Report - bydtj.com/prjjf.exe

Report Overview

Visited public
2023-09-26 19:41:23
Tags
URL
bydtj.com/prjjf.exe
Finishing URL
www.bydtj.com/prjjf.exe
IP / ASN
38.6.112.139
#174 COGENT-174
Title
芜湖推轿代理记账有限公司

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nnav0922mmmmm.com	unknown	unknown	No data	No data	4.2 kB	513 kB	199.188.104.112
rsth9.com	unknown	2023-09-10	2023-09-10 10:52:07	2023-09-25 22:47:10	890 B	228 kB	5.78.102.196
qspaoliang.oss-cn-shenzhen.aliyuncs.com	unknown	2012-04-01	2023-09-17 04:53:56	2023-09-23 20:35:56	904 B	542 kB	120.77.166.36
zerossl.ocsp.sectigo.com	4049	2018-08-16	2020-05-09 21:05:29	2023-09-25 18:13:19	1.7 kB	6.1 kB	104.18.15.101
bydtj.com	unknown	2022-03-16	2013-07-22 03:03:08	2023-09-26 21:38:37	391 B	133 B	38.6.112.139
www.bydtj.com	unknown	unknown	2012-05-26 06:20:10	2019-06-02 21:38:33	1.4 kB	3.9 kB	38.6.112.139
api.share.baidu.com	44629	1999-10-11	2013-04-25 16:45:11	2023-09-25 22:46:43	372 B	114 B	180.101.212.103
s2.loli.net	100401	2011-05-28	2021-12-08 13:17:10	2023-09-26 15:07:32	1.8 kB	1.3 MB	104.26.0.190
maxun118.top	unknown	2023-09-21	2023-09-21 15:45:05	2023-09-26 03:52:45	896 B	638 kB	5.78.100.105
www.39903168.com	unknown	2023-01-10	2019-06-11 10:03:22	2023-07-31 15:49:57	439 B	21 kB	198.2.236.27
www.tumhsduusuu.top	unknown	2023-07-24	2023-07-24 17:29:13	2023-09-21 02:54:33	434 B	34 kB	154.91.86.5
txpl0908.oss-ap-southeast-1.aliyuncs.com	unknown	2012-04-01	2023-09-11 20:20:58	2023-09-26 17:57:50	1.4 kB	938 kB	161.117.155.48
cgszpaoliang.oss-cn-shenzhen.aliyuncs.com	unknown	2012-04-01	2023-09-17 04:53:56	2023-09-26 17:57:50	1.4 kB	636 kB	120.77.166.111
hypltp.oss-cn-shenzhen.aliyuncs.com	unknown	2012-04-01	2023-08-12 17:53:08	2023-09-26 15:07:32	1.3 kB	479 kB	120.77.166.76
pic.qdzgemfs.xyz	unknown	2023-07-25	2023-09-05 07:55:46	2023-09-23 17:46:12	441 B	516 kB	198.200.43.53
push.zhanzhang.baidu.com	57139	1999-10-11	2015-07-22 07:44:02	2023-09-25 22:46:40	324 B	750 B	182.61.201.93
www.linkpicture.com	86847	2018-06-25	2019-07-19 21:10:53	2023-09-25 20:07:35	869 B	66 kB	104.21.235.182
kvhee.com	unknown	2022-08-10	2022-08-12 18:47:12	2023-09-26 03:55:33	890 B	356 kB	167.235.226.149
jt.hza01.com	unknown	2020-08-14	2023-06-25 19:38:45	2023-09-26 15:07:32	1.3 kB	784 kB	222.186.39.16
yvzfgigpiwmofux.com	unknown	2022-06-21	2022-06-21 10:04:03	2023-09-25 09:13:37	1.3 kB	518 kB	154.198.234.18
6686yyds.app	unknown	2023-08-13	2023-08-14 09:06:17	2023-09-25 23:24:52	425 B	0 B	0.0.0.0
ocsp2.globalsign.com	1544	1999-04-19	2012-05-23 20:10:04	2023-09-25 18:13:42	2.1 kB	12 kB	104.18.21.226
img.yrimg5.com	unknown	2023-01-29	2023-08-06 07:38:37	2023-09-26 03:30:55	12 kB	2.4 MB	154.12.35.37
maxus011.top	unknown	2023-09-19	2023-09-19 10:04:35	2023-09-26 06:08:21	1.3 kB	432 kB	5.78.96.21

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-26 19:41:06	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	www.bydtj.com/prjjf.exe	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL www.bydtj.com/prjjf.exe IP 38.6.112.139 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 14:27 Times Seen4655062 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.bydtj.com/common.js	ScriptElement	1.5 kB	2023-09-26	2023-09-26
Pretty URL www.bydtj.com/common.js IP 38.6.112.139 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 21:41 Last Seen2023-09-26 21:41 Times Seen1 Hash 0dfc79668c0862a0601f7a5fc89e1dc5 611a254cf7bf8bf750f8fd6bb4e759219b63b213 4590dc6fc94b3225555ed4840f6440820c83fb50c2dd8a49df4a0c345d7db165 Loading...

	www.bydtj.com/tj.js	ScriptElement	328 B	2023-09-26	2023-09-26
Pretty URL www.bydtj.com/tj.js IP 38.6.112.139 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 21:41 Last Seen2023-09-26 21:41 Times Seen1 Hash 290927d5a6b063a825570d666795e3e2 95bc32d23945b62242d4de082c0c1ee0bfac586f 717b1516c86d0cd09d46eb06bbcb9b291ef440a08c2cbc77bc3444bfeb0ef27b Loading...

	push.zhanzhang.baidu.com/push.js	ScriptElement	281 B	2023-03-07	2025-05-11
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.93 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 13:09 Times Seen7767 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	nnav0922mmmmm.com/	ScriptElement	694 B	2023-07-08	2024-08-21
Pretty URL nnav0922mmmmm.com/ IP 199.188.104.112 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-08 06:31 Last Seen2024-08-21 09:42 Times Seen23 Hash dcc03202f60a7ce495534da33ea63ea4 5a530a25a814feb8ce50616b85e6a2e24a32dd03 7cf8c998c7065847cc3adca4192359c839a6511525424986dba6fcd85caffd60 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 192b67e1e0b193839f5a0c93308938d8	468 B	2024-08-21 05:42	2024-08-21 05:42
Pretty Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen1 Hash 192b67e1e0b193839f5a0c93308938d8 84bee8c63afc804a6d22c25a6befdd1dcc211ee2 080d8864fff7f7355261abd191071f437eadb839344f15b86ae2f228b48a8ea6 Loading...

		Size	First Seen	Last Seen
	#1 Write - 01381ebaf16663c8078ce70316b8b5e6	449 B	2024-08-21 05:42	2024-08-21 05:42
Pretty Observations First Seen2024-08-21 05:42 Last Seen2024-08-21 05:42 Times Seen1 Hash 01381ebaf16663c8078ce70316b8b5e6 69580d277709bd5c438eff60a21b8d15f68fd67b 27d5727f68ef576e4456f4bc593a949f53ff383c5b159f0e119bca1bd16e7a00 Loading...

	#2 Write - c57b6cf2dd24a9ba70b90972d4ea0f38	36 B	2023-07-17 17:33	2025-05-10 16:24
Pretty Observations First Seen2023-07-17 17:33 Last Seen2025-05-10 16:24 Times Seen180 Hash c57b6cf2dd24a9ba70b90972d4ea0f38 7a3b00b34672fff1c0a1c3f4d369912a9c448c05 120e2a746f511f67288eb9422b47ad8ef47b3f75dbd9311d39dca53953616d97 Loading...

	#3 Write - 33bebe65a9cad94f5f225df02f3b17f1	71 B	2023-07-27 11:52	2024-08-21 05:42
Pretty Observations First Seen2023-07-27 11:52 Last Seen2024-08-21 05:42 Times Seen1 Hash 33bebe65a9cad94f5f225df02f3b17f1 abdb3d7cae0ec5d8d0a1410ca89dfe7672c14c4b b84714e052234c18de62b32d43c67ca5e16e6a94f0a5df8d2749975fbbf543f4 Loading...

	#4 Write - a8e742365766e3559e13ca1b700a0727	71 B	2023-08-02 23:52	2024-08-21 09:42
Pretty Observations First Seen2023-08-02 23:52 Last Seen2024-08-21 09:42 Times Seen24 Hash a8e742365766e3559e13ca1b700a0727 b434fc7450cac66d2a1d9e3c3d51946a1a79603c 789073c5140a9af661fc11bef14d81632abda2d7be3a8f8af074839cf507328f Loading...

HTTP Transactions (88)

	URL	IP	Response	Size
	bydtj.com/prjjf.exe	38.6.112.139		0 B
URL User Request GET bydtj.com/prjjf.exe IP 38.6.112.139:0 ASN #174 COGENT-174 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /prjjf.exe HTTP/1.1 Host: bydtj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: nginx Location: http://www.bydtj.com/prjjf.exe Content-Type: text/html`

	www.bydtj.com/prjjf.exe	38.6.112.139	200 OK	785 B
URL User Request GET HTTP/1.1 www.bydtj.com/prjjf.exe IP 38.6.112.139:80 ASN #174 COGENT-174 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators Size 785 B (785 bytes) Hash c117fddb92ab0bd3e81d85c5871288f7 4b8c3fba42d8b64b975ae3f504a5c7bcf0d7c5a1 a5d0ef9aee292c011fbc91cd7231089e44fa759de41285e75cf1f4e79dfae088 HTTP Headers `GET /prjjf.exe HTTP/1.1 Host: www.bydtj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:40:51 GMT Content-Length: 785 Content-Type: text/html Server: nginx`

	www.bydtj.com/common.js	38.6.112.139	200 OK	1.5 kB
URL GET HTTP/1.1 www.bydtj.com/common.js IP 38.6.112.139:80 ASN #174 COGENT-174 Requested by http://www.bydtj.com/prjjf.exe File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators Size 1.5 kB (1461 bytes) Hash 0dfc79668c0862a0601f7a5fc89e1dc5 611a254cf7bf8bf750f8fd6bb4e759219b63b213 4590dc6fc94b3225555ed4840f6440820c83fb50c2dd8a49df4a0c345d7db165 HTTP Headers `GET /common.js HTTP/1.1 Host: www.bydtj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.bydtj.com/prjjf.exe Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:40:52 GMT Content-Length: 1461 Content-Type: application/x-javascript Server: nginx`

	www.bydtj.com/tj.js	38.6.112.139	200 OK	328 B
URL GET HTTP/1.1 www.bydtj.com/tj.js IP 38.6.112.139:80 ASN #174 COGENT-174 Requested by http://www.bydtj.com/prjjf.exe File type HTML document, ASCII text, with CRLF line terminators Size 328 B (328 bytes) Hash 290927d5a6b063a825570d666795e3e2 95bc32d23945b62242d4de082c0c1ee0bfac586f 717b1516c86d0cd09d46eb06bbcb9b291ef440a08c2cbc77bc3444bfeb0ef27b HTTP Headers `GET /tj.js HTTP/1.1 Host: www.bydtj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.bydtj.com/prjjf.exe Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:40:52 GMT Content-Length: 328 Content-Type: application/x-javascript Server: nginx`

	push.zhanzhang.baidu.com/push.js	182.61.201.93	200 OK	227 B
URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js IP 182.61.201.93:80 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Requested by http://www.bydtj.com/prjjf.exe File type ASCII text, with no line terminators Size 227 B (227 bytes) Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 HTTP Headers `GET /push.js HTTP/1.1 Host: push.zhanzhang.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.bydtj.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=31536000 Content-Encoding: gzip Content-Length: 227 Content-Type: text/javascript Date: Tue, 26 Sep 2023 19:41:04 GMT Etag: "4078521116" Expires: Wed, 25 Sep 2024 19:41:04 GMT Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT P3p: CP=" OTI DSP COR IVA OUR IND COM " Server: apache Set-Cookie: BAIDUID=3FBDE4BA176887F511E256C1D122E9BB:FG=1; max-age=31536000; expires=Wed, 25-Sep-24 19:41:04 GMT; domain=.baidu.com; path=/; version=1 Vary: Accept-Encoding

	www.bydtj.com/favicon.ico	38.6.112.139	200 OK	785 B
URL GET HTTP/1.1 www.bydtj.com/favicon.ico IP 38.6.112.139:80 ASN #174 COGENT-174 Requested by http://www.bydtj.com/prjjf.exe File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators Size 785 B (785 bytes) Hash c117fddb92ab0bd3e81d85c5871288f7 4b8c3fba42d8b64b975ae3f504a5c7bcf0d7c5a1 a5d0ef9aee292c011fbc91cd7231089e44fa759de41285e75cf1f4e79dfae088 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: www.bydtj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.bydtj.com/prjjf.exe Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:40:52 GMT Content-Length: 785 Content-Type: text/html Server: nginx`

	api.share.baidu.com/s.gif?l=http://www.bydtj.com/prjjf.exe	180.101.212.103	200 OK	0 B
URL GET HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.bydtj.com/prjjf.exe IP 180.101.212.103:80 ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network Requested by http://www.bydtj.com/prjjf.exe File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /s.gif?l=http://www.bydtj.com/prjjf.exe HTTP/1.1 Host: api.share.baidu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://www.bydtj.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 0 Content-Type: text/plain; charset=utf-8 Date: Tue, 26 Sep 2023 19:41:05 GMT`

	www.linkpicture.com/q/960x60_2-min.gif	104.21.235.182	200 OK	41 kB
URL GET HTTP/2 www.linkpicture.com/q/960x60_2-min.gif IP 104.21.235.182:443 ASN #13335 CLOUDFLARENET Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectlinkpicture.com Fingerprint0B:C0:0D:AE:9E:5E:46:C6:0F:A4:5D:14:F8:96:DF:F6:9D:AC:37:0D ValiditySun, 13 Aug 2023 05:54:47 GMT - Sat, 11 Nov 2023 05:54:46 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 41 kB (40678 bytes) Hash d8b9619f63122b4ff145358f44c5d94c 18055aba1f54670eafdac5e9809a5b2fb85772a6 03b880600c145dbbba67db1cfa98ba05ec3a8a5201c59a714444861ed45efa99 HTTP Headers `GET /q/960x60_2-min.gif HTTP/1.1 Host: www.linkpicture.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 26 Sep 2023 19:41:06 GMT content-type: image/gif content-length: 40678 last-modified: Tue, 25 Apr 2023 06:09:31 GMT etag: "64476e9b-9ee6" x-powered-by: PleskLin cache-control: max-age=31536000 cf-cache-status: HIT age: 4203 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jx6TLGuvltM%2BwknyZsCijfEPqXmvAIWESsRZ973vCqvrKfMqrzGvMxvduT2H7hkNQ2IgirHMAGq0KgBOOFu19VJpKKMbggaqfrAvo6Sk9dZYS5LlfomGmYUyHko%2FTb5xFUG1Cce8"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 80cdfb82bc90dc57-LHR X-Firefox-Spdy: h2

	www.linkpicture.com/q/120x120.gif	104.21.235.182	200 OK	24 kB
URL GET HTTP/2 www.linkpicture.com/q/120x120.gif IP 104.21.235.182:443 ASN #13335 CLOUDFLARENET Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectlinkpicture.com Fingerprint0B:C0:0D:AE:9E:5E:46:C6:0F:A4:5D:14:F8:96:DF:F6:9D:AC:37:0D ValiditySun, 13 Aug 2023 05:54:47 GMT - Sat, 11 Nov 2023 05:54:46 GMT File type GIF image data, version 89a, 120 x 120\012- data Size 24 kB (23800 bytes) Hash 6057a03f4a6e6362bf078d82869045e2 f45f8a154f806624a69ab1a8af518bcc8aa66d84 4fa11a17e66fb52bb7ba19f06174b0980f6671060e98ed9a8b6608dc3f09e435 HTTP Headers `GET /q/120x120.gif HTTP/1.1 Host: www.linkpicture.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 26 Sep 2023 19:41:06 GMT content-type: image/gif content-length: 23800 last-modified: Mon, 13 Mar 2023 07:20:05 GMT etag: "640ecea5-5cf8" x-powered-by: PleskLin cache-control: max-age=31536000 cf-cache-status: HIT age: 4178 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0BEFJ0g2YAeI7z31HJO71%2F1JvKCv2sXel%2FCxdjin0GpX%2FCdXRnXUP78axh%2Fa8ZBtLdUhWY%2FaVcOESqdLi0zpx1PW%2FdibiXm716WYbNP8uAnt1UDzUshYDHmdnrEwnW0qW%2FSGfC%2F"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 80cdfb82ac77dc57-LHR X-Firefox-Spdy: h2

	s2.loli.net/2023/09/26/6HcmltiuIDELYj7.jpg	104.26.0.190	200 OK	36 kB
URL GET HTTP/2 s2.loli.net/2023/09/26/6HcmltiuIDELYj7.jpg IP 104.26.0.190:443 ASN #13335 CLOUDFLARENET Requested by https://nnav0922mmmmm.com/ Certificate IssuerCloudflare, Inc. Subjectloli.net FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1 ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 377x377, components 3\012- data Size 36 kB (36375 bytes) Hash 9d51013df10cea8f079db4c30aa72f11 9a5aab39faf7fc8235dd46656feb23da82b18bfb 74bb8bcef0d2e06b25e5c294d8f2df4b0528233a8a9503af8c050b36a3990379 HTTP Headers `GET /2023/09/26/6HcmltiuIDELYj7.jpg HTTP/1.1 Host: s2.loli.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 26 Sep 2023 19:41:06 GMT content-type: image/jpeg content-length: 36375 last-modified: Tue, 26 Sep 2023 04:46:35 GMT etag: "6512622b-8e17" strict-transport-security: max-age=31536000; includeSubDomains; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block vary: Accept, Accept-Encoding access-control-allow-origin: * timing-allow-origin: * cf-cache-status: BYPASS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BXxYS0yWh85fl3MSBARPGdM3jsjT%2F0rCW7cpMN85E1whYt7NKzgjsU7Q%2FA4Plg0EmZuOndQ1YcCVYdyAiT0mbXu4MBwkTdc3rB%2B1rWdh65w2p4vbbIu8aLMwvg%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80cdfb82ac5a5696-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	s2.loli.net/2023/08/31/gpeREjWynHcmDb6.gif	104.26.0.190	200 OK	773 kB
URL GET HTTP/2 s2.loli.net/2023/08/31/gpeREjWynHcmDb6.gif IP 104.26.0.190:443 ASN #13335 CLOUDFLARENET Requested by https://nnav0922mmmmm.com/ Certificate IssuerCloudflare, Inc. Subjectloli.net FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1 ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 640 x 350\012- data Size 773 kB (772654 bytes) Hash fe0cd04386d2f90796a7e9fee757eff0 a4cfb71e4ec2947bc47eaf3121021fd1cbb114e4 5ea8123f15e998b0551bf36e93940be36fcd6e36c9723bfe01e44ddf4dce0137 HTTP Headers `GET /2023/08/31/gpeREjWynHcmDb6.gif HTTP/1.1 Host: s2.loli.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 26 Sep 2023 19:41:06 GMT content-type: image/gif content-length: 772654 last-modified: Thu, 31 Aug 2023 04:57:19 GMT etag: "64f01daf-bca2e" strict-transport-security: max-age=31536000; includeSubDomains; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block vary: Accept, Accept-Encoding access-control-allow-origin: * timing-allow-origin: * cf-cache-status: BYPASS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q28LFJ5zUBUduuv%2FpQQ83Mq7eFHqsD%2ByvltBCTaJNL3jcfCzk7FUr0Rhrxq7lMjnFiZ3AuGOOgzhgze0feSyzKj3pVqk%2B2Z5hqHPZxEXJucm2SIZZGsD2%2FXI2xZQ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80cdfb829c475696-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	s2.loli.net/2023/08/24/GQHb3CSUTstJfZq.gif	104.26.0.190	200 OK	76 kB
URL GET HTTP/2 s2.loli.net/2023/08/24/GQHb3CSUTstJfZq.gif IP 104.26.0.190:443 ASN #13335 CLOUDFLARENET Requested by https://nnav0922mmmmm.com/ Certificate IssuerCloudflare, Inc. Subjectloli.net FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1 ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 76 kB (76017 bytes) Hash 548505c0fba24cfa5622c00f4ec06f2d 47ab84c0054368960b49599f9c0c4aca40cfc521 adbf7d1549535a99b206ae439ddaa4acd996d8e4c7fd6f30abc9e23bc3068a32 HTTP Headers `GET /2023/08/24/GQHb3CSUTstJfZq.gif HTTP/1.1 Host: s2.loli.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 26 Sep 2023 19:41:06 GMT content-type: image/gif content-length: 76017 last-modified: Thu, 24 Aug 2023 03:42:01 GMT etag: "64e6d189-128f1" strict-transport-security: max-age=31536000; includeSubDomains; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block vary: Accept, Accept-Encoding access-control-allow-origin: * timing-allow-origin: * cf-cache-status: BYPASS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdSPyvFZp9C1GT5Gn53yBM88VDImacDW97U41jwOKSQyrINiBLjKxKkijiwnqnf4YaDWxLyXCnpRp6UATlHkprzhBfGRluI756XaAHSvRTWmunK7IENQrpD82Bg8"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80cdfb82ac545696-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	nnav0922mmmmm.com/	199.188.104.112	200 OK	13 kB
URL GET HTTP/2 nnav0922mmmmm.com/ IP 199.188.104.112:443 ASN #54600 PEGTECHINC Requested by http://www.bydtj.com/prjjf.exe Certificate IssuerLet's Encrypt Subjectrecessioncenter.com Fingerprint38:EE:26:F2:53:D7:BC:D2:96:DA:35:F9:41:94:4C:AD:BE:3B:CC:CB ValidityFri, 22 Sep 2023 11:00:20 GMT - Thu, 21 Dec 2023 11:00:19 GMT File type gzip compressed data, from Unix\012- data Size 13 kB (12844 bytes) Hash 2704d8585eec16771aa5a933b267f88d 40f009628d763e0077cefa792f699e18222e42e2 697256cec5bed2d757c4a07bd7ba2875fd6f3ecd44779b36ed97420f6039838e HTTP Headers `GET / HTTP/1.1 Host: nnav0922mmmmm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://www.bydtj.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:39:46 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	nnav0922mmmmm.com/template/m1938pc/images/lsj.png	199.188.104.112	200 OK	19 kB
URL GET HTTP/2 nnav0922mmmmm.com/template/m1938pc/images/lsj.png IP 199.188.104.112:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrecessioncenter.com Fingerprint38:EE:26:F2:53:D7:BC:D2:96:DA:35:F9:41:94:4C:AD:BE:3B:CC:CB ValidityFri, 22 Sep 2023 11:00:20 GMT - Thu, 21 Dec 2023 11:00:19 GMT File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data Size 19 kB (18858 bytes) Hash 96c4ecafa1a9436538e2368c08a9e15c 6f5412656fdcc6ec82b8736045487cfb43f3d3fc 74a42702d0630814f24e6183f2386225c44628bbda79419fdbaa3765880f3f38 HTTP Headers `GET /template/m1938pc/images/lsj.png HTTP/1.1 Host: nnav0922mmmmm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:39:46 GMT content-type: image/png content-length: 18858 last-modified: Thu, 17 Aug 2023 06:14:33 GMT etag: "64ddbac9-49aa" expires: Thu, 26 Oct 2023 19:39:46 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash 3c9270d397197d3b415ab933ca74e69b b6145e8895694b5380ea0e8a00021b5df457eac5 8949b78647d8d0b755e6b21e86ca66b01f716648e80484a6b4f1123ec1cb8a72 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:06 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Sat, 30 Sep 2023 16:28:46 GMT ETag: "b6145e8895694b5380ea0e8a00021b5df457eac5" Last-Modified: Tue, 26 Sep 2023 16:28:47 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2257 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 80cdfb863f8556a8-OSL`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash 3c9270d397197d3b415ab933ca74e69b b6145e8895694b5380ea0e8a00021b5df457eac5 8949b78647d8d0b755e6b21e86ca66b01f716648e80484a6b4f1123ec1cb8a72 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:06 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Sat, 30 Sep 2023 16:28:46 GMT ETag: "b6145e8895694b5380ea0e8a00021b5df457eac5" Last-Modified: Tue, 26 Sep 2023 16:28:47 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2257 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 80cdfb864d8756b9-OSL`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash 3c9270d397197d3b415ab933ca74e69b b6145e8895694b5380ea0e8a00021b5df457eac5 8949b78647d8d0b755e6b21e86ca66b01f716648e80484a6b4f1123ec1cb8a72 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:06 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Sat, 30 Sep 2023 16:28:46 GMT ETag: "b6145e8895694b5380ea0e8a00021b5df457eac5" Last-Modified: Tue, 26 Sep 2023 16:28:47 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2257 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 80cdfb864f985695-OSL`

	nnav0922mmmmm.com/template/m1938pc/ads/cha.jpg	199.188.104.112	200 OK	9.5 kB
URL GET HTTP/2 nnav0922mmmmm.com/template/m1938pc/ads/cha.jpg IP 199.188.104.112:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrecessioncenter.com Fingerprint38:EE:26:F2:53:D7:BC:D2:96:DA:35:F9:41:94:4C:AD:BE:3B:CC:CB ValidityFri, 22 Sep 2023 11:00:20 GMT - Thu, 21 Dec 2023 11:00:19 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 9.5 kB (9514 bytes) Hash 0d74539dc5f622b07408466049352fa9 8edbadb7bb445de22ab6d8ddd40ef8e7b173cbcc d890553010ede3ec17c8fadec494831fb46853323154a7068c2babc84afa4364 HTTP Headers `GET /template/m1938pc/ads/cha.jpg HTTP/1.1 Host: nnav0922mmmmm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:39:47 GMT content-type: image/jpeg content-length: 9514 last-modified: Thu, 17 Aug 2023 06:13:27 GMT etag: "64ddba87-252a" expires: Thu, 26 Oct 2023 19:39:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	nnav0922mmmmm.com/template/m1938pc/images/qqav.gif	199.188.104.112	200 OK	66 kB
URL GET HTTP/2 nnav0922mmmmm.com/template/m1938pc/images/qqav.gif IP 199.188.104.112:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrecessioncenter.com Fingerprint38:EE:26:F2:53:D7:BC:D2:96:DA:35:F9:41:94:4C:AD:BE:3B:CC:CB ValidityFri, 22 Sep 2023 11:00:20 GMT - Thu, 21 Dec 2023 11:00:19 GMT File type GIF image data, version 89a, 600 x 600\012- data Size 66 kB (66289 bytes) Hash e7f6ec35ea5dff8f245ef6ec207edb42 45a6a7008e2d7753175bb62733c67506610e93f8 afd2d84656d478ad95539b1f5f935a96585db4b1497f7535d7c18d86aa7e0bde HTTP Headers `GET /template/m1938pc/images/qqav.gif HTTP/1.1 Host: nnav0922mmmmm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:39:46 GMT content-type: image/gif content-length: 66289 last-modified: Thu, 17 Aug 2023 06:14:37 GMT etag: "64ddbacd-102f1" expires: Thu, 26 Oct 2023 19:39:46 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	kvhee.com/dcb6ef1255c7d6b19a459ae8b8be3d95.gif	167.235.226.149	200 OK	13 kB
URL GET HTTP/2 kvhee.com/dcb6ef1255c7d6b19a459ae8b8be3d95.gif IP 167.235.226.149:443 ASN #24940 Hetzner Online GmbH Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectkvhee.com Fingerprint05:C2:65:F0:C6:8C:16:75:CE:34:09:43:BF:9E:1F:58:BD:C1:FF:BE ValidityTue, 19 Sep 2023 05:40:32 GMT - Mon, 18 Dec 2023 05:40:31 GMT File type GIF image data, version 89a, 200 x 200\012- data Size 13 kB (13373 bytes) Hash 646ae54bd09ef3ba79ad663d54edac9c ab46d39b3cc035a016053255ed6d610bb44c31e6 fd52e2e2311615a77297c6c5a11ccc6a60f6a59be3dfcb3c4f23fe7af73f3d8c HTTP Headers `GET /dcb6ef1255c7d6b19a459ae8b8be3d95.gif HTTP/1.1 Host: kvhee.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:06 GMT content-type: image/gif content-length: 13373 last-modified: Fri, 08 Sep 2023 11:34:22 GMT etag: "64fb06be-343d" expires: Tue, 24 Oct 2023 06:53:22 GMT cache-control: max-age=2592000 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	kvhee.com/3cf28cb59c6feb71c314fe7883388bb3.gif	167.235.226.149	200 OK	342 kB
URL GET HTTP/2 kvhee.com/3cf28cb59c6feb71c314fe7883388bb3.gif IP 167.235.226.149:443 ASN #24940 Hetzner Online GmbH Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectkvhee.com Fingerprint05:C2:65:F0:C6:8C:16:75:CE:34:09:43:BF:9E:1F:58:BD:C1:FF:BE ValidityTue, 19 Sep 2023 05:40:32 GMT - Mon, 18 Dec 2023 05:40:31 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 342 kB (341700 bytes) Hash 7f9c515ed18840083ff572b048261226 265ef775fdc24fa4b8044f3cb8644a3c0fddc42e e2c363ec1a589185c9f035bcdc9f2c492e1aebbca951bbaf96c68bc04873c101 HTTP Headers `GET /3cf28cb59c6feb71c314fe7883388bb3.gif HTTP/1.1 Host: kvhee.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:06 GMT content-type: image/gif content-length: 341700 last-modified: Wed, 20 Sep 2023 08:03:45 GMT etag: "650aa761-536c4" expires: Fri, 20 Oct 2023 08:09:00 GMT cache-control: max-age=2592000 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	nnav0922mmmmm.com/template/m1938pc/images/video-play.png	199.188.104.112	200 OK	1.6 kB
URL GET HTTP/2 nnav0922mmmmm.com/template/m1938pc/images/video-play.png IP 199.188.104.112:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrecessioncenter.com Fingerprint38:EE:26:F2:53:D7:BC:D2:96:DA:35:F9:41:94:4C:AD:BE:3B:CC:CB ValidityFri, 22 Sep 2023 11:00:20 GMT - Thu, 21 Dec 2023 11:00:19 GMT File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data Size 1.6 kB (1567 bytes) Hash be7ca0a4a7c0317398a11162b1e09b75 5dbe6a02524cfbf5f5111478a71f91a9259056b5 cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4 HTTP Headers `GET /template/m1938pc/images/video-play.png HTTP/1.1 Host: nnav0922mmmmm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/template/m1938pc/css/zui.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:39:47 GMT content-type: image/png content-length: 1567 last-modified: Thu, 17 Aug 2023 06:14:43 GMT etag: "64ddbad3-61f" expires: Thu, 26 Oct 2023 19:39:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	nnav0922mmmmm.com/template/m1938pc/images/df20.gif	199.188.104.112	200 OK	259 kB
URL GET HTTP/2 nnav0922mmmmm.com/template/m1938pc/images/df20.gif IP 199.188.104.112:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrecessioncenter.com Fingerprint38:EE:26:F2:53:D7:BC:D2:96:DA:35:F9:41:94:4C:AD:BE:3B:CC:CB ValidityFri, 22 Sep 2023 11:00:20 GMT - Thu, 21 Dec 2023 11:00:19 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 259 kB (259183 bytes) Hash d04cee8392baaddd3b6e550bd139db4d e7b1581469871b87830a404965c2aa9ff8b40138 ad495d65c56a2be0ca1608d18beb517687e81a2c27fa1ec35b1510d11ac226b3 HTTP Headers `GET /template/m1938pc/images/df20.gif HTTP/1.1 Host: nnav0922mmmmm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:39:46 GMT content-type: image/gif content-length: 259183 last-modified: Sat, 09 Sep 2023 13:32:30 GMT etag: "64fc73ee-3f46f" expires: Thu, 26 Oct 2023 19:39:46 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash d4e20edb77789215215e22893c3780d3 bc1df138fae2603bb4b39d62a8fa023f07c0f9a9 f07008a40a46650cf31625e5f0aa06a9520eb1c780300d8530c352c37671f799 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Sat, 30 Sep 2023 17:17:15 GMT ETag: "bc1df138fae2603bb4b39d62a8fa023f07c0f9a9" Last-Modified: Tue, 26 Sep 2023 17:17:16 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2130 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 80cdfb892aab56a8-OSL`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash d4e20edb77789215215e22893c3780d3 bc1df138fae2603bb4b39d62a8fa023f07c0f9a9 f07008a40a46650cf31625e5f0aa06a9520eb1c780300d8530c352c37671f799 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Sat, 30 Sep 2023 17:17:15 GMT ETag: "bc1df138fae2603bb4b39d62a8fa023f07c0f9a9" Last-Modified: Tue, 26 Sep 2023 17:17:16 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2130 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 80cdfb8928b556b9-OSL`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash d4e20edb77789215215e22893c3780d3 bc1df138fae2603bb4b39d62a8fa023f07c0f9a9 f07008a40a46650cf31625e5f0aa06a9520eb1c780300d8530c352c37671f799 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Sat, 30 Sep 2023 17:17:15 GMT ETag: "bc1df138fae2603bb4b39d62a8fa023f07c0f9a9" Last-Modified: Tue, 26 Sep 2023 17:17:16 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2130 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 80cdfb892d005695-OSL`

	img.yrimg5.com/upload/vod/20230926-1/45383a336e6b536dad067b2f2679859c.jpg	154.12.35.37	200 OK	47 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/45383a336e6b536dad067b2f2679859c.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, extended sequential, precision 8, 260x360, components 3\012- data Size 47 kB (47161 bytes) Hash c7f3d8a9cb0c6641e341a880326b18f7 dcfa5e84d94f97a3f604a80a969e18f33d54863c b159a953f6be8a2479b6372103c61b5cb0e426819794bf39b469db66eb01f8bb HTTP Headers `GET /upload/vod/20230926-1/45383a336e6b536dad067b2f2679859c.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 47161 last-modified: Tue, 26 Sep 2023 04:28:32 GMT etag: "65125df0-b839" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	s2.loli.net/2023/08/31/i8lR7fwN1naHqkp.gif	104.26.0.190	200 OK	373 kB
URL GET HTTP/2 s2.loli.net/2023/08/31/i8lR7fwN1naHqkp.gif IP 104.26.0.190:443 ASN #13335 CLOUDFLARENET Requested by https://nnav0922mmmmm.com/ Certificate IssuerCloudflare, Inc. Subjectloli.net FingerprintE3:84:D8:6C:17:7E:44:60:E3:01:5E:E6:32:E6:90:08:4D:87:12:B1 ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 300 x 300\012- data Size 373 kB (373101 bytes) Hash c4fb14a39fab9e9c0d921ef355ed1ba0 d442cc1fa4f3e35ba35f705bb7f1f45daf5c4347 294ed72178e9d8bbf133cf57e698ec673ee19f40dbef49533f9795c141c526f3 HTTP Headers `GET /2023/08/31/i8lR7fwN1naHqkp.gif HTTP/1.1 Host: s2.loli.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 373101 last-modified: Thu, 31 Aug 2023 05:00:58 GMT etag: "64f01e8a-5b16d" strict-transport-security: max-age=31536000; includeSubDomains; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block vary: Accept, Accept-Encoding access-control-allow-origin: * timing-allow-origin: * cf-cache-status: BYPASS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDnjluSMC0J0jNbjCy%2F4SOOwhDm3DuKUx7ii6w6fQGDZLe8ARHG5rJqd30x4FHPMJJley02I9I1P%2FHA0PvAAsXK9mgdSRGu29zb64W8x7u58dHCLtONQFzU%2BRGKF"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80cdfb82bc695696-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	nnav0922mmmmm.com/template/m1938pc/css/ate.css	199.188.104.112	200 OK	27 kB
URL GET HTTP/2 nnav0922mmmmm.com/template/m1938pc/css/ate.css IP 199.188.104.112:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrecessioncenter.com Fingerprint38:EE:26:F2:53:D7:BC:D2:96:DA:35:F9:41:94:4C:AD:BE:3B:CC:CB ValidityFri, 22 Sep 2023 11:00:20 GMT - Thu, 21 Dec 2023 11:00:19 GMT File type gzip compressed data, from Unix\012- data Size 27 kB (26687 bytes) Hash 8138f570d630a27ab708375d37495a7d 1202f164bc542c376ef4c1a344bd11a9ff1f0d3e f362f051083703aff0350a28edf125db16fb85c33976ffd30bee042e596a5a0e HTTP Headers `GET /template/m1938pc/css/ate.css HTTP/1.1 Host: nnav0922mmmmm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:39:46 GMT content-type: text/css last-modified: Thu, 17 Aug 2023 06:13:45 GMT vary: Accept-Encoding etag: W/"64ddba99-126e5" expires: Wed, 27 Sep 2023 07:39:46 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	maxus011.top/f1067f057f9f3415205bc5de44bd7d5b.gif	5.78.96.21	200 OK	57 kB
URL GET HTTP/2 maxus011.top/f1067f057f9f3415205bc5de44bd7d5b.gif IP 5.78.96.21:443 ASN #0 Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectmaxus011.top Fingerprint86:8A:81:A2:F5:BF:58:87:2A:D6:54:B8:4D:79:92:B8:E2:E7:F6:29 ValidityTue, 19 Sep 2023 07:03:02 GMT - Mon, 18 Dec 2023 07:03:01 GMT File type GIF image data, version 89a, 150 x 150\012- data Size 57 kB (57111 bytes) Hash 6a0178169521a422f15a823baccdf4ea e6afa7d5f446474cf5a6a84b397e68b4429a8bf5 aca290990353c483218ff9c73e3bf6015bb3df13186d9444a28e81de26cfd976 HTTP Headers `GET /f1067f057f9f3415205bc5de44bd7d5b.gif HTTP/1.1 Host: maxus011.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 57111 last-modified: Fri, 31 Mar 2023 06:50:28 GMT etag: "642682b4-df17" expires: Wed, 27 Sep 2023 07:41:07 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 89768 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvQwI%2FO%2F60gyYJXIMNh1eux1CX3mzwjQdLYEyddx5m1WPT6EPRhh0drcyAyHh1RFE6Y9yoAQRmlZoRIZlxbWPHPtMSQOB%2BF%2BNRuY%2BsZc7kzPPT9KCAXxLfgaaRbA"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray: 80982c6cbfa3ef8c-PDX alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	www.tumhsduusuu.top/CDNtb/00003.gif	154.91.86.5	200 OK	33 kB
URL GET HTTP/2 www.tumhsduusuu.top/CDNtb/00003.gif IP 154.91.86.5:443 ASN #0 Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectwww.tumhsduusuu.top FingerprintD7:28:D0:35:86:3E:DA:DC:A3:A2:30:86:47:A1:0F:66:05:29:62:92 ValidityMon, 24 Jul 2023 10:22:03 GMT - Sun, 22 Oct 2023 10:22:02 GMT File type GIF image data, version 89a, 200 x 200\012- data Size 33 kB (33316 bytes) Hash 24ea2cd3b57116c5b6ea46a08810ed08 70c40762a6b9adfcfe998cf9e44d8ad81c51f184 f2b79e518b7e140f8fe8e26cc75c3b467654db4b64256a2d8c49a984add47fe3 HTTP Headers `GET /CDNtb/00003.gif HTTP/1.1 Host: www.tumhsduusuu.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: openresty date: Tue, 26 Sep 2023 19:41:06 GMT content-type: image/gif content-length: 33316 accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: X-Log, X-Reqid access-control-max-age: 2592000 cache-control: public, max-age=31536000 content-disposition: inline; filename="00003.gif"; filename*=utf-8''00003.gif content-md5: JOos07VxFsW26kagiBDtCA== content-transfer-encoding: binary etag: "FnDEB2Kmua38_pmM-eRNitgcUfGE" last-modified: Mon, 24 Jul 2023 07:05:10 GMT x-reqid: vnsAADgiJRFAiogX x-svr: IO x-qiniu-zone: 1 x-log: X-Log X-Firefox-Spdy: h2

	rsth9.com/c1b63913ca51e1dca32fc7807a646eb1.gif	5.78.102.196	200 OK	49 kB
URL GET HTTP/2 rsth9.com/c1b63913ca51e1dca32fc7807a646eb1.gif IP 5.78.102.196:443 ASN #0 Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrsth9.com FingerprintFB:16:B4:F6:12:72:CC:81:E2:C4:A5:C4:F2:FD:55:97:1F:5E:85:12 ValiditySun, 10 Sep 2023 07:51:01 GMT - Sat, 09 Dec 2023 07:51:00 GMT File type GIF image data, version 89a, 150 x 150\012- data Size 49 kB (49346 bytes) Hash 021abba16b9680fbc47d481768b19274 2fc46b6fa349b8c16da163591f26419b1560fae9 936dc8c4dd6275150d3bc193da9b1120d85bd7a4487efa0f6f5f23616719d899 HTTP Headers `GET /c1b63913ca51e1dca32fc7807a646eb1.gif HTTP/1.1 Host: rsth9.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 49346 last-modified: Sat, 26 Aug 2023 07:45:51 GMT etag: "64e9adaf-c0c2" expires: Wed, 27 Sep 2023 07:41:07 GMT cache-control: max-age=43200 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/59c2fceb92c216454b7e7dc2be3b842a.jpg	154.12.35.37	200 OK	10 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/59c2fceb92c216454b7e7dc2be3b842a.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data Size 10 kB (10533 bytes) Hash 7bd3bfeb8fabb652b6f27db63f6f42f3 72ba16a4a336d27f87c89022d59bbbd145a0bb7f 5e069644f0541e6ec7fbd8c8b8ee15cc4bde580a3427b5e54ffd2817ebb1677d HTTP Headers `GET /upload/vod/20230926-1/59c2fceb92c216454b7e7dc2be3b842a.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 10533 last-modified: Tue, 26 Sep 2023 04:29:02 GMT etag: "65125e0e-2925" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/1485a0269ac959fd452806d454ecb546.jpg	154.12.35.37	200 OK	7.7 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/1485a0269ac959fd452806d454ecb546.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 271x200, components 3\012- data Size 7.7 kB (7741 bytes) Hash 2cd2024edfbec04870a0956b98e584a9 7ea635e66aaa0708194c9c1e428993314ff5861e 011a57390acc18637b46c7f9664ab1e01668395d3372becddf0e1348d95af7a6 HTTP Headers `GET /upload/vod/20230926-1/1485a0269ac959fd452806d454ecb546.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 7741 last-modified: Tue, 26 Sep 2023 04:26:16 GMT etag: "65125d68-1e3d" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/d5b9065966b349282808e643456a6758.jpg	154.12.35.37	200 OK	8.2 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/d5b9065966b349282808e643456a6758.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 453x340, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data Size 8.2 kB (8154 bytes) Hash 8e9a8ce460e83dfa2ce2f73cd333bd0f edeccaf9119a8871afbbab6526a51bc755a8aae5 eb0476b6dd4e700a2bf6821a3f911209a82a37c94e8cd30c52261e3e10c12a68 HTTP Headers `GET /upload/vod/20230926-1/d5b9065966b349282808e643456a6758.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 8154 last-modified: Tue, 26 Sep 2023 04:26:16 GMT etag: "65125d68-1fda" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/109196da949a002e538720a3981bffa8.jpg	154.12.35.37	200 OK	18 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/109196da949a002e538720a3981bffa8.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 399x225, components 3\012- data Size 18 kB (17969 bytes) Hash 8434ab626d624bd6e4d7abaa9bb802e2 c68939ed1083646b9abf3976410f9a1fdd7622bd a336c8e9df9f488d42f929ee569f94693283cbb6dd8ab5ef49fabe3cf246f781 HTTP Headers `GET /upload/vod/20230926-1/109196da949a002e538720a3981bffa8.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 17969 last-modified: Tue, 26 Sep 2023 04:26:16 GMT etag: "65125d68-4631" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/898820feb24df59e5e4730ff09a43009.jpg	154.12.35.37	200 OK	18 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/898820feb24df59e5e4730ff09a43009.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 399x225, components 3\012- data Size 18 kB (18183 bytes) Hash f69093a3c15e73002fb6435fa9beb27f 1ab439486f5deb576522870266fc247151f4657d 4cbebd1b56e4741ece118a022404e92c13d12732981ac1bd90c4436fe8b746f7 HTTP Headers `GET /upload/vod/20230926-1/898820feb24df59e5e4730ff09a43009.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 18183 last-modified: Tue, 26 Sep 2023 04:26:16 GMT etag: "65125d68-4707" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/b17d072f1b90262a4bb6287b6b4e5329.jpg	154.12.35.37	200 OK	70 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/b17d072f1b90262a4bb6287b6b4e5329.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 610x410, components 3\012- data Size 70 kB (70422 bytes) Hash 2a2830a804152321fec3545350e070e4 466c1cdaf16442615f2eab997016cacab1f57954 5b6b2101e0a76abc19732c04dcdeca6300a4f5edcd16bb22cda2289dd4073be2 HTTP Headers `GET /upload/vod/20230926-1/b17d072f1b90262a4bb6287b6b4e5329.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 70422 last-modified: Tue, 26 Sep 2023 04:28:32 GMT etag: "65125df0-11316" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/e805a8083c2aa4ce6682136e0b3e0e2a.jpg	154.12.35.37	200 OK	70 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/e805a8083c2aa4ce6682136e0b3e0e2a.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 610x410, components 3\012- data Size 70 kB (69576 bytes) Hash 03c9fed2509c4cba5b1e8967b0a493de de8804555799cdacc86201a2e8d2b93aa250191d dedf604506dcb6ff07877dc7844f18ac05f4ff8a89e91425f2d21c52c1782c4b HTTP Headers `GET /upload/vod/20230926-1/e805a8083c2aa4ce6682136e0b3e0e2a.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 69576 last-modified: Tue, 26 Sep 2023 04:28:33 GMT etag: "65125df1-10fc8" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/d4331aabd5a89a8bb5acbc0183924a6f.jpg	154.12.35.37	200 OK	48 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/d4331aabd5a89a8bb5acbc0183924a6f.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 718x403, components 3\012- data Size 48 kB (47754 bytes) Hash ba3db183f7d141141d55817bd9089eec 32688fe49b195ff5b6da6ffd410877a445ad8445 073d34c67b226410748b565b0213dc42b20788ad37f1128cabbf59673e7a6553 HTTP Headers `GET /upload/vod/20230926-1/d4331aabd5a89a8bb5acbc0183924a6f.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 47754 last-modified: Tue, 26 Sep 2023 04:28:32 GMT etag: "65125df0-ba8a" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/36e658d4c623846aefb95be7a10e27f6.jpg	154.12.35.37	200 OK	85 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/36e658d4c623846aefb95be7a10e27f6.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 500x555, components 3\012- data Size 85 kB (85235 bytes) Hash f4cadb434221ae40bcc20ff5f61f70c4 e4f3345e605ee6f1134e1d1aa6beaaf5062664eb 97d56a612eca7398f40ee0f037445daa27b63a2609b3c57a2618980430843df0 HTTP Headers `GET /upload/vod/20230926-1/36e658d4c623846aefb95be7a10e27f6.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 85235 last-modified: Tue, 26 Sep 2023 04:28:33 GMT etag: "65125df1-14cf3" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/3e221019247cc0f998b76f7acddca3d7.jpg	154.12.35.37	200 OK	75 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/3e221019247cc0f998b76f7acddca3d7.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 610x410, components 3\012- data Size 75 kB (75190 bytes) Hash f76987ca1929f6b101f91ed9367f0996 81140e03a43f6952baf09f08584c8a7211a604c7 6257221fde0a3daa267ba4e901aedc4dd818074fef8959205cca1a9b64bcf59d HTTP Headers `GET /upload/vod/20230926-1/3e221019247cc0f998b76f7acddca3d7.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 75190 last-modified: Tue, 26 Sep 2023 04:28:32 GMT etag: "65125df0-125b6" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/3d76f62fc823096bd49790e2d135cd22.jpg	154.12.35.37	200 OK	94 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/3d76f62fc823096bd49790e2d135cd22.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x534, components 3\012- data Size 94 kB (93971 bytes) Hash c1ab39047f985245eac7e05c0b52ae47 4859a66df568f849c9df1a6f28d58bdf8432e9d5 5d9a6bdb9b3c64504a17a287f03ea850931a2bc331b6e8ab87351bffbac78804 HTTP Headers `GET /upload/vod/20230926-1/3d76f62fc823096bd49790e2d135cd22.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 93971 last-modified: Tue, 26 Sep 2023 04:28:32 GMT etag: "65125df0-16f13" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	txpl0908.oss-ap-southeast-1.aliyuncs.com/888/120.js	161.117.155.48	200 OK	76 kB
URL GET HTTP/1.1 txpl0908.oss-ap-southeast-1.aliyuncs.com/888/120.js IP 161.117.155.48:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-ap-southeast-1.aliyuncs.com FingerprintEB:9D:12:FC:B5:0B:5D:25:9C:F7:E0:22:CA:9D:5F:75:5E:91:2F:6C ValidityFri, 07 Jul 2023 10:25:14 GMT - Sat, 02 Mar 2024 02:31:24 GMT File type GIF image data, version 89a, 120 x 120\012- data Size 76 kB (76484 bytes) Hash d0bcf608f2a455a006dfbf3f349a7ecf 817c92651d1429310430a024046831549246f66b a67dc49210d1f38ea73e184aa26a0cd764dcee47e2ae27ee4fb25e12c72a7fd1 HTTP Headers `GET /888/120.js HTTP/1.1 Host: txpl0908.oss-ap-southeast-1.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding x-oss-request-id: 651333D3385D5B3734F37636 Last-Modified: Fri, 08 Sep 2023 12:27:34 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 4014366670747365916 x-oss-storage-class: Standard x-oss-ec: 0048-00000113 Content-Disposition: attachment x-oss-force-download: true Content-MD5: 0Lz2CPKkVaAG378/NJp+zw== x-oss-server-time: 2 Content-Encoding: gzip

	maxus011.top/6b4bc2393b34f569886385798f04319d.gif	5.78.96.21	200 OK	68 kB
URL GET HTTP/2 maxus011.top/6b4bc2393b34f569886385798f04319d.gif IP 5.78.96.21:443 ASN #0 Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectmaxus011.top Fingerprint86:8A:81:A2:F5:BF:58:87:2A:D6:54:B8:4D:79:92:B8:E2:E7:F6:29 ValidityTue, 19 Sep 2023 07:03:02 GMT - Mon, 18 Dec 2023 07:03:01 GMT File type GIF image data, version 89a, 300 x 200\012- data Size 68 kB (67829 bytes) Hash 8fe8a3221d6c69d2dfa96070eeaf7947 2e3d9f6307f2b435471ca22f3a2662a586a93b73 f2a244eb1748c34fb59c94b4576147ab29247b93edc1c77536c68aa4bbcdf368 HTTP Headers `GET /6b4bc2393b34f569886385798f04319d.gif HTTP/1.1 Host: maxus011.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 67829 last-modified: Fri, 31 Mar 2023 06:50:35 GMT etag: "642682bb-108f5" expires: Wed, 27 Sep 2023 07:41:07 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 974999 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJQuILHqmXpxDIeEeu5iboqAvcXN2rVS%2BSNbvSRI441UpAtzgp%2Bi%2B2HI3OKaycOBc4Lg8XTJG55ITXYVMFlTiAtwmDyyG7SZIxt3BUTrggUt6VQTm76AigJvb4HASZJnMvEwttfZny0D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray: 80984cf42e88ef98-PDX alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	img.yrimg5.com/upload/vod/20230926-1/5a3c90de8cdd6d06ee30ede576a481da.jpg	154.12.35.37	200 OK	120 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/5a3c90de8cdd6d06ee30ede576a481da.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x538, components 3\012- data Size 120 kB (119692 bytes) Hash 9aaf4bdb1c1722daac9b02a3c9d758ba e7db60f116d08499f850fe641044583237665127 f4e711de85ad9fdbb0dd29a5709b8c977de411c33dc7f1d573444d916b01fc09 HTTP Headers `GET /upload/vod/20230926-1/5a3c90de8cdd6d06ee30ede576a481da.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 119692 last-modified: Tue, 26 Sep 2023 04:29:01 GMT etag: "65125e0d-1d38c" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	rsth9.com/8ad09280c3c51677bab645e485d015df.gif	5.78.102.196	200 OK	178 kB
URL GET HTTP/2 rsth9.com/8ad09280c3c51677bab645e485d015df.gif IP 5.78.102.196:443 ASN #0 Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrsth9.com FingerprintFB:16:B4:F6:12:72:CC:81:E2:C4:A5:C4:F2:FD:55:97:1F:5E:85:12 ValiditySun, 10 Sep 2023 07:51:01 GMT - Sat, 09 Dec 2023 07:51:00 GMT File type GIF image data, version 89a, 750 x 120\012- data Size 178 kB (178229 bytes) Hash c041bc51e4c125aedc1cb08b8433fe4e d8d1564f2ace6b561ed042c70c2935009c6fc7a5 29723dc9291db4aa14f3f99395ccbc75e8099e0c0e3dd3b1aad17e06961e4727 HTTP Headers `GET /8ad09280c3c51677bab645e485d015df.gif HTTP/1.1 Host: rsth9.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 178229 last-modified: Sat, 26 Aug 2023 07:45:56 GMT etag: "64e9adb4-2b835" expires: Wed, 27 Sep 2023 07:41:07 GMT cache-control: max-age=43200 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/dda0ae857ba75b585e0c980c0e5e27aa.jpg	154.12.35.37	200 OK	122 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/dda0ae857ba75b585e0c980c0e5e27aa.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x540, components 3\012- data Size 122 kB (122436 bytes) Hash eed48314fbabda5cb61bad8376c3d314 62977352c91eade71532a61a7fbff925a02206f5 822b23b0ee6dc8da8977d5200e76be1cf1a54648519874799981013a6b50aa3f HTTP Headers `GET /upload/vod/20230926-1/dda0ae857ba75b585e0c980c0e5e27aa.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 122436 last-modified: Tue, 26 Sep 2023 04:32:36 GMT etag: "65125ee4-1de44" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/991f4fe19af467ba118448bdfa3379bb.jpg	154.12.35.37	200 OK	119 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/991f4fe19af467ba118448bdfa3379bb.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x404, components 3\012- data Size 119 kB (118731 bytes) Hash 0a8a9840156e9250e77c0b07fe3de264 7c02b4ea282686f929c0f10eaa5f86ed8b24d031 3034042ac4e9b3ddc0068ed6cb78ce19ed0be504a24d9459662660dc6ffe6ecf HTTP Headers `GET /upload/vod/20230926-1/991f4fe19af467ba118448bdfa3379bb.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 118731 last-modified: Tue, 26 Sep 2023 04:28:32 GMT etag: "65125df0-1cfcb" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/77de600471ee7def872f0a73ebaf4ba8.jpg	154.12.35.37	200 OK	76 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/77de600471ee7def872f0a73ebaf4ba8.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3\012- data Size 76 kB (76083 bytes) Hash fc77eee123e491fcfcb0fa54ed545af9 3d8b43c92f77a204e2fc6c0ddc3aebb61d14ee23 7b68b6a3074d9a7d1898c5f397279a70cb5b6f9ff4ca8e8f8137156139a51133 HTTP Headers `GET /upload/vod/20230926-1/77de600471ee7def872f0a73ebaf4ba8.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 76083 last-modified: Tue, 26 Sep 2023 04:28:32 GMT etag: "65125df0-12933" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/4e53814c47ac4af8371a937ddf3ba8d2.jpg	154.12.35.37	200 OK	73 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/4e53814c47ac4af8371a937ddf3ba8d2.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 610x410, components 3\012- data Size 73 kB (73219 bytes) Hash dfdde4063a140550e1d1f7775309f532 9e5285a990d856dce389f1133cd76da8d0dfbd34 2dba3e5056807430e88facb85cb9a75c0527f7b94eac34ae8e4988456b83ad95 HTTP Headers `GET /upload/vod/20230926-1/4e53814c47ac4af8371a937ddf3ba8d2.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 73219 last-modified: Tue, 26 Sep 2023 04:28:33 GMT etag: "65125df1-11e03" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/3feb478673d118f8beabf4aa359f5ce3.jpg	154.12.35.37	200 OK	173 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/3feb478673d118f8beabf4aa359f5ce3.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 800x537, components 3\012- data Size 173 kB (173050 bytes) Hash 3299d8577f01ead1e2254024717352d8 3eb578d9b02d362705c3d787b79a5d9c7fb33f5f 7cd9bcb690196bf5ecc5bf20a3bc29a1e2d82617d41293ac11ca6a167be0d7f1 HTTP Headers `GET /upload/vod/20230926-1/3feb478673d118f8beabf4aa359f5ce3.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 173050 last-modified: Tue, 26 Sep 2023 04:28:34 GMT etag: "65125df2-2a3fa" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/ddcc5c8327fb48f252f01d45c9e3ec3c.jpg	154.12.35.37	200 OK	185 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/ddcc5c8327fb48f252f01d45c9e3ec3c.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data Size 185 kB (185197 bytes) Hash 68020e613707f6a3d71ff1043aaaf455 13f3f5398a2fcd735419c31cc35a19aab2861279 64f63fedaeb66742be6e7962f2af0c4d01019b7d0c758bd2dd0c3fdf75606cbc HTTP Headers `GET /upload/vod/20230926-1/ddcc5c8327fb48f252f01d45c9e3ec3c.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 185197 last-modified: Tue, 26 Sep 2023 04:28:33 GMT etag: "65125df1-2d36d" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/c63fb4b8a02e60acf9c4a5d5eae189ae.jpg	154.12.35.37	200 OK	154 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/c63fb4b8a02e60acf9c4a5d5eae189ae.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x538, components 3\012- data Size 154 kB (153750 bytes) Hash 19baa04a588cb4b30b992fca33f06416 d622bc2ea8f8dd62784768962e90f76243a9cb13 b25244db0cc563c6cd49a96fe1d523e32156a74849bc940588566a107e3b954f HTTP Headers `GET /upload/vod/20230926-1/c63fb4b8a02e60acf9c4a5d5eae189ae.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 153750 last-modified: Tue, 26 Sep 2023 04:29:02 GMT etag: "65125e0e-25896" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/49bc5ea4047286d1e220fe56e3f9a1a7.jpg	154.12.35.37	200 OK	186 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/49bc5ea4047286d1e220fe56e3f9a1a7.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 800x538, components 3\012- data Size 186 kB (186030 bytes) Hash 52899ca15530b4e78f04b2b6ec0fdabb eb71407b626c5b9da553985af171b83483b85173 bc3ed3c2afb90e5ed25b0ec37113ffa49aba134857195848b7e0fef5b9aaffa6 HTTP Headers `GET /upload/vod/20230926-1/49bc5ea4047286d1e220fe56e3f9a1a7.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 186030 last-modified: Tue, 26 Sep 2023 04:29:02 GMT etag: "65125e0e-2d6ae" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/10fea421b472ec0c1339ce570cd3718e.jpg	154.12.35.37	200 OK	177 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/10fea421b472ec0c1339ce570cd3718e.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 800x538, components 3\012- data Size 177 kB (177173 bytes) Hash dec086b9b410f4e03c29cdedffed418d b141adbdeb3350541c37428d309a2cb52df836b5 e37db74f74dca7c11b127f2bdf9f398a3a3d61b777101e08268012c8232a539f HTTP Headers `GET /upload/vod/20230926-1/10fea421b472ec0c1339ce570cd3718e.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 177173 last-modified: Tue, 26 Sep 2023 04:29:01 GMT etag: "65125e0d-2b415" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/c9f52b9be9074b4db85d190c1c456803.jpg	154.12.35.37	200 OK	151 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/c9f52b9be9074b4db85d190c1c456803.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x540, components 3\012- data Size 151 kB (151381 bytes) Hash 39483b0349814c9a80ae820df2c99e84 8ca7522b43b510345359fcf553bc34a5ff32fc48 6fd24dbcb9eda9ffc4760e86c3322e3999d010d7cc41a8e75258fb7ea1a4b696 HTTP Headers `GET /upload/vod/20230926-1/c9f52b9be9074b4db85d190c1c456803.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 151381 last-modified: Tue, 26 Sep 2023 04:30:42 GMT etag: "65125e72-24f55" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	img.yrimg5.com/upload/vod/20230926-1/010886d2220a94e6c02811ee37055449.jpg	154.12.35.37	200 OK	142 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/010886d2220a94e6c02811ee37055449.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x538, components 3\012- data Size 142 kB (142193 bytes) Hash f4b9ce871583e10692e87e68eff30d39 f90dc1109ebfc9a3bf60b167470976703b49d04c 88c90a927f95aedbc33842212ddff537be307a6058124143be6cbb1ebf017af6 HTTP Headers `GET /upload/vod/20230926-1/010886d2220a94e6c02811ee37055449.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 142193 last-modified: Tue, 26 Sep 2023 04:29:01 GMT etag: "65125e0d-22b71" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	cgszpaoliang.oss-cn-shenzhen.aliyuncs.com/cg120X120.gif	120.77.166.111	200 OK	214 kB
URL GET HTTP/1.1 cgszpaoliang.oss-cn-shenzhen.aliyuncs.com/cg120X120.gif IP 120.77.166.111:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint65:64:DE:0D:35:59:08:B7:41:4E:4D:25:C4:BA:8C:61:0B:55:5B:C0 ValidityFri, 07 Jul 2023 10:24:20 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 120 x 120\012- data Size 214 kB (213845 bytes) Hash 8fb5a877c5f12d146fb571846575010b a228f86dc4aa903c9771631ad38a8abf94dcb9b5 820de811b13fafed9361feb794d800c369d918f7bef7a895cd87bf17253a21cd HTTP Headers `GET /cg120X120.gif HTTP/1.1 Host: cgszpaoliang.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: image/gif Content-Length: 213845 Connection: keep-alive x-oss-request-id: 651333D3C19798393320AFB9 Accept-Ranges: bytes ETag: "8FB5A877C5F12D146FB571846575010B" Last-Modified: Thu, 14 Sep 2023 05:47:09 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9137497154148925290 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: j7Wod8XxLRRvtXGEZXUBCw== x-oss-server-time: 3

	cgszpaoliang.oss-cn-shenzhen.aliyuncs.com/cg960x120.gif	120.77.166.111	200 OK	179 kB
URL GET HTTP/1.1 cgszpaoliang.oss-cn-shenzhen.aliyuncs.com/cg960x120.gif IP 120.77.166.111:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint65:64:DE:0D:35:59:08:B7:41:4E:4D:25:C4:BA:8C:61:0B:55:5B:C0 ValidityFri, 07 Jul 2023 10:24:20 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 179 kB (179114 bytes) Hash 382676ef3ecfd46dd2763a94f9f59899 886a408dfb81506ff00d456d43aac530eec14f95 ea792d3db090bf3839fef0cb3526f70b6df7414352fb0196537d685e200ec369 HTTP Headers `GET /cg960x120.gif HTTP/1.1 Host: cgszpaoliang.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: image/gif Content-Length: 179114 Connection: keep-alive x-oss-request-id: 651333D3E144DC32379C9BD8 Accept-Ranges: bytes ETag: "382676EF3ECFD46DD2763A94F9F59899" Last-Modified: Thu, 14 Sep 2023 05:47:13 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 6185705196175220406 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: OCZ27z7P1G3SdjqU+fWYmQ== x-oss-server-time: 3

	hypltp.oss-cn-shenzhen.aliyuncs.com/hypl/120.js	120.77.166.76	200 OK	171 kB
URL GET HTTP/1.1 hypltp.oss-cn-shenzhen.aliyuncs.com/hypl/120.js IP 120.77.166.76:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint65:64:DE:0D:35:59:08:B7:41:4E:4D:25:C4:BA:8C:61:0B:55:5B:C0 ValidityFri, 07 Jul 2023 10:24:20 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 120 x 120\012- data Size 171 kB (170835 bytes) Hash 22710dc3141c0888bec1146f00ab4ed1 73796156f7a8e28954d6d715e30e1929b8ba694e 019a85fbd54d30577cde80f04db055b007718e97b59b449e752575037620ceb3 HTTP Headers `GET /hypl/120.js HTTP/1.1 Host: hypltp.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding x-oss-request-id: 651333D34931713238C43A82 Last-Modified: Fri, 25 Aug 2023 06:50:22 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 7428883249657860152 x-oss-storage-class: Standard x-oss-ec: 0048-00000113 Content-Disposition: attachment x-oss-force-download: true Content-MD5: InENwxQcCIi+wRRvAKtO0Q== x-oss-server-time: 3 Content-Encoding: gzip

	hypltp.oss-cn-shenzhen.aliyuncs.com/hypl/960-120.js	120.77.166.76	200 OK	133 kB
URL GET HTTP/1.1 hypltp.oss-cn-shenzhen.aliyuncs.com/hypl/960-120.js IP 120.77.166.76:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint65:64:DE:0D:35:59:08:B7:41:4E:4D:25:C4:BA:8C:61:0B:55:5B:C0 ValidityFri, 07 Jul 2023 10:24:20 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 133 kB (132922 bytes) Hash c0afc118924ed423161269903ea4ad66 055d3a11bbe05bbf36888e630229483c7b531f71 7fa4b239516aa5a86ca1d28328d6fb4424165b57b69d2768923996dacc4cc016 HTTP Headers `GET /hypl/960-120.js HTTP/1.1 Host: hypltp.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding x-oss-request-id: 651333D3732F66333342F02D Last-Modified: Fri, 25 Aug 2023 06:50:22 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 6647523260127222332 x-oss-storage-class: Standard x-oss-ec: 0048-00000113 Content-Disposition: attachment x-oss-force-download: true Content-MD5: wK/BGJJO1CMWEmmQPqStZg== x-oss-server-time: 2 Content-Encoding: gzip

	maxus011.top/d48317f8a5ae04949eaf4ce9217bb23b.gif	5.78.96.21	200 OK	305 kB
URL GET HTTP/2 maxus011.top/d48317f8a5ae04949eaf4ce9217bb23b.gif IP 5.78.96.21:443 ASN #0 Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectmaxus011.top Fingerprint86:8A:81:A2:F5:BF:58:87:2A:D6:54:B8:4D:79:92:B8:E2:E7:F6:29 ValidityTue, 19 Sep 2023 07:03:02 GMT - Mon, 18 Dec 2023 07:03:01 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 305 kB (305275 bytes) Hash 3cb212d31583fea947fb9e31e66db085 f6ec471eb810fe55480f8d1b419b964040398f6b abe2dd018a322d5621a6f98da23c5f8beeffae0929936dd1f824c2e101d3a4a7 HTTP Headers `GET /d48317f8a5ae04949eaf4ce9217bb23b.gif HTTP/1.1 Host: maxus011.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 305275 last-modified: Fri, 31 Mar 2023 06:51:25 GMT etag: "642682ed-4a87b" expires: Wed, 27 Sep 2023 07:41:07 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 89405 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDH5j29KiuWGRjhAudafuarVYdnYKCkYWKKI1UyJ6i966vOWELrXNQ8wqUbnh7M85uV1azkPZHsdOjQFvWpzcQZZMlf9CtxD0nn3j1sanNv0wJe0HhdzSePWXrHR"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray: 80982bae2d9def9c-PDX alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	img.yrimg5.com/upload/vod/20230926-1/988f10b39bed0796cdb26dff9aeba495.jpg	154.12.35.37	200 OK	144 kB
URL GET HTTP/2 img.yrimg5.com/upload/vod/20230926-1/988f10b39bed0796cdb26dff9aeba495.jpg IP 154.12.35.37:443 ASN #35251 HostHub Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectimg.yrimg5.com FingerprintD7:A2:DA:6E:BC:5C:9D:20:17:03:45:B5:C6:D0:DA:59:E4:A3:71:A9 ValiditySun, 06 Aug 2023 04:38:02 GMT - Sat, 04 Nov 2023 04:38:01 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x540, components 3\012- data Size 144 kB (144243 bytes) Hash 116c3776d0fdaba3ae549ccfbbddce04 cdb4c5351f6566912fd7d9029463b36d979bf32d 4906ac28af7d362860ed59e6e7fcc0b99216148345cbf4a917e8b70f9914786c HTTP Headers `GET /upload/vod/20230926-1/988f10b39bed0796cdb26dff9aeba495.jpg HTTP/1.1 Host: img.yrimg5.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Tengine date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/jpeg content-length: 144243 last-modified: Tue, 26 Sep 2023 04:31:11 GMT etag: "65125e8f-23373" access-control-allow-origin: * access-control-allow-headers: * access-control-allow-methods: POST, GET, OPTIONS x-cache: hit accept-ranges: bytes X-Firefox-Spdy: h2`

	maxun118.top/0e243abb7057b68d7362544cbbe032ba.gif	5.78.100.105	200 OK	270 kB
URL GET HTTP/2 maxun118.top/0e243abb7057b68d7362544cbbe032ba.gif IP 5.78.100.105:443 ASN #0 Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectmaxun118.top Fingerprint4A:34:1B:1A:6B:66:2E:92:1C:60:06:51:D6:2F:15:66:E2:B5:B5:A6 ValidityThu, 21 Sep 2023 12:43:42 GMT - Wed, 20 Dec 2023 12:43:41 GMT File type GIF image data, version 89a, 150 x 150\012- data Size 270 kB (270145 bytes) Hash 2e0432b5ead77702ac433d71c5caeeb4 91f7f7320673eb770bd2b82c82d898fa6ed5de97 63ccf288b83f2c2d1995165c5f15cf3980c947cff737800d8119cdad406d3c7a HTTP Headers `GET /0e243abb7057b68d7362544cbbe032ba.gif HTTP/1.1 Host: maxun118.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 270145 last-modified: Wed, 26 Oct 2022 13:37:18 GMT etag: "6359380e-41f41" expires: Wed, 27 Sep 2023 07:41:07 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 167016 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2B7RAyD3cAsvXgIRgnQHldYWu4QMVimw8Eo1hGlj%2BMrpQT62Oc9A%2BOgLW8vG9EG4XW5aHlTqEreiUZFhuPNZDMgHdecciKeGaLbk%2FmVU%2FPc0Nb6LSzSpBInvHS19"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray: 80b922e9ce862838-SEA alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	hypltp.oss-cn-shenzhen.aliyuncs.com/hypl/640-350.js	120.77.166.76	200 OK	174 kB
URL GET HTTP/1.1 hypltp.oss-cn-shenzhen.aliyuncs.com/hypl/640-350.js IP 120.77.166.76:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint65:64:DE:0D:35:59:08:B7:41:4E:4D:25:C4:BA:8C:61:0B:55:5B:C0 ValidityFri, 07 Jul 2023 10:24:20 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 640 x 350\012- data Size 174 kB (173741 bytes) Hash e90c0142a39c2f1a5e25215d7bf579e6 e4a547b058036fbf45bb7f184412a633829a0aa8 c5bd7da738f80e598ebb7cc69c3ab81aeb5a9a999c25ee0c9fa6a9dab2f0a98b HTTP Headers `GET /hypl/640-350.js HTTP/1.1 Host: hypltp.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding x-oss-request-id: 651333D3E144DC3532C99BD8 Last-Modified: Fri, 25 Aug 2023 06:50:22 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1808636554136276258 x-oss-storage-class: Standard x-oss-ec: 0048-00000113 Content-Disposition: attachment x-oss-force-download: true Content-MD5: 6QwBQqOcLxpeJSFde/V55g== x-oss-server-time: 2 Content-Encoding: gzip

	cgszpaoliang.oss-cn-shenzhen.aliyuncs.com/cg640x350.gif	120.77.166.111	200 OK	242 kB
URL GET HTTP/1.1 cgszpaoliang.oss-cn-shenzhen.aliyuncs.com/cg640x350.gif IP 120.77.166.111:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint65:64:DE:0D:35:59:08:B7:41:4E:4D:25:C4:BA:8C:61:0B:55:5B:C0 ValidityFri, 07 Jul 2023 10:24:20 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 640 x 350\012- data Size 242 kB (241503 bytes) Hash dfb621487aad13114be8f7a8d9c85574 a251301616670e686d2e9405843444cc2d264393 2b4b931eab91a0a40f41fc7026132423c89f85b36f0773102f6a9d9194337d72 HTTP Headers `GET /cg640x350.gif HTTP/1.1 Host: cgszpaoliang.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: image/gif Content-Length: 241503 Connection: keep-alive x-oss-request-id: 651333D31344D132339D5C3F Accept-Ranges: bytes ETag: "DFB621487AAD13114BE8F7A8D9C85574" Last-Modified: Thu, 14 Sep 2023 05:47:09 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13149209851323263042 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: 37YhSHqtExFL6Peo2chVdA== x-oss-server-time: 3

	maxun118.top/68a7807de3933bf7079116fa9df99e6f.gif	5.78.100.105	200 OK	366 kB
URL GET HTTP/2 maxun118.top/68a7807de3933bf7079116fa9df99e6f.gif IP 5.78.100.105:443 ASN #0 Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectmaxun118.top Fingerprint4A:34:1B:1A:6B:66:2E:92:1C:60:06:51:D6:2F:15:66:E2:B5:B5:A6 ValidityThu, 21 Sep 2023 12:43:42 GMT - Wed, 20 Dec 2023 12:43:41 GMT File type GIF image data, version 89a, 960 x 60\012- data Size 366 kB (366444 bytes) Hash 86371c51bf2086f3a40f0e438246b662 9da793de9c620485ee91b88413b256c69dc774c5 8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf HTTP Headers `GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1 Host: maxun118.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 366444 last-modified: Fri, 19 Aug 2022 17:02:28 GMT etag: "62ffc224-5976c" expires: Wed, 27 Sep 2023 07:41:07 GMT cache-control: max-age=43200 cf-cache-status: HIT age: 149 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2s02iwDA9hUiOg9qXb4SM3VIDY40zRY7FeazqGGg1KUmtgO8e56%2BtfiSla4M0QpVlQvHAvPTwUBMHMl9VpvArgz%2F3YZLPBJSuRn83rqxl5A3rZu643PQzjPEr9c"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray: 80b924dc5e34c379-SEA alt-svc: h3=":443"; ma=86400 x-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	qspaoliang.oss-cn-shenzhen.aliyuncs.com/qs120x120.gif	120.77.166.36	200 OK	70 kB
URL GET HTTP/1.1 qspaoliang.oss-cn-shenzhen.aliyuncs.com/qs120x120.gif IP 120.77.166.36:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint65:64:DE:0D:35:59:08:B7:41:4E:4D:25:C4:BA:8C:61:0B:55:5B:C0 ValidityFri, 07 Jul 2023 10:24:20 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 120 x 120\012- data Size 70 kB (69646 bytes) Hash f6071f8cf33721ff2fccb2fccd176e2a b25d942931fc98a9047ce2e9470f80d47a0a3074 8c159a5d735436e5ae7c5cda4dca9c4dcf6dfc19401443494cae3c258ac8dee3 HTTP Headers `GET /qs120x120.gif HTTP/1.1 Host: qspaoliang.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: image/gif Content-Length: 69646 Connection: keep-alive x-oss-request-id: 651333D39053123335180727 Accept-Ranges: bytes ETag: "F6071F8CF33721FF2FCCB2FCCD176E2A" Last-Modified: Thu, 14 Sep 2023 05:39:27 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3081188435610802767 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: 9gcfjPM3If8vzLL8zRduKg== x-oss-server-time: 3

	txpl0908.oss-ap-southeast-1.aliyuncs.com/888/960-120.js	161.117.155.48	200 OK	258 kB
URL GET HTTP/1.1 txpl0908.oss-ap-southeast-1.aliyuncs.com/888/960-120.js IP 161.117.155.48:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-ap-southeast-1.aliyuncs.com FingerprintEB:9D:12:FC:B5:0B:5D:25:9C:F7:E0:22:CA:9D:5F:75:5E:91:2F:6C ValidityFri, 07 Jul 2023 10:25:14 GMT - Sat, 02 Mar 2024 02:31:24 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 258 kB (257503 bytes) Hash 749c984b3f5f79bd63b0dd8f585028b9 2354ccd2995d18f753f28cfec9e20708c86e230b a8624cd562215ff5fa250de3d7706ed85e0982ead6b7190915248a2a82abe2b6 HTTP Headers `GET /888/960-120.js HTTP/1.1 Host: txpl0908.oss-ap-southeast-1.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding x-oss-request-id: 651333D3ECF64636393F21C4 Last-Modified: Fri, 08 Sep 2023 12:27:34 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3794631609851526494 x-oss-storage-class: Standard x-oss-ec: 0048-00000113 Content-Disposition: attachment x-oss-force-download: true Content-MD5: dJyYSz9feb1jsN2PWFAouQ== x-oss-server-time: 2 Content-Encoding: gzip

	pic.qdzgemfs.xyz/ludsav/kaiyuan960-120.gif	198.200.43.53	200 OK	516 kB
URL GET HTTP/2 pic.qdzgemfs.xyz/ludsav/kaiyuan960-120.gif IP 198.200.43.53:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectpic.qdzgemfs.xyz Fingerprint08:07:18:6B:8B:FF:9A:10:4A:63:F8:C3:86:14:BC:67:84:C9:71:AC ValidityTue, 26 Sep 2023 08:01:54 GMT - Mon, 25 Dec 2023 08:01:53 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 516 kB (516018 bytes) Hash b0509a412080c37ae8063d2d84b154c4 6144e0aa1d298e01e256ccf458097235b1db29b6 af89d7058b076dbc734098311c2809de3be061e9194b79fbafc9c51b7b0c3f30 HTTP Headers `GET /ludsav/kaiyuan960-120.gif HTTP/1.1 Host: pic.qdzgemfs.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK accept-ranges: bytes cache-control: max-age=2592000 content-type: image/gif date: Tue, 26 Sep 2023 16:55:38 GMT etag: "1695747338" expires: Thu, 26 Oct 2023 16:55:38 GMT last-modified: Tue, 26 Sep 2023 16:55:38 GMT server: nginx x-cache: HIT, server, memory content-length: 516018 X-Firefox-Spdy: h2`

	zerossl.ocsp.sectigo.com/	104.18.15.101		728 B
URL zerossl.ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 728 B (728 bytes) Hash 7dcafa1a65ce4397b9f6258ee00b8db2 dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea 7860614c74127a2838e286783c3fe94e8a479037704d2d52e5da63cdeba34069 HTTP Headers `POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:09 GMT Content-Type: application/ocsp-response Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 25 Sep 2023 22:23:55 GMT Expires: Mon, 02 Oct 2023 22:23:54 GMT Etag: "dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea" Cache-Control: max-age=527564,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 80cdfb932a3a56a2-OSL`

	zerossl.ocsp.sectigo.com/	104.18.15.101		728 B
URL zerossl.ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 728 B (728 bytes) Hash 7dcafa1a65ce4397b9f6258ee00b8db2 dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea 7860614c74127a2838e286783c3fe94e8a479037704d2d52e5da63cdeba34069 HTTP Headers `POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:09 GMT Content-Type: application/ocsp-response Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 25 Sep 2023 22:23:55 GMT Expires: Mon, 02 Oct 2023 22:23:54 GMT Etag: "dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea" Cache-Control: max-age=527940,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 80cdfb932972069b-OSL`

	zerossl.ocsp.sectigo.com/	104.18.14.101		728 B
URL zerossl.ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 728 B (728 bytes) Hash 7dcafa1a65ce4397b9f6258ee00b8db2 dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea 7860614c74127a2838e286783c3fe94e8a479037704d2d52e5da63cdeba34069 HTTP Headers `POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:09 GMT Content-Type: application/ocsp-response Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 25 Sep 2023 22:23:55 GMT Expires: Mon, 02 Oct 2023 22:23:54 GMT Etag: "dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea" Cache-Control: max-age=527565,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 80cdfb925bf80b31-OSL`

	zerossl.ocsp.sectigo.com/	104.18.14.101		728 B
URL zerossl.ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 728 B (728 bytes) Hash 7dcafa1a65ce4397b9f6258ee00b8db2 dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea 7860614c74127a2838e286783c3fe94e8a479037704d2d52e5da63cdeba34069 HTTP Headers `POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:09 GMT Content-Type: application/ocsp-response Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 25 Sep 2023 22:23:55 GMT Expires: Mon, 02 Oct 2023 22:23:54 GMT Etag: "dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea" Cache-Control: max-age=527565,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 80cdfb925a7e1c12-OSL`

	zerossl.ocsp.sectigo.com/	104.18.15.101		728 B
URL zerossl.ocsp.sectigo.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 728 B (728 bytes) Hash 7dcafa1a65ce4397b9f6258ee00b8db2 dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea 7860614c74127a2838e286783c3fe94e8a479037704d2d52e5da63cdeba34069 HTTP Headers `POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:09 GMT Content-Type: application/ocsp-response Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 25 Sep 2023 22:23:55 GMT Expires: Mon, 02 Oct 2023 22:23:54 GMT Etag: "dc6e3613953f3883fb5267ce1cfcf70a6dc1b5ea" Cache-Control: max-age=527564,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 80cdfb92ba58b527-OSL`

	txpl0908.oss-ap-southeast-1.aliyuncs.com/888/640-350.js	161.117.155.48	200 OK	603 kB
URL GET HTTP/1.1 txpl0908.oss-ap-southeast-1.aliyuncs.com/888/640-350.js IP 161.117.155.48:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-ap-southeast-1.aliyuncs.com FingerprintEB:9D:12:FC:B5:0B:5D:25:9C:F7:E0:22:CA:9D:5F:75:5E:91:2F:6C ValidityFri, 07 Jul 2023 10:25:14 GMT - Sat, 02 Mar 2024 02:31:24 GMT File type GIF image data, version 89a, 640 x 350\012- data Size 603 kB (602729 bytes) Hash 2e9979f58d11aba2883dd07e5d83e894 6039d21aa165c1bea38196c83c0679a15c944b05 d55b87b8d6945cda83557b2dca1d6ee897f8f865eba358cb267a983e3b626083 HTTP Headers `GET /888/640-350.js HTTP/1.1 Host: txpl0908.oss-ap-southeast-1.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding x-oss-request-id: 651333D37049483232A0BB36 Last-Modified: Fri, 08 Sep 2023 12:27:34 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 4694537214428916554 x-oss-storage-class: Standard x-oss-ec: 0048-00000113 Content-Disposition: attachment x-oss-force-download: true Content-MD5: Lpl59Y0Rq6KIPdB+XYPolA== x-oss-server-time: 3 Content-Encoding: gzip

	qspaoliang.oss-cn-shenzhen.aliyuncs.com/qs960-120.gif	120.77.166.36	200 OK	471 kB
URL GET HTTP/1.1 qspaoliang.oss-cn-shenzhen.aliyuncs.com/qs960-120.gif IP 120.77.166.36:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://nnav0922mmmmm.com/ Certificate IssuerGlobalSign nv-sa Subject.oss-cn-shenzhen.aliyuncs.com Fingerprint65:64:DE:0D:35:59:08:B7:41:4E:4D:25:C4:BA:8C:61:0B:55:5B:C0 ValidityFri, 07 Jul 2023 10:24:20 GMT - Sat, 02 Mar 2024 02:31:10 GMT File type GIF image data, version 89a, 960 x 120\012- data Size 471 kB (470940 bytes) Hash d449c8d3982f956402493d2b9bba3ff8 4285e1162d070ba3db8f20839b02608818ad01a5 56b213a36d471673ede1a332e2d6755919c1489db60b133c5836fd4b3d43ea49 HTTP Headers `GET /qs960-120.gif HTTP/1.1 Host: qspaoliang.oss-cn-shenzhen.aliyuncs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Tue, 26 Sep 2023 19:41:07 GMT Content-Type: image/gif Content-Length: 470940 Connection: keep-alive x-oss-request-id: 651333D381477F383384CB14 Accept-Ranges: bytes ETag: "D449C8D3982F956402493D2B9BBA3FF8" Last-Modified: Thu, 14 Sep 2023 13:19:48 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 12144853422768545670 x-oss-storage-class: Standard x-oss-ec: 0048-00000103 Content-Disposition: attachment x-oss-force-download: true Content-MD5: 1EnI05gvlWQCST0rm7o/+A== x-oss-server-time: 3

	jt.hza01.com/jingtai/logo/0826/861pg24.gif	222.186.39.16	200 OK	133 kB
URL GET HTTP/2 jt.hza01.com/jingtai/logo/0826/861pg24.gif IP 222.186.39.16:443 ASN #4134 Chinanet Requested by https://nnav0922mmmmm.com/ Certificate IssuerDigiCert Inc Subjectjt.hza01.com FingerprintA1:C5:F0:4D:89:E5:24:AF:F2:61:9E:DC:13:7B:AB:80:66:74:50:7F ValiditySun, 25 Jun 2023 00:00:00 GMT - Mon, 24 Jun 2024 23:59:59 GMT File type GIF image data, version 89a, 100 x 100\012- data Size 133 kB (132840 bytes) Hash d066e64226c70d92009a8cccc64ddd4f 2808fdc331d41875cd3dc22fbeb10125b8d2d3af 430d97754386e8e9792f98c9ad580d1df8ff4b5e6db2d7e09b5f367741c6be41 HTTP Headers `GET /jingtai/logo/0826/861pg24.gif HTTP/1.1 Host: jt.hza01.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 132840 cache-control: max-age=2592000 etag: "d066e64226c70d92009a8cccc64ddd4f" expires: Tue, 17 Oct 2023 13:20:22 GMT last-modified: Mon, 18 Sep 2023 07:56:13 GMT vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method x-cos-hash-crc64ecma: 11892000747055050057 x-cos-request-id: NjUwZDY4ODFfNTc1N2U0MDlfMjE5YzRfNGUyNDMyYQ== server: cdn x-cache-status: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	jt.hza01.com/jingtai/szgg/bjh350.gif	222.186.39.16	200 OK	162 kB
URL GET HTTP/2 jt.hza01.com/jingtai/szgg/bjh350.gif IP 222.186.39.16:443 ASN #4134 Chinanet Requested by https://nnav0922mmmmm.com/ Certificate IssuerDigiCert Inc Subjectjt.hza01.com FingerprintA1:C5:F0:4D:89:E5:24:AF:F2:61:9E:DC:13:7B:AB:80:66:74:50:7F ValiditySun, 25 Jun 2023 00:00:00 GMT - Mon, 24 Jun 2024 23:59:59 GMT File type GIF image data, version 89a, 640 x 350\012- data Size 162 kB (162184 bytes) Hash 546c38e39ee1fc27661404d8d6f14ef3 cd9f662264ac24a57e3b19b2f42eb9a2c0ee73ab b4c468e17e0719366b1f08573761b238682cf6068cc5d417f71c74284dabe29f HTTP Headers `GET /jingtai/szgg/bjh350.gif HTTP/1.1 Host: jt.hza01.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 26 Sep 2023 19:41:07 GMT content-type: image/gif content-length: 162184 cache-control: max-age=2592000 etag: "546c38e39ee1fc27661404d8d6f14ef3" expires: Wed, 27 Sep 2023 05:42:19 GMT last-modified: Mon, 28 Aug 2023 05:42:21 GMT vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method x-cos-hash-crc64ecma: 17239226007647480097 x-cos-request-id: NjUwZGIyZTBfOGE5NWU2MDlfYzJkXzRjYmY4ODA= server: cdn x-cache-status: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	yvzfgigpiwmofux.com/2023/09/21/9a5aa151f232e.gif	154.198.234.18	200 OK	144 kB
URL GET HTTP/1.1 yvzfgigpiwmofux.com/2023/09/21/9a5aa151f232e.gif IP 154.198.234.18:443 ASN #40065 CNSERVERS Requested by https://nnav0922mmmmm.com/ Certificate IssuerZeroSSL Subjectyvzfgigpiwmofux.com FingerprintBE:55:3E:7E:B7:F0:4B:00:2A:8D:0B:A6:B7:21:38:01:05:57:B8:8F ValidityMon, 14 Aug 2023 00:00:00 GMT - Sun, 12 Nov 2023 23:59:59 GMT File type GIF image data, version 89a, 640 x 120\012- data Size 144 kB (144040 bytes) Hash 62c8581c0a5d93645d1f31dffe491a3a d8ebe72827ac7728ed90da420bdbc0779da0650d 70449dedb6975b7a06410b9737fc3650c84d3d77539b710321a242b0d383ec1a HTTP Headers `GET /2023/09/21/9a5aa151f232e.gif HTTP/1.1 Host: yvzfgigpiwmofux.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:09 GMT Content-Type: image/gif Content-Length: 144040 Connection: keep-alive Last-Modified: Thu, 21 Sep 2023 12:47:42 GMT ETag: "650c3b6e-232a8" Expires: Thu, 26 Oct 2023 12:48:08 GMT Cache-Control: max-age=2592000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes`

	yvzfgigpiwmofux.com/2023/09/03/ac0734bd25f77.gif	154.198.234.18	200 OK	122 kB
URL GET HTTP/1.1 yvzfgigpiwmofux.com/2023/09/03/ac0734bd25f77.gif IP 154.198.234.18:443 ASN #40065 CNSERVERS Requested by https://nnav0922mmmmm.com/ Certificate IssuerZeroSSL Subjectyvzfgigpiwmofux.com FingerprintBE:55:3E:7E:B7:F0:4B:00:2A:8D:0B:A6:B7:21:38:01:05:57:B8:8F ValidityMon, 14 Aug 2023 00:00:00 GMT - Sun, 12 Nov 2023 23:59:59 GMT File type GIF image data, version 89a, 200 x 200\012- data Size 122 kB (121871 bytes) Hash af47d09cdf4621c41426d774b0c946b3 cfdb285517d06ea85a1c41e52ade825e1deb69a9 b887c83fe170aa0c5508af9f8296345d957edca1333212790f810780b70a24a4 HTTP Headers `GET /2023/09/03/ac0734bd25f77.gif HTTP/1.1 Host: yvzfgigpiwmofux.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:09 GMT Content-Type: image/gif Content-Length: 121871 Connection: keep-alive Last-Modified: Sat, 02 Sep 2023 16:47:38 GMT ETag: "64f3672a-1dc0f" Expires: Thu, 26 Oct 2023 00:48:11 GMT Cache-Control: max-age=2592000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes`

	yvzfgigpiwmofux.com/2023/09/02/cac7593533677.gif	154.198.234.18	200 OK	251 kB
URL GET HTTP/1.1 yvzfgigpiwmofux.com/2023/09/02/cac7593533677.gif IP 154.198.234.18:443 ASN #40065 CNSERVERS Requested by https://nnav0922mmmmm.com/ Certificate IssuerZeroSSL Subjectyvzfgigpiwmofux.com FingerprintBE:55:3E:7E:B7:F0:4B:00:2A:8D:0B:A6:B7:21:38:01:05:57:B8:8F ValidityMon, 14 Aug 2023 00:00:00 GMT - Sun, 12 Nov 2023 23:59:59 GMT File type GIF image data, version 89a, 640 x 350\012- data Size 251 kB (250848 bytes) Hash c99c26e75991e2b1f8b08c2e321b51d4 a51e45ecb929dc2ea01a8ea871dcf8aad65e7945 65da3a9770dc51cc831723916b7660ca8ba10b96a0d5bcd6b86c0b61e1b8e493 HTTP Headers `GET /2023/09/02/cac7593533677.gif HTTP/1.1 Host: yvzfgigpiwmofux.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 26 Sep 2023 19:41:09 GMT Content-Type: image/gif Content-Length: 250848 Connection: keep-alive Last-Modified: Sat, 02 Sep 2023 08:48:33 GMT ETag: "64f2f6e1-3d3e0" Expires: Thu, 26 Oct 2023 12:49:16 GMT Cache-Control: max-age=2592000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes`

	6686yyds.app/960-120.gif	0.0.0.0		0 B
URL GET 6686yyds.app/960-120.gif IP 0.0.0.0:0 ASN #0 Requested by https://nnav0922mmmmm.com/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /960-120.gif HTTP/1.1 Host: 6686yyds.app User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	nnav0922mmmmm.com/template/m1938pc/css/zui.css	199.188.104.112	200 OK	115 kB
URL GET HTTP/2 nnav0922mmmmm.com/template/m1938pc/css/zui.css IP 199.188.104.112:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrecessioncenter.com Fingerprint38:EE:26:F2:53:D7:BC:D2:96:DA:35:F9:41:94:4C:AD:BE:3B:CC:CB ValidityFri, 22 Sep 2023 11:00:20 GMT - Thu, 21 Dec 2023 11:00:19 GMT File type Size 115 kB (114814 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /template/m1938pc/css/zui.css HTTP/1.1 Host: nnav0922mmmmm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:39:46 GMT content-type: text/css last-modified: Sun, 27 Aug 2023 14:16:54 GMT vary: Accept-Encoding etag: W/"64eb5ad6-1c07e" expires: Wed, 27 Sep 2023 07:39:46 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2`

	www.39903168.com/upload/vod/20230825-1/dd02b0603fc999352641af9aa62439f0.jpg	198.2.236.27	200 OK	21 kB
URL GET HTTP/2 www.39903168.com/upload/vod/20230825-1/dd02b0603fc999352641af9aa62439f0.jpg IP 198.2.236.27:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectwww.39903168.com Fingerprint8C:01:48:BB:2B:CA:22:CF:9D:D8:09:80:74:B6:7B:3C:DA:05:BA:26 ValidityMon, 31 Jul 2023 12:48:20 GMT - Sun, 29 Oct 2023 12:48:19 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 390x584, components 3\012- data Size 21 kB (20642 bytes) Hash b19fae329aef19abe77a81634c7dbd78 dbcdfcf49273d05b06724e7e9f5be0f8a7d766a4 15baa569b18bcfd7102d355d3ab6a168dcf3c2a976f62e0c8dcce9402688ec72 HTTP Headers `GET /upload/vod/20230825-1/dd02b0603fc999352641af9aa62439f0.jpg HTTP/1.1 Host: www.39903168.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:41:45 GMT content-type: image/jpeg content-length: 20642 last-modified: Fri, 25 Aug 2023 02:05:08 GMT etag: "64e80c54-50a2" expires: Thu, 26 Oct 2023 19:41:45 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

	jt.hza01.com/jingtai/0713sz/bjh120.gif.js	222.186.39.16	200 OK	488 kB
URL GET HTTP/2 jt.hza01.com/jingtai/0713sz/bjh120.gif.js IP 222.186.39.16:443 ASN #4134 Chinanet Requested by https://nnav0922mmmmm.com/ Certificate IssuerDigiCert Inc Subjectjt.hza01.com FingerprintA1:C5:F0:4D:89:E5:24:AF:F2:61:9E:DC:13:7B:AB:80:66:74:50:7F ValiditySun, 25 Jun 2023 00:00:00 GMT - Mon, 24 Jun 2024 23:59:59 GMT File type GIF image data, version 89a, 30723\012- data Size 488 kB (487607 bytes) Hash 8b7f23a0f7563ad19888ce86633b9372 141544453466acc4caa8f5969db36f19185cbf29 c0ed1e65b41bb68ddcef9fd362bc2d26e69e0fa92b453f70158cac42699156ec HTTP Headers `GET /jingtai/0713sz/bjh120.gif.js HTTP/1.1 Host: jt.hza01.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 26 Sep 2023 19:41:07 GMT content-type: application/javascript cache-control: max-age=43200 etag: W/"ab91bf7e7693ed8dcf1b59283c4b44d7" expires: Mon, 28 Aug 2023 17:38:37 GMT last-modified: Mon, 28 Aug 2023 05:40:00 GMT vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method x-cos-hash-crc64ecma: 15171513653022258559 x-cos-request-id: NjUwZDY4NDNfOTIxMDcxMDlfMTg0ZjRfNGNkMjIxMg== server: cdn x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2

	nnav0922mmmmm.com/template/m1938pc/images/1.gif	199.188.104.112	200 OK	254 B
URL GET HTTP/2 nnav0922mmmmm.com/template/m1938pc/images/1.gif IP 199.188.104.112:443 ASN #54600 PEGTECHINC Requested by https://nnav0922mmmmm.com/ Certificate IssuerLet's Encrypt Subjectrecessioncenter.com Fingerprint38:EE:26:F2:53:D7:BC:D2:96:DA:35:F9:41:94:4C:AD:BE:3B:CC:CB ValidityFri, 22 Sep 2023 11:00:20 GMT - Thu, 21 Dec 2023 11:00:19 GMT File type GIF image data, version 89a, 16 x 17\012- data Size 254 B (254 bytes) Hash b013f8fa3ec997fe20dc80b82af0ad0a e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef HTTP Headers `GET /template/m1938pc/images/1.gif HTTP/1.1 Host: nnav0922mmmmm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://nnav0922mmmmm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 26 Sep 2023 19:39:46 GMT content-type: image/gif content-length: 254 last-modified: Thu, 17 Aug 2023 06:14:25 GMT etag: "64ddbac1-fe" expires: Thu, 26 Oct 2023 19:39:46 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (88)

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash