload/vod/20221128-1/7717a2bd45386c51b3ce75407d763347.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 11564
last-modified: Sun, 27 Nov 2022 19:30:04 GMT
etag: "6383babc-2d2c"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/28e480845a9be0e87b9373c53c370435.jpg
200 OK 9.8 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/28e480845a9be0e87b9373c53c370435.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash fa71bdffea6ea43f3130cf6ffc892c5d
13df56a8f18400c00fa413aee208723300a11b79
cf77301c6959ac4a3b25fb3821a84e19d41e657ce6655b2c97b0b9d8ab7901c2
GET //upload/vod/20221203-1/28e480845a9be0e87b9373c53c370435.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9845
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-2675"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/b4753ccd0c222ee09945f7e48913e914.jpg
200 OK 9.3 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/b4753ccd0c222ee09945f7e48913e914.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 9c09d24aeb0aa7b866758bcecd0b8b31
01def35b0926059bb50d7d99e2ae5ec582fc90c6
d7404edad658c6f20df061d67d94ad89ef384bf6cf682ce4c9027a4447fa3bf0
GET //upload/vod/20221203-1/b4753ccd0c222ee09945f7e48913e914.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9274
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-243a"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/14899a7bbde84131aa0248e091fbae87.jpg
200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/14899a7bbde84131aa0248e091fbae87.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a87b1b54cd854961b4e5ae4ab85f58f4
0861e2fab42c0b571e80e80a935aacc34714e116
1f2d0fe43592e94fb540788498c5edac216fa362419daf19f700415cdfb01aaf
GET //upload/vod/20221203-1/14899a7bbde84131aa0248e091fbae87.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 10540
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-292c"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/ad2e67eb32e19e97d8a5edbc4e58796b.jpg
200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/ad2e67eb32e19e97d8a5edbc4e58796b.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 3d1c1e95e9b0480f60f1ee559155a9e0
d55c3710daeae33a7f442fb85d5d6e75206d2691
6c338275903471b82fb2756b8c8858ce18709e24b63c6ef8e31a78d712b18fc2
GET //upload/vod/20221203-1/ad2e67eb32e19e97d8a5edbc4e58796b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 13940
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-3674"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/0bc5efacbaaff12e33c50f939714da00.jpg
200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/0bc5efacbaaff12e33c50f939714da00.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6889422398442f56b559d1226859345d
bfd54189f4f6f98d7eda88fe37ba4ba5ec918e25
fe23e388bb9d45471882c3f16e40d145d2793dc8ad9c8ba9b8d577e555e07ce1
GET //upload/vod/20221203-1/0bc5efacbaaff12e33c50f939714da00.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 10723
last-modified: Sat, 03 Dec 2022 02:30:14 GMT
etag: "638ab4b6-29e3"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/001ce55c66a4dd1390afd478cb53588f.jpg
200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/001ce55c66a4dd1390afd478cb53588f.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 8cc41725361b162dc60c7dcb71ec0c5c
cec0c61d4909ac67ebea4d5f1e41ce7b1de4b3f6
e1621907a7fb894c5b809b9967843b4da204e12f4e5f0eabe7c94fcf50633856
GET //upload/vod/20221203-1/001ce55c66a4dd1390afd478cb53588f.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 11294
last-modified: Sat, 03 Dec 2022 02:30:13 GMT
etag: "638ab4b5-2c1e"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/37abd88f6ff7ca8251f58c204e000ab5.jpg
200 OK 9.1 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/37abd88f6ff7ca8251f58c204e000ab5.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash c82c01b54fe3a3cbcb4e54541fdb32cc
a0b969906117d7c47588dbb67283300c8fffbd88
0f0c83ce7bd9f7a2aef2a242084011927bc44e07a35ae0376cbe5d8d1628a690
GET //upload/vod/20221203-1/37abd88f6ff7ca8251f58c204e000ab5.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9065
last-modified: Sat, 03 Dec 2022 02:30:13 GMT
etag: "638ab4b5-2369"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/d65a401eaa5ed1480d07580acc019f5d.jpg
200 OK 9.4 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/d65a401eaa5ed1480d07580acc019f5d.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 9e54a36231af42b16499e9f3f288db4d
4427fa5a05d62bda7c97ff15162e4a8028b2a23e
7ca2065e441ca80edcca79ce2c60033d75dfd09d02ccf82b99c30f4b50f89264
GET //upload/vod/20221203-1/d65a401eaa5ed1480d07580acc019f5d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9397
last-modified: Sat, 03 Dec 2022 02:30:13 GMT
etag: "638ab4b5-24b5"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/17170ffabfa3831c27188436a75a64f0.jpg
200 OK 8.7 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/17170ffabfa3831c27188436a75a64f0.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash cd25a24dcdd2489ba1fbb3976f23eed9
2c03cdbfa9df958c892961299b4661344abfe8f5
04dff41f20eff6bbcfb454cc5062fda5ac4d9904d849bf5fdc83f32d8db1bedc
GET //upload/vod/20221203-1/17170ffabfa3831c27188436a75a64f0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 8688
last-modified: Sat, 03 Dec 2022 02:30:13 GMT
etag: "638ab4b5-21f0"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/445a4e71cd0fc95d373df77f19f4a282.jpg
200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/445a4e71cd0fc95d373df77f19f4a282.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 3d6de22b1925f8c9b7964cc07bddb112
b0bc29b4dd7d63dee2469d90b5f9ee8794ef0b2b
e5c7b717d669c1a69646a15fb8b8dc64dd88bfba02f58c9abc0f47d89c753416
GET //upload/vod/20221203-1/445a4e71cd0fc95d373df77f19f4a282.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 10496
last-modified: Sat, 03 Dec 2022 02:30:12 GMT
etag: "638ab4b4-2900"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 1e2dbbd9ce11fa40d488f69435a8050d
17e647ee8d7e435ba4038590131f81bdf29910a3
1e836f129ab861fb7e1688c45374b1336d11af9ff3f3121e41f78d7a24c3f398
GET //upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 12063
last-modified: Fri, 02 Dec 2022 01:30:02 GMT
etag: "6389551a-2f1f"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 768-769, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 10.011994\012- data
Hash be311ae69aa806e335bf3f486c9c1742
1f03f482ff608cab3163afdeab73c2ed62cf2de0
385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03
GET //upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 12628
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3154"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 15016e4dc41923e35678f6879d6c2eb2
56522e64a0e2257181aa35e32e9023801e3dfeb2
b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb
GET //upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 14145
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3741"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e102994da73de1c4f40db37257545fb5
348d2ece7d32a7ed1c2af957c22eebb8863377d0
4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9
GET //upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 15357
last-modified: Mon, 30 May 2022 22:30:20 GMT
etag: "6295457c-3bfd"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
200 OK 33 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a1fc7657b8d6926a53055671bee349d
68ab1bc12c02da3a8def2daa09a789991b8c54e7
a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa
GET //upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 32778
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-800a"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
200 OK 34 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02fe4fa1cab54aa6afa13de6a5ec35a1
f6ad518dfccb3aeff5d5f809d288fdb7ab177519
e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348
GET //upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 33634
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-8362"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
200 OK 24 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e76298247b86c93518d6084cb4cccfe
c5da11c703b36e9415121d1e9f6ae7179c004ec3
95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9
GET //upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 23462
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-5ba6"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash bec220b3b49b05c6b75d762efb631eb7
fd0f46d366a98e8b5c8a51f2062b648a688b1252
d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7
GET //upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 12353
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-3041"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
200 OK 18 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash d6c8ad2c7eac5b55275ad3906346b9b1
b4e791297c2aa69be4ee4166fc70f15b76c1103b
35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6
GET //upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 18119
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-46c7"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/a0753b1496122ac9b2d14ac2ffecd290.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/a0753b1496122ac9b2d14ac2ffecd290.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 0a8f58da0e649e271476d70206875eaa
cf89a892c2b039d6fa2a76e98a6ca3c3f94b3d11
d05590bf7481c37112f268164d6597e1577fdbb71390150da8e92c5953b28647
GET //upload/vod/20221203-1/a0753b1496122ac9b2d14ac2ffecd290.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 12057
last-modified: Sat, 03 Dec 2022 02:30:05 GMT
etag: "638ab4ad-2f19"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/9d379f8c4e7b2aa6491bfc4b6e954d93.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/9d379f8c4e7b2aa6491bfc4b6e954d93.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 8a3f9bf53e45f77eb300e6463771f58e
f9a5b79297e798e5d83e3d6b5664ede1dd547ff4
493c54b1a79b56cb2f242420e8e673e45a246e2d5fb6b14a5280c69e33bc7c15
GET //upload/vod/20221203-1/9d379f8c4e7b2aa6491bfc4b6e954d93.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 13062
last-modified: Sat, 03 Dec 2022 02:30:05 GMT
etag: "638ab4ad-3306"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/033ccf86ec9e74e63182982658428cfe.jpg
200 OK 9.5 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/033ccf86ec9e74e63182982658428cfe.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 2bb30e54605907b6953354cfa7e71851
7fb4f9ab680ee4272ed1fbec6ac41ee4e659f648
29b60528ad85c5284664d046932c07d56d38773a719319b9dcd81cacbb26de69
GET //upload/vod/20221203-1/033ccf86ec9e74e63182982658428cfe.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9533
last-modified: Sat, 03 Dec 2022 02:30:06 GMT
etag: "638ab4ae-253d"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/342cb270fa3fca1460ab1769ea3a1c57.jpg
200 OK 9.5 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/342cb270fa3fca1460ab1769ea3a1c57.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 6598b9256a1e6f81d64e27572e8dcc3e
5325e05567ecdd22dfce6a253a893f0210cd4917
c874688a43e0dd17c6d599f20d26319dd6eaa59b7bed3c859ed2ca0d09be0ca6
GET //upload/vod/20221203-1/342cb270fa3fca1460ab1769ea3a1c57.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 9531
last-modified: Sat, 03 Dec 2022 02:30:06 GMT
etag: "638ab4ae-253b"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221203-1/587c48b8afd77cf9af7ff071bb8dc1a4.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221203-1/587c48b8afd77cf9af7ff071bb8dc1a4.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 44c6188ebd62ace47b29f9a035dbd2ab
6c956fe8b9e697a6ec61967722449b08e182e877
150e1983a719e43d07ae9045848e129a2bf024745c0d0183921c6d26df937dd3
GET //upload/vod/20221203-1/587c48b8afd77cf9af7ff071bb8dc1a4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 12927
last-modified: Sat, 03 Dec 2022 02:30:06 GMT
etag: "638ab4ae-327f"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fdbd0cf9671c9bf749f4d147e27a66a6
8afa0676587c942562858ef37467e714c60fdabc
bd707bc1f6a8e7274f5a7dd7c9a2dccb2516e00b1ae05961c544ca94f6922c5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD707BC1F6A8E7274F5A7DD7C9A2DCCB2516E00B1AE05961C544CA94F6922C5A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14293
Expires: Sat, 03 Dec 2022 14:33:55 GMT
Date: Sat, 03 Dec 2022 10:35:42 GMT
Connection: keep-alive
www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
200 OK 76 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 625x900, components 3\012- data
Hash 8df7397c01f50d1a0216d5aa5df5b616
8d6f18e7901340760b112b8ee25487d732b64e3c
c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1
GET //upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 76403
last-modified: Sun, 15 May 2022 04:30:19 GMT
etag: "628081db-12a73"
expires: Mon, 02 Jan 2023 10:35:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 2179fe6b8aed8c35b24b2a8c6819ca0b
8cfd3affab8e4daaf1473c0f5546ae4734bb7c5d
bc759de8433428b8240fac5f564759d12eda6dcbe6c2a7e6f9ad087255a59b5c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:35:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 07 Dec 2022 09:15:12 GMT
ETag: "8cfd3affab8e4daaf1473c0f5546ae4734bb7c5d"
Last-Modified: Sat, 03 Dec 2022 09:15:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1306
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773ba83878e1b4f4-OSL
kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
301 Moved Permanently 162 B URL HTTP/2 kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /80425b77b9bd0cff2005378bab6643ed.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Dec 2022 10:35:42 GMT
content-type: text/html
content-length: 162
location: https://kvhsss.top/80425b77b9bd0cff2005378bab6643ed.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8f09732969decf5f76f7cfac6a5f92e4
8d37212805cecf230e88b977894ffb73d7d815bd
3bbc9b226e280b35a137760ee3d538d9df94a524049a53143b5ce4cfcd89dcf4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BBC9B226E280B35A137760EE3D538D9DF94A524049A53143B5CE4CFCD89DCF4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17823
Expires: Sat, 03 Dec 2022 15:32:45 GMT
Date: Sat, 03 Dec 2022 10:35:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 89f2b8bb6a7126e27f3fcf3debef25d4
aa8fdaa263cafc3460e232868689d92b0cd70ded
200524e915b52ac1d1e4dbcc1903c00e3813938e16142c637791e57990a29dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "200524E915B52AC1D1E4DBCC1903C00E3813938E16142C637791E57990A29DCE"
Last-Modified: Sat, 03 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12682
Expires: Sat, 03 Dec 2022 14:07:05 GMT
Date: Sat, 03 Dec 2022 10:35:43 GMT
Connection: keep-alive
kveii.com/f67b410855efed07dc1783436baaa5f7.gif
301 Moved Permanently 162 B URL HTTP/2 kveii.com/f67b410855efed07dc1783436baaa5f7.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kveii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 03 Dec 2022 10:35:43 GMT
content-type: text/html
content-length: 162
location: https://kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash e67d878f1eb700680b5bbbe2e44f5b31
179d4141104618b3af5fb9fd6e103ce34e0e6ecb
53c924482d5feacebb804bb686d4f56ee6a713e487b62059cf60ea4fd60f7bf8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=109885
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:35:43 GMT
Etag: "638a30bc-117"
Expires: Sun, 04 Dec 2022 17:07:08 GMT
Last-Modified: Fri, 02 Dec 2022 17:07:08 GMT
Server: nginx
Content-Length: 279
kvhsss.top/80425b77b9bd0cff2005378bab6643ed.gif
200 OK 1.2 MB URL HTTP/2 kvhsss.top/80425b77b9bd0cff2005378bab6643ed.gif
IP
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.2 MB (1217913 bytes)
Hash c705096a9fde58f82d85c91bbe72924a
52a49d3a5df458538c61fe3b8d50c12cc09796e4
be2b36a7353b79c2578b4ac0704ae20bb8441147fc2810b88e01dd156a52d66b
GET /80425b77b9bd0cff2005378bab6643ed.gif HTTP/1.1
Host: kvhsss.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klx13.zhgmjglh88k.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:43 GMT
content-type: image/gif
content-length: 1217913
last-modified: Mon, 10 Oct 2022 13:23:30 GMT
etag: "63441cd2-129579"
expires: Fri, 30 Dec 2022 05:02:54 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 279169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNZMmHJRaobw5e8RbiKXwz7JmQwDlw90PQlIpl2RcoLsWFhnTa6ZPlL8WOsHMhk7qj2Lc%2BuIfESx4UwVaHzVcoNXnqhR%2F9mbusJq06V7MDq%2FOL83vrLYt5ytvzl9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ba83b0cce0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash e67d878f1eb700680b5bbbe2e44f5b31
179d4141104618b3af5fb9fd6e103ce34e0e6ecb
53c924482d5feacebb804bb686d4f56ee6a713e487b62059cf60ea4fd60f7bf8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=109885
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:35:43 GMT
Etag: "638a30bc-117"
Expires: Sun, 04 Dec 2022 17:07:08 GMT
Last-Modified: Fri, 02 Dec 2022 17:07:08 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 414b7ae1431629ec31b30ae5049edd3c
8814cf462591051f2efe73b8c99c75a7bef59205
613016088c18aec418e11dcb7fc3dae2fa3343756a4bc820a620b1706a664bca
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "613016088C18AEC418E11DCB7FC3DAE2FA3343756A4BC820A620B1706A664BCA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15159
Expires: Sat, 03 Dec 2022 14:48:22 GMT
Date: Sat, 03 Dec 2022 10:35:43 GMT
Connection: keep-alive
kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif
200 OK 29 kB URL HTTP/2 kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif
IP
File type GIF image data, version 89a, 200 x 200\012- data
Hash a763cce2c7bc3f7bfaa94981d8d9ff47
085da887b67947c8b1e486137be2300dfabf4a69
9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kvkppp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:43 GMT
content-type: image/gif
content-length: 29082
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
etag: "62544489-719a"
expires: Sat, 10 Dec 2022 12:49:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1979186
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkRTivKf7NY0sGho5GT%2BgBvO3fXcsm3fY9nVfNa8mEs3mNb3tWv3nHWCJbBU6L6IvbMQpxq%2BcEmdwmhv0GTcgpuVtXw3EtlX7v2d7%2FangURGYEqRJW2jXH1hxpGk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ba83c5d8cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 414b7ae1431629ec31b30ae5049edd3c
8814cf462591051f2efe73b8c99c75a7bef59205
613016088c18aec418e11dcb7fc3dae2fa3343756a4bc820a620b1706a664bca
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "613016088C18AEC418E11DCB7FC3DAE2FA3343756A4BC820A620B1706A664BCA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15159
Expires: Sat, 03 Dec 2022 14:48:22 GMT
Date: Sat, 03 Dec 2022 10:35:43 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash c46e60202a3ccb47be621167e4668b93
002c08004939242b84616b060bf3e762d7313936
b659481ddf26c6babdfbae8cb3737c06db49247bc95a286a2a554a38ff20b2c8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:35:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 23:52:08 GMT
Expires: Thu, 08 Dec 2022 23:52:07 GMT
Etag: "002c08004939242b84616b060bf3e762d7313936"
Cache-Control: max-age=479183,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773ba83bcfbdb505-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash e1ee61c56be161b8f7dc4140740a2776
04f6b6fbaf362e95ba6e3910b2719205ec8573b2
efd4054a45f7aa77d157de96ca9b36eeaf1880f24c328a5c0a62aceef6b39934
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:35:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 07 Dec 2022 08:35:46 GMT
ETag: "04f6b6fbaf362e95ba6e3910b2719205ec8573b2"
Last-Modified: Sat, 03 Dec 2022 08:35:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773ba83c2d4f0afa-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 9e21091cc95b0d38bf5e9284b0d27ef6
9523679ccf84c39a0f5d8b44be142becc99911a2
f6a4b6db1ffce2854e9f90b42a91aeca3b332796c26c12d5a2371fa78609c9f4
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:35:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 07 Dec 2022 07:21:00 GMT
ETag: "9523679ccf84c39a0f5d8b44be142becc99911a2"
Last-Modified: Sat, 03 Dec 2022 07:21:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 185
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773ba83daf0db4f4-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 9e21091cc95b0d38bf5e9284b0d27ef6
9523679ccf84c39a0f5d8b44be142becc99911a2
f6a4b6db1ffce2854e9f90b42a91aeca3b332796c26c12d5a2371fa78609c9f4
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:35:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 07 Dec 2022 07:21:00 GMT
ETag: "9523679ccf84c39a0f5d8b44be142becc99911a2"
Last-Modified: Sat, 03 Dec 2022 07:21:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 185
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773ba83daf17b511-OSL
sb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
200 OK 12 kB URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 8a657f8ecdee91f281c578f2142451ff
f8fa6f2343ad25ba8bb4532662737657d833a8ea
b5b0677adc6bfd8c2edec1a7e07d90870ca74aa6e14a6d6365a6f8065339d7e1
GET /yPS7hqfHgkFauS2djb/xtb.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:02:47 GMT
vary: Accept-Encoding
etag: W/"638a3dc7-f4e"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6Qokg9Neb6Z9z7WDS0rJib51IrGBQBGu2rwWyV6%2BJmR%2BgpWNas8lUZwV44xePyKog0bARAR7uljDKPySPHmjXK2wa%2FNVWu2J2XDFDLC7Qp%2By%2Bs1wjQfZ7pX5%2FbExti6WG4yzoVU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba831dd0a0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
taiwtp1.com/img/200200.gif
200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:33:14 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Mon, 02 Jan 2023 10:33:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ia.51.la/go1?id=21278761&rt=1670063740142&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1670063740142&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx13.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F
200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278761&rt=1670063740142&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1670063740142&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx13.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278761&rt=1670063740142&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1670063740142&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx13.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 03 Dec 2022 10:35:44 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=9d21b53b3437361f60f; path=/
HWWAFSESTIME=1670063742420; path=/
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=587859669&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=1&sn=35337&r=0&ww=1268&u=https%3A%2F%2Fklx13.zhgmjglh88k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=587859669&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=1&sn=35337&r=0&ww=1268&u=https%3A%2F%2Fklx13.zhgmjglh88k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=587859669&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=1&sn=35337&r=0&ww=1268&u=https%3A%2F%2Fklx13.zhgmjglh88k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 10:35:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D47496F735397C1B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ia.51.la/go1?id=21278761&rt=1670063740134&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1670063740134&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx13.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F
200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278761&rt=1670063740134&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1670063740134&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx13.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278761&rt=1670063740134&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1670063740134&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx13.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 03 Dec 2022 10:35:44 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=741495d199b0cbe9632; path=/
HWWAFSESTIME=1670063742571; path=/
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash 786d0ebe216d4471eae7eb144077427d
0dd5ce240257a517749e9ef064d85faf1679bcd6
b0d525ebcb58d55d330fd2f3e656edb4d32366fb1da0784f9760778753b9221f
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: a3cb469210b163f5314b71a3ae0a10ae
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 03 Dec 2022 10:35:44 GMT
Etag: 0d51fd4ddb49b6e9e268430a686adb68
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=89A4D8FA20D82B64; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1670063742&rnd=2031275882&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=2&sn=35337&r=0&ww=1268&u=https%3A%2F%2Fklx13.zhgmjglh88k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1670063742&rnd=2031275882&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=2&sn=35337&r=0&ww=1268&u=https%3A%2F%2Fklx13.zhgmjglh88k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1670063742&rnd=2031275882&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=2&sn=35337&r=0&ww=1268&u=https%3A%2F%2Fklx13.zhgmjglh88k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 03 Dec 2022 10:35:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6AFEDD27BA7785D3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
200 OK 472 B IP
Hash 7623aef042a77103cfdc2d91e383762d
df4c204fada1c282bcc26ffd21540f4befe05234
3b3c0224e51b0758183151ef326a9504de244235c0c6d347c058ceb058be09b4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:35:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 23:31:05 GMT
Expires: Wed, 07 Dec 2022 23:31:04 GMT
Etag: "df4c204fada1c282bcc26ffd21540f4befe05234"
Cache-Control: max-age=391519,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773ba8450c210af6-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash b8f959cc02193f5adb283bc77e98a2dd
2bd274ecd4fdb7e1ddabb5955165a7357eac44f1
cf55ba87b77b708e03a639bc092fa51afc64139dc25775668ef2bab5fad26c1e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:35:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 01:44:17 GMT
Expires: Fri, 09 Dec 2022 01:44:16 GMT
Etag: "2bd274ecd4fdb7e1ddabb5955165a7357eac44f1"
Cache-Control: max-age=485911,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773ba844d9b8b505-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash c4ef33491ef7d12d190b0e0d4ca5882e
3bb40997858ef719331d2e5b3b8994cd8019637a
202617174aec413c8ef39aa75e9bdf4d1765b8119492cd45136028b505127cb2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:35:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 05:50:02 GMT
Expires: Sat, 10 Dec 2022 05:50:01 GMT
Etag: "3bb40997858ef719331d2e5b3b8994cd8019637a"
Cache-Control: max-age=587056,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773ba844fca10b65-OSL
sb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
200 OK 5.7 kB URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
IP
File type HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6cf9274caed9ff255a8df0cfe820d79c
85a0c4600ef4483415861ee75af9d5c1f7acd6d2
93af13023dcddd9115510623ac9f5326b8290a8c91cc4a440429fafdb0663193
GET /yPS7hqfHgkFauS2djb/xx3.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:47:56 GMT
etag: W/"63885c2c-37f"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw3NpYGxGSdsUycHlrlfgjaAshZATX3W3v5ZR4bnnXeD8SvEJ5PRCNR55vN%2BYgi7ST9YRuXQYjI0otviPiqDSD1lPpuLABZkHVvqzXW1UShvDHMz4JRf54FWVV76svOcADXn%2Fi8H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ba8314cab0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
200 OK 141 kB URL HTTP/1.1 585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
IP
File type GIF image data, version 89a, 750 x 240\012- data
Size 141 kB (140712 bytes)
Hash 62aca5f86547ebf8aba956425356874b
d9ecdbe6202ddee69d57658be2d54a0312c1cb55
3be630a28e559a5dd07a2e9e3bf8280a8e20dda60eda7dce947fad9716e2eba8
Analyzer Verdict Alert quad9 Sinkholed
GET /1825aadc7435489f87c5b35903b8d679.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63763814-225a8"
Date: Tue, 29 Nov 2022 01:17:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 17 Nov 2022 13:33:08 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-22
Content-Length: 140712
bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
200 OK 121 kB URL HTTP/1.1 bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Size 121 kB (120937 bytes)
Hash 49275d96974a0e7a765eba878974e990
a072e28e13413dad5a5c2db03d27e4cbe8b0b220
f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f
GET /ad57239e363d4a2f96c2e91f27d2aefb.gif HTTP/1.1
Host: bob5379.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62bc27d3-1d869"
Date: Mon, 14 Nov 2022 10:02:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-18
Content-Length: 120937
701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
200 OK 298 kB URL HTTP/1.1 701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 298 kB (298536 bytes)
Hash 9c3ba66a41c99ffee01405a837610cca
6e1ed01e150ddeb219b2917dd1f5230e8a703da5
d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5
GET /gg/200x200.gif HTTP/1.1
Host: 701.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 03 Dec 2022 10:35:43 GMT
Content-Type: image/gif
Content-Length: 298536
Connection: keep-alive
x-oss-request-id: 638B267F051F6830321D0B85
Accept-Ranges: bytes
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8250722550151430017
x-oss-storage-class: Standard
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
x-oss-server-time: 3
ocsp.digicert.com/
200 OK 727 B IP
Hash 385797edac1d836eff60d899f2c2bf50
66a002020f849693377673a3938435f77330d701
1a731e7e002981839b20fc7960f11abc3bf990f7c1a8022bd7d21449c820415c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4534
Cache-Control: max-age=131690
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:35:46 GMT
Etag: "638a7436-2d7"
Expires: Sun, 04 Dec 2022 23:10:36 GMT
Last-Modified: Fri, 02 Dec 2022 21:55:02 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
200 OK 727 B IP
Hash 385797edac1d836eff60d899f2c2bf50
66a002020f849693377673a3938435f77330d701
1a731e7e002981839b20fc7960f11abc3bf990f7c1a8022bd7d21449c820415c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 647
Cache-Control: max-age=127803
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:35:46 GMT
Etag: "638a7436-2d7"
Expires: Sun, 04 Dec 2022 22:05:49 GMT
Last-Modified: Fri, 02 Dec 2022 21:55:02 GMT
Server: ECS (amb/6BAD)
X-Cache: HIT
Content-Length: 727
img.1129555.com/images/63885b8fe2b7e59d9aade2d2.gif
302 Found 124 kB URL HTTP/2 img.1129555.com/images/63885b8fe2b7e59d9aade2d2.gif
IP
ASN #134835 Starry Network Limited
File type GIF image data, version 89a, 90 x 90\012- data
Size 124 kB (124531 bytes)
Hash 9f234ea79f93eb13036eac3d77feb577
772d65f2bc35ae8e372403d0f41a759367a0c587
e333bc4c2e600c9e60819a46a6115ca06a5ca88353d45c67d85c90f63bdc2919
GET /images/63885b8fe2b7e59d9aade2d2.gif HTTP/1.1
Host: img.1129555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/79b06e3d6f814a17a9b2ad463a215430
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/79b06e3d6f814a17a9b2ad463a215430
200 OK 674 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/79b06e3d6f814a17a9b2ad463a215430
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 240\012- data
Size 674 kB (673815 bytes)
Hash ca0fb55d08be2c3c4b6f96cb1709b42e
f495bcc54aea25d82f8f63afc86bcd0ef30cb612
e4fd98ca001857c2c2ae8aef1d4b474c905cf75a37806fa1cf0c9e82ee0c963a
GET /obj/tos-cn-i-dy/79b06e3d6f814a17a9b2ad463a215430 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 673815
date: Thu, 01 Dec 2022 07:56:01 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 01 Dec 2022 07:54:59 GMT
nw-session-id: 202212011554590102101860450AF026CDls2qc02dy
nw-session-trace: 2022-12-01T15:54:59.524766651+08:00 49
x-bdcdn-cache-status: TCP_HIT
x-length: 673815
x-powered-by: ImageX
x-response-date: Thu, 01 Dec 2022 15:54:59 GMT
x-tt-logid: 202212011554590102101860450AF026CD
via: n150-061-089, cache5.l2de2[0,0,206-0,H], cache20.l2de2[1,0], cache20.l2de2[1,0], cache5.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc02:22:48::233
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e8d73af98bf4aa07a2043cad19fbd02e22794d2a071b3b104536b0f0225e203a54b824258329d74d1a00f7a65e631e381e0e1129475eefe29f1dc8efcb25076a995ea3382457afa25eb9e639fb0d2049c356b12128a61955b6092cc74b6ec26b
x-response-lb: image
ali-swift-global-savetime: 1669881361
age: 182385
x-cache: HIT TCP_MEM_HIT dirn:1:124831372 mlen:0
x-swift-savetime: Thu, 01 Dec 2022 07:58:41 GMT
x-swift-cachetime: 31535840
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916700637461954518e
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 45881
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
klx13.zhgmjglh88k.com/template/m1938pc/css/zui.css
200 OK 0 B URL HTTP/2 klx13.zhgmjglh88k.com/template/m1938pc/css/zui.css
IP
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: klx13.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: text/css
last-modified: Sat, 26 Mar 2022 14:15:36 GMT
vary: Accept-Encoding
etag: W/"623f2008-14f3a"
expires: Sat, 03 Dec 2022 22:35:41 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1MPtTmyumdfiDvzKc68d3uFNurHJOlacgfaIxi7HKZwH%2B5gV08If%2F0AJfcJgnXkfs5PG8Yn0dkcOsMR0IGOztusYC9D2X9SFOJbWaObrsGhLo%2Fpt5PBKvhV%2B4OSw4iGhNIm7teHjas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba82c9eb5b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
IP
GET /yPS7hqfHgkFauS2djb/251.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 17:58:40 GMT
vary: Accept-Encoding
etag: W/"638a3cd0-401"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZHUaG9m2wTbDKpabFMHcIjMDsa1g50TTR1EVjJTZoWEB5ffFijXMxF7p%2FrO%2BLvforh9Kugybfw79UnTxCyb9%2BCU1F5OLTMyOSlKudiJneBdP0dfaomjR9QtJ2mCMTP%2FD9bLDKQg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba8314ca20af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
IP
GET /yPS7hqfHgkFauS2djb/250.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 17:58:10 GMT
vary: Accept-Encoding
etag: W/"638a3cb2-405"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmEKQI01yYl3hOpvsxBBbokaSbEL67J032zT7WbrdSquZunUtYSwvk1tMOzMDl0jBnlozBzUpkQvo5p6RuIbQDs2zpDRVDh8auvk8Od6WpXVP4osNTg0urvlDiertisXaTeAemm9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba8316cbc0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
IP
GET /yPS7hqfHgkFauS2djb/dh.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:00:16 GMT
vary: Accept-Encoding
etag: W/"638a3d30-19db"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmULcMEG%2Bjehc6xqYttNqVe%2Fz7FqBgT9HWPagv%2B2u2CO5booQl1IzT%2F8fl62GPk%2FLf5R2Xnn6XX6AB%2B2gwsH6IBocBalQAR9a3KY7EUw1iCagV3BEn9oMkP1DKIHiGFDCw29Rd3m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba8318cc70af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
IP
GET /yPS7hqfHgkFauS2djb/wz.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 18:00:56 GMT
etag: W/"638a3d58-1ac"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45QXW2N97XpLy8Td7GJ0uK2GoiLMOhZHEsuxAIJR6BXpXzSXdc%2FFMRllk7677rH1jhf68iajMb2wrBwU9%2BGrG7sobE6LPxLrsAjMyeDAkqPaultEJJXBSV7vty0I7ulGKQp1hjen"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ba8314ca70af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
IP
GET /yPS7hqfHgkFauS2djb/xx2.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:47:52 GMT
etag: W/"63885c28-37f"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKRd84g8Z%2FiqOQD%2F1T1RgJbCYKb1s3BDew3qW%2BwDBPJchEgU0PByVoOoXWvVq5nqbrlZEK%2FV9ZW0wZQM7bXMDNxk4CEaKXFMX0HT45F1S8H6Kzn0sZxNMtv6rdsA4tENtdTfdvQQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ba8314ca10af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
IP
GET /yPS7hqfHgkFauS2djb/foot.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 04:14:38 GMT
vary: Accept-Encoding
etag: W/"62cf982e-449"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xT5lUfhqtC5QqhucAGPD0EFm6Hr9f5jaXfiUq08dZMwuB2VGCEvFGeZDehcEvpuAnxGoxUo%2BivB7aL8LNHrABmFfY2DgffCssuQtKq00Zm02UM57UjkMZkA%2FXYmF9UB1EP%2BcC1Mh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba8315cad0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx13.zhgmjglh88k.com/
200 OK 0 B IP
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: klx13.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nadinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPAzrj7hY8BbU1xKVzpuPZKdsvOohXfmZ1bXtnQ6QoGlyTpl2yPpEjMDYJGNK1qrXoR5fqb7xu%2FZq3iwj3A7zLsbx93wd9bilG3MLU7Bjx%2FwrCT%2Fp8VCIDJBOZs%2FOTPihpothxt2h8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba8299b71b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
IP
GET /yPS7hqfHgkFauS2djb/252.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 03:27:20 GMT
etag: W/"6376fb98-3cd"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STLWx8pSiBMqPifmqUgwLwtuaKYYFCZXb5QNoimGvLq84ATumKtZ8nCLB4GQtrH3ceRslWarl5JjCbCHoZwuvgtzI0oFPxr2NlE3S2PpqeYaI7Icx5qmVZBHhIYZUOTkuPEpx8hA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773ba8314ca30af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
IP
GET /yPS7hqfHgkFauS2djb/xx1.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 07:47:47 GMT
vary: Accept-Encoding
etag: W/"63885c23-64e"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UC7Hfsne3cQfYSr0HKEeQl2nWhB%2FwLAcypr2rScdTmvRGwrP%2BBFbV9nsYP0RCaS1FlqKCiIZudD1aiUg1FBkyDATcEwTfTsSL5OYUFNvXovbcSiznEbKzMrAovSCYM0eK46L1V9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba8315cae0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx13.zhgmjglh88k.com/
200 OK 0 B IP
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: klx13.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nadinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40ZzbkT3tgc17BM%2BlcQXvsNOD%2BGot665RCfltbDcS4Abh5%2BM%2B4kgrXYW0pLGGzqOvp6PJTmoVUXolcbwvOKyi19qkK3U7xs7mp7XAmQyL5ZWrw%2BLSAkf68PFRCp4IG9cQwIMdz7HEs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba82c6e6bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
IP
GET /yPS7hqfHgkFauS2djb/dh1.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 08:47:05 GMT
vary: Accept-Encoding
etag: W/"633d4489-972"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJR4a05331kfndz1K5WQdyjmbloH7yIEZ%2FURabdRVJ3lAoMxafIpbSwK98OAeG1trzn2Jc674K60Xd0dzZAp5NDAtiq%2FjV8auSsHnUC8PAbecec0H3hf1nK4DTkuJuYKoMWSOb2S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba8316cbb0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
IP
GET /yPS7hqfHgkFauS2djb/253.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx13.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:35:41 GMT
content-type: application/javascript
last-modified: Sun, 20 Nov 2022 07:01:27 GMT
vary: Accept-Encoding
etag: W/"6379d0c7-421"
expires: Sat, 03 Dec 2022 11:26:10 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiAp7piT092JncgdYDeuYe9cIdOhM7sWNMcuE%2FaL52DuGYmJtgcYXUtxlzJUzjzRpTkWUo8rfSIOGAQv%2FOfonuOliShpIwp%2BP3kWpMXo1V%2FfYKY3wsY5dKVbOkaVxqTjhTWlFroO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773ba8314ca40af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.1170555.com/images/63885c1ce2b7e59d9aade2d4.gif
302 Found 0 B URL HTTP/2 img.1170555.com/images/63885c1ce2b7e59d9aade2d4.gif
IP
ASN #134835 Starry Network Limited
GET /images/63885c1ce2b7e59d9aade2d4.gif HTTP/1.1
Host: img.1170555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/dfac7fde683043228d3cd0be967f696b
X-Firefox-Spdy: h2
104.253.151.54
47.246.44.229
188.114.96.1
220.128.218.220
185.239.226.87
23.36.76.226
104.18.20.226
103.143.19.103
93.184.220.29