dsensoftware.com/document/excel-4D7-fresh-RD823
206.237.216.157301 Moved Permanently 0 B URL HTTP/1.1 dsensoftware.com/document/excel-4D7-fresh-RD823
IP 206.237.216.157:0
ASN #398823 PEGTECHINC-AP-02
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /document/excel-4D7-fresh-RD823 HTTP/1.1
Host: dsensoftware.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 29 Mar 2023 13:23:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.dsensoftware.com/document/excel-4D7-fresh-RD823
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6595
Expires: Wed, 29 Mar 2023 15:12:49 GMT
Date: Wed, 29 Mar 2023 13:22:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8604
Expires: Wed, 29 Mar 2023 15:46:18 GMT
Date: Wed, 29 Mar 2023 13:22:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6954
Expires: Wed, 29 Mar 2023 15:18:48 GMT
Date: Wed, 29 Mar 2023 13:22:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 12:28:09 GMT
content-type: application/json
age: 3285
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pai+W370tJCdqVoEIR7sqcUxnlxCLqVh/rokuzBt+2wXUS2THxcd8jPSEF2E8OlTxnrusvUn4VD3mdZTppLD/Q==
x-amz-request-id: AP6XVY4SQYDBVBPS
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 12:56:38 GMT
age: 1576
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.dsensoftware.com/document/excel-4D7-fresh-RD823
206.237.216.157200 OK 642 B URL HTTP/1.1 www.dsensoftware.com/document/excel-4D7-fresh-RD823
IP 206.237.216.157:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (626), with CRLF line terminators
Hash 072187787395cad205bf3f705755cfca
eaf940aa67fdcf9fa41814d66a2353efaefa59db
8ec710ceddb77be6b8fc1e989b7334872ebb081a2e8b70a5d2606b9ed6928b16
Analyzer Verdict Alert fortinet Phishing
GET /document/excel-4D7-fresh-RD823 HTTP/1.1
Host: www.dsensoftware.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:23:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Retry-After, ETag, Content-Length, Content-Type, Backoff, Pragma, Expires, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 13:17:26 GMT
age: 329
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76a0aba3ddb470751c690f5a725159f2
8cb789e8e0dfa336270700ef1e607173f2aee6cd
e76de476654125a06994065d66e30c6fb6c354d0f67fd4e31a3f78679e2bfdcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8989
Expires: Wed, 29 Mar 2023 15:52:44 GMT
Date: Wed, 29 Mar 2023 13:22:55 GMT
Connection: keep-alive
www.dsensoftware.com/common.js
206.237.216.157200 OK 1.1 kB URL HTTP/1.1 www.dsensoftware.com/common.js
IP 206.237.216.157:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 0a31bc706868a19e39ba1e3397a32a86
107dc27d7202aa36da8eb5b5bb38fdb3f751d8ab
29b0bbc5629c3637a395e0eb536b297cfa14a80c220b18b4767e563f7f81cb31
GET /common.js HTTP/1.1
Host: www.dsensoftware.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dsensoftware.com/document/excel-4D7-fresh-RD823
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:23:05 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.dsensoftware.com/tj.js
206.237.216.157200 OK 520 B URL HTTP/1.1 www.dsensoftware.com/tj.js
IP 206.237.216.157:0
ASN #398823 PEGTECHINC-AP-02
File type ASCII text, with CRLF line terminators
Hash fb58a00d9c552ead997483a5f73581a1
62eff09a503f1636fdebf87695d3680c95dbfc72
cc02080368720abafda2fffcadff6d8d1b09bf540e8e23de65f012a686b75b51
GET /tj.js HTTP/1.1
Host: www.dsensoftware.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dsensoftware.com/document/excel-4D7-fresh-RD823
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:23:06 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
push.services.mozilla.com/
52.42.13.12101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.13.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C+CTBxIKl4+ch1NW6cT05w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +7e19s/qeWO3TPYJGWjdjG2ZZk8=
api.share.baidu.com/s.gif?l=http://www.dsensoftware.com/document/excel-4D7-fresh-RD823
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.dsensoftware.com/document/excel-4D7-fresh-RD823
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.dsensoftware.com/document/excel-4D7-fresh-RD823 HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dsensoftware.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 29 Mar 2023 13:22:55 GMT
www.dsensoftware.com/favicon.ico
206.237.216.157200 OK 1.2 kB URL HTTP/1.1 www.dsensoftware.com/favicon.ico
IP 206.237.216.157:0
ASN #398823 PEGTECHINC-AP-02
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.dsensoftware.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dsensoftware.com/document/excel-4D7-fresh-RD823
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:23:06 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 03 Apr 2023 13:23:06 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1bef686045b2d2011d5380583bcb0d6e
7876a97cf50f699cf34b4852b25c424a294aa740
588585c7d802fdb9866b2c4c4d4999378cb84b3a530d34e0609d9ba9d6b94e3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "588585C7D802FDB9866B2C4C4D4999378CB84B3A530D34E0609D9BA9D6B94E3E"
Last-Modified: Mon, 27 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16944
Expires: Wed, 29 Mar 2023 18:05:20 GMT
Date: Wed, 29 Mar 2023 13:22:56 GMT
Connection: keep-alive
www.apippmv11.com/news/index.html
202.95.22.212200 OK 236 B URL HTTP/2 www.apippmv11.com/news/index.html
IP 202.95.22.212:0
ASN #64050 BGPNET Global ASN
File type HTML document, Unicode text, UTF-8 text
Hash 8671e76bd72bff68babbe58d0623bc34
391de76218fd05782d383f169b29ea228a930ef2
db8d52a22ccbcbf42f6b66cfa1d0355c2ccdb08dd0e0b745207d7a9b852bed1d
GET /news/index.html HTTP/1.1
Host: www.apippmv11.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dsensoftware.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:56 GMT
content-type: text/html
content-length: 236
last-modified: Tue, 28 Mar 2023 04:15:38 GMT
etag: "642269ea-ec"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e6a34a016ce5f93e640aec11be89846f
e2ee97f58df7fdc13596cc1b268a52e319a4ff2c
12f8e9d5f907ab8c6330aeb75640cf4a2ddedf344de15eb2179e782425702ecd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:22:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Apr 2023 11:00:21 GMT
ETag: "e2ee97f58df7fdc13596cc1b268a52e319a4ff2c"
Last-Modified: Wed, 29 Mar 2023 11:00:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 902
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af86caefa72b4ff-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e6a34a016ce5f93e640aec11be89846f
e2ee97f58df7fdc13596cc1b268a52e319a4ff2c
12f8e9d5f907ab8c6330aeb75640cf4a2ddedf344de15eb2179e782425702ecd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:22:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Apr 2023 11:00:21 GMT
ETag: "e2ee97f58df7fdc13596cc1b268a52e319a4ff2c"
Last-Modified: Wed, 29 Mar 2023 11:00:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 902
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af86caf0a93b4ff-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15012
Expires: Wed, 29 Mar 2023 17:33:08 GMT
Date: Wed, 29 Mar 2023 13:22:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15012
Expires: Wed, 29 Mar 2023 17:33:08 GMT
Date: Wed, 29 Mar 2023 13:22:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15012
Expires: Wed, 29 Mar 2023 17:33:08 GMT
Date: Wed, 29 Mar 2023 13:22:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:35 GMT
age: 56301
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:37:00 GMT
age: 56756
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 23:09:21 GMT
age: 51215
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8afbc872d18847aaed67054dbfc2d31b
6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b
65c2b5fe2a3df654cfed7e7721b2d8f08665a72bb358b4d6e30e7cba853336e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5414
x-amzn-requestid: b6795b2f-1460-4516-bac0-9148e9868fa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguaYF5jIAMFmiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ddb-42762e4f0aa5e6050f82d138;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:27 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 2uZtp6TgGSem59CZMyKKtawyKTmNiLyj5wu7RXTGq04n2tN_gefzsw==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:08 GMT
age: 56388
etag: "6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 096bf7a8a2bfe48c19e6bf6887145e64
6193039864cae4ab0163f3a7d45613fb86e6be14
51625131b04aa5294e90062807ca728b7a41db79ea069cd238711f8ead5ecd8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7630
x-amzn-requestid: 5f162d03-0d82-4cd6-8812-4dac159bc2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY9HwhIAMFeOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-670279397929c69c0ee58b35;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 79RHJqi0dV_HFeUvGnzbChn8_54pc_ceWOEvLzrtxhr33rG6V42Buw==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:36 GMT
etag: "6193039864cae4ab0163f3a7d45613fb86e6be14"
content-type: image/jpeg
age: 56300
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: npXnMYBUM1bcf7FQIJEHng73EkILWwM0Jvey0QDUvmln0kAJUG_Rpw==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 56339
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 40ad2fd3a39d81087e169e4309ba7db0
46374fa6be2d87d89095be98627dfb69b2a3d52c
45e2a99ad8e305a2f3a220e952b129dac18551bc5af5e09ac2ea6cc6cc711dba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45E2A99AD8E305A2F3A220E952B129DAC18551BC5AF5E09AC2EA6CC6CC711DBA"
Last-Modified: Mon, 27 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17410
Expires: Wed, 29 Mar 2023 18:13:06 GMT
Date: Wed, 29 Mar 2023 13:22:56 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2023/03/v4ef3kg1ljn.jpg
172.67.28.138200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/v4ef3kg1ljn.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ac2d3722193da97553c44aec6bd9dd4
760489d6ebab5e134447a06905aabe46577028ef
e4cb50d170072f4091a964c8e230b58d338545616334dfd59e01a07028be2bc5
GET /upload/vod/2023/03/v4ef3kg1ljn.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 8716
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9734
content-disposition: inline; filename="v4ef3kg1ljn.webp"
etag: "6422f6d3-2606"
last-modified: Tue, 28 Mar 2023 14:16:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6022
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb42ad51bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/ihl1ltelfll.jpg
172.67.28.138200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/ihl1ltelfll.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 10498edf3ecba4ee4bdb8d8db06758cb
67773b97a7ff755333323b0c76dcc834a6dd1060
2fa33fb6da28fda32c61a5c9f4ded8030386621e2b85f4029cdfd5821e7e826b
GET /upload/vod/2023/03/ihl1ltelfll.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 7712
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8773
content-disposition: inline; filename="ihl1ltelfll.webp"
etag: "6422f6ee-2245"
last-modified: Tue, 28 Mar 2023 14:17:18 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6020
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43add1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/4s5vlij1zx3.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/4s5vlij1zx3.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 28c22150b21941cd561684bc09e9d5bd
42c5ad96f8cf16a7c62f40974562788d809d475b
04f7d788b0b65cc2862093d3958149e5ddf26b89a85a32fd0d7efbfa4b56d620
GET /upload/vod/2023/03/4s5vlij1zx3.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/jpeg
content-length: 13422
cf-bgj: imgq:85,h2pri
cf-polished: origSize=14090, status=webp_bigger
etag: "6422f6e8-370a"
last-modified: Tue, 28 Mar 2023 14:17:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6021
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af86cb43adc1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/oc4prnca3we.jpg
172.67.28.138200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/oc4prnca3we.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dcb437fd66f8d8c23582994eb13d733f
34ba0db4fa39fa71505527ce11ead2fb0f513c3f
ab16ef19e33e12dce73e38024c81eb17420b9806601693f6d9126d8a89d2eac4
GET /upload/vod/2023/03/oc4prnca3we.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 8158
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8945
content-disposition: inline; filename="oc4prnca3we.webp"
etag: "6422f91f-22f1"
last-modified: Tue, 28 Mar 2023 14:26:39 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6446
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43aeb1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/vdsxu4un0ki.jpg
172.67.28.138200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/vdsxu4un0ki.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60f88f43b114bdc7ac5dce7dd5550f2f
2edabbf395e297d1c50c66f6aaf2828d0c0ed168
f72f62f53a75ff92bb36a0f94cb8c040bbbfd2e266ee8cba8ba93106a3abbdc6
GET /upload/vod/2023/03/vdsxu4un0ki.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 6722
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9134
content-disposition: inline; filename="vdsxu4un0ki.webp"
etag: "6422f923-23ae"
last-modified: Tue, 28 Mar 2023 14:26:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6446
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43aed1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/gn124lui4bn.jpg
172.67.28.138200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/gn124lui4bn.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 31dd4451ba1d7ee0a43a865933dfc0f7
73ba9de0f84c1496724233afd4751ca0191d171b
992526c44df5f52c2b1386a3d41f98d1c7916246ca7e9859cae336613ddf43d9
GET /upload/vod/2023/03/gn124lui4bn.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 6388
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7545
content-disposition: inline; filename="gn124lui4bn.webp"
etag: "6422f92f-1d79"
last-modified: Tue, 28 Mar 2023 14:26:55 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6446
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43af11bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/1t2tcacvz0c.jpg
172.67.28.138200 OK 5.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/1t2tcacvz0c.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b76910d06cb786045c49cfba12d8941
819b56e4d2f6e5e09d99cd18da2ca81dd7722d98
7af8c2d5b22c4fb339e1686e455955f7abe5e3a6316786541a4cfc317f2cd9d9
GET /upload/vod/2023/03/1t2tcacvz0c.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 5638
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7097
content-disposition: inline; filename="1t2tcacvz0c.webp"
etag: "6422f91b-1bb9"
last-modified: Tue, 28 Mar 2023 14:26:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6446
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43aea1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/yskim5rtohc.jpg
172.67.28.138200 OK 5.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/yskim5rtohc.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1363d6ecdc189aa2d3779f19c91c8e92
e139526f4eb44e94b7dc751b65aba0d5878015d2
5fbf51f08c1c8ffc3076184f90d7a54bd0781dddc4d499ff67d38fd992ae56c1
GET /upload/vod/2023/03/yskim5rtohc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 5242
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6564
content-disposition: inline; filename="yskim5rtohc.webp"
etag: "6422f928-19a4"
last-modified: Tue, 28 Mar 2023 14:26:48 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6446
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43aee1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/xstf04j03ay.jpg
172.67.28.138200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/xstf04j03ay.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 32b1116e0da6a7c949de0364b783af74
56a325244fba74d82d95562ca2f29b49474b2864
73841390fc45034a324ad4cf01f50dd43da473ad4c2aa9098f51fc9388e18849
GET /upload/vod/2023/03/xstf04j03ay.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 6988
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8140
content-disposition: inline; filename="xstf04j03ay.webp"
etag: "6422f92c-1fcc"
last-modified: Tue, 28 Mar 2023 14:26:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6446
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43aef1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/3otaeqef42u.jpg
172.67.28.138200 OK 9.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/3otaeqef42u.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash ea05beb78f708893363ab096f49df631
712fe788f3cc407736747bce11a1b01aab88af19
6acd92935898ba353aaf9fe96e2bdd733f9ddf16c238f6edb8f00f3dbce8ee5c
GET /upload/vod/2023/03/3otaeqef42u.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/jpeg
content-length: 9368
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9841, status=webp_bigger
etag: "6422f6e0-2671"
last-modified: Tue, 28 Mar 2023 14:17:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6021
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af86cb45b181bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/1f35zjajgmb.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/1f35zjajgmb.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash e510509a2a4318604e5445c048c4ba1d
71322b587d7c0ce3f13ed0f50535594493277bcf
129951674ee2c532664f96c6e7dbc5c1c284d7d53702fa995d4c822561ea597a
GET /upload/vod/2023/03/1f35zjajgmb.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/jpeg
content-length: 12603
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13354, status=webp_bigger
etag: "6422f6ce-342a"
last-modified: Tue, 28 Mar 2023 14:16:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6804
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af86cb45b141bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/4j2zc3kv2h3.jpg
172.67.28.138200 OK 15 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/4j2zc3kv2h3.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 8f09f71ab10d2c4764c985112d45e564
cc583cd84ac73c3c9cef24dfa389f6ad255a8024
7a8590d7a02655f56831d1231c07a1cc47b0c58da6328f8d980a754fe341aecc
GET /upload/vod/2023/03/4j2zc3kv2h3.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/jpeg
content-length: 15102
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15948, status=webp_bigger
etag: "6422f6e4-3e4c"
last-modified: Tue, 28 Mar 2023 14:17:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6021
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af86cb45b1a1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/uqshxjeuszn.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/uqshxjeuszn.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash fad09e78965c6f649a28e5b3f5adf27d
75a69a7ec7da68b2cdff1105c4f1afebedd0ef94
1b465d50f5920a79f12a42c9e41fc2f5beb28f70adbe2c2b70628fd1bfa2761f
GET /upload/vod/2023/03/uqshxjeuszn.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/jpeg
content-length: 10483
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11208, status=webp_bigger
etag: "6422f6d7-2bc8"
last-modified: Tue, 28 Mar 2023 14:16:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6022
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af86cb45b151bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/yn1iabgog5s.jpg
172.67.28.138200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/yn1iabgog5s.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec10b743b06bae83de3bae368307c10b
8310a2ebcb5c2bbaa5ad7054fec168a1d7ba095b
9f2109ca8507c23a705023f0721180d1f19d7842d0ccf5b5d59ab0907d87d654
GET /upload/vod/2023/03/yn1iabgog5s.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 7240
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8662
content-disposition: inline; filename="yn1iabgog5s.webp"
etag: "6422f6dc-21d6"
last-modified: Tue, 28 Mar 2023 14:17:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6021
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb45b171bfe-OSL
X-Firefox-Spdy: h2
www.ppmv61.xyz/static/images/1.gif
107.148.150.117404 Not Found 146 B URL HTTP/2 www.ppmv61.xyz/static/images/1.gif
IP 107.148.150.117:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /static/images/1.gif HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?c7f55bda5ca005e1e1f7f3b6ef3fbd8c
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?c7f55bda5ca005e1e1f7f3b6ef3fbd8c
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 9b569e327bf4f1b04ab1cff0024a0218
b29b17a4c58d5f08b16713d7f076d2b0fb5cc79f
63b97ebfa89fc655f67e2205b0a6b93ecc4da9409aa071984a0009b54a1fddfb
GET /hm.js?c7f55bda5ca005e1e1f7f3b6ef3fbd8c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dsensoftware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Wed, 29 Mar 2023 13:22:56 GMT
Etag: 9d5a0f4de9cb13d5e1e76a4596b949eb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B63D774EF478E017; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fmlb.netlbtu.com/images/2021/7/30/dmm2384.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2384.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/30/dmm2384.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:57 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/30/dmm2384.jpg
fmlb.netlbtu.com/images/2021/7/30/dmm2380.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2380.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/30/dmm2380.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:57 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/30/dmm2380.jpg
fmlb.netlbtu.com/images/2021/7/30/dmm2379.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2379.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/30/dmm2379.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:57 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/30/dmm2379.jpg
fmlb.netlbtu.com/images/2021/7/30/dmm2382.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2382.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/30/dmm2382.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:57 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/30/dmm2382.jpg
fmlb.netlbtu.com/images/2021/7/30/dmm2381.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2381.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/30/dmm2381.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:57 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/30/dmm2381.jpg
fmlb.netlbtu.com/images/2021/7/30/dmm2385.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2385.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/30/dmm2385.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:57 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/30/dmm2385.jpg
hm.baidu.com/hm.js?09a7b5e821ba0c7841e240d5bfe840c4
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09a7b5e821ba0c7841e240d5bfe840c4
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 3e49177a64d11ebebc96580b69c98060
f06dcdab040c6cb4ca86fedc64d0311a8a076adc
668796f043545db857c3c5884f9064ae0c6f7b30ef6e08aceedebea88f89ba73
GET /hm.js?09a7b5e821ba0c7841e240d5bfe840c4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dsensoftware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Wed, 29 Mar 2023 13:22:56 GMT
Etag: 03fd74ca54b5c82bee1e0e511e6d87b7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CA069799690E8760; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
lbfm.lbpictupian.com/upload/vod/2023/03/2lg1bjp1bkc.jpg
172.67.28.138200 OK 5.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/2lg1bjp1bkc.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 26617802e2cdcb3145a3dbbc94c16a52
d1c0a3ca0175c290b3eaebf826bd432453200365
f2631afd7c9b8b07df94dfdfa8864dd01bf2007e922c465e08b7dee281c071da
GET /upload/vod/2023/03/2lg1bjp1bkc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 5606
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7418
content-disposition: inline; filename="2lg1bjp1bkc.webp"
etag: "6422f6fc-1cfa"
last-modified: Tue, 28 Mar 2023 14:17:32 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43ae01bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/p4ch3agvj2u.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/p4ch3agvj2u.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 24e7035ed8c7017d22011f15badf1ce0
f2e39e4e26d531be717f6cb2eaa478d1cd6f7a0b
fb8dd58e78921d883f844ec98126273d3556b67bca640893809158fc4b9d8047
GET /upload/vod/2023/03/p4ch3agvj2u.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/jpeg
content-length: 10598
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11165, status=webp_bigger
etag: "6422f8c1-2b9d"
last-modified: Tue, 28 Mar 2023 14:25:05 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af86cb42ad81bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/vxus3cn21ch.jpg
172.67.28.138200 OK 5.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/vxus3cn21ch.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50b3f5908539f3651e314654f9b344b1
fe8a825d192ca4e34dcedf62073bff6a66f775de
7e1f1aea91f828e2ccc5f8d3137edb6b768bd9f48f11e5ac68ce91d9c4821062
GET /upload/vod/2023/03/vxus3cn21ch.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 5760
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7943
content-disposition: inline; filename="vxus3cn21ch.webp"
etag: "6422f70e-1f07"
last-modified: Tue, 28 Mar 2023 14:17:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43ae71bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/ojjjjgu5gbs.jpg
172.67.28.138200 OK 18 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/ojjjjgu5gbs.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x320, components 3\012- data
Hash 90bb0361d8800629fbb6e9851a82c2f1
789b5886f1867bce2fef12c078f98edd9b6552aa
46b59d6f6e6a917f2a4a2f410a5cdcd0be121eaee917788cf4e8d41794fd1b6e
GET /upload/vod/2023/03/ojjjjgu5gbs.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/jpeg
content-length: 18100
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=18684, status=webp_bigger
etag: "6422f8b7-48fc"
last-modified: Tue, 28 Mar 2023 14:24:55 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af86cb43afb1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/jegimsbp2be.jpg
172.67.28.138200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/jegimsbp2be.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e9489bc97e130804b6a5095e73f0201
b7571ab4592c4d2e15dd39e7936a8811eabf8abe
ba6347f3a41278a18ad6220b5da5e9f06f242d7fb38413cf08004b6f7879625f
GET /upload/vod/2023/03/jegimsbp2be.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 5992
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8118
content-disposition: inline; filename="jegimsbp2be.webp"
etag: "6422f8b2-1fb6"
last-modified: Tue, 28 Mar 2023 14:24:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43af91bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/uo01ijf0znv.jpg
172.67.28.138200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/uo01ijf0znv.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5bb7a1d678eba44778c30e7ed2f1aa68
076911ac3b1a9ad8e4157e6ded450cae3c956449
c8040277f46dab1b0c6000f98070b753b4b72859dfd2a2013be4f7fc4c058200
GET /upload/vod/2023/03/uo01ijf0znv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 7174
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8173
content-disposition: inline; filename="uo01ijf0znv.webp"
etag: "6422f8c7-1fed"
last-modified: Tue, 28 Mar 2023 14:25:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb42ada1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/h5lj4iceueo.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/h5lj4iceueo.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb70eea61023ebe25a8a60628dcd04b6
e58cafc0f6ed70921fc2af9efeab2033c4f880bc
e3c80e8ec7fd7651b6c640fa8ee504b751d911c80115a7727d3d8d62481693a0
GET /upload/vod/2023/03/h5lj4iceueo.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 10506
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11208
content-disposition: inline; filename="h5lj4iceueo.webp"
etag: "6422f70a-2bc8"
last-modified: Tue, 28 Mar 2023 14:17:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43ae61bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/yqjutkqdj2v.jpg
172.67.28.138200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/yqjutkqdj2v.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54b865aa1b646c172942fe94582484a2
0a90ccf749c8ab86967b18eab116970df678ffc4
bff38305282a10dbcc01e00935bbdbd842e43ef6a7afd95a307a0f1dc98d28c8
GET /upload/vod/2023/03/yqjutkqdj2v.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 8462
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10046
content-disposition: inline; filename="yqjutkqdj2v.webp"
etag: "6422f8ae-273e"
last-modified: Tue, 28 Mar 2023 14:24:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43af71bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/eq0miohw5pj.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/eq0miohw5pj.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 8972025b781001964a1a269fb4721b6d
1a53117aa760319a8570ef5bc9159cb5f41ebf98
c570cea7e8cfde1749abef929c52d160980b370458ea9bdcd25ff4ba8d39befd
GET /upload/vod/2023/03/eq0miohw5pj.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/jpeg
content-length: 11541
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12149, status=webp_bigger
etag: "6422f6f6-2f75"
last-modified: Tue, 28 Mar 2023 14:17:26 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af86cb43adf1bfe-OSL
X-Firefox-Spdy: h2
www.ppmv61.xyz/
107.148.150.117200 OK 16 kB IP 107.148.150.117:0
Hash b8c1fffde541293ae4d549830243dfc4
ba80a43643afb8cb563e5ab272905b63afc98f83
3708d92355ef96f3cb4e414662361a175fbef6ec8248cddffe23d1b26a35795f
GET / HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.apippmv11.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/55l0kmmfg5q.jpg
172.67.28.138200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/55l0kmmfg5q.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bfdc5eb47602f51c8aed16f22ad9b0bb
c9d2c9cfd5345512b744687ebffecd302006b7ef
99e6bf6aaaea19d08de0aef502c1f5e24dfd33f59c96d3b8681e65ace24531f2
GET /upload/vod/2023/03/55l0kmmfg5q.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 7122
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8144
content-disposition: inline; filename="55l0kmmfg5q.webp"
etag: "6422f706-1fd0"
last-modified: Tue, 28 Mar 2023 14:17:42 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43ae31bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/l2ok1yrjxew.jpg
172.67.28.138200 OK 6.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/l2ok1yrjxew.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea30b25ed5accf706e736a3707e45a23
ac23a1a82199a35ab45f8c71cc4224ec7ea43ccb
04986a1e0367458df32b25e83d50df1a6f2b254957ad718c0a39049fee94b748
GET /upload/vod/2023/03/l2ok1yrjxew.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 6220
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7396
content-disposition: inline; filename="l2ok1yrjxew.webp"
etag: "6422f934-1ce4"
last-modified: Tue, 28 Mar 2023 14:27:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43af31bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/dol14bnvswd.jpg
172.67.28.138200 OK 9.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/dol14bnvswd.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63561a618ee8e0b657b1e5475a2ac4b0
54b599d989825d98d1425215aa811cfff9e2d579
f426201bd861ac8f0e927cca644de0418b7b054aae2daad996ae33d4640178bb
GET /upload/vod/2023/03/dol14bnvswd.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 9584
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11038
content-disposition: inline; filename="dol14bnvswd.webp"
etag: "6422f6f1-2b1e"
last-modified: Tue, 28 Mar 2023 14:17:21 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43ade1bfe-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/albwekkco3x.jpg
172.67.28.138200 OK 9.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/albwekkco3x.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f0e58848d9c9c998d98abe4d3d7831f
9ef6ea14cacacb1c0a4641efc532d28c1c2f3235
cd648dcc4f78c8281b97161a493eeeea9d8b8519fce488ccf16608d1c87e6ade
GET /upload/vod/2023/03/albwekkco3x.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: image/webp
content-length: 9132
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10056
content-disposition: inline; filename="albwekkco3x.webp"
etag: "6422f8bd-2748"
last-modified: Tue, 28 Mar 2023 14:25:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb42ad71bfe-OSL
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/30/dmm2383.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2383.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/30/dmm2383.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:57 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/30/dmm2383.jpg
www.ppmv61.xyz/js/top.js?adv=0.6577174964048995
107.148.150.117200 OK 588 B URL HTTP/2 www.ppmv61.xyz/js/top.js?adv=0.6577174964048995
IP 107.148.150.117:0
File type HTML document, Unicode text, UTF-8 text
Hash add2d43fff1c9780af62656ec0de51f9
64adda4327ef9df8a60df4e760c19089370dc028
eb83c04e1e660929de5d79020e70557b8bb2e7783d100e72faa7ce2e3aff45e6
GET /js/top.js?adv=0.6577174964048995 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: application/javascript
content-length: 588
last-modified: Sat, 31 Dec 2022 06:13:26 GMT
etag: "63afd306-24c"
expires: Thu, 30 Mar 2023 01:22:57 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=937702872&si=c7f55bda5ca005e1e1f7f3b6ef3fbd8c&v=1.3.0&lv=1&sn=40941&r=0&ww=1280&u=http%3A%2F%2Fwww.dsensoftware.com%2Fdocument%2Fexcel-4D7-fresh-RD823&tt=%E5%92%8C%E5%8E%BF%E5%89%AF%E7%89%A1%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=937702872&si=c7f55bda5ca005e1e1f7f3b6ef3fbd8c&v=1.3.0&lv=1&sn=40941&r=0&ww=1280&u=http%3A%2F%2Fwww.dsensoftware.com%2Fdocument%2Fexcel-4D7-fresh-RD823&tt=%E5%92%8C%E5%8E%BF%E5%89%AF%E7%89%A1%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=937702872&si=c7f55bda5ca005e1e1f7f3b6ef3fbd8c&v=1.3.0&lv=1&sn=40941&r=0&ww=1280&u=http%3A%2F%2Fwww.dsensoftware.com%2Fdocument%2Fexcel-4D7-fresh-RD823&tt=%E5%92%8C%E5%8E%BF%E5%89%AF%E7%89%A1%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dsensoftware.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Mar 2023 13:22:57 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0583FDF74AD330DC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1783738748&si=09a7b5e821ba0c7841e240d5bfe840c4&v=1.3.0&lv=1&sn=40941&r=0&ww=1280&u=http%3A%2F%2Fwww.dsensoftware.com%2Fdocument%2Fexcel-4D7-fresh-RD823&tt=%E5%92%8C%E5%8E%BF%E5%89%AF%E7%89%A1%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1783738748&si=09a7b5e821ba0c7841e240d5bfe840c4&v=1.3.0&lv=1&sn=40941&r=0&ww=1280&u=http%3A%2F%2Fwww.dsensoftware.com%2Fdocument%2Fexcel-4D7-fresh-RD823&tt=%E5%92%8C%E5%8E%BF%E5%89%AF%E7%89%A1%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1783738748&si=09a7b5e821ba0c7841e240d5bfe840c4&v=1.3.0&lv=1&sn=40941&r=0&ww=1280&u=http%3A%2F%2Fwww.dsensoftware.com%2Fdocument%2Fexcel-4D7-fresh-RD823&tt=%E5%92%8C%E5%8E%BF%E5%89%AF%E7%89%A1%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dsensoftware.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Mar 2023 13:22:57 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=23E03A689F470050; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 963f8d8ff940e279a86e7cc830a13859
4ed97e600476bca195dacb22b95acfb097105ac6
4fd61faf0f5f0b9e0f94f2dbaa3c45751639adcea93845ed26ace8c3a59be7ff
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Wed, 29 Mar 2023 13:22:58 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 963f8d8ff940e279a86e7cc830a13859
4ed97e600476bca195dacb22b95acfb097105ac6
4fd61faf0f5f0b9e0f94f2dbaa3c45751639adcea93845ed26ace8c3a59be7ff
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=860
Date: Wed, 29 Mar 2023 13:22:58 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 963f8d8ff940e279a86e7cc830a13859
4ed97e600476bca195dacb22b95acfb097105ac6
4fd61faf0f5f0b9e0f94f2dbaa3c45751639adcea93845ed26ace8c3a59be7ff
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Wed, 29 Mar 2023 13:22:58 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 6e7a95617d7acc03f5534ac9c08b0f55
cfa23b1477d4a320e3d2ce79791f537b2db56568
55459e2f083724aa4891fcd46c3c97f9eb9c4e2f22bae807cfc7b53b5a33d037
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: UPDATING
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=847
Date: Wed, 29 Mar 2023 13:22:58 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 6e7a95617d7acc03f5534ac9c08b0f55
cfa23b1477d4a320e3d2ce79791f537b2db56568
55459e2f083724aa4891fcd46c3c97f9eb9c4e2f22bae807cfc7b53b5a33d037
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=875
Date: Wed, 29 Mar 2023 13:22:58 GMT
Connection: keep-alive
X-N: S
www.ppmv61.xyz/static/images/1.gif
107.148.150.117404 Not Found 146 B URL HTTP/2 www.ppmv61.xyz/static/images/1.gif
IP 107.148.150.117:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /static/images/1.gif HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 29 Mar 2023 13:22:58 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
www.ppmv61.xyz/js/xx2.js?adv=0.7207683161799122
107.148.150.117200 OK 901 B URL HTTP/2 www.ppmv61.xyz/js/xx2.js?adv=0.7207683161799122
IP 107.148.150.117:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 2845f1ddec84aedca69c8780a1f6c55b
2a09ea722046fad6a1e3ff49b34847fbcf48fb7e
ad33e4fee5d8635b61c0219e43755bb360c98643d2ac89acb4a659eb3cc20a80
GET /js/xx2.js?adv=0.7207683161799122 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:58 GMT
content-type: application/javascript
content-length: 901
last-modified: Thu, 16 Feb 2023 06:56:53 GMT
etag: "63edd3b5-385"
expires: Thu, 30 Mar 2023 01:22:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/30/dmm2382.jpg
45.89.208.114200 OK 114 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2382.jpg
IP 45.89.208.114:0
File type JPEG image data, Exif Standard: [\012- TIFF image data, big-endian, direntries=2], baseline, precision 8, 960x540, components 3\012- data
Size 114 kB (114302 bytes)
Hash a672c11c0cef57625e25a896be0912ab
234edeea46d5c48131109a169a11148198ad5d3d
26beda92687b1659918590e3e6a2f584d854392c16a95c11e22675306cbfabb4
GET /images/2021/7/30/dmm2382.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:58 GMT
Content-Type: image/jpeg
Content-Length: 114302
Last-Modified: Wed, 09 Nov 2022 12:04:33 GMT
Connection: keep-alive
ETag: "636b9751-1be7e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/30/dmm2384.jpg
45.89.208.114200 OK 126 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2384.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 960x540, components 3\012- data
Size 126 kB (125715 bytes)
Hash 501a6149156e7fbce1ce134319fa6be1
d772bfaff8290da42abd3353edf4b6dcb479933d
36e05c1d64f17a2ac781dc49cad294cadcac9b280b8feef6633d54216bbc524c
GET /images/2021/7/30/dmm2384.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:58 GMT
Content-Type: image/jpeg
Content-Length: 125715
Last-Modified: Wed, 09 Nov 2022 11:59:31 GMT
Connection: keep-alive
ETag: "636b9623-1eb13"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/30/dmm2385.jpg
45.89.208.114200 OK 137 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2385.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [\012- TIFF image data, big-endian, direntries=2], comment: "Lavc57.80.100", baseline, precision 8, 960x540, components 3\012- data
Size 137 kB (137138 bytes)
Hash 3bde8b43b479f070f86d32c697a02978
84079c89fd36de5bb2468a2b963ffc06c1e23fc6
c691e6b83dfec7751e8f8fd09571bd625c5586b3fde96caceaa60f8ebe2f13c2
GET /images/2021/7/30/dmm2385.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:58 GMT
Content-Type: image/jpeg
Content-Length: 137138
Last-Modified: Wed, 09 Nov 2022 11:42:51 GMT
Connection: keep-alive
ETag: "636b923b-217b2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/30/dmm2379.jpg
45.89.208.114200 OK 161 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2379.jpg
IP 45.89.208.114:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 960x540, components 3\012- data
Size 161 kB (161411 bytes)
Hash 0ae7e4448a272b32f90ebbfdeef1d43b
794b545a2b2b2d5ccb09ae9066ee2f65ef75fd2c
e6ab7bedf0666ad1d2f12e2940eb4fee414b51644ac96ea82e81d3788b2eff45
GET /images/2021/7/30/dmm2379.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:58 GMT
Content-Type: image/jpeg
Content-Length: 161411
Last-Modified: Wed, 09 Nov 2022 11:57:24 GMT
Connection: keep-alive
ETag: "636b95a4-27683"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/30/dmm2381.jpg
45.89.208.114200 OK 95 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2381.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 960x540, components 3\012- data
Hash 471c69d36a870db86ce0cfc14a3a8f89
1787d50efbf75583784a0fd44f906d4499b4f3fa
6b05adfe4f38d2507a6efe2e3436c186e72eebe3cd3384637b7d6e914e5ebbc7
GET /images/2021/7/30/dmm2381.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:58 GMT
Content-Type: image/jpeg
Content-Length: 94607
Last-Modified: Wed, 09 Nov 2022 11:56:51 GMT
Connection: keep-alive
ETag: "636b9583-1718f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/30/dmm2380.jpg
45.89.208.114200 OK 201 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2380.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, height=1013, bps=146, orientation=upper-left, width=1800], baseline, precision 8, 960x540, components 3\012- data
Size 201 kB (200620 bytes)
Hash ec16531a2dd72a472329e630da9dc62b
ad0a4d94a059753a76f30f20981bc58e1745c5c3
94dd569cb24735d376a31a42f28f9db790aab08e5ea9e9d68a954f811df1a594
GET /images/2021/7/30/dmm2380.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:58 GMT
Content-Type: image/jpeg
Content-Length: 200620
Last-Modified: Wed, 09 Nov 2022 11:40:09 GMT
Connection: keep-alive
ETag: "636b9199-30fac"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.ppmv61.xyz/template/m1938pc/images/video-mask.png
107.148.150.117200 OK 107 B URL HTTP/2 www.ppmv61.xyz/template/m1938pc/images/video-mask.png
IP 107.148.150.117:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:58 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:24 GMT
etag: "61d46450-6b"
expires: Fri, 28 Apr 2023 13:22:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ppmv61.xyz/template/m1938pc/images/video-play.png
107.148.150.117200 OK 1.6 kB URL HTTP/2 www.ppmv61.xyz/template/m1938pc/images/video-play.png
IP 107.148.150.117:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:58 GMT
content-type: image/png
content-length: 1567
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-61f"
expires: Fri, 28 Apr 2023 13:22:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/30/dmm2383.jpg
45.89.208.114200 OK 140 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/30/dmm2383.jpg
IP 45.89.208.114:0
File type JPEG image data, Exif Standard: [\012- TIFF image data, big-endian, direntries=2], baseline, precision 8, 960x540, components 3\012- data
Size 140 kB (139881 bytes)
Hash 6e983ac097c07f9363efab284a4e1b03
45de439464c606ad782c985d49f1f9b1a4c9c8ae
00965faee418c162b41bf480b1d5ada4dd60c50d268b20211d18d5dbf7e1c750
GET /images/2021/7/30/dmm2383.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 29 Mar 2023 13:22:58 GMT
Content-Type: image/jpeg
Content-Length: 139881
Last-Modified: Wed, 09 Nov 2022 11:42:00 GMT
Connection: keep-alive
ETag: "636b9208-22269"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.ppmv61.xyz/js/250/2.js?adv=0.9732572822631517
107.148.150.117200 OK 459 B URL HTTP/2 www.ppmv61.xyz/js/250/2.js?adv=0.9732572822631517
IP 107.148.150.117:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (309)
Hash 5c4b1abefaabadd8470d188e2459a102
1b3f93bfe26e99bf0577da666d87c4d17ddd059d
acd886236c472de9b4ea9724aa9917f165ca0e740697c8e5ce4351c62c461d5c
GET /js/250/2.js?adv=0.9732572822631517 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:59 GMT
content-type: application/javascript
content-length: 459
last-modified: Sun, 12 Mar 2023 03:03:52 GMT
etag: "640d4118-1cb"
expires: Thu, 30 Mar 2023 01:22:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ppmv61.xyz/js/wz2.js?adv=0.7222419904507629
107.148.150.117200 OK 7.2 kB URL HTTP/2 www.ppmv61.xyz/js/wz2.js?adv=0.7222419904507629
IP 107.148.150.117:0
Hash 4e65dad3e85fdcb7a3698a96a24b2529
d111f9f9ee00cfedc1ff3d50ecbba546ed6d4317
b4d520115760b7d909abdf3b61e2f1affeff3e5db21a95999ba77f38085075e9
GET /js/wz2.js?adv=0.7222419904507629 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:58 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 15:36:38 GMT
vary: Accept-Encoding
etag: W/"64230986-e83"
expires: Thu, 30 Mar 2023 01:22:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash aedc31bfb775eba31d48b18f7ed66f6c
0facc00ec72fa9bedbbbdc4e452011211d0f0311
0ca8dbbb4b8d27489e47e45fcf0828e69b2cc1038a316b3753681bc04862f8f2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:22:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 29 Mar 2023 03:57:11 GMT
Expires: Wed, 05 Apr 2023 03:57:10 GMT
Etag: "0facc00ec72fa9bedbbbdc4e452011211d0f0311"
Cache-Control: max-age=570250,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7af86cbfcbfc0b61-OSL
www.ppmv61.xyz/js/250/3.js?adv=0.13325520031415883
107.148.150.117200 OK 486 B URL HTTP/2 www.ppmv61.xyz/js/250/3.js?adv=0.13325520031415883
IP 107.148.150.117:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (369)
Hash 4ce206cd22ea1ac05c3d229b392d2896
a8ca9dd8fb48bce78ccb44933d0c722401419fb3
c03b31145986256c54d4bcbfc2a0de7d1c5592b4ffb0517311bd0228ea4e39d9
GET /js/250/3.js?adv=0.13325520031415883 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:59 GMT
content-type: application/javascript
content-length: 486
last-modified: Sat, 19 Nov 2022 10:19:33 GMT
etag: "6378adb5-1e6"
expires: Thu, 30 Mar 2023 01:22:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 71a36e916151806bc4b88590015a64c7
91f102e9af98e2d1a1eb43b98cfc1ddeb205acae
01840d0067eed4ee6a74f5a6f582f46b74be307a87ed3d19f198714c76646deb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:22:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 23:47:14 GMT
Expires: Mon, 03 Apr 2023 23:47:13 GMT
Etag: "91f102e9af98e2d1a1eb43b98cfc1ddeb205acae"
Cache-Control: max-age=468853,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7af86cbfc933b51b-OSL
www.ppmv61.xyz/js/xx3.js?adv=0.9773062683320015
107.148.150.117200 OK 360 B URL HTTP/2 www.ppmv61.xyz/js/xx3.js?adv=0.9773062683320015
IP 107.148.150.117:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3e24852309978d1690e8c4809f989280
f590486d685ac8d4d2eba4f5fe1f3bf0beb723e7
a503f4a1ccd24a5e31dbfbbf18825476012481b775f1606f01275c0af15d1e58
GET /js/xx3.js?adv=0.9773062683320015 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:59 GMT
content-type: application/javascript
content-length: 360
last-modified: Sat, 19 Nov 2022 10:18:53 GMT
etag: "6378ad8d-168"
expires: Thu, 30 Mar 2023 01:22:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
587tuchuang.com/587z80.gif
23.224.27.253200 OK 1.0 kB URL HTTP/1.1 587tuchuang.com/587z80.gif
IP 23.224.27.253:0
Hash 30f528ada0e3d9c183cd2226422ccb90
d73e15772157cacb544778dd3d0de566efdb848e
e0144879b74bd84007e9d6ef7dae9e146a04e2cc0a7ad50715c43fba46cc324d
GET /587z80.gif HTTP/1.1
Host: 587tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1021
Pragma: no-cache
Cache-control: no-store
www.ppmv61.xyz/js/250/4.js?adv=0.16472883798431348
107.148.150.117200 OK 486 B URL HTTP/2 www.ppmv61.xyz/js/250/4.js?adv=0.16472883798431348
IP 107.148.150.117:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (369)
Hash 4ce206cd22ea1ac05c3d229b392d2896
a8ca9dd8fb48bce78ccb44933d0c722401419fb3
c03b31145986256c54d4bcbfc2a0de7d1c5592b4ffb0517311bd0228ea4e39d9
GET /js/250/4.js?adv=0.16472883798431348 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:59 GMT
content-type: application/javascript
content-length: 486
last-modified: Sat, 19 Nov 2022 10:19:41 GMT
etag: "6378adbd-1e6"
expires: Thu, 30 Mar 2023 01:22:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sv1.stor.petaexpress.com/dfegfegeg/1.jpg
199.180.101.116200 OK 14 kB URL HTTP/1.1 sv1.stor.petaexpress.com/dfegfegeg/1.jpg
IP 199.180.101.116:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 650x96, components 3\012- data
Hash db2dbdc216703ec86bc6d75d652e7007
a2610252e80c359f3026f6bf3b744c23c3d4cb98
48dc2e5f86c223bdcfdf820eeb1ddef2840c9789dabd79ef2cf8bd67b0f22eb8
GET /dfegfegeg/1.jpg HTTP/1.1
Host: sv1.stor.petaexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:22:59 GMT
Content-Type: image/jpeg
Content-Length: 14485
Connection: keep-alive
Accept-Ranges: bytes
Etag: "db2dbdc216703ec86bc6d75d652e7007"
Last-Modified: Tue, 28 Mar 2023 08:07:56 GMT
x-qs-request-id: 74a28f4c0fdfd33b
x-qs-storage-class: STANDARD
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 05936e71f01958ee0e808d8c329a0059
ca422a8643c84c4a77c8f79e8394857116ce526b
af8f1fb1e0dda9d6a333ba9bd651def75dd5545f6b1de983ac4e3e9c09a2bccc
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=237
Date: Wed, 29 Mar 2023 13:22:59 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 05936e71f01958ee0e808d8c329a0059
ca422a8643c84c4a77c8f79e8394857116ce526b
af8f1fb1e0dda9d6a333ba9bd651def75dd5545f6b1de983ac4e3e9c09a2bccc
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=272
Date: Wed, 29 Mar 2023 13:22:59 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash dba23c8de0cc745452b0058d379c743a
f33ab4e238536663d73bd6aeeece651f0d5ddfa1
e81133ebd71c10edb7ca201b8eefd1b2f19b87660039b544fe77c24c82781014
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=305
Date: Wed, 29 Mar 2023 13:22:59 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 5b624979415d2c731b0ad14de0d23e4d
ba806487dfeac1502b20713eef749ada6d38f815
8af2dd68b18568d6f1509c2fd50922013b1067df7dde8f761899fe2842f4c842
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=846
Date: Wed, 29 Mar 2023 13:22:59 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c3da8b5b0c07bb9201cc1a500ce90f07
fe33027afbc7b3b19adaa82a2785d1559f2785d3
2b0c552f1b69070a3c4cdbc5f2c096f7a61da31f693c8283019ed2a4f8e6b67d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B0C552F1B69070A3C4CDBC5F2C096F7A61DA31F693C8283019ED2A4F8E6B67D"
Last-Modified: Tue, 28 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10677
Expires: Wed, 29 Mar 2023 16:20:56 GMT
Date: Wed, 29 Mar 2023 13:22:59 GMT
Connection: keep-alive
www.ppmv61.xyz/js/250/5.js?adv=0.36620978599071596
107.148.150.117200 OK 391 B URL HTTP/2 www.ppmv61.xyz/js/250/5.js?adv=0.36620978599071596
IP 107.148.150.117:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (307)
Hash ce3429662dbe84129c4b2a1460ca4862
b2b548548841c1f012aedc45e0d0966bb57c07eb
18a4fdd52784c146851e9e315e70d54e838dcaa02db2cca08f5f92924fe33978
GET /js/250/5.js?adv=0.36620978599071596 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:59 GMT
content-type: application/javascript
content-length: 391
last-modified: Sun, 12 Mar 2023 03:03:07 GMT
etag: "640d40eb-187"
expires: Thu, 30 Mar 2023 01:22:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ppmv61.xyz/js/250/6.js?adv=0.29562805477414056
107.148.150.117200 OK 454 B URL HTTP/2 www.ppmv61.xyz/js/250/6.js?adv=0.29562805477414056
IP 107.148.150.117:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (366)
Hash fb969bfaceb99f1da30a8eeef7ef3f9c
d30202994b3fbd393bfa93cea12ddc7cf445ac0a
befa9bb57dc5ce8dce7d72153b95becb0b1408e127d7d4ccfe122da80928a2e6
GET /js/250/6.js?adv=0.29562805477414056 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:59 GMT
content-type: application/javascript
content-length: 454
last-modified: Sat, 19 Nov 2022 10:19:55 GMT
etag: "6378adcb-1c6"
expires: Thu, 30 Mar 2023 01:22:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tupkku.top/logotp/tiangx01.gif
172.67.178.134200 OK 193 kB URL HTTP/2 tupkku.top/logotp/tiangx01.gif
IP 172.67.178.134:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 193 kB (192700 bytes)
Hash 1f96742e79c464754770d21b824c422e
2eacc04050d6b364ca38e67f740f5019ba609d72
90b4a34013848befc26d1e21f30afa75bb896fb8775cfb283e0d1f4d9bc1a294
GET /logotp/tiangx01.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:23:00 GMT
content-type: image/gif
content-length: 192700
last-modified: Sun, 19 Jun 2022 13:11:00 GMT
etag: "62af2064-2f0bc"
expires: Sun, 16 Apr 2023 00:16:37 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1083898
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDaxWQLRKlyv8B8PvK%2BOpJmsAQMHz8ZwgL%2BqgeDwQFLoq1zWtV3%2B%2BEU2Bbq8plOnTC7kzDGvu5iP2pnxXgG%2BcQCihlqxEs0XfPc4RhTdJ53lrlTFHwqlvOwSQ8Lx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af86cc5af25fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
n0633.com/d260b0f22810492180427089c4deb092.gif
67.21.86.202200 OK 606 kB URL HTTP/2 n0633.com/d260b0f22810492180427089c4deb092.gif
IP 67.21.86.202:0
Size 606 kB (605671 bytes)
Hash 21da87c5dc2a54bb7a482793e62ba34d
6365f1dd1c75ff7ff9ffc024a4a7844a9d8a5ff0
0c7590029df47a2f379955a75d1114e6b30bf906bf43e20964662e27f6e2e601
GET /d260b0f22810492180427089c4deb092.gif HTTP/1.1
Host: n0633.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:59 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Wed, 08 Mar 2023 10:37:30 GMT
etag: W/"6408656a-5c246"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv61.xyz/template/m1938pc/static/js/jquery.min.js
107.148.150.117200 OK 38 kB URL HTTP/2 www.ppmv61.xyz/template/m1938pc/static/js/jquery.min.js
IP 107.148.150.117:0
Hash 946d66c48ce72a4f04ecb14e60a482d1
0bec173cbc4cfbceb7eb939b42a8909174a510dc
e7fefa82128e94bfce35e038d1680ac19be94f2c97fc46d88f14f89257652d41
GET /template/m1938pc/static/js/jquery.min.js HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:07:34 GMT
vary: Accept-Encoding
etag: W/"61d99aa6-17b8b"
expires: Thu, 30 Mar 2023 01:22:57 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv61.xyz/js/xx4.js?adv=0.7791268462714951
107.148.150.117200 OK 808 B URL HTTP/2 www.ppmv61.xyz/js/xx4.js?adv=0.7791268462714951
IP 107.148.150.117:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 7dfa22eddfdf6c259cd6379d3448f00e
d48d3893af5465c9a1030cea4e8b00b07d517ed4
f8d1da1b271d3cebdf68b620bbc1fef17a6059e7fa12b8b55e5bf1005d9ce42d
GET /js/xx4.js?adv=0.7791268462714951 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:23:00 GMT
content-type: application/javascript
content-length: 808
last-modified: Sat, 11 Mar 2023 09:34:05 GMT
etag: "640c4b0d-328"
expires: Thu, 30 Mar 2023 01:23:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash fd7a3ef47d87485712abdf65e4c70a70
b8c98861aff257901d8786d9dbe09565a1ae347b
14f58865dce1eef27ae37ad0f32f5ab734a1e3b968bdcdbe01ecb17f5627591a
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 29 Mar 2023 13:23:00 GMT
Ali-Swift-Global-Savetime: 1680096180
Via: cache9.l2fr1[37,36,200-0,M], cache9.l2fr1[39,0], cache2.se1[73,73,200-0,M], cache2.se1[74,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 29 Mar 2023 13:23:00 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616800961802536873e
cdn.jsdelivr.net/gh/wanli8899/August@main/head/yuepao960X160.gif
151.101.193.229200 OK 210 kB URL HTTP/2 cdn.jsdelivr.net/gh/wanli8899/August@main/head/yuepao960X160.gif
IP 151.101.193.229:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 210 kB (209562 bytes)
Hash e42537f39970a680706efec4d24379a3
834a6cbafe7f6743bd823ec5a7acdbbba90f237d
8ec6c208b1375d57c8dda661fb095de6daae0e15c4f34998064837fcfd269dc1
GET /gh/wanli8899/August@main/head/yuepao960X160.gif HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"3329a-g0psuv5/Z0O9gj7Fp6zbu6kPI30"
accept-ranges: bytes
date: Wed, 29 Mar 2023 13:23:00 GMT
age: 1134
x-served-by: cache-fra-eddf8230137-FRA, cache-bma1679-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 209562
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash bec963b5b2079571547d5bac11a7e727
cb78b642b30b8f46da2eff427fafee13d2be5553
1f616d58e8a54cbf72b424a6b19f49d087620b6947d9c1644640437d0640bc6b
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:23:00 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "854EE019400EEED2628517893BB274CECD928047"
Expires: Thu, 30 Mar 2023 00:00:00 GMT
Last-Modified: Wed, 29 Mar 2023 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2860
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af86cc73bf4b4ff-OSL
si1.go2yd.com/get-image/0xmAGT9KS9C
163.171.140.79200 OK 118 kB URL HTTP/2 si1.go2yd.com/get-image/0xmAGT9KS9C
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117593 bytes)
Hash c4caa37b717580e8594587f32ca86470
a645ec82581a0b18f67444b62a062059adf78aa6
208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
GET /get-image/0xmAGT9KS9C HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:23:00 GMT
content-type: image/gif
content-length: 117593
server: Tengine
x-application-context: application
x-kss-request-id: 9a211df897c146b99866a236ff549e2f
etag: "c4caa37b717580e8594587f32ca86470"
content-md5: xMqje3F1gOhZRYfzLKhkcA==
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:12 (Cdn Cache Server V2.0)
x-ws-request-id: 64243bb4_PShlamstdAMS1cc96_1926-40547
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
www.ppmv61.xyz/ads/piaofu.js?adv=0.562765142172913
107.148.150.117404 Not Found 146 B URL HTTP/2 www.ppmv61.xyz/ads/piaofu.js?adv=0.562765142172913
IP 107.148.150.117:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /ads/piaofu.js?adv=0.562765142172913 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 29 Mar 2023 13:23:00 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/03/gxrc4aqi2ds.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/03/gxrc4aqi2ds.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b9318024e9901570e9ef5b85c89081f
cce70d9a68f224aaa259f03b78b1ff7bb4f35bd9
d5b631500b70fd77e6e30578cf9f4d78552536fb9b13f85177398dc5a20dd99f
GET /upload/vod/2023/03/gxrc4aqi2ds.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:23:00 GMT
content-type: image/webp
content-length: 10874
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11794
content-disposition: inline; filename="gxrc4aqi2ds.webp"
etag: "6422f8aa-2e12"
last-modified: Tue, 28 Mar 2023 14:24:42 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7af86cb43af51bfe-OSL
X-Firefox-Spdy: h2
www.ppmv61.xyz/js/tongji.js?adv=0.3587896002418145
107.148.150.117200 OK 254 B URL HTTP/2 www.ppmv61.xyz/js/tongji.js?adv=0.3587896002418145
IP 107.148.150.117:0
Hash 33bfe88fe108264906550fc71fee999b
ffcdd93706a63369148ac4df56096976d2540d5c
9d2d61329c0baa529f4d56116bf456f787f01d0194ff9c711afb6280a739562e
GET /js/tongji.js?adv=0.3587896002418145 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:23:00 GMT
content-type: application/javascript
content-length: 254
last-modified: Sun, 01 Jan 2023 09:06:32 GMT
etag: "63b14d18-fe"
expires: Thu, 30 Mar 2023 01:23:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f46f75278424a0374e7704c24142df9b
6a6130a9b14cecfa8bd2039ade48b6c6f05af5d4
ab355a5e92d6d8f45dd35c9d6ecaa5a7914a68a69b22a747451ba3f5792b8cf2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:23:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 23:18:56 GMT
Expires: Mon, 03 Apr 2023 23:18:55 GMT
Etag: "6a6130a9b14cecfa8bd2039ade48b6c6f05af5d4"
Cache-Control: max-age=467154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7af86cc82ab8b503-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 40a2bf30a7ae1432a7cf241c3ed57932
3e943bfe1af7c9a313afda845e5d297cbfe1d02e
577377aae8bce1e5974696509eff68b10cbdf9ca5fd87ebc424b552316488936
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:23:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 06:31:49 GMT
Expires: Sun, 02 Apr 2023 06:31:48 GMT
Etag: "3e943bfe1af7c9a313afda845e5d297cbfe1d02e"
Cache-Control: max-age=320327,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7af86cc9597a0b61-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash bad6c3de8b9ffd1ba9dec4d0129f6581
f0b8f002bd15816a58afbb3f29cab49470d49393
2e78c58ec852495f32d4b56bd8bb4c2d511a49b9b4f97d901280cb083f7d39b7
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:23:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Sun, 02 Apr 2023 12:26:30 GMT
ETag: "f0b8f002bd15816a58afbb3f29cab49470d49393"
Last-Modified: Wed, 29 Mar 2023 12:26:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 734
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af86ccabbc7b4f4-OSL
228tuchuang.com/200x200.gif
14.128.34.140200 OK 104 kB URL HTTP/1.1 228tuchuang.com/200x200.gif
IP 14.128.34.140:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 200 x 200\012- data
Size 104 kB (104271 bytes)
Hash 2f45e48916f1e750c83b98f9c8efad93
3ee9d1329036656e058168d2e23d4027edb6169d
3c2e307d9bdf786f1542a8b7508f107896ea3f1565d8f6ba9928f4d8c34cb3e7
GET /200x200.gif HTTP/1.1
Host: 228tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:22:59 GMT
Content-Type: image/gif
Content-Length: 104271
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 11:35:35 GMT
ETag: "63e38907-1974f"
Expires: Tue, 11 Apr 2023 08:48:46 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
taiwtp1.com/xin/96080.gif
220.128.218.220200 OK 122 kB URL HTTP/2 taiwtp1.com/xin/96080.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 80\012- data
Size 122 kB (122193 bytes)
Hash 4293cc73ff1bcc11cfb9a5582a08c8f5
a3307ecff7a2be9d0740c530d6325ff1ed355b8c
ee86f9a233f1b754a8c67ec8b9120f4c5b4df290396ca690d41d54e5b2d528b5
GET /xin/96080.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:15:25 GMT
content-type: image/gif
content-length: 122193
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-1dd51"
expires: Fri, 28 Apr 2023 13:15:25 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
595tuchuang.com/960x80.gif
14.128.34.137200 OK 145 kB URL HTTP/1.1 595tuchuang.com/960x80.gif
IP 14.128.34.137:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 960 x 80\012- data
Size 145 kB (144990 bytes)
Hash 9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:22:59 GMT
Content-Type: image/gif
Content-Length: 144990
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 13:28:21 GMT
ETag: "63a309f5-2365e"
Expires: Tue, 11 Apr 2023 08:48:33 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
595tuchuang.com/200x200.gif
14.128.34.137200 OK 121 kB URL HTTP/1.1 595tuchuang.com/200x200.gif
IP 14.128.34.137:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 200 x 200\012- data
Size 121 kB (120651 bytes)
Hash bcfac2c4bf0f55f93b33272c31e1464b
60beb5e6b64c209a42d4a3b34c4913bf2cd76951
880b113a7ba644ede38fb18c53dd5de953103fd5c7bc1d9d73cade1160be5a4b
GET /200x200.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:22:59 GMT
Content-Type: image/gif
Content-Length: 120651
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:19:57 GMT
ETag: "63d68e9d-1d74b"
Expires: Tue, 11 Apr 2023 08:48:36 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
228tuchuang.com/960x80.gif
14.128.34.140200 OK 124 kB URL HTTP/1.1 228tuchuang.com/960x80.gif
IP 14.128.34.140:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 960 x 80\012- data
Size 124 kB (123970 bytes)
Hash 83735404f4ab51b1abaad368fe9563cb
49009970fdcebba47b2dfa21efe27724adb4a5de
d6e4e3d48c2872e139be81a41b2b1abe0bb552f2c60df118f723afb33245a216
GET /960x80.gif HTTP/1.1
Host: 228tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:22:59 GMT
Content-Type: image/gif
Content-Length: 123970
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 06:49:37 GMT
ETag: "64019881-1e442"
Expires: Tue, 11 Apr 2023 08:48:34 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
img.8616a.com/images/6420129261e3f8384b97c152.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.8616a.com/images/6420129261e3f8384b97c152.gif
IP 3.36.126.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/6420129261e3f8384b97c152.gif HTTP/1.1
Host: img.8616a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://img.mengzhan24.com/loveimgmoe/c1/52/6420129261e3f8384b97c152.gif
X-Firefox-Spdy: h2
www.ppmv61.xyz/js/250/1.js?adv=0.35930650858748203
107.148.150.117200 OK 581 B URL HTTP/2 www.ppmv61.xyz/js/250/1.js?adv=0.35930650858748203
IP 107.148.150.117:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (352)
Hash 7b452ecec57320373dfdefc22df8111b
cb24710b127e6f92651e5224155ad50883bfdb1a
0f7eefec9c903b98e78e60df7260f9fac06c43fca8c86d6269663a2fecc2fed5
GET /js/250/1.js?adv=0.35930650858748203 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:58 GMT
content-type: application/javascript
last-modified: Sun, 12 Mar 2023 07:39:22 GMT
vary: Accept-Encoding
etag: W/"640d81aa-662"
expires: Thu, 30 Mar 2023 01:22:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 96dfafaf7f0ef201114fca2b9da23431
5f2e3d467a379c510d14cde8bb8ee329874b581f
0a6dc36b6c7a8f72b5b0e911096d83702369685f52ba305050452ccfc4399cf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A6DC36B6C7A8F72B5B0E911096D83702369685F52BA305050452CCFC4399CF5"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16867
Expires: Wed, 29 Mar 2023 18:04:08 GMT
Date: Wed, 29 Mar 2023 13:23:01 GMT
Connection: keep-alive
img.mengzhan24.com/loveimgmoe/c1/52/6420129261e3f8384b97c152.gif
172.67.24.77200 OK 62 kB URL HTTP/2 img.mengzhan24.com/loveimgmoe/c1/52/6420129261e3f8384b97c152.gif
IP 172.67.24.77:0
File type GIF image data, version 89a, 250 x 140\012- data
Hash b6e135fecc8959c23de04d4842b3e3c3
7777f1c65e4c2d4b801516b527614863df47ebf6
ec2c837af5f505c20b2c8a91beafd84d7e22db2baa99ebca670dcbca0913713c
GET /loveimgmoe/c1/52/6420129261e3f8384b97c152.gif HTTP/1.1
Host: img.mengzhan24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:23:01 GMT
content-type: image/jpeg
content-length: 61839
cache-control: max-age=2678400
last-modified: Sun, 26 Mar 2023 09:39:25 GMT
cf-cache-status: HIT
age: 62491
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7af86ccb8b39b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.mengzhan24.com/loveimgmoe/3f/93/63ba73b0a92cd2097e833f93.gif
172.67.24.77200 OK 320 kB URL HTTP/2 img.mengzhan24.com/loveimgmoe/3f/93/63ba73b0a92cd2097e833f93.gif
IP 172.67.24.77:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 320 kB (320396 bytes)
Hash f1bd2e508413c6089ec9fcf6954b2196
b60c7b6b05a282a58ecde182ce2ac5a5a2ac087a
16df1f845970a1b49b6309d0af3dfabe40e54bb3a9bac381a2dac8ff1f9a6ff3
GET /loveimgmoe/3f/93/63ba73b0a92cd2097e833f93.gif HTTP/1.1
Host: img.mengzhan24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:23:01 GMT
content-type: image/jpeg
content-length: 320396
cache-control: max-age=2678400
last-modified: Sat, 18 Mar 2023 16:46:03 GMT
cf-cache-status: HIT
age: 438930
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7af86ccb9b50b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ppmv61.xyz/js/xx1.js?adv=0.023103610085770998
107.148.150.117200 OK 779 B URL HTTP/2 www.ppmv61.xyz/js/xx1.js?adv=0.023103610085770998
IP 107.148.150.117:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 046c1f006a68b021d424b8098ee87128
de82025efab7c16bca4d92e0e2f892ed65c87883
df6242a260595c9c4b9126a42d35c4e238a7660ae90acb1155baa536629ecbdc
GET /js/xx1.js?adv=0.023103610085770998 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 15:45:26 GMT
vary: Accept-Encoding
etag: W/"64230b96-c9b"
expires: Thu, 30 Mar 2023 01:22:57 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c4b53299066626094c2663bd5fd38b9
ae30b984eb0b87440d94a31a3a438f19a35278ca
b528bcdf4b1df56827e07587a39d9555d6e50a0ce42059f5af6ea28abcf35d7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B528BCDF4B1DF56827E07587A39D9555D6E50A0CE42059F5AF6EA28ABCF35D7D"
Last-Modified: Tue, 28 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Wed, 29 Mar 2023 16:54:36 GMT
Date: Wed, 29 Mar 2023 13:23:01 GMT
Connection: keep-alive
xinchacha2dv.ocsp-certum.com/
23.36.79.10200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash f7c55fa711235f0cdee6113265ffd4f1
0f8390f00262107a00e13eff5425b4247bd0b3e6
8e79b2a951c89500d0ac45ef600b2f1912099e4f1e978fb750d4deee93560261
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=195
Date: Wed, 29 Mar 2023 13:23:01 GMT
Connection: keep-alive
X-N: S
8924tutututu.oss-accelerate.aliyuncs.com/8924-150x150zx.gif
47.254.187.183200 OK 134 kB URL HTTP/1.1 8924tutututu.oss-accelerate.aliyuncs.com/8924-150x150zx.gif
IP 47.254.187.183:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 150 x 150\012- data
Size 134 kB (133613 bytes)
Hash e57b5f97083fad6c1d7b17a59a1a2a66
d8340909630bba8ec702df6647b63ca2451c3b43
b4237c21b35605809bb572e991c599d850f2bff1ce00f9734dee99a0de56044e
GET /8924-150x150zx.gif HTTP/1.1
Host: 8924tutututu.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 29 Mar 2023 13:23:01 GMT
Content-Type: image/gif
Content-Length: 133613
Connection: keep-alive
x-oss-request-id: 64243BB51275A3957A8320C5
Accept-Ranges: bytes
ETag: "E57B5F97083FAD6C1D7B17A59A1A2A66"
Last-Modified: Thu, 23 Feb 2023 10:46:01 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1868432114133866069
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 5Xtflwg/rWwdexelmhoqZg==
x-oss-server-time: 2
u1044.com/395ed8b039a34a4c84d6d05516100751.gif
103.170.15.13200 OK 44 kB URL HTTP/2 u1044.com/395ed8b039a34a4c84d6d05516100751.gif
IP 103.170.15.13:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 250 x 250\012- data
Hash 6f42531b65d344c893a679937afcac43
8f80785997c717f24e8ece9b63ac9b7120c77829
a7b14524415b5cde082ec929eb1840475e7ed735a853ee57fb6fa09de60ddd77
GET /395ed8b039a34a4c84d6d05516100751.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "641d3577-ab8f"
server: nginx
date: Mon, 27 Mar 2023 13:09:44 GMT
content-type: image/gif
last-modified: Fri, 24 Mar 2023 05:30:31 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-03
content-length: 43919
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?6391490fe039c3b8b30b2a81c74234a1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6391490fe039c3b8b30b2a81c74234a1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash a2f33cbb0de31486eed49f563c848d7a
5eb05a4de1a421842a52c1d23aa66848c615cc47
405ff2ba9e999a6b5cdfdd3224e12742e8424d02bbde09a7690280779945a857
GET /hm.js?6391490fe039c3b8b30b2a81c74234a1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Wed, 29 Mar 2023 13:23:00 GMT
Etag: f586805859021cbbe0a7cc02778c680d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D82E8D4609F56B54; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?889fe9c05f7b0f2db8ba49f0651b6f40
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?889fe9c05f7b0f2db8ba49f0651b6f40
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 3bfb5257afdd33f4ef2148985082120a
4ec3eff78007883cb545f0350d3464013302a532
70d88156297d3ca2757f7525709f0f63078c776bc41f6f17cd18ce0e3735bd11
GET /hm.js?889fe9c05f7b0f2db8ba49f0651b6f40 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Wed, 29 Mar 2023 13:23:00 GMT
Etag: 4811426e57e777c602f74fe21963c8af
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=443902CBD70C782B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 8af227f3b4b8dc7e2c9e474dbf376eea
05249953dce0b806e3e891f6baae507f7a4026c0
3c8e766f614fe378d9b9e033846f408e3094b122d66572d478d8cae43a138580
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:23:01 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 10:08:37 GMT
Expires: Mon, 03 Apr 2023 10:08:36 GMT
Etag: "05249953dce0b806e3e891f6baae507f7a4026c0"
Cache-Control: max-age=419734,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7af86ccd8b5db503-OSL
hm.baidu.com/hm.js?ff71eabd2efc2666b0ecc7fda86ac140
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ff71eabd2efc2666b0ecc7fda86ac140
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash a3ce6072685b0c2c2f871c4da07c9ab7
3aa509e8576a9deda12b4530d2de3525f787c7a4
de2cc8553f9a5b0dfe74b70d8a1879be0345e6efbd8eccb9410a734fb9f5371f
GET /hm.js?ff71eabd2efc2666b0ecc7fda86ac140 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Wed, 29 Mar 2023 13:23:01 GMT
Etag: fd23315cd340d5ce33f9a276f0398bf7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E721E5A4A78C3247; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
104.18.32.68502 Bad Gateway 6.4 kB IP 104.18.32.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Hash 1834b41ba94dd31ff20afe093a6aea6c
d0c332d661c3b42dcd18f7bbfc55d143a89c6933
4eb3a74595b229a0f12e30ca6fae4a33c1831a724a82f4935ca344cb455d228e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 502 Bad Gateway
Date: Wed, 29 Mar 2023 13:23:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_use_ob=0; path=/; expires=Wed, 29-Mar-23 13:23:31 GMT
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
CF-RAY: 7af86cce0c25b503-OSL
Server: cloudflare
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=222177045&si=6391490fe039c3b8b30b2a81c74234a1&su=https%3A%2F%2Fwww.apippmv11.com%2F&v=1.3.0&lv=1&sn=40944&r=0&ww=1280&u=https%3A%2F%2Fwww.ppmv61.xyz%2F&tt=PPMV%E5%BD%B1%E8%A7%86%2CPPMV8%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=222177045&si=6391490fe039c3b8b30b2a81c74234a1&su=https%3A%2F%2Fwww.apippmv11.com%2F&v=1.3.0&lv=1&sn=40944&r=0&ww=1280&u=https%3A%2F%2Fwww.ppmv61.xyz%2F&tt=PPMV%E5%BD%B1%E8%A7%86%2CPPMV8%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=222177045&si=6391490fe039c3b8b30b2a81c74234a1&su=https%3A%2F%2Fwww.apippmv11.com%2F&v=1.3.0&lv=1&sn=40944&r=0&ww=1280&u=https%3A%2F%2Fwww.ppmv61.xyz%2F&tt=PPMV%E5%BD%B1%E8%A7%86%2CPPMV8%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Mar 2023 13:23:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EA5829FEB881D73C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1343514513&si=889fe9c05f7b0f2db8ba49f0651b6f40&su=https%3A%2F%2Fwww.apippmv11.com%2F&v=1.3.0&lv=1&sn=40944&r=0&ww=1280&u=https%3A%2F%2Fwww.ppmv61.xyz%2F&tt=PPMV%E5%BD%B1%E8%A7%86%2CPPMV8%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1343514513&si=889fe9c05f7b0f2db8ba49f0651b6f40&su=https%3A%2F%2Fwww.apippmv11.com%2F&v=1.3.0&lv=1&sn=40944&r=0&ww=1280&u=https%3A%2F%2Fwww.ppmv61.xyz%2F&tt=PPMV%E5%BD%B1%E8%A7%86%2CPPMV8%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1343514513&si=889fe9c05f7b0f2db8ba49f0651b6f40&su=https%3A%2F%2Fwww.apippmv11.com%2F&v=1.3.0&lv=1&sn=40944&r=0&ww=1280&u=https%3A%2F%2Fwww.ppmv61.xyz%2F&tt=PPMV%E5%BD%B1%E8%A7%86%2CPPMV8%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Mar 2023 13:23:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C44F58B0CB7AE006; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1153229184&si=ff71eabd2efc2666b0ecc7fda86ac140&su=https%3A%2F%2Fwww.apippmv11.com%2F&v=1.3.0&lv=1&sn=40945&r=0&ww=1280&u=https%3A%2F%2Fwww.ppmv61.xyz%2F&tt=PPMV%E5%BD%B1%E8%A7%86%2CPPMV8%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1153229184&si=ff71eabd2efc2666b0ecc7fda86ac140&su=https%3A%2F%2Fwww.apippmv11.com%2F&v=1.3.0&lv=1&sn=40945&r=0&ww=1280&u=https%3A%2F%2Fwww.ppmv61.xyz%2F&tt=PPMV%E5%BD%B1%E8%A7%86%2CPPMV8%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1153229184&si=ff71eabd2efc2666b0ecc7fda86ac140&su=https%3A%2F%2Fwww.apippmv11.com%2F&v=1.3.0&lv=1&sn=40945&r=0&ww=1280&u=https%3A%2F%2Fwww.ppmv61.xyz%2F&tt=PPMV%E5%BD%B1%E8%A7%86%2CPPMV8%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 29 Mar 2023 13:23:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C3D4D49B71125D86; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
192.229.221.95200 OK 727 B IP 192.229.221.95:0
Hash dca7a17281580a4d742f2b8abdf03b31
0c64c7662fb0cf20970cfdaaded9e0b4999f63dd
ed65815b4b6d5722de7e50a6f5e8245f1cca2410f69f794ad700c7896e575073
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:23:01 GMT
Last-Modified: Wed, 29 Mar 2023 13:08:26 GMT
Server: ECAcc (amb/6B67)
X-Cache: HIT
Content-Length: 727
u1011.com/248ce4efbb9e4dfabbaf151a6654c27a.gif
45.61.212.170200 OK 44 kB URL HTTP/2 u1011.com/248ce4efbb9e4dfabbaf151a6654c27a.gif
IP 45.61.212.170:0
File type GIF image data, version 89a, 250 x 250\012- data
Hash 6f42531b65d344c893a679937afcac43
8f80785997c717f24e8ece9b63ac9b7120c77829
a7b14524415b5cde082ec929eb1840475e7ed735a853ee57fb6fa09de60ddd77
GET /248ce4efbb9e4dfabbaf151a6654c27a.gif HTTP/1.1
Host: u1011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6408692b-ab8f"
server: nginx
date: Wed, 08 Mar 2023 12:43:11 GMT
content-type: image/gif
last-modified: Wed, 08 Mar 2023 10:53:31 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-10
content-length: 43919
X-Firefox-Spdy: h2
686bbb.us/1f6652ea2f734605a80d032d85f76668.gif
103.170.15.113200 OK 740 kB URL HTTP/1.1 686bbb.us/1f6652ea2f734605a80d032d85f76668.gif
IP 103.170.15.113:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 740 kB (740379 bytes)
Hash 3972c75282e0f6e586945ec85252369b
29748a69d45578f5192fdc5d3a9976020e078818
e047801b7c78ebef3dfa908c41d171380e9674b451c691e5fca715f8eb95a75d
GET /1f6652ea2f734605a80d032d85f76668.gif HTTP/1.1
Host: 686bbb.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "641bd4a3-b4c1b"
Date: Thu, 23 Mar 2023 05:11:24 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 23 Mar 2023 04:25:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Length: 740379
www.ppmv61.xyz/js/piaofu.js?adv=0.09492124332115914
107.148.150.117200 OK 271 kB URL HTTP/2 www.ppmv61.xyz/js/piaofu.js?adv=0.09492124332115914
IP 107.148.150.117:0
Size 271 kB (271153 bytes)
Hash 88eaf274fd48b1db2cfb953be624a3c1
b8122f00d3c4c29d1571fe4afc6856c420dbbaf0
799be65a6579d56dd92443b8b1e9275f581981a6228577716d6b6c910b02b4e7
GET /js/piaofu.js?adv=0.09492124332115914 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:23:00 GMT
content-type: application/javascript
last-modified: Sat, 25 Mar 2023 03:28:59 GMT
vary: Accept-Encoding
etag: W/"641e6a7b-15ae"
expires: Thu, 30 Mar 2023 01:23:00 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
8499483.com/8499/960x80.gif
23.224.101.36200 OK 367 kB URL HTTP/2 8499483.com/8499/960x80.gif
IP 23.224.101.36:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 367 kB (366944 bytes)
Hash bde9cbff38e305f40a245a7cf87bd85a
4aaa627b0db260ac7f97a9223e93b1e2f35caba4
375eaceb954016306188bd02f6cc229f71c8e1ef337e99b6ec0a98fad9b3eb7e
GET /8499/960x80.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:23:01 GMT
content-type: image/gif
content-length: 366944
last-modified: Sat, 24 Dec 2022 13:20:16 GMT
etag: "59960-5f092c35018ba"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pure-stone.vip/mdt/gf.gif
43.154.237.220200 OK 190 kB URL HTTP/1.1 pure-stone.vip/mdt/gf.gif
IP 43.154.237.220:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 750 x 120\012- data
Size 190 kB (189611 bytes)
Hash 061139d697c723793b2628fcb479bcf3
7c12fc3440fbadeaa00ce718bf6250fa54ba464c
c30daab324f66e0983dc9c6882b3c2ed6f847e128b2cb3e48ff28d82e992eb3f
GET /mdt/gf.gif HTTP/1.1
Host: pure-stone.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:23:01 GMT
Content-Type: image/gif
Content-Length: 189611
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 06:20:48 GMT
ETag: "63d4bec0-2e4ab"
Expires: Fri, 28 Apr 2023 12:53:53 GMT
Cache-Control: max-age=2592000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
101.73.66.112200 OK 678 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
IP 101.73.66.112:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 270 x 160\012- data
Size 678 kB (677521 bytes)
Hash 94051cb1d1b77200b4462281a864b96e
e5b468a1b2f4bbdda1b6a3a0df2dcce6b3de7e06
d44d0d2dd188024b60ec38cb3f3ea10c080690175e923f90c9c2a2e862670c84
GET /img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:23:02 GMT
content-type: image/gif
content-length: 677521
server: openresty
imagex-fmt: gif2gif
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
x-bdcdn-cache-status: TCP_HIT
x-length: 677521
x-powered-by: ImageX
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
x-tt-logid: 2021123008073501015013614530ADE9B0
server-timing: cdn-cache;desc=HIT, edge;dur=10
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
x-response-lb: image
via: CHN-HEshijiazhuang-AREACUCC6-CACHE39[10],CHN-HEshijiazhuang-AREACUCC6-CACHE35[0,TCP_HIT,7],CHN-HEshijiazhuang-GLOBAL1-CACHE37[43],CHN-HEshijiazhuang-GLOBAL1-CACHE35[37,TCP_MISS,40],CHN-TJ-GLOBAL1-CACHE30[28],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,18]
x-hcs-proxy-type: 1
x-ccdn-cachettl: 31536000
nginx-hit: 1
age: 11062504
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/attachment/2022-12/bc165155-d46e-437b-9f89-24c7a0cc8d3f.gif
120.52.95.237200 OK 491 kB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/attachment/2022-12/bc165155-d46e-437b-9f89-24c7a0cc8d3f.gif
IP 120.52.95.237:0
ASN #133119 China Unicom IP network
File type GIF image data, version 89a, 960 x 120\012- data
Size 491 kB (491162 bytes)
Hash fd27f78b00490403bf67a1eda5e2edf4
49a86f17845d35b454bc4fd6ccc7975e380b0f50
59bb4f824e82e2b2140bc8e33c5e22c261d6d1f03799853a364d643f62378ef1
GET /bbs/topic/attachment/2022-12/bc165155-d46e-437b-9f89-24c7a0cc8d3f.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:23:01 GMT
Content-Type: image/gif
Content-Length: 491162
Connection: keep-alive
Server: openresty
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "fd27f78b00490403bf67a1eda5e2edf4"
Last-Modified: Mon, 19 Dec 2022 11:41:51 GMT
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSzc2EZF35e77lPFkfgNO6oVvVI8z0Bg
x-amz-request-id: 00000185D8B31F209811FE81B2DE70DE
x-amz-storage-class: STANDARD_IA
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
via: CHN-HElangfang-AREACUCC1-CACHE16[2],CHN-HElangfang-AREACUCC1-CACHE35[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE112[4],CHN-TJ-GLOBAL1-CACHE30[0,TCP_HIT,3]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
Age: 3213792
Accept-Ranges: bytes
www.ppmv61.xyz/template/m1938pc/css/ate.css
107.148.150.117200 OK 0 B URL HTTP/2 www.ppmv61.xyz/template/m1938pc/css/ate.css
IP 107.148.150.117:0
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:26 GMT
vary: Accept-Encoding
etag: W/"61d46416-126e4"
expires: Thu, 30 Mar 2023 01:22:57 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
m-pic-baidu-www.www-baidu-qq-cc.cc/m.qq.com/pic/xin/20210930/20210930115137_44280.jpg
91.195.240.12403 Forbidden 0 B URL HTTP/2 m-pic-baidu-www.www-baidu-qq-cc.cc/m.qq.com/pic/xin/20210930/20210930115137_44280.jpg
IP 91.195.240.12:0
GET /m.qq.com/pic/xin/20210930/20210930115137_44280.jpg HTTP/1.1
Host: m-pic-baidu-www.www-baidu-qq-cc.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Wed, 29 Mar 2023 13:23:00 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.ppmv61.xyz/js/wz.js?adv=0.11594043044582247
107.148.150.117200 OK 0 B URL HTTP/2 www.ppmv61.xyz/js/wz.js?adv=0.11594043044582247
IP 107.148.150.117:0
GET /js/wz.js?adv=0.11594043044582247 HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:58 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 15:48:27 GMT
vary: Accept-Encoding
etag: W/"64230c4b-124e"
expires: Thu, 30 Mar 2023 01:22:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv61.xyz/template/m1938pc/static/js/jquery.lazyload.min.js
107.148.150.117200 OK 0 B URL HTTP/2 www.ppmv61.xyz/template/m1938pc/static/js/jquery.lazyload.min.js
IP 107.148.150.117:0
GET /template/m1938pc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:24 GMT
vary: Accept-Encoding
etag: W/"61d99ad8-d35"
expires: Thu, 30 Mar 2023 01:22:57 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fadacaitp.com/68-960-250.gif
104.208.70.49200 OK 0 B URL HTTP/2 fadacaitp.com/68-960-250.gif
IP 104.208.70.49:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /68-960-250.gif HTTP/1.1
Host: fadacaitp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:59 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 25 Dec 2022 07:04:55 GMT
etag: W/"63a7f617-6d922"
expires: Fri, 28 Apr 2023 01:53:28 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv61.xyz/template/m1938pc/css/zui.css
107.148.150.117200 OK 0 B URL HTTP/2 www.ppmv61.xyz/template/m1938pc/css/zui.css
IP 107.148.150.117:0
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 12:08:14 GMT
vary: Accept-Encoding
etag: W/"6370de2e-15b6c"
expires: Thu, 30 Mar 2023 01:22:57 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ppmv61.xyz/template/m1938pc/static/js/base1.js
107.148.150.117200 OK 0 B URL HTTP/2 www.ppmv61.xyz/template/m1938pc/static/js/base1.js
IP 107.148.150.117:0
GET /template/m1938pc/static/js/base1.js HTTP/1.1
Host: www.ppmv61.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:22:57 GMT
content-type: application/javascript
last-modified: Sat, 31 Dec 2022 07:21:11 GMT
vary: Accept-Encoding
etag: W/"63afe2e7-153a"
expires: Thu, 30 Mar 2023 01:22:57 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
fadacaitp.com/68-250-250.gif
104.208.70.49200 OK 0 B URL HTTP/2 fadacaitp.com/68-250-250.gif
IP 104.208.70.49:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /68-250-250.gif HTTP/1.1
Host: fadacaitp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ppmv61.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:22:59 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 25 Dec 2022 07:04:58 GMT
etag: W/"63a7f61a-49d2a"
expires: Thu, 27 Apr 2023 20:31:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2