r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7515
Expires: Sat, 26 Nov 2022 12:32:02 GMT
Date: Sat, 26 Nov 2022 10:26:47 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2450
Cache-Control: max-age=89117
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:26:47 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:12:04 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
nadinter.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: nadinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 10:26:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.nadinter.com/index.php
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10179
Expires: Sat, 26 Nov 2022 13:16:26 GMT
Date: Sat, 26 Nov 2022 10:26:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 10:17:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 555
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HDPHtAJlA4vdCNN8Ix9U1B+Sn4cPHr5cYyI6o7fLRCCEDQDiFwgaXY+PJW3T/c0qoBmBmIvERbc=
x-amz-request-id: B5AY2N48T9X0GKGS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 09:41:09 GMT
age: 2738
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 10:08:54 GMT
cache-control: public,max-age=3600
age: 1074
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.nadinter.com/index.php
200 OK 519 B URL HTTP/1.1 www.nadinter.com/index.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (592), with CRLF line terminators
Hash 8f257c8a71ad25b29d7b374c9cdf12a2
154c892d6f73baa28d0ab3978ec339873ee6b1ce
82aa85ebd6c5956bc201814b0bc5507931306f9c8e417ae332ff35e1a7dc7521
GET /index.php HTTP/1.1
Host: www.nadinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 10:26:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2518
Cache-Control: max-age=170521
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:26:48 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 09:48:49 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.nadinter.com/common.js
200 OK 1.9 kB URL HTTP/1.1 www.nadinter.com/common.js
IP
File type HTML document text\012- HTML document, ISO-8859 text, with very long lines (443), with CRLF line terminators
Hash 55814d29afe2422759d196dccfe7c865
e1099783fcd36f4b8c6d0e6f5a2b614cf272f1b4
8c9f84a2328935ef5915de590c94647e6b9f0db8f3c6db8192ae06a7d4a1ee62
GET /common.js HTTP/1.1
Host: www.nadinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nadinter.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 10:26:58 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.nadinter.com/tj.js
200 OK 364 B IP
File type HTML document, ASCII text, with CRLF line terminators
Hash fcbc1e887227613ef981620f043705aa
b16592804c015aa0511cf74ed0b3c92263d9c62e
eef4b088947cb7e23a1cf37f4f534071be3479952e2c67f7e4899a81d7c59cf2
GET /tj.js HTTP/1.1
Host: www.nadinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nadinter.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 10:26:58 GMT
Content-Type: application/x-javascript
Content-Length: 364
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hJYV85ylPo9S3K250Iy5lA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BxPBqQvZYo1X+XWW3ErM3PZCFnA=
209.73.159.133/lubi-common.php?val=lubi2&t=0.7790613727380045?v=030061618929170464
200 OK 88 B URL HTTP/1.1 209.73.159.133/lubi-common.php?val=lubi2&t=0.7790613727380045?v=030061618929170464
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c7897be236906bece65848b9bdf4b2a0
60dfd3079e26768b19f166ff706c3c32d41a1745
698eb3090c06c451d0c044b8fd5029adc2986a70417e4635033359a72dc57e81
Analyzer Verdict Alert quad9 Sinkholed
GET /lubi-common.php?val=lubi2&t=0.7790613727380045?v=030061618929170464 HTTP/1.1
Host: 209.73.159.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.nadinter.com
Connection: keep-alive
Referer: http://www.nadinter.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 10:26:48 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
209.73.159.133/lubi-common.php?val=lubi2&t=0.41031547923948264?v=06504614751523212
200 OK 88 B URL HTTP/1.1 209.73.159.133/lubi-common.php?val=lubi2&t=0.41031547923948264?v=06504614751523212
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c7897be236906bece65848b9bdf4b2a0
60dfd3079e26768b19f166ff706c3c32d41a1745
698eb3090c06c451d0c044b8fd5029adc2986a70417e4635033359a72dc57e81
Analyzer Verdict Alert quad9 Sinkholed
GET /lubi-common.php?val=lubi2&t=0.41031547923948264?v=06504614751523212 HTTP/1.1
Host: 209.73.159.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.nadinter.com
Connection: keep-alive
Referer: http://www.nadinter.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 10:26:48 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 157cb47af5f15e09ab38ff413ce7a05c
3b10a9cd3422aa4304ddae49c99cb32f5c6924c0
78a8060dc2a2cfb7a285e1de22d5e67bbf47447132df1140d354b1c259980450
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "78A8060DC2A2CFB7A285E1DE22D5E67BBF47447132DF1140D354B1C259980450"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21370
Expires: Sat, 26 Nov 2022 16:22:59 GMT
Date: Sat, 26 Nov 2022 10:26:49 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash f9f9e6709f883818781b3c470b60a23f
60ed850e841de1b9aa3236020761065271a2a1dd
0365d90b8303e0127f641c88e0423efd8326b3895c76e426b9c03507236631c2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0365D90B8303E0127F641C88E0423EFD8326B3895C76E426B9C03507236631C2"
Last-Modified: Thu, 24 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7902
Expires: Sat, 26 Nov 2022 12:38:31 GMT
Date: Sat, 26 Nov 2022 10:26:49 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash f9f9e6709f883818781b3c470b60a23f
60ed850e841de1b9aa3236020761065271a2a1dd
0365d90b8303e0127f641c88e0423efd8326b3895c76e426b9c03507236631c2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0365D90B8303E0127F641C88E0423EFD8326B3895C76E426B9C03507236631C2"
Last-Modified: Thu, 24 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7902
Expires: Sat, 26 Nov 2022 12:38:31 GMT
Date: Sat, 26 Nov 2022 10:26:49 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 343 B IP
ASN #20940 Akamai International B.V.
Hash 0833d9bd65d652615ac2858fce21feba
f622c460c8b0f62272605af7ace57f812c8e554c
5842931f314ece8a686586ffe56488115742ee81be708fe9e9cf695f80b09260
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 343
ETag: "5842931F314ECE8A686586FFE56488115742EE81BE708FE9E9CF695F80B09260"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21335
Expires: Sat, 26 Nov 2022 16:22:25 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 343 B IP
ASN #20940 Akamai International B.V.
Hash 0833d9bd65d652615ac2858fce21feba
f622c460c8b0f62272605af7ace57f812c8e554c
5842931f314ece8a686586ffe56488115742ee81be708fe9e9cf695f80b09260
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 343
ETag: "5842931F314ECE8A686586FFE56488115742EE81BE708FE9E9CF695F80B09260"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21335
Expires: Sat, 26 Nov 2022 16:22:25 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 343 B IP
ASN #20940 Akamai International B.V.
Hash 0833d9bd65d652615ac2858fce21feba
f622c460c8b0f62272605af7ace57f812c8e554c
5842931f314ece8a686586ffe56488115742ee81be708fe9e9cf695f80b09260
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 343
ETag: "5842931F314ECE8A686586FFE56488115742EE81BE708FE9E9CF695F80B09260"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21335
Expires: Sat, 26 Nov 2022 16:22:25 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 343 B IP
ASN #20940 Akamai International B.V.
Hash 0833d9bd65d652615ac2858fce21feba
f622c460c8b0f62272605af7ace57f812c8e554c
5842931f314ece8a686586ffe56488115742ee81be708fe9e9cf695f80b09260
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 343
ETag: "5842931F314ECE8A686586FFE56488115742EE81BE708FE9E9CF695F80B09260"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21335
Expires: Sat, 26 Nov 2022 16:22:25 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 343 B IP
ASN #20940 Akamai International B.V.
Hash 0833d9bd65d652615ac2858fce21feba
f622c460c8b0f62272605af7ace57f812c8e554c
5842931f314ece8a686586ffe56488115742ee81be708fe9e9cf695f80b09260
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 343
ETag: "5842931F314ECE8A686586FFE56488115742EE81BE708FE9E9CF695F80B09260"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21335
Expires: Sat, 26 Nov 2022 16:22:25 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
200 OK 670 B URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 8504cac58d3aa8f451910aed346ef426
04b8a8fbf9d87c46a31a53ee3b1a2a176c22c2c3
3e5a4fa48c9a3265933d0d54368b135707cce55e5be3bc15b309e242dd88dc2f
GET /yPS7hqfHgkFauS2djb/254.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 12:33:29 GMT
etag: W/"6380b619-3fe"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3CbojuT8DBTk4cyA10rI4RmGN0q8xhOrHSYfpXZnRXqXT0h0zJbF8TMTq%2FZVvAfEUGb0NH6yj02ZEkWU4lvPKCdSAlzlq%2FEeRIpRZ7vIfZlT3DlrW2P5l%2B1loiSc%2BlqpzuipGBk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed970dcc0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5657
Expires: Sat, 26 Nov 2022 12:01:07 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5657
Expires: Sat, 26 Nov 2022 12:01:07 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5657
Expires: Sat, 26 Nov 2022 12:01:07 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
200 OK 10 kB URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0dec74d36c7b044fbb90a2d1f05b0ba5
6f16ba09b0947062cab1a089354f85147243be7c
24db47c95f139b5b0956c21140895dc7b6db3f2aca9de7ad08c6a38cc610f7bb
GET /yPS7hqfHgkFauS2djb/250.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 12:33:29 GMT
vary: Accept-Encoding
etag: W/"6380b619-401"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V8u%2BJ6DF3n6hH0p2DN3wXYTTCdJpkcw5OcU9JIQu6FUI7V7rqi63SXnLnt%2BHKMtyr%2FPY192UOd8EEDtkve2Umfu%2F0G2cW1X4z9SgG3StNrx7HxHtADWb%2Fk%2FcIy9yGKWNXny8ZS8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed970dd70b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
200 OK 3.8 kB URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 270c1347fb72d576db5ed921eac372a8
5a17539cf5140386a9613891e2f2860551757c82
37f12d4af573cac70131e3228dfd85fddbf49c4a510b53932a44098f834c7c63
GET /yPS7hqfHgkFauS2djb/251.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 12:33:29 GMT
etag: W/"6380b619-3fd"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVzi%2FnE51BVSzsvLKT05t2Sh9Lp3bwdzOzkuy248h2ZiS5InD60xlzeRi8oWJqPyDot5fb024Xn7sN2bRi%2FildiYHgHXEp%2BzUXnX1uX9AiGQtWq8sbbw%2FaYRwtG6UimnvUHhr55Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed970dc70b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2a9aa8538fd43df863844b793ce96a13
0ca1e49991abd7478573140de793c422c5efa2da
fd0b65dec48b7d6fb36fb0b66e19315a8adcacd5622a493d1bf6e1d6717f8ff5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD0B65DEC48B7D6FB36FB0B66E19315A8ADCACD5622A493D1BF6E1D6717F8FF5"
Last-Modified: Sat, 26 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21378
Expires: Sat, 26 Nov 2022 16:23:08 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfe2d23-9843-4fb7-b46a-fd8ffd7bce9a.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfe2d23-9843-4fb7-b46a-fd8ffd7bce9a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d30923b7d20eeb37527255c3ee1da34f
bed54bd4f659fbf29834b262e9179df7e7bc56a6
3110f22342b17a7b1d30bd53350e6a11fd6032d97bccf4206e4a27d6e332c79b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfe2d23-9843-4fb7-b46a-fd8ffd7bce9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9011
x-amzn-requestid: f0e83373-0f65-4358-a902-45f2e9c24c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUfPHzAoAMF4ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813461-19e037da49c44e4363bbe8f0;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N2zsqycYk04GXPSMhxJKCrX84Asqzq8UNIFTYg2hJllP4fTGXzwEuA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:16:10 GMT
age: 43840
etag: "bed54bd4f659fbf29834b262e9179df7e7bc56a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:18:42 GMT
age: 43688
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2a9aa8538fd43df863844b793ce96a13
0ca1e49991abd7478573140de793c422c5efa2da
fd0b65dec48b7d6fb36fb0b66e19315a8adcacd5622a493d1bf6e1d6717f8ff5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD0B65DEC48B7D6FB36FB0B66E19315A8ADCACD5622A493D1BF6E1D6717F8FF5"
Last-Modified: Sat, 26 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21378
Expires: Sat, 26 Nov 2022 16:23:08 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 02:19:43 GMT
age: 29227
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5657
Expires: Sat, 26 Nov 2022 12:01:07 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
lb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
200 OK 819 B URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash a4b4ede17afe37c1ebf0c6ea79aa15ed
63ab11442abed706f14add346af68c1a3616e520
10ffab7d144032e357848f1e60d19e3f39b8dc40fd3b1fce922d14c08b829fd5
GET /yPS7hqfHgkFauS2djb/zylm.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 05:41:50 GMT
etag: W/"62a9711e-3b7"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ue5xUxDheL7Zc5DCZBcs5I2uO3PEy4Nn%2BF%2Bb6xLcJFzq2ibQQFguKCvgF8cIE539PcNfXzWSxbpNhVFAVer9AnWuHiDpP7TFslpOklM2DRARGwqgJb%2F8C0l19zmNPxvMcA5JwrXr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed970dcf0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
200 OK 9.5 kB URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2faac2410fb6ce8a065aacdfe3d2bfc7
96ae37f670d79f47dabf46f7ed1288d93acb4d4f
bbe9fc0ad3f6dbdb563fbc062c9cdae09ba2f224b566b9fdf92b711c588d0433
GET /yPS7hqfHgkFauS2djb/foot.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Tue, 22 Mar 2022 07:12:40 GMT
vary: Accept-Encoding
etag: W/"623976e8-445"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piTBWYdHxmGK0pzGedG%2Ffg9xCReeixgCUFVoNgTjvs3gTY%2FBnRE1n4rDL4t2%2B9N4FBeISf6Glc%2BXPsec8w1HLoCms6mKOm8Rryx1L%2Fh3GzqkPc%2B%2FdhbSZJlYH%2F8eom2elgz8zakI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed970dd10b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash 91d2c05dcf25e00058c6d9819475b37a
a8b1336f319cc3accf3104b900c84258389aef81
daacb3a1012a41f6d76dae0357f19fdb58dc0b5a08169a60534525d59d510a32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5024
Cache-Control: max-age=132721
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:26:50 GMT
Etag: "638139bb-2d7"
Expires: Sun, 27 Nov 2022 23:18:51 GMT
Last-Modified: Fri, 25 Nov 2022 21:55:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 727
lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
200 OK 1.4 kB URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9812d8e09004dd400e339325e01ff617
4dd3c0e89202581505760ea82bc72af450632bd5
e424483acb84cfe7b00a3253b2d620c22a828194a2ac8a5039c5e7ce757a5d18
GET /yPS7hqfHgkFauS2djb/xtb.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 12:33:29 GMT
vary: Accept-Encoding
etag: W/"6380b619-f72"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mS3ocneUcftktZsKzP7KY24g43j%2FHfVx1%2BdUCxGua0299pTMYIHV2KqfykjMQqeEBsnln8s6%2Fv4n%2FzTlIEKqXygNLCFJf0rCNVdxT3NcktTVaQvywPTVRCzkF73UqT1waet0%2Br1v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed988f4e0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash f668d85d7ea16c27d89201e8ee8f773f
f26cabb90108f33f3809de0a9fb5a5afc6cd59ba
b1778bfcdc4f6261b7b71db9c47201e37e1f9483aa996c943ada6c2365cfae3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B1778BFCDC4F6261B7B71DB9C47201E37E1F9483AA996C943ADA6C2365CFAE3B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7951
Expires: Sat, 26 Nov 2022 12:39:21 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 028ea6403d158fb287d2a3af9f1c8733
4cff7e99530f786ff4da2388067f1eb4167718c0
c597f2e08d37fb97973da15b7c9ba0955c6a1f0bd6a60adf5262c3960c845237
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 30 Nov 2022 09:40:26 GMT
ETag: "4cff7e99530f786ff4da2388067f1eb4167718c0"
Last-Modified: Sat, 26 Nov 2022 09:40:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2189
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7701ed99f97cb505-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 028ea6403d158fb287d2a3af9f1c8733
4cff7e99530f786ff4da2388067f1eb4167718c0
c597f2e08d37fb97973da15b7c9ba0955c6a1f0bd6a60adf5262c3960c845237
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 30 Nov 2022 09:40:26 GMT
ETag: "4cff7e99530f786ff4da2388067f1eb4167718c0"
Last-Modified: Sat, 26 Nov 2022 09:40:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2189
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7701ed99fa3a0b02-OSL
178880.vip/index.gif
403 Forbidden 1.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash 0447d3988a23fd1c0964e513296dc2c6
b9f6f3a59ea9ce8672a055f38692d3d22bded2be
53d062fbe0b88ae33308c9a796e6f1dd966f4c1c6711417866579fa768d028f7
GET /index.gif HTTP/1.1
Host: 178880.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Sat, 26 Nov 2022 10:26:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7701ed9a0ba6b523-OSL
Content-Encoding: gzip
lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
200 OK 310 kB URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
IP
File type HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size 310 kB (310209 bytes)
Hash 029ee4483dbbc761f5b71bffb6b5b4ef
4c884840118714bd21cbc18bf387af9abe072f78
113856fe1d01c36e72a556f1ff506814efc0c1187b91c16b6441a73a194de2b7
GET /yPS7hqfHgkFauS2djb/xx2.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Sun, 20 Nov 2022 07:02:51 GMT
etag: W/"6379d11b-35a"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OcUBXjI8aH7lK76ZmZCNi2d0BtzZvfzfzWmZSrtASguocd0R1QHsaLXq58%2FHjV7Lwq9ORwl2ZjFp2xSiD2dVcBPpygVOfCDo5BJN1gtwremBIuUQuJh0IbGJL2sIzGxZ3Bn3P8Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed987f330b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt12.gif
200 OK 750 kB URL HTTP/2 tk.learning8808.com/images/xt12.gif
IP
File type GIF image data, version 89a, 200 x 200\012- data
Size 750 kB (749706 bytes)
Hash 5b3e843ec7923ace3c8c52e7e3d71608
65b34236bdea1d3bb438b23eaa028df8b587cc45
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
GET /images/xt12.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/gif
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
etag: "626930fc-b708a"
expires: Mon, 28 Nov 2022 11:14:05 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2416365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHiVvPXu9XYTlCsc19gaDab%2FHDEgYdCuJG%2Bun6hTOLSOAlhqwpL0uC22ofqbKpSQzQXF6naEkEAszy4iZ6rWe7eUZ11%2BNdrRceAATJrGkAdGZrUmBvK2QLcY31vnbyu9e0N%2FxIXE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed9a4a79b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt3.gif
200 OK 193 kB URL HTTP/2 tk.learning8808.com/images/xt3.gif
IP
File type GIF image data, version 89a, 326 x 217\012- data
Size 193 kB (193237 bytes)
Hash a15551773d50ba1bc1c91f1ac0e7a45f
603c163ea29d202ec5019fecaf202962892d6500
dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e
GET /images/xt3.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/gif
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
etag: "626930ff-2f2d5"
expires: Mon, 28 Nov 2022 14:52:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2403289
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SbPEE4eQyxG91vVjlQBLXaDDkFhwNkkHtawWuTgenynflMEAiprYFzPukOjx443QPSK%2FOByKE62J0mZWlU2QiqvOC%2FDEUw0Ei85vUAfSVFcK6hjC%2Fs8Czi2z%2F5S3zudjqvdpsIH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed9a5a94b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt10.gif
200 OK 624 kB URL HTTP/2 tk.learning8808.com/images/xt10.gif
IP
File type GIF image data, version 89a, 145 x 145\012- data
Size 624 kB (623748 bytes)
Hash a32d51e341cd89abbece4c69d304f22d
66079b18e75f9469f4be074e9bc02ba0d85c4361
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
GET /images/xt10.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/gif
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
etag: "626930f8-98484"
expires: Sun, 11 Dec 2022 11:15:15 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1293095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WEXZ8Vu6gkYibkZBZ7z%2BdAsG7nnMGbxXZjahcxJLqvrWN1Wnz6WD3QrDbM07vPBbRxgTivxnfUlxabC5ps1nKplUWO6Je4GZ7ZK3QooQ8zTpk4MNFCqGORZeRbw39Bf4NLinl24"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed9a5a7eb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt1.gif
200 OK 444 kB URL HTTP/2 tk.learning8808.com/images/xt1.gif
IP
File type GIF image data, version 89a, 200 x 200\012- data
Size 444 kB (443705 bytes)
Hash 8bc908398e73478d0b28d85191689891
5e9022d7583285c988d0acb55b6db7c920f3c3d0
c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
GET /images/xt1.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/gif
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
etag: "626930f7-6c539"
expires: Sun, 11 Dec 2022 11:15:15 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1293095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FryGSSmXsX0VtRvcXL%2FgcwzwJpkIrJPwNKhOTC35bWkNLiJWjvtEvO%2FtTiwfHUEaLmNVZpjWf3gHKuJ%2F7THje1RvtlifBqkNpmRMewwzSRuzEI1iVUk2n2dBfkXpOpFhML8wbtV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed9a5a85b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash f668d85d7ea16c27d89201e8ee8f773f
f26cabb90108f33f3809de0a9fb5a5afc6cd59ba
b1778bfcdc4f6261b7b71db9c47201e37e1f9483aa996c943ada6c2365cfae3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B1778BFCDC4F6261B7B71DB9C47201E37E1F9483AA996C943ADA6C2365CFAE3B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7951
Expires: Sat, 26 Nov 2022 12:39:21 GMT
Date: Sat, 26 Nov 2022 10:26:50 GMT
Connection: keep-alive
178880.vip/index.gif
403 Forbidden 1.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash baf341bfbc905b2654d9f016da841a0b
c5d957529416a5363283504675f31255a7580597
1ac04f418382e24ab76a640cffa80ff676deafc72e9a8b2795783ec8beee446b
GET /index.gif HTTP/1.1
Host: 178880.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Sat, 26 Nov 2022 10:26:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7701ed9aac52b523-OSL
Content-Encoding: gzip
lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
200 OK 270 kB URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
IP
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 270 kB (269502 bytes)
Hash c4af703033b692f17f68f155d022f3ac
36fad496708932f595650b3bb208bc973602960e
2be21f124ea309537ccb54fac80bc3d5878d9634bc5f727eb0971d5d28d69328
GET /yPS7hqfHgkFauS2djb/253.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Sun, 20 Nov 2022 07:02:36 GMT
vary: Accept-Encoding
etag: W/"6379d10c-421"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfAHxnSHijG1uZ898h1OeAfRKup1WNCCThbJ7E3UgNCZGSXyDQGu5mr8heTX3nQVW9YEF7p0qzQcDgmsMgUTGNblLzBPvx94pLNBtyZs9RS27%2BoTkULc5kUeJYnGRFCX1kXn6nie"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed970dca0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt5.gif
200 OK 1.7 MB URL HTTP/2 tk.learning8808.com/images/xt5.gif
IP
File type GIF image data, version 89a, 152 x 152\012- data
Size 1.7 MB (1693315 bytes)
Hash 036bdfc6224659a646168502a1742fb5
69ca9749e1a5f16d97d91c5c28f8c5d541093fd4
6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94
GET /images/xt5.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/gif
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
etag: "62693103-19d683"
expires: Sun, 04 Dec 2022 08:35:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1907479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NptyA5W%2BzaxmtoXxy8ZIIlL8I3mZshV4K4LlcnoU7njwJRUo1gGBCgZ5TaWC8QsxrGFezVewbS4iyFNGJAwWd8cHgPhHMAoPWx6q%2FeGAiFYQuFY8dkY27ZL4%2FSxarKTYqSqpirbB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed9a6aacb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt6.gif
200 OK 2.2 MB URL HTTP/2 tk.learning8808.com/images/xt6.gif
IP
File type GIF image data, version 89a, 152 x 152\012- data
Size 2.2 MB (2168710 bytes)
Hash a0d945b4c30bc77735161545d1e00072
87c77a030ae771c3010d1215f73d1426e03f48dd
8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb
GET /images/xt6.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/gif
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
etag: "62693105-211786"
expires: Sun, 04 Dec 2022 08:35:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1907479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2%2FXZef9qLc%2F1dZ3lctEJDk8UUGIPltj3s7rYHicjeBPKWFR9SoG5tu5oHyHWw1Tf5uW%2FuXG0SDdNrpcPJcJNMRTGeGvPxRnaa69uVoIy%2BHreH0irEgMUFPqEimEcHpdWs%2FmR78U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed9a7ab2b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/f60fa92ad3c220a46b220c1672db7b41.jpg
200 OK 9.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/f60fa92ad3c220a46b220c1672db7b41.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 2808a5017c86eefc19cfb72fb6a907aa
bf02f050a22dc23b928f7d20493104c43441e864
dd61b4f183d4edb8303b0fa8502edab9ddb27b4e94606dae49169564dbc672bd
GET //upload/vod/20221126-1/f60fa92ad3c220a46b220c1672db7b41.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 9612
last-modified: Sat, 26 Nov 2022 04:30:06 GMT
etag: "6381964e-258c"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/fa57ebbae14663d276572bb25bef0b12.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/fa57ebbae14663d276572bb25bef0b12.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 4e5a2c90a39fe1f8f476108bcce8c482
fac74c3d87693d4b51ecfd6a62148fec69bc5c21
f893032e10d452bb14561ab6f8231babe1438bfee7f4c3395e53ccf4574f7432
GET //upload/vod/20221126-1/fa57ebbae14663d276572bb25bef0b12.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 12132
last-modified: Sat, 26 Nov 2022 04:30:05 GMT
etag: "6381964d-2f64"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
200 OK 1.6 MB URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
IP
File type HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size 1.6 MB (1640097 bytes)
Hash 3356442a71dfe3f7539b851a82736fcf
5f0597b44969d677cd304cf9688d6011f21046f7
b86b5b6b98ac946e63561d0fec142affc7e3fc54597cf420677736ff9e268f95
GET /yPS7hqfHgkFauS2djb/xx3.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Sun, 20 Nov 2022 07:02:53 GMT
etag: W/"6379d11d-35a"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbN4Kr1xfUtpG1kLKmV6Jlyker1ZVzsSTC2MI88DmuzP1ZD7I6IL4gQs2D7seqNpD3Cf4HyHfgxV0T4Me1k0AEsFW25qazNM5sLKLOY1EZuJuAzZmn6p8NOmfOiDf6hxcvAQwDHB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed970dd00b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/201cd8583e3a25e20f2874670f41fc52.jpg
200 OK 7.4 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/201cd8583e3a25e20f2874670f41fc52.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 6701e7b2972980a7a5dc04b114d525e8
cb8bfe3bc298417f06128714d2cabed53a0152fb
58385abaae461e7e1b03c8e95d10020b039706b221a310de4d148c0af36d4779
GET //upload/vod/20221126-1/201cd8583e3a25e20f2874670f41fc52.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 7385
last-modified: Sat, 26 Nov 2022 04:30:05 GMT
etag: "6381964d-1cd9"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/f748ab275af2039a7e41e06a895870bc.jpg
200 OK 9.1 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/f748ab275af2039a7e41e06a895870bc.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 86847b4b9d5040a43d55eff458acf97c
3ff074032868d07d4653a82973c62db2cc3d9928
d4ef2687ffa896638574312956d71fec2464cccdcc1ac8cccd0f33cb42ee302f
GET //upload/vod/20221126-1/f748ab275af2039a7e41e06a895870bc.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 9103
last-modified: Sat, 26 Nov 2022 04:30:05 GMT
etag: "6381964d-238f"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt9.gif
200 OK 329 kB URL HTTP/2 tk.learning8808.com/images/xt9.gif
IP
File type GIF image data, version 89a, 120 x 120\012- data
Size 329 kB (329331 bytes)
Hash 0982fef3f808ddf5925e60c39af631ba
80d6f27859a94c2c49b9175d2e9f84e6bd9b5605
bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d
GET /images/xt9.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/gif
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
etag: "62693109-50673"
expires: Thu, 08 Dec 2022 02:12:56 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1584834
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BACRQyx9I%2FzBF2En62KQ7adgaQ0YXDsvWoAmURsyQH6lO1UXG9VVu%2BUQ%2Fi%2BzbrSCHoBI3YpOO26cf8pkICH6qJmsB%2BwWF6QQLtWYkX16uW9Sy3caXCSFGdN5gfEzr4FeMsw0S9C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed9c3ca2b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/7f1acf08307c224045bff15a1bdd8be8.jpg
200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/7f1acf08307c224045bff15a1bdd8be8.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash c02b036954cc7001a4e17170ba39c740
e5a22d129b47399a8ea7de4d2125af1c8f0b9a5e
562780cea3640d6fb130a8b65b3d1e4e5868b50b8b28f6f4fbf8d5cbf96fafa0
GET //upload/vod/20221126-1/7f1acf08307c224045bff15a1bdd8be8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 10005
last-modified: Sat, 26 Nov 2022 04:30:04 GMT
etag: "6381964c-2715"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/70c32c6e7148711df06543ae515f5169.jpg
200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/70c32c6e7148711df06543ae515f5169.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 755681101971a52c73b4b277f600563b
acf8d1728bf6c5e512d92969108b3ea599b46713
342ff1dc8a9feb6c66179d4cecc05612748b360e9a8e9d9a3762a654a5db2a2f
GET //upload/vod/20221126-1/70c32c6e7148711df06543ae515f5169.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 13469
last-modified: Sat, 26 Nov 2022 04:30:11 GMT
etag: "63819653-349d"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
js.users.51.la/21278765.js
200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21278765.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash c1c93065519198b247f58fdb70101fee
b34adf07bfb98d861d6596dac011f9110e473376
3dc06be81256077e18308dcb0441c818aa420ab8fd37957fe1f0745c4d3a3b60
GET /21278765.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Sat, 26 Nov 2022 10:26:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=9ff723f719313ca6140; path=/
HWWAFSESTIME=1669458407674; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.gg123456789gg.com//upload/vod/20221126-1/1ee0fb882df54f1dd16bf91a613bf9e0.jpg
200 OK 20 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/1ee0fb882df54f1dd16bf91a613bf9e0.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 54e8335ba841201e8ee1f120c51f929e
70aecaf20b8380c3dfa4cba2690bc933cee7314e
b24411b9bf28d6b5ed7c6b4c701fdb9eb968d4b0efc8eb79bd92ab5ff73b4fd6
GET //upload/vod/20221126-1/1ee0fb882df54f1dd16bf91a613bf9e0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 19872
last-modified: Sat, 26 Nov 2022 04:30:11 GMT
etag: "63819653-4da0"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/3b00a2bea2833cbd9cfa0f52c91d7c08.jpg
200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/3b00a2bea2833cbd9cfa0f52c91d7c08.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash c23fea2817b838d2a4d51ddaeb9804c5
a6211f85d6810b09d8265921d1f8bbed3d06bff5
cdcd53f808c39c7cc41c0d3827ee3f75e1415e55f990840f9e5fce18b7c5d92d
GET //upload/vod/20221126-1/3b00a2bea2833cbd9cfa0f52c91d7c08.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 10364
last-modified: Sat, 26 Nov 2022 04:30:11 GMT
etag: "63819653-287c"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/73be13128afeaa0e05f23d505b846536.jpg
200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/73be13128afeaa0e05f23d505b846536.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 20737060bc9668f1d1a5d277099b1217
aaa50ffff8ddf3aa68cee496d306aaceab07fb6b
7fc4cc0d9e6158ddaea92b8e95778b51bc47c13a6fc918585f4922604005df19
GET //upload/vod/20221126-1/73be13128afeaa0e05f23d505b846536.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Sat, 26 Nov 2022 04:30:11 GMT
etag: "63819653-3b71"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 14af473af74ae046af7f28dc43623b8b
13fd4f1189c90be49a885a6cec90864a2be0adc9
aaf1f43d7056b0aa0f56fc209447fcfa1a5a274bf199eff4954c5f594c9648aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAF1F43D7056B0AA0F56FC209447FCFA1A5A274BF199EFF4954C5F594C9648AA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2073
Expires: Sat, 26 Nov 2022 11:01:24 GMT
Date: Sat, 26 Nov 2022 10:26:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 134c5e2bab597f5d39ccc691a3ad39df
2602d264dc883172ce2a1a6e6a5f9d1a4671a475
3d774ecf21651d37362547cfca0d6894b1e78237152a3d1b95d843a1f04ca822
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D774ECF21651D37362547CFCA0D6894B1E78237152A3D1B95D843A1F04CA822"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3939
Expires: Sat, 26 Nov 2022 11:32:30 GMT
Date: Sat, 26 Nov 2022 10:26:51 GMT
Connection: keep-alive
www.gg123456789gg.com//upload/vod/20221126-1/ed4cadcf4f73801c85b657eb6a65f438.jpg
200 OK 9.4 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/ed4cadcf4f73801c85b657eb6a65f438.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 236575537689c50e7418fad101e65aea
261d5f89ac009fe13ff530e19dd1d6f993211642
8980d80ac0e82d6809891a989de4016c354f19a0963c0a81b92fc314ec6dc787
GET //upload/vod/20221126-1/ed4cadcf4f73801c85b657eb6a65f438.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 9363
last-modified: Sat, 26 Nov 2022 04:30:10 GMT
etag: "63819652-2493"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/063ed969b070f62a01239094678aa844.jpg
200 OK 17 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/063ed969b070f62a01239094678aa844.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 666ec88c2289a10e0a59ca5c5a5f35fb
ed7de5e34947545cf7c7a0a8d07f1ab8d750cebd
cb79618c2b1fabf38b68947aa45daf66c3ce2b98d7d0567197d1837be5992a30
GET //upload/vod/20221126-1/063ed969b070f62a01239094678aa844.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 17352
last-modified: Sat, 26 Nov 2022 04:30:10 GMT
etag: "63819652-43c8"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/5b9b9d61060ee35d6b83edded1d45006.jpg
200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/5b9b9d61060ee35d6b83edded1d45006.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0ff0441f439b66a7dd9b2cdcbbbce6ed
8420c129aaa43541869e61f2bfb338ed46438d01
2eb1f55655420d10c6eb0db683dd212eea42bf9be6751c0aa6727a3cc016e961
GET //upload/vod/20221126-1/5b9b9d61060ee35d6b83edded1d45006.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 15141
last-modified: Sat, 26 Nov 2022 04:30:10 GMT
etag: "63819652-3b25"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
klx14.zhgmjglh88k.com/template/m1938pc/css/zui.css
200 OK 33 kB URL HTTP/2 klx14.zhgmjglh88k.com/template/m1938pc/css/zui.css
IP
File type assembler source, Unicode text, UTF-8 text, with CRLF, CR line terminators
Hash 40c462a0c7387279a4fad17a8753a204
55a90061e3e49615d6dedfb4cd57cef6d8e628a2
d9ed50e60f4dcee68df945ef988a5bbeb29efba1ec042beb2725312640ff1734
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: klx14.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:49 GMT
content-type: text/css
last-modified: Sat, 26 Mar 2022 14:12:08 GMT
vary: Accept-Encoding
etag: W/"623f1f38-14f3a"
expires: Sat, 26 Nov 2022 22:18:38 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qF2CffHh3ALrqppJDGybau0NnFlYWN6gi%2BPbLM2CuvhQFN9hRwcv9%2BzKUOWHEXmiwwmGzUr1JUMHv7wXRLJSQo4Xi27QOdjgmgzm2FbbbPo8sgRl3wSihs%2FMjfkfTjDi55%2BmWIVTk28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed941c2eb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx14.zhgmjglh88k.com/template/m1938pc/css/ate.css
200 OK 13 kB URL HTTP/2 klx14.zhgmjglh88k.com/template/m1938pc/css/ate.css
IP
File type ASCII text, with CRLF line terminators
Hash ee2a2afdf8daa1b9107071197e5c5ff5
fadf8d2848937d56a42a509aa759d61e7986bea1
5ffe7bc417bd6dd40fa4d84728cb9159d5b5594ee905c77796c16acfde251b4b
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: klx14.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:49 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
vary: Accept-Encoding
etag: W/"61be9b34-126e4"
expires: Sat, 26 Nov 2022 22:18:38 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtFCXp2wrO8ZYBeBLaelQ%2BpWiozomsfSQbFyjrLz7y4XERgATGkleqBIHP21sCZTGpHKJInYhUHTM4YV%2Fk0Dga%2FsRNAqcu5WVrQgHHbk0Wv7AozkiiUpYgLx0emrF9dcw4M0gqsA6zw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed940c22b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/0e7ef3f168e3be336b1cbac3c7edbaf3.jpg
200 OK 9.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/0e7ef3f168e3be336b1cbac3c7edbaf3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash a06eeeb33616030e4ffa581d9e88591f
18c8bf8260431004142503db6d3787c1672154bb
8ecaff59d3e03c12969ba75d3a270a789e3d914752b4316df26f6cb0836f821a
GET //upload/vod/20221126-1/0e7ef3f168e3be336b1cbac3c7edbaf3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 9165
last-modified: Sat, 26 Nov 2022 04:30:09 GMT
etag: "63819651-23cd"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c5697175002e13ef1605eadd28f19ff
905e86a90cc9a28d5cb8d1c2c8224e7b3c44efd3
4c206274b25f0699275dca281f1b7605442a52fc3fec9141d78daca584720cc8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C206274B25F0699275DCA281F1B7605442A52FC3FEC9141D78DACA584720CC8"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7134
Expires: Sat, 26 Nov 2022 12:25:45 GMT
Date: Sat, 26 Nov 2022 10:26:51 GMT
Connection: keep-alive
www.gg123456789gg.com//upload/vod/20221126-1/ca10eed89cc2caa94e98d9f271e36193.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/ca10eed89cc2caa94e98d9f271e36193.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash bad91e97de4deef5ab00e46e34563edf
89360ad8d657eb2ff4ceb9ac373e4f56245c0ebb
aa007813cf2e72bce353cf8b0a00186ce9b9ddd80a53efbf38702d4eacd31250
GET //upload/vod/20221126-1/ca10eed89cc2caa94e98d9f271e36193.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 11903
last-modified: Fri, 25 Nov 2022 21:30:06 GMT
etag: "638133de-2e7f"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/8fdae9f0b18b7648b84601f6ba607997.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/8fdae9f0b18b7648b84601f6ba607997.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 09f49c671c0d879ef1f857da3226220b
b8df2454720325d0df3a145d5449bd0bbbb59657
1d5fcafea42404ad4ad8bcf8d13d72efc29c1e556c092d166bb97d8e33a9ae2d
GET //upload/vod/20221126-1/8fdae9f0b18b7648b84601f6ba607997.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 12275
last-modified: Fri, 25 Nov 2022 21:30:06 GMT
etag: "638133de-2ff3"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/8384f653544a4d1245fccf4dc7c55fa8.jpg
200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/8384f653544a4d1245fccf4dc7c55fa8.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash fecb832ce5bdbf4fd4b33fd6af820120
2a69da95614c3a8a7e333c3ae94552b09e553bcf
fd5788fa0910899f2ecc774cf32b4951dba4eb065951fbd8fc3817733d9d988e
GET //upload/vod/20221126-1/8384f653544a4d1245fccf4dc7c55fa8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 14354
last-modified: Fri, 25 Nov 2022 21:30:06 GMT
etag: "638133de-3812"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/ec5e51b6f317edfef0fa8f24dea89d75.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/ec5e51b6f317edfef0fa8f24dea89d75.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash aa3b7e6e9f8e3112d09d47f3c78155c3
0da8a6dd2b9c4f62cf741655910b22873b023d60
530028e5dffee93ff50373a8f3a15df5166d784417bdecfe9a572bd4f2457698
GET //upload/vod/20221126-1/ec5e51b6f317edfef0fa8f24dea89d75.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 13316
last-modified: Fri, 25 Nov 2022 21:30:05 GMT
etag: "638133dd-3404"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/bfe03f4642fdd3fabd74b5f5129ebec0.jpg
200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/bfe03f4642fdd3fabd74b5f5129ebec0.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 296137634c05fd77e936e8d7a5776b6a
947bb8067c1dab200ac9e1b1b2f0c58820b2f53f
aaa628b3fd9cbffbeb86da6068aa9cd02ab0687814e1af8d967f24311b3c0d77
GET //upload/vod/20221126-1/bfe03f4642fdd3fabd74b5f5129ebec0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 10635
last-modified: Fri, 25 Nov 2022 21:30:05 GMT
etag: "638133dd-298b"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kveii.com/f67b410855efed07dc1783436baaa5f7.gif
301 Moved Permanently 162 B URL HTTP/2 kveii.com/f67b410855efed07dc1783436baaa5f7.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kveii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 10:26:51 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
301 Moved Permanently 162 B URL HTTP/2 kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /80425b77b9bd0cff2005378bab6643ed.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 26 Nov 2022 10:26:51 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 6e9b336a03e71a2b0aa8dbfac1edc30f
ddcfb11d28f584653531587b523db6922b4a8b0d
d2f614a6975cc334cddb0370a326fa9b10b7634f65d248def71bb810bfc1cd27
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 30 Nov 2022 06:59:34 GMT
ETag: "ddcfb11d28f584653531587b523db6922b4a8b0d"
Last-Modified: Sat, 26 Nov 2022 06:59:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 764
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7701ed9f1aeb1c06-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 30210bf6d25c8f1f93b779b8e65f27de
e3d9f2c252e3ed37b3fc6fd2f64589b431a67b20
a9d5f2cb4e694d9f974ffc5ba5bf1054893239f017a0dba98bc3962845078230
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 23:52:08 GMT
Expires: Thu, 01 Dec 2022 23:52:07 GMT
Etag: "e3d9f2c252e3ed37b3fc6fd2f64589b431a67b20"
Cache-Control: max-age=479715,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7701ed9e2c4fb51d-OSL
www.gg123456789gg.com//upload/vod/20221126-1/d259c40dfd5905a7c70cc42b98b91192.jpg
200 OK 16 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/d259c40dfd5905a7c70cc42b98b91192.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a750164a1f2eae1a3f43e807c54476ad
78b474ba1a7713acbd4bcb5bde6e91b0edd359bd
1b791d9855776b6995075faaec985a09fbc17a62b6e7b6e1115251dad5fd3a49
GET //upload/vod/20221126-1/d259c40dfd5905a7c70cc42b98b91192.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 16041
last-modified: Fri, 25 Nov 2022 21:30:05 GMT
etag: "638133dd-3ea9"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/fd0c3554f5ec9d467099c716479ca97c.jpg
200 OK 16 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/fd0c3554f5ec9d467099c716479ca97c.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e736e42c3f898e7230ffaac9e4abbe1d
caa6360906021bdf24c642c705c5f9e2afee0d5e
36d0a7e013f494af18c61ec08002b31afe4dfc146d3d1610cc71a6ada896a1a6
GET //upload/vod/20221126-1/fd0c3554f5ec9d467099c716479ca97c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 16208
last-modified: Fri, 25 Nov 2022 21:30:05 GMT
etag: "638133dd-3f50"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/24c5fa5d773c824d3be1e0ad66c8dd36.jpg
200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/24c5fa5d773c824d3be1e0ad66c8dd36.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 47a649279105e2dfd0c6b8bcfeb21416
85badcd61a5b6e779b38d54da40059160ebac7cb
37569658eab3a8ca27f7855d57d3aafb1e5aef8e657c85c0976273ab9b75a786
GET //upload/vod/20221126-1/24c5fa5d773c824d3be1e0ad66c8dd36.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 14211
last-modified: Fri, 25 Nov 2022 21:30:04 GMT
etag: "638133dc-3783"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/eea9cfc8ea18079145139356b381e2ce.jpg
200 OK 16 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/eea9cfc8ea18079145139356b381e2ce.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash d519669988d608ead219b178acf7afb6
00ea838151f38bfb1f353b8818c97e402a6931ab
f5357a7d5de24bc071140f816e549a0598bdaa3d140fb66c4655e61fbbf7870a
GET //upload/vod/20221126-1/eea9cfc8ea18079145139356b381e2ce.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 15694
last-modified: Fri, 25 Nov 2022 21:30:04 GMT
etag: "638133dc-3d4e"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/c52591d8d64f3ba2610ae9d7f7317f69.jpg
200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/c52591d8d64f3ba2610ae9d7f7317f69.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 91c3971e8803697c7c747e536d9d53dd
45ec57539633713cefd364dfbd3a5836e8016a7d
7c56b9de00f69905b0c2fb699e1fbc5c310c3c544b84b9099061295be95628b8
GET //upload/vod/20221126-1/c52591d8d64f3ba2610ae9d7f7317f69.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 14984
last-modified: Fri, 25 Nov 2022 21:30:04 GMT
etag: "638133dc-3a88"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/4a71abfa39ee1c4b125a10f8f0729ded.jpg
200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/4a71abfa39ee1c4b125a10f8f0729ded.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 919b39f661f199ba8ba077833ab75a09
f7eba5d65c81fd96e487174e72544bb3316889d6
f07e216892beb466f27a32a89df01a425fa35ae842f10d0c01236bb4066cd570
GET //upload/vod/20221126-1/4a71abfa39ee1c4b125a10f8f0729ded.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 10971
last-modified: Sat, 26 Nov 2022 03:30:17 GMT
etag: "63818849-2adb"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/5152fc3244a28b8d0fa262ccd7cbb808.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/5152fc3244a28b8d0fa262ccd7cbb808.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash aa4c26f48494c4f7c5a6ed72cf04a171
b21bb7148e697520c9cf2311821d0144d8798347
350d32005f464bda5be4bdf9044b02933e9041d83b782415e22b5723fe246cbf
GET //upload/vod/20221126-1/5152fc3244a28b8d0fa262ccd7cbb808.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 12140
last-modified: Sat, 26 Nov 2022 03:30:17 GMT
etag: "63818849-2f6c"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/de40625fb979fc09c48a9ee871d6beea.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/de40625fb979fc09c48a9ee871d6beea.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a2633db2c79b7fc48a340cbf9e0be015
18319afc0dd82dd426e0187602a1a87cbc3652e0
72e80551d5e7bc95230188d38e385a6caa465a6b2ce5621ff444e92cb3527b4e
GET //upload/vod/20221126-1/de40625fb979fc09c48a9ee871d6beea.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 13422
last-modified: Sat, 26 Nov 2022 03:30:17 GMT
etag: "63818849-346e"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/3eb543561ac1a2057ada82fc46e6ecb7.jpg
200 OK 9.5 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/3eb543561ac1a2057ada82fc46e6ecb7.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 148bd7caa8316352d44abbf0e659c507
e461f2ce3f539338cb5f37601418647b1c6fe5d5
1740ba25cdb7de94a54dbe8d694fed94b85f5d287b4243597eb257dae2a64df5
GET //upload/vod/20221126-1/3eb543561ac1a2057ada82fc46e6ecb7.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 9508
last-modified: Sat, 26 Nov 2022 03:30:17 GMT
etag: "63818849-2524"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/ec80b9d0a33a09d6e5e9d1bf86db17b4.jpg
200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/ec80b9d0a33a09d6e5e9d1bf86db17b4.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 86b901312bcf7f52e8ba30c91870cf44
b066b46caec3efde0ce86fb4f427db7d3ea534dc
41bf578617271c9b436b06a8f90f8e6c0b0edff7026f67c4f16eba72ceafdc3f
GET //upload/vod/20221126-1/ec80b9d0a33a09d6e5e9d1bf86db17b4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 10455
last-modified: Sat, 26 Nov 2022 03:30:16 GMT
etag: "63818848-28d7"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/30a16883cdb71e7579c80bb6843fc7e3.jpg
200 OK 7.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/30a16883cdb71e7579c80bb6843fc7e3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 71a0a3cf94d835ade8f0f026fb931525
98ca1170815c4688500ba43e80b40ff347b18998
61828cfeb9eed612cb7895444dfba7c969d43e6e086655042d5e3fe5476c305d
GET //upload/vod/20221126-1/30a16883cdb71e7579c80bb6843fc7e3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 7237
last-modified: Sat, 26 Nov 2022 03:30:16 GMT
etag: "63818848-1c45"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/e6171a1492f73f2dd0d6db44f9b82d23.jpg
200 OK 8.9 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/e6171a1492f73f2dd0d6db44f9b82d23.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 7b525a8199003b46f23e08ba9ec41dbc
58eb16b116921ad2e4a1bda0d6cd047c3b804984
fd169772f5f7dea6992d3cae4dc023b6d8aa1d0a3648c1e79c3931bf0e581990
GET //upload/vod/20221126-1/e6171a1492f73f2dd0d6db44f9b82d23.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 8863
last-modified: Sat, 26 Nov 2022 03:30:16 GMT
etag: "63818848-229f"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/edf07eceda8265ce763bcf5c76da64e0.jpg
200 OK 8.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/edf07eceda8265ce763bcf5c76da64e0.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 1d9a367480ce457dc5de1059f8294cc3
c6c27dc64ecd59f8d96de866730092359a8b24ba
fd14d63f818ce27640a45524aaab1683ae1cb3ea3f1097b3c6ee89c469dd0478
GET //upload/vod/20221126-1/edf07eceda8265ce763bcf5c76da64e0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 8208
last-modified: Sat, 26 Nov 2022 03:30:16 GMT
etag: "63818848-2010"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/4e6610f54e67fb91f4336fc5d03562d1.jpg
200 OK 9.0 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/4e6610f54e67fb91f4336fc5d03562d1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash d86d5cf3c9eb17c140685726e9300030
c085a2ab759d1d3d06cf6049e92bf858fa940c37
328c3d84ffc707832846e3b813f8a20d3f187255817491a5baf67987ca233e7b
GET //upload/vod/20221126-1/4e6610f54e67fb91f4336fc5d03562d1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 8996
last-modified: Sat, 26 Nov 2022 03:30:15 GMT
etag: "63818847-2324"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/2c6876adfe82211103d69116a1651bba.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/2c6876adfe82211103d69116a1651bba.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 108dad2f86db5cd15cf3087166645b2a
105cd6c324edb8214832d51872c88fe1bd297ba6
f22cdbc996669dd35ccb7f57218a0a1508dc3ce3b016e4a117dad047a9d07e3a
GET //upload/vod/20221126-1/2c6876adfe82211103d69116a1651bba.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 11771
last-modified: Sat, 26 Nov 2022 03:30:15 GMT
etag: "63818847-2dfb"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
200 OK 1.4 kB URL HTTP/2 sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
IP
File type ASCII text, with very long lines (1244), with CRLF line terminators
Hash 4f609dca0f611e449367781180429f47
dc2f8e4fb73541765d9509af26d14872e753fe10
b3778a9b883bb00c26ca6451922220a9f7edce10cd5cccc47e971c00f7763a5c
GET /yPS7hqfHgkFauS2djb/gg.css HTTP/1.1
Host: sb.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: text/css
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
vary: Accept-Encoding
etag: W/"62bc1e37-c63"
expires: Sat, 26 Nov 2022 20:36:03 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 6647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dOkrp1s3xibIE7MpGLopHn9xESqypmwcUoatNKr%2Bf26fWOqMaSAg85vW5cTDbKbQXQjOVE2Ilbm3IQNmw%2FeEsf8h%2BfZRxuOiMp%2FIdCsXSmCRp2d%2BSHsTJzfdo5io01oqChnlvgt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed99f9e0b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 768-769, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 10.011994\012- data
Hash be311ae69aa806e335bf3f486c9c1742
1f03f482ff608cab3163afdeab73c2ed62cf2de0
385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03
GET //upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 12628
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3154"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 15016e4dc41923e35678f6879d6c2eb2
56522e64a0e2257181aa35e32e9023801e3dfeb2
b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb
GET //upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 14145
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3741"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e102994da73de1c4f40db37257545fb5
348d2ece7d32a7ed1c2af957c22eebb8863377d0
4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9
GET //upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 15357
last-modified: Mon, 30 May 2022 22:30:20 GMT
etag: "6295457c-3bfd"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
200 OK 33 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a1fc7657b8d6926a53055671bee349d
68ab1bc12c02da3a8def2daa09a789991b8c54e7
a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa
GET //upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 32778
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-800a"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
200 OK 34 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02fe4fa1cab54aa6afa13de6a5ec35a1
f6ad518dfccb3aeff5d5f809d288fdb7ab177519
e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348
GET //upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 33634
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-8362"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 7a8daad4ab6e765df1af9dd1c0eb2da5
0a17bb68661cccb2714b7b98d0f7b8df1b700cb4
cfa1ebd1b22eeb6cb79139c1d465de12da2f0e1a3f050ecce2fd0a90656c7fae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 01:44:18 GMT
Expires: Fri, 02 Dec 2022 01:44:17 GMT
Etag: "0a17bb68661cccb2714b7b98d0f7b8df1b700cb4"
Cache-Control: max-age=486445,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7701ed9e9fd30b61-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 844c3e809cc85ca0123e327db8d777a5
073f2a6a8a9e874745e113023204c35a2d3005c6
6d8e3b59773dc5d47c5de369a35adc9f96fe33d84deaec64e66dc4733289c62c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 05:50:03 GMT
Expires: Sat, 03 Dec 2022 05:50:02 GMT
Etag: "073f2a6a8a9e874745e113023204c35a2d3005c6"
Cache-Control: max-age=587590,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7701ed9fda28b4f3-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 7e616f19419aba38d98c8db3be32ec18
b9d8caef17a43b27d4b174e1a07289d12b40ee7b
49d5a4acce69d25322a3603149995cc62d018c38196d58351f3c104ed54d02a7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 23:31:04 GMT
Expires: Wed, 30 Nov 2022 23:31:03 GMT
Etag: "b9d8caef17a43b27d4b174e1a07289d12b40ee7b"
Cache-Control: max-age=392051,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7701ed9efa99b4f1-OSL
www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
200 OK 24 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e76298247b86c93518d6084cb4cccfe
c5da11c703b36e9415121d1e9f6ae7179c004ec3
95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9
GET //upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 23462
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-5ba6"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash bec220b3b49b05c6b75d762efb631eb7
fd0f46d366a98e8b5c8a51f2062b648a688b1252
d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7
GET //upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 12353
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-3041"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
200 OK 18 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash d6c8ad2c7eac5b55275ad3906346b9b1
b4e791297c2aa69be4ee4166fc70f15b76c1103b
35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6
GET //upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 18119
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-46c7"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg
200 OK 49 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 500x707, components 3\012- data
Hash 07878a86c5af8d980b4d964a5bda9c0e
ae905e92aad91d9fed69bd079d073b776d5b4067
0810bd77e5c0bcf107ff7db6b55a3b9f9aabbf5282bbf61343ba4ee6e040bb65
GET //upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 48757
last-modified: Sat, 14 May 2022 04:30:23 GMT
etag: "627f305f-be75"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/bfec0cdcf2993bdee86fc0c2298f0ca1.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/bfec0cdcf2993bdee86fc0c2298f0ca1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 0cf7ff8a90f4b04b99333b2f91a4ec16
dc2f0161e3f4bd262744c738e69701af20dbd225
59d206b4db851e8673918139c81d943f5290d53d437e58146f07afec45d43c4b
GET //upload/vod/20221126-1/bfec0cdcf2993bdee86fc0c2298f0ca1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 12802
last-modified: Sat, 26 Nov 2022 04:30:06 GMT
etag: "6381964e-3202"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/6b951d6f8ea9ec1649ac5d17b199cdb2.jpg
200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/6b951d6f8ea9ec1649ac5d17b199cdb2.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 76bc216092e9dbe70d6dfbd17c496f9d
c1fcd1696b363a4a662142bb2bf877fd99830ab4
572e27b34ecb6145d8242147d07b27d17397f5408cfd116f874d1216e353d906
GET //upload/vod/20221126-1/6b951d6f8ea9ec1649ac5d17b199cdb2.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 11203
last-modified: Sat, 26 Nov 2022 04:30:06 GMT
etag: "6381964e-2bc3"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/d7d30f9518d48cbf788b5b98cf913b98.jpg
200 OK 9.5 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/d7d30f9518d48cbf788b5b98cf913b98.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash b1bb3771f550b1ea4cd18ed1df0d7969
5f880d3c61b68bf9094814edb6983807b4aaa48b
862aa5d00b5ff11afc7fcceabb9f8be3c3c86bd4e656c27df803c557399f18ce
GET //upload/vod/20221126-1/d7d30f9518d48cbf788b5b98cf913b98.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 9497
last-modified: Sat, 26 Nov 2022 04:30:05 GMT
etag: "6381964d-2519"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/d53f8e7793f69a52b8b2c156b953e970.jpg
200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/d53f8e7793f69a52b8b2c156b953e970.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash f0f87336f4eb4c5577faf2ba718c85cf
2d2c8338a91c5c72038f5126c8f29a55498124c1
53cc5e5b51297103a185a1af6f6d64782db5a533d25a2ad608df8d5c7b5d1a28
GET //upload/vod/20221126-1/d53f8e7793f69a52b8b2c156b953e970.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 13369
last-modified: Sat, 26 Nov 2022 04:30:05 GMT
etag: "6381964d-3439"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221126-1/8badcee1554c12017f6dfe68b638739e.jpg
200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221126-1/8badcee1554c12017f6dfe68b638739e.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 88d16f57267d061e466602024ede906f
e46adc4e00216733395d7623844bc5831729a9a2
dc9f0f3ba9dfc47b2ff2ce66621343962d0c69e00a79d5e2dace9829924ec96b
GET //upload/vod/20221126-1/8badcee1554c12017f6dfe68b638739e.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 12088
last-modified: Sat, 26 Nov 2022 04:30:06 GMT
etag: "6381964e-2f38"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
200 OK 76 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 625x900, components 3\012- data
Hash 8df7397c01f50d1a0216d5aa5df5b616
8d6f18e7901340760b112b8ee25487d732b64e3c
c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1
GET //upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/jpeg
content-length: 76403
last-modified: Sun, 15 May 2022 04:30:19 GMT
etag: "628081db-12a73"
expires: Mon, 26 Dec 2022 10:26:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash de7b02708d249bf91525f86c5ac899b2
6282811665bc3daed245b64a504c76ce7db97306
4923a8f7cf0d15ba8b5a9c139f281395f0076f581e2dd92b450504c505b3ce36
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 30 Nov 2022 07:38:50 GMT
ETag: "6282811665bc3daed245b64a504c76ce7db97306"
Last-Modified: Sat, 26 Nov 2022 07:38:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3501
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7701eda0aacab505-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 7a8daad4ab6e765df1af9dd1c0eb2da5
0a17bb68661cccb2714b7b98d0f7b8df1b700cb4
cfa1ebd1b22eeb6cb79139c1d465de12da2f0e1a3f050ecce2fd0a90656c7fae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 01:44:18 GMT
Expires: Fri, 02 Dec 2022 01:44:17 GMT
Etag: "0a17bb68661cccb2714b7b98d0f7b8df1b700cb4"
Cache-Control: max-age=486445,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7701ed9f7da1b51d-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash 1b5d9420b401620e1501d3d13cb995a9
176096138f85ca4f73fd7c6a9472ce1ffee3a633
145c01d50789e7dd49b8d357e0ab417a3e425c83b580a8f4df17aad1a0b0cbd8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146750
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:26:51 GMT
Etag: "63818429-117"
Expires: Mon, 28 Nov 2022 03:12:41 GMT
Last-Modified: Sat, 26 Nov 2022 03:12:41 GMT
Server: nginx
Content-Length: 279
kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
200 OK 29 kB URL HTTP/2 kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
IP
File type GIF image data, version 89a, 200 x 200\012- data
Hash a763cce2c7bc3f7bfaa94981d8d9ff47
085da887b67947c8b1e486137be2300dfabf4a69
9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kvhfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:51 GMT
content-type: image/gif
content-length: 29082
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
etag: "62544489-719a"
expires: Sun, 25 Dec 2022 21:23:18 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 47013
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuINkC8InYTQPVAf4mogIFC5kh2Nf%2Fp5EF3AhxFhESSyaV1TDFxgXHIJ68uvxiWE4MV1e5kqeSZ5o38BtGu3kMWWIgK%2BxwxEUxkOM8qDRmgrhqRXPhe5FtiAys%2Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701eda10a151bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 7e616f19419aba38d98c8db3be32ec18
b9d8caef17a43b27d4b174e1a07289d12b40ee7b
49d5a4acce69d25322a3603149995cc62d018c38196d58351f3c104ed54d02a7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 23:31:04 GMT
Expires: Wed, 30 Nov 2022 23:31:03 GMT
Etag: "b9d8caef17a43b27d4b174e1a07289d12b40ee7b"
Cache-Control: max-age=392051,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7701ed9ff92b0b61-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash 1b5d9420b401620e1501d3d13cb995a9
176096138f85ca4f73fd7c6a9472ce1ffee3a633
145c01d50789e7dd49b8d357e0ab417a3e425c83b580a8f4df17aad1a0b0cbd8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=146750
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:26:51 GMT
Etag: "63818429-117"
Expires: Mon, 28 Nov 2022 03:12:41 GMT
Last-Modified: Sat, 26 Nov 2022 03:12:41 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 6c77204432ff5be6ad846d60dd3ffd33
651c47f225fe3956b177d2eaa8413e9286788ee9
086fa50463cd82e376dba44330b751dabd8d64e957a4345f7d8d4d30435cb981
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 30 Nov 2022 07:59:04 GMT
ETag: "651c47f225fe3956b177d2eaa8413e9286788ee9"
Last-Modified: Sat, 26 Nov 2022 07:59:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 847
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7701eda13b67b505-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash 1b5d9420b401620e1501d3d13cb995a9
176096138f85ca4f73fd7c6a9472ce1ffee3a633
145c01d50789e7dd49b8d357e0ab417a3e425c83b580a8f4df17aad1a0b0cbd8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146750
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:26:51 GMT
Etag: "63818429-117"
Expires: Mon, 28 Nov 2022 03:12:41 GMT
Last-Modified: Sat, 26 Nov 2022 03:12:41 GMT
Server: nginx
Content-Length: 279
vcawmm.com/69a77fdc94014ce6a6a1c95eafa17df7.gif
200 OK 5.4 kB URL HTTP/2 vcawmm.com/69a77fdc94014ce6a6a1c95eafa17df7.gif
IP
File type GIF image data, version 89a, 128 x 128\012- data
Hash a0438d7c62b550cd7ddd9e2e610985c5
30ce913fb9d79ff3d3d3c0416d4f23273db581ea
f79805b07dd476b307facd24cd474fff1007d5241bc3a4aaba3f9bb2a63a5273
GET /69a77fdc94014ce6a6a1c95eafa17df7.gif HTTP/1.1
Host: vcawmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "633c38f9-1519"
server: nginx
date: Fri, 25 Nov 2022 16:13:41 GMT
content-type: image/gif
last-modified: Tue, 04 Oct 2022 13:45:29 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-02
content-length: 5401
X-Firefox-Spdy: h2
u0082.com/a16bc2eba9394ff7a8d1fd21227d4ad0.png
200 OK 33 kB URL HTTP/1.1 u0082.com/a16bc2eba9394ff7a8d1fd21227d4ad0.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash c68756950b165d949465544db87323c3
a6f663c50873e805a857db98503107f215d3ebcf
d57da097cdea62f33ce4c300ef9308db4cc73e3647d219b8cf6bc06884a4a3fa
GET /a16bc2eba9394ff7a8d1fd21227d4ad0.png HTTP/1.1
Host: u0082.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 05 Oct 2022 08:35:07 GMT
ETag: W/"633d41bb-80a4"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
200 OK 121 kB URL HTTP/1.1 bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Size 121 kB (120937 bytes)
Hash 49275d96974a0e7a765eba878974e990
a072e28e13413dad5a5c2db03d27e4cbe8b0b220
f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f
GET /ad57239e363d4a2f96c2e91f27d2aefb.gif HTTP/1.1
Host: bob5379.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62bc27d3-1d869"
Date: Sat, 19 Nov 2022 22:38:28 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-19
Content-Length: 120937
taiwtp1.com/img/200200.gif
200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:24:27 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Mon, 26 Dec 2022 10:24:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ia.51.la/go1?id=21278765&rt=1669458410207&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1669458410207&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx14.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F
200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278765&rt=1669458410207&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1669458410207&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx14.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278765&rt=1669458410207&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1669458410207&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx14.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 26 Nov 2022 10:26:52 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=56341a84fc49a50c1d2; path=/
HWWAFSESTIME=1669458408356; path=/
ia.51.la/go1?id=21278765&rt=1669458410220&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1669458410220&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx14.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F
200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278765&rt=1669458410220&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1669458410220&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx14.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278765&rt=1669458410220&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1669458410220&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx14.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.nadinter.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 26 Nov 2022 10:26:52 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=5c46755f01f7a512312; path=/
HWWAFSESTIME=1669458410524; path=/
585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
200 OK 141 kB URL HTTP/1.1 585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
IP
File type GIF image data, version 89a, 750 x 240\012- data
Size 141 kB (140712 bytes)
Hash 62aca5f86547ebf8aba956425356874b
d9ecdbe6202ddee69d57658be2d54a0312c1cb55
3be630a28e559a5dd07a2e9e3bf8280a8e20dda60eda7dce947fad9716e2eba8
Analyzer Verdict Alert quad9 Sinkholed
GET /1825aadc7435489f87c5b35903b8d679.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63763814-225a8"
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 17 Nov 2022 13:33:08 GMT
Accept-Ranges: bytes
X-Cache: MISS from cloud-us2-cdnb-21
Content-Length: 140712
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash d674e63f50aca66e442a19518c2983f0
69eb888d88d077071d70405e59f8720c11af225e
6b1e3cec6720634b7e71b6ae2c39f43387c74543272608642ae8e070da2acb7b
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 10:26:52 GMT
Etag: 0cab323dff46a7f79f441d6933ce3661
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5933939D6B74725D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2044463456&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=1&sn=19822&r=0&ww=1268&u=https%3A%2F%2Fklx14.zhgmjglh88k.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2044463456&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=1&sn=19822&r=0&ww=1268&u=https%3A%2F%2Fklx14.zhgmjglh88k.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2044463456&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=1&sn=19822&r=0&ww=1268&u=https%3A%2F%2Fklx14.zhgmjglh88k.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 10:26:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=FD507365B3BE4549; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash 8d4e3a40dfdb5341ed3cb82498e21ae6
877697f964b3b7addc5fa7c1a0a47ff5fe3ee02d
51b6d72ed1d1d7295492d25ca9cba50ee1fa23a7b4244aa943e9f959c021c9b3
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 0cab323dff46a7f79f441d6933ce3661
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 10:26:52 GMT
Etag: 85f99da2de1945a225b5cbe4870da22e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=30E6E5D5CB7E569E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1669458412&rnd=1665413511&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=2&sn=19822&r=0&ww=1268&u=https%3A%2F%2Fklx14.zhgmjglh88k.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1669458412&rnd=1665413511&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=2&sn=19822&r=0&ww=1268&u=https%3A%2F%2Fklx14.zhgmjglh88k.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1669458412&rnd=1665413511&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.nadinter.com%2F&v=1.3.0&lv=2&sn=19822&r=0&ww=1268&u=https%3A%2F%2Fklx14.zhgmjglh88k.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 10:26:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F55D27FFDB77310B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
200 OK 298 kB URL HTTP/1.1 701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 298 kB (298536 bytes)
Hash 9c3ba66a41c99ffee01405a837610cca
6e1ed01e150ddeb219b2917dd1f5230e8a703da5
d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5
GET /gg/200x200.gif HTTP/1.1
Host: 701.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 26 Nov 2022 10:26:51 GMT
Content-Type: image/gif
Content-Length: 298536
Connection: keep-alive
x-oss-request-id: 6381E9EB9DB5783531C98D23
Accept-Ranges: bytes
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8250722550151430017
x-oss-storage-class: Standard
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
x-oss-server-time: 2
lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
200 OK 0 B URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
IP
GET /yPS7hqfHgkFauS2djb/252.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Fri, 18 Nov 2022 03:28:38 GMT
etag: W/"6376fbe6-3cd"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kErkeN8t5Na4avxFDD1kAAlA7J45egRJKhq6Ql1gkKsg%2Bphh8hsOVlFYTbddJVz2qIjE3JZZqNZ0NTPz1zlpEjWg4eZ%2BY%2FC5rPQha05cylBMeSuZBnM9qd3tkwf%2B%2B1T3MUKeU8KX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed970dc90b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt2.gif
200 OK 0 B URL HTTP/2 tk.learning8808.com/images/xt2.gif
IP
GET /images/xt2.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: image/gif
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
etag: "626930fd-5bf76"
expires: Sun, 04 Dec 2022 08:35:31 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1907479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXGTu3RKKom0KvB4ZexmGCBFWsC%2BMeTrDGURWUnZKAbjXEupBWijkOpVmiA854OOg2rs03RaLfF1gvdR8dSrtMUCmn4eroZW54cRnUfQ6z3f7%2FVtzSC5sCQOAxjOypxNwxEq%2Bs74"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed9a5a88b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx14.zhgmjglh88k.com/
200 OK 0 B IP
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: klx14.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nadinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:49 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7h%2Bm%2BudldJ8GtZ9JfJwtI1LYZE1rjz%2BDSCaCqvBNkiQ87t1IyMlTkkclRzaTeYy8SgLg9EKE1q%2FfESWzG2PJVmBrija6dSbYX%2B2utcLvHxDY9t1%2BUC%2BzsWczO3YkpvwxzuGX3lY4ADM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed912818b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
200 OK 0 B URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
IP
GET /yPS7hqfHgkFauS2djb/wz.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 12:33:29 GMT
etag: W/"6380b619-1aa"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BXNgw0ESC4jrpv%2Bo5WxHTYoOaFxI5yUtQjm1oJ5T6bd48ncn8Xf%2BUq6GUqn5EfR7ykrRGEEDATjW767O%2BS0WMWGDEFPk8dGoBA3hFd1GUDmROO7jpWgTR90tB22fUA1Sd2PH8SN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed970dcd0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
200 OK 0 B URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
IP
GET /yPS7hqfHgkFauS2djb/wz1.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 12:33:29 GMT
etag: W/"6380b619-1bb"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsAF5%2B4afRHY4Va8Cu%2FW70aeNpHW%2FXH5Ip9h3Ig1Zz1gRbDP8EC07jbNC1TR%2F%2FQifmF0IyDHav6Djy6igDsek8dhov8kKyTL4LU1QXoADF1U%2BDJ%2FMUPWkzZ63y8ZvAu3XYz4V6Wb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7701ed970dce0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
200 OK 0 B URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
IP
GET /yPS7hqfHgkFauS2djb/dh1.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 08:45:43 GMT
vary: Accept-Encoding
etag: W/"633d4437-972"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ9JB2bxyj9Xm3rI0tOMchYowfDb3sf%2FQpfmYfyboe%2F8rZFcodeZiEj6wCuVniEDA1a%2BnvRfqjJ0rQkJYPNBuFxp1uH412mDBl7yP2NZGcI1k9NuuQyP9FeRPwyvYHJskIxJ3U4h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed970dc40b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx14.zhgmjglh88k.com/
200 OK 0 B IP
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: klx14.zhgmjglh88k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nadinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:49 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twuMMLqoRll%2B0XiCKwMn3DI7TH%2Fj5WwBdBE39gnPFTKk7A8fwJoLr11PLi%2BbgCYYXUQTd%2BfVuoFJHAyc86qfix18zOCoVG0jm01fv7e5AR%2FGknnfO4ld%2BBsOQ0UM6%2Bs3DJs9gcmaG4E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed93fc0db51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
200 OK 0 B URL HTTP/2 lb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
IP
GET /yPS7hqfHgkFauS2djb/dh.js HTTP/1.1
Host: lb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx14.zhgmjglh88k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 10:26:50 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 12:33:29 GMT
vary: Accept-Encoding
etag: W/"6380b619-19c0"
expires: Sat, 26 Nov 2022 22:18:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7St9%2FUTWOBEsPGH5Nadz71QYI5rYoPv0OELFRhgTHpk4CitDLcYr6Q9KUkz1jEb%2FGWhe3mN7Wda34XKuzuGHwVxFBC5JhSqRs9rNaBD1YMc%2BNXS3fgceavIvXZJokKDNe6X3VnP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7701ed985f000b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
50.117.111.54
104.21.18.174
220.128.218.220
103.143.19.103
23.36.76.226
103.235.46.191
93.184.220.29
20.222.57.42