firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 03:52:19 GMT
Expires: Fri, 21 Oct 2022 04:43:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MPjF-LcVFuXNT0W_MaJ-yfElXkJ3UEbgxtb9R9h0zXnL_qwB7OTkGA==
Age: 512
worthyfeeds.com/wp-login.php
154.203.184.10301 Moved Permanently 0 B URL HTTP/1.1 worthyfeeds.com/wp-login.php
IP 154.203.184.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-login.php HTTP/1.1
Host: worthyfeeds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: nginx
Location: http://www.worthyfeeds.com/wp-login.php
Content-Type: text/html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24a97183f836954e0f05c4dc794ff4d1
52778bbe39b9f736c16b5798575d1d96607ce9d0
01f6721f2674f54662fff590fdf7247cc8c58a3f84906cae75527fb7b6dd2436
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F6721F2674F54662FFF590FDF7247CC8C58A3F84906CAE75527FB7B6DD2436"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10420
Expires: Fri, 21 Oct 2022 06:54:31 GMT
Date: Fri, 21 Oct 2022 04:00:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10458
Expires: Fri, 21 Oct 2022 06:55:09 GMT
Date: Fri, 21 Oct 2022 04:00:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZvyJAftvkrkVwn9BO8gZBm86nr1PuWQKOYNY6/N4VSkpZiI1cjq7ZQfUxZogBanczs04YJasf/4=
x-amz-request-id: 44N7QKJ4ZEQ7493A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 03:04:57 GMT
age: 3354
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 04:00:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 03:43:40 GMT
Cache-Control: max-age=3600
Expires: Fri, 21 Oct 2022 04:37:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6_2QZRHY--O09Sft_oaBzIGEW_6Ki32jPwJ0OeDhliJRUBx0VMxnwg==
Age: 1031
www.worthyfeeds.com/wp-login.php
154.203.184.10200 OK 801 B URL HTTP/1.1 www.worthyfeeds.com/wp-login.php
IP 154.203.184.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 8e6162596d2f591d8279bf59cd8cc696
a5b0767355e96a9d175d7d8e1a29d8c112edc094
a1b2e65551b2816b12e5dfb6ebe089d7d8a1f602edd4092c656604aac85a267c
Analyzer Verdict Alert fortinet Phishing
GET /wp-login.php HTTP/1.1
Host: www.worthyfeeds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 04:00:49 GMT
Content-Length: 801
Content-Type: text/html
Server: nginx
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4111
Cache-Control: max-age=105266
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:51 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 09:15:17 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.worthyfeeds.com/common.js
154.203.184.10200 OK 4.0 kB URL HTTP/1.1 www.worthyfeeds.com/common.js
IP 154.203.184.10:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (466), with CRLF line terminators
Hash ff69f1e1044801500523119b373990fa
5581df40f97c3de3bdb1ed1f8584cbe28024bafe
e4c47d296f44417b65ccb3fb97527325495ac4b52cb8ad1b5bdba4998a925de5
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.worthyfeeds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worthyfeeds.com/wp-login.php
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 04:00:50 GMT
Content-Length: 3989
Content-Type: application/x-javascript
Server: nginx
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RSMPjFFmsakHXowWqiiKuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dZOGyVcFzLO3EC05IC3tYOGAfcA=
www.worthyfeeds.com/tj.js
154.203.184.10200 OK 19 kB URL HTTP/1.1 www.worthyfeeds.com/tj.js
IP 154.203.184.10:0
File type ASCII text, with very long lines (17702), with CRLF line terminators
Hash ed79f573f99dc395204a6e3f87d719f1
e9e92f90d2609ea7f1298fa71a54189a0872c4a6
da45145fce36be492bfd016c52fe72cac1c599b8c5eebee5ca478fc2fefc89c0
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.worthyfeeds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worthyfeeds.com/wp-login.php
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 04:00:50 GMT
Content-Length: 18894
Content-Type: application/x-javascript
Server: nginx
www.worthyfeeds.com/favicon.ico
154.203.184.10200 OK 801 B URL HTTP/1.1 www.worthyfeeds.com/favicon.ico
IP 154.203.184.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 8e6162596d2f591d8279bf59cd8cc696
a5b0767355e96a9d175d7d8e1a29d8c112edc094
a1b2e65551b2816b12e5dfb6ebe089d7d8a1f602edd4092c656604aac85a267c
GET /favicon.ico HTTP/1.1
Host: www.worthyfeeds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.worthyfeeds.com/wp-login.php
Cookie: __tins__21355965=%7B%22sid%22%3A%201666324864239%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666326664239%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 04:00:51 GMT
Content-Length: 801
Content-Type: text/html
Server: nginx
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7596fb86d86ef9bf8d6b4c4dab21ea8b
06b87852a9e6870019551ee8f57f431635522212
abeb3801ededd32e56cbe7dd4e898f00748cbba1dd5611d74e0e1aa7cb856a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ABEB3801EDEDD32E56CBE7DD4E898F00748CBBA1DD5611D74E0E1AA7CB856A9F"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Fri, 21 Oct 2022 10:00:29 GMT
Date: Fri, 21 Oct 2022 04:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10466
Expires: Fri, 21 Oct 2022 06:55:19 GMT
Date: Fri, 21 Oct 2022 04:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10466
Expires: Fri, 21 Oct 2022 06:55:19 GMT
Date: Fri, 21 Oct 2022 04:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10466
Expires: Fri, 21 Oct 2022 06:55:19 GMT
Date: Fri, 21 Oct 2022 04:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10466
Expires: Fri, 21 Oct 2022 06:55:19 GMT
Date: Fri, 21 Oct 2022 04:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10466
Expires: Fri, 21 Oct 2022 06:55:19 GMT
Date: Fri, 21 Oct 2022 04:00:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00f8ff57c0d15e1ce75a788b91dc0bd3
46445de659e1aa0623c7666c98b5f642ffeff89d
95eb2c3d2ab4643affffd59887814a013edacba9f73c633399905d9d0d397b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10799
x-amzn-requestid: 9b27131b-a0ca-426d-939c-78de0beac51c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLF9hIAMF97g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-76bf3c356f04a6a672e2f7a1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wOVWtGbvNohj7CotSEW3qamI01hNffsODahh60wBEqNkmS27llMk1Q==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:52:51 GMT
age: 22082
etag: "46445de659e1aa0623c7666c98b5f642ffeff89d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
34.120.237.76200 OK 2.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76fdbaaa2ef28349492bdf0e44fa1208
6769eeb6762a3dd7dacf6a054fedf043acb463df
8c8b2db96e764f97aa91bd800b2a6f7bf6c9d96a9dd67f919f27b53074e339e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2305
x-amzn-requestid: d44cceea-ab77-400f-a7a6-ed80b9873106
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aE95TG2YoAMFiiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b76a1-57ed4d9437044cc1665e535b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:12:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AsSDzjeB5RvDY9ZCxMe-b1bTQiQI6r2yB-PPBo9Qap4hWMINj4wmSA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 09:23:09 GMT
age: 67064
etag: "6769eeb6762a3dd7dacf6a054fedf043acb463df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cf1b5d7-d878-479d-b3d9-7686ee0227ab.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cf1b5d7-d878-479d-b3d9-7686ee0227ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef2bbeb80f3b5ed8230377024febf22a
542d0ec1eb9ed3805327a415606dfdaebc760650
b05e48b03380a0f57cafd7e78682cdf78b087de20a8af3f9e83b286c3df27e19
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cf1b5d7-d878-479d-b3d9-7686ee0227ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5748
x-amzn-requestid: 43155cec-36ed-461c-80d8-4dd55a74f622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLHLgoAMFrpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-5dc550c8214d049c6319189f;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lp5TDXGRvPRbi_9X9SQYcYlj1MQgtwUDFAlXoso0ZI4nnWaxIAT3kA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 22:00:23 GMT
age: 21630
etag: "542d0ec1eb9ed3805327a415606dfdaebc760650"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f39369-b0de-4f1a-a265-fb5b78bd72bb.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f39369-b0de-4f1a-a265-fb5b78bd72bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9092a9add4d42e5bd0fd11c1459b5c69
4055fbef2d5d4e27a1d88ee293552f7742914390
b07359415e41671b4eb74c0d253d36f99bd2b40f6223bf4915bb11d2086af571
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f39369-b0de-4f1a-a265-fb5b78bd72bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8859
x-amzn-requestid: 8ecd9a22-fe28-487d-b01a-a818eb874d6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsQ9Es8oAMFiVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0d2-6cd9f84f1fe795e5758d2527;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:42:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7PXqP2B3EZKZDCcews8bixw8SacLHtQHNMgzH0JtTFQ0AZHok1Ki8A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 22:02:31 GMT
age: 21502
etag: "4055fbef2d5d4e27a1d88ee293552f7742914390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcd75a30-b86f-487c-9bd7-4cc33f5ffaa6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcd75a30-b86f-487c-9bd7-4cc33f5ffaa6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92376b39b83dbbd4e18725ffe338a348
9a9fa707f507d0c9db15f422b29e1ea4baff5aff
5dca893e682d31f6ebbd01f2f587bb5374c0ccc23d81a99ccae38c02db86c166
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcd75a30-b86f-487c-9bd7-4cc33f5ffaa6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11799
x-amzn-requestid: 99c0ee76-b0c5-47fb-bb88-8f2041c14013
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr-UF2mIAMFh4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c05b-386fb3157e4b63af7899705b;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VMRu2swNxsaWksC6yn08H6QLmNtFIs1wX5uLtQGW2QM7Vmb0NntqiQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:52:45 GMT
age: 22088
etag: "9a9fa707f507d0c9db15f422b29e1ea4baff5aff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F736d4923-26b7-4909-9553-d576c206bd33.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F736d4923-26b7-4909-9553-d576c206bd33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5006761dc43470b6b3c97dad6b755c2
d8a42f57f06c1de46d781ed2de3cceba2ee2f967
358130b2c3af00a0aca24cd7cd540037f7ab57a83efe98d5cbd331231909b916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F736d4923-26b7-4909-9553-d576c206bd33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7512
x-amzn-requestid: a2aa868b-32a8-4464-98f7-4e07ff540759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsOkH_DIAMF2Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0c3-531142322f9737d663f36630;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:42:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kjAmyoogqGs2Rr4KpMDXYe5y-63CybLW4JjRuU4jwS9-B-obgJmUEA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 22:00:21 GMT
age: 21632
etag: "d8a42f57f06c1de46d781ed2de3cceba2ee2f967"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6dda1c44ac461853bce84fd0bae29137
0146e09ee92d9af8e2fc094736b50de4b6b5c8d8
fe36ea206b9bcd0f6fbc7b51e5945cb3b61d0a7ca29857c61bdb6e6b75278533
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE36EA206B9BCD0F6FBC7B51E5945CB3B61D0A7CA29857C61BDB6E6B75278533"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Fri, 21 Oct 2022 10:00:31 GMT
Date: Fri, 21 Oct 2022 04:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f78026a4b7f5ffe42b943adf5446c11c
30b2e61d7cfea9959bbaf72a0541fde01591c7e4
ec8a39a6a8eb627537aea121503903e46374bb4db2262616bc44db31d94356d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC8A39A6A8EB627537AEA121503903E46374BB4DB2262616BC44DB31D94356D5"
Last-Modified: Thu, 20 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 21 Oct 2022 10:00:55 GMT
Date: Fri, 21 Oct 2022 04:00:55 GMT
Connection: keep-alive
api.ii6-daxiangjiao.com/js/jquery.js
20.205.123.153200 OK 2.2 kB URL HTTP/2 api.ii6-daxiangjiao.com/js/jquery.js
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 54c3972f44fac62047fc84c0ac392fe8
7bbdd70bb9acb9d95b1b636f2b9f40e37865661c
5295b3709225058addba0f85afa468a0657e8ae9d928082746dfaf822aa8c132
GET /js/jquery.js HTTP/1.1
Host: api.ii6-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ii6-daxiangjiao.com/1666325086.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:54 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 07:35:02 GMT
vary: Accept-Encoding
etag: W/"61cabe26-109b"
expires: Fri, 21 Oct 2022 03:16:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cdn-node-a9-new-hk-02
cdn-cache: HIT
X-Firefox-Spdy: h2
api.ca0agxyy.world/static/js/pages-index-index.c2312e26.js
20.24.217.103200 OK 2.3 kB URL HTTP/2 api.ca0agxyy.world/static/js/pages-index-index.c2312e26.js
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 0677a1b4a41b1404358f2f75bcc4cb37
d17f6d8b0c60c8d2bde6d0b324f7082d488ce169
9e796d6f05e3206159fe9a6483dda65d044685f91058ae9ace5f5ebc70e8022d
GET /static/js/pages-index-index.c2312e26.js HTTP/1.1
Host: api.ca0agxyy.world
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/?tt=1666325088
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:57 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 08:50:28 GMT
vary: Accept-Encoding
etag: W/"634a7454-13e4"
expires: Fri, 21 Oct 2022 03:18:33 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a94108febb6925e0b187175fafebbe0d
9d6bc59ba0ad0e895206f9a37ab977f2daabb09b
122bd60a931f21a66980ccb92d50919d08a2d16b74f878a496b47090c5e6ba22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "122BD60A931F21A66980CCB92D50919D08A2D16B74F878A496B47090C5E6BA22"
Last-Modified: Wed, 19 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20884
Expires: Fri, 21 Oct 2022 09:49:01 GMT
Date: Fri, 21 Oct 2022 04:00:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a94108febb6925e0b187175fafebbe0d
9d6bc59ba0ad0e895206f9a37ab977f2daabb09b
122bd60a931f21a66980ccb92d50919d08a2d16b74f878a496b47090c5e6ba22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "122BD60A931F21A66980CCB92D50919D08A2D16B74F878A496B47090C5E6BA22"
Last-Modified: Wed, 19 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20864
Expires: Fri, 21 Oct 2022 09:48:41 GMT
Date: Fri, 21 Oct 2022 04:00:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c45088a350b32713af91efab863943b1
830e9b34874dac4a6c68e088950140311b33597f
18f52f37cacfff2f58d3360b986b72b224206ea0041f893d40ceb612ed235dbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18F52F37CACFFF2F58D3360B986B72B224206EA0041F893D40CEB612ED235DBD"
Last-Modified: Thu, 20 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Fri, 21 Oct 2022 10:00:41 GMT
Date: Fri, 21 Oct 2022 04:00:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c45088a350b32713af91efab863943b1
830e9b34874dac4a6c68e088950140311b33597f
18f52f37cacfff2f58d3360b986b72b224206ea0041f893d40ceb612ed235dbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18F52F37CACFFF2F58D3360B986B72B224206EA0041F893D40CEB612ED235DBD"
Last-Modified: Thu, 20 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 21 Oct 2022 10:00:57 GMT
Date: Fri, 21 Oct 2022 04:00:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a94108febb6925e0b187175fafebbe0d
9d6bc59ba0ad0e895206f9a37ab977f2daabb09b
122bd60a931f21a66980ccb92d50919d08a2d16b74f878a496b47090c5e6ba22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "122BD60A931F21A66980CCB92D50919D08A2D16B74F878A496B47090C5E6BA22"
Last-Modified: Wed, 19 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 21 Oct 2022 10:00:57 GMT
Date: Fri, 21 Oct 2022 04:00:57 GMT
Connection: keep-alive
dxjbar.github.io/dxj/logo.png
185.199.110.153200 OK 7.4 kB URL HTTP/2 dxjbar.github.io/dxj/logo.png
IP 185.199.110.153:0
File type PNG image data, 558 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 6dff4818f659a9931d6422729c79c1c0
6fe249b74c53bddca7b418c4a24ea007e2e1ba3d
36d048f954a26361ea2081106246c43f288b2963ee0f2ca94b26bfa065b28a71
GET /dxj/logo.png HTTP/1.1
Host: dxjbar.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 15 Oct 2022 09:08:19 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "634a7883-1ccd"
expires: Fri, 21 Oct 2022 03:42:09 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 0819:50AB:B9FD5C:BFCB27:635212B9
accept-ranges: bytes
date: Fri, 21 Oct 2022 04:00:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666324858.959235,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 5c4ca76cd9af476835acbc6ca159edd3757407e1
content-length: 7373
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 09d373df01058c06d5dd75f431ce16b8
2675dd9b017f1403fd29e0d2bb682ac760c5ede0
c2d588326084e7dfbdad3e957bd30d4f476b59596c79291b83527f8c4e2bc456
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 04:00:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 25 Oct 2022 01:14:36 GMT
ETag: "2675dd9b017f1403fd29e0d2bb682ac760c5ede0"
Last-Modified: Fri, 21 Oct 2022 01:14:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3008
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75d716ddaca30b61-OSL
api.ca0agxyy.world/static/loading.svg
20.24.217.103200 OK 1.8 kB URL HTTP/2 api.ca0agxyy.world/static/loading.svg
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type exported SGML document, ASCII text
Hash 91762b2af9bdefdd58f5a5b6e7387361
0a511968514d38a4702c5585ead7c01d4f20def0
d887368f18aa4483d5a267a86d1ff5d26a09048bb1c93c0ac9d374e438014342
GET /static/loading.svg HTTP/1.1
Host: api.ca0agxyy.world
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/?tt=1666325088
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:58 GMT
content-type: image/svg+xml
content-length: 1784
last-modified: Sat, 15 Oct 2022 08:50:28 GMT
etag: "634a7454-6f8"
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 768bb447c21335a5b9b9f314593267c3
3565a67d5092181167eb9d7da767ad594dcd83b1
a22889eb42974a83e824fca1ae893d2f86448e989b8f5c2eec3f13e09152cd19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A22889EB42974A83E824FCA1AE893D2F86448E989B8F5C2EEC3F13E09152CD19"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13497
Expires: Fri, 21 Oct 2022 07:45:55 GMT
Date: Fri, 21 Oct 2022 04:00:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc815c5e4b912932ef3e6543cf156572
517cc087704ef6f339fc09f3d74dd2bc645ab4ef
f1f9a8b5173cbdf76fa0b278e628794a8a791833511bb991391ecafb20c92078
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1F9A8B5173CBDF76FA0B278E628794A8A791833511BB991391ECAFB20C92078"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15472
Expires: Fri, 21 Oct 2022 08:18:50 GMT
Date: Fri, 21 Oct 2022 04:00:58 GMT
Connection: keep-alive
kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 21 Oct 2022 04:00:58 GMT
content-type: text/html
content-length: 162
location: https://kvkiii.top/ca302b14c051bf41d75347daaf6e7ab3.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /712c8059cb44f5944e47108c6b8dd5bd.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 21 Oct 2022 04:00:58 GMT
content-type: text/html
content-length: 162
location: https://kvkiii.top/712c8059cb44f5944e47108c6b8dd5bd.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab1d6b2a5f333da1570167fb10a2d8ae
eb8bb953cee0e501ebd3e1c79f2647965b8779a9
91a6ad122ad89d7657d8977478ab85fa068904a2d16707e94081b89b8844d78a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91A6AD122AD89D7657D8977478AB85FA068904A2D16707E94081B89B8844D78A"
Last-Modified: Wed, 19 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1392
Expires: Fri, 21 Oct 2022 04:24:10 GMT
Date: Fri, 21 Oct 2022 04:00:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74235fdedac8913c69b87b54605eb946
5cab2e9186a241009fcfcc856d4f00ff313c17be
8f577569fe492d1625d86b270e257eeba09b1ae9ef05ead4249c3ced4a6f599e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F577569FE492D1625D86B270E257EEBA09B1AE9EF05EAD4249C3CED4A6F599E"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13864
Expires: Fri, 21 Oct 2022 07:52:02 GMT
Date: Fri, 21 Oct 2022 04:00:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81aacfa1bf26f19fa5ff3e01f0a7ce7b
1ce042026a627a8a7a7fdaff3fe622bd8bbd65f3
4e89286bb149adc570d85f7eea805617277d0cf218ed45f63bf99552946f4542
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E89286BB149ADC570D85F7EEA805617277D0CF218ED45F63BF99552946F4542"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4718
Expires: Fri, 21 Oct 2022 05:19:36 GMT
Date: Fri, 21 Oct 2022 04:00:58 GMT
Connection: keep-alive
api.ipj8ts1p.club/web.php/index/tj
20.24.217.103200 OK 958 B URL HTTP/2 api.ipj8ts1p.club/web.php/index/tj
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 15f75d1eaa28edeedd1c9b6f055b7037
17a465115b85857d8e49930af71d7ef9a2c79d09
4a139c3983ab95ab347fc2fe8f2c4a70a58432a5f4b12a056b8d81c6088edd75
GET /web.php/index/tj HTTP/1.1
Host: api.ipj8ts1p.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.ca0agxyy.world
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
api.ipj8ts1p.club/web.php/index/base
20.24.217.103200 OK 28 kB URL HTTP/2 api.ipj8ts1p.club/web.php/index/base
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 43d53b82443e4732c285e201b6950aee
5695c5fee7bb7f0d5ffdfb1664d48d4e6c2fcfe3
026ff76e7fb498cfc0c6cc59ea7aceb287e69aff088dd9132a70d669f96b49aa
GET /web.php/index/base HTTP/1.1
Host: api.ipj8ts1p.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.ca0agxyy.world
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:57 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cb78ca8b109137d72e36068adf8d678
0286a2949d49716debf58c84ac594cd6ff3dc06e
e8fecd6621ee168bd8578676c6496c5f2f632b83f908389c21a2bc76a5ffafc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8FECD6621EE168BD8578676C6496C5F2F632B83F908389C21A2BC76A5FFAFC5"
Last-Modified: Thu, 20 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16886
Expires: Fri, 21 Oct 2022 08:42:24 GMT
Date: Fri, 21 Oct 2022 04:00:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b82f28bd16998c80979bdea8fc5ec237
06eeb66ff45bc0e782b5bae85e507f0668fe6f9e
4ac9f3f5c6a6ee6cdf59fdadff99a5b997b56b8f28e00d8989f8649937cee5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC9F3F5C6A6EE6CDF59FDADFF99A5B997B56B8F28E00D8989F8649937CEE5F9"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8502
Expires: Fri, 21 Oct 2022 06:22:41 GMT
Date: Fri, 21 Oct 2022 04:00:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 40d28616ab8cc5d28c04e4aa0846eaf5
4689e2ae09181dc0a58e2797510e89fb0f65ded1
94839d69be360423f08665f98083e8021eac09f4442591cff5f3e9aeda0fb6fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94839D69BE360423F08665F98083E8021EAC09F4442591CFF5F3E9AEDA0FB6FE"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Fri, 21 Oct 2022 10:00:33 GMT
Date: Fri, 21 Oct 2022 04:00:59 GMT
Connection: keep-alive
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 21 Oct 2022 04:00:58 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e74b75b58cdf79b04bfb0592f5a858dc.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: text/html
content-length: 162
location: https://kvhccc.top/e74b75b58cdf79b04bfb0592f5a858dc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.ca0agxyy.world/static/js/chunk-vendors.cbebd8a9.js
20.24.217.103200 OK 306 kB URL HTTP/2 api.ca0agxyy.world/static/js/chunk-vendors.cbebd8a9.js
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 306 kB (306190 bytes)
Hash b8ad88da4e6b20e45e7e29b4a2ccbbe1
addf9b2d791822d8f8a9eea7ecffcc2453f12c37
968b8356bf07e957aa4bc9546ae4b7aa19745673eb4cdf8c5dc58c9b10b57a94
GET /static/js/chunk-vendors.cbebd8a9.js HTTP/1.1
Host: api.ca0agxyy.world
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/?tt=1666325088
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:55 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 08:50:28 GMT
vary: Accept-Encoding
etag: W/"634a7454-b4f96"
expires: Fri, 21 Oct 2022 02:38:47 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: text/html
content-length: 162
location: https://kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: text/html
content-length: 162
location: https://kvhsss.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: text/html
content-length: 162
location: https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kveww.com/99462c01e85acc1311bebac224df6cce.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: text/html
content-length: 162
location: https://kvhlll.top/99462c01e85acc1311bebac224df6cce.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0d3a618917d73c37d8bfebb4f27db853
7744d2421383a0914f5d3da9329a92fe8f21f69a
f6dd91cc8aaf94d853759ad41659486feb6834b8680dac4cf4df15954df4c50d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6DD91CC8AAF94D853759AD41659486FEB6834B8680DAC4CF4DF15954DF4C50D"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14285
Expires: Fri, 21 Oct 2022 07:59:04 GMT
Date: Fri, 21 Oct 2022 04:00:59 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
IP 142.250.74.3:0
Hash 566d75e10b45bc8c1f908a6bfdca5fc2
b713e203d4f32c9a0826535a16eb490af88ba196
5db75b0b16c620c742032c7f1d302d85eca290e43605956cea95f09069763668
POST /s/gts1p5/mxpEmQKZIUM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Ww6r2bCjfLU
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ww6r2bCjfLU
IP 142.250.74.3:0
Hash 18ce16a16996df5e2363b47c053dd760
853f8f7af82e1b336409be93a0e2a2e0ff48dd5e
4b2bb85cfbf42a5f865124c7b5e94beb4efc5e698e291b5600e4f4913ca4389b
POST /s/gts1p5/Ww6r2bCjfLU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif
172.67.129.75200 OK 756 kB URL HTTP/2 kvthhh.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP 172.67.129.75:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 756 kB (755861 bytes)
Hash c2dc0ed33af046deabc8a896c8ca57ca
b4f888334f869de4eb3dddd6b7542b0e2922f36a
c613a49de134cd30594eb822368a4a16eb3de0648b857ad44d872944c4bd407a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvthhh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 755861
last-modified: Thu, 06 Oct 2022 15:26:58 GMT
etag: "633ef3c2-b8895"
expires: Sun, 06 Nov 2022 20:42:40 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1149499
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ChbBw%2F8Vlff7YctVXtBUTPqHe4gdmndW20fWbwd7hAhcS2Mc4UMKoyjgRndk7%2BD84YzKKafU8TxdXX2Yp7kILh7ZRMXNZKKv07sI9GxwJ9CsBWl4%2FzjX9TTPp56"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e31f630b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvthhh.top/8baa999a8a1670103e06df33ee3c3699.gif
172.67.129.75200 OK 337 kB URL HTTP/2 kvthhh.top/8baa999a8a1670103e06df33ee3c3699.gif
IP 172.67.129.75:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 337 kB (336917 bytes)
Hash 154580934c9902daac6d8aaa4fd3c342
50536966a3aaa46b6553f379794fbd178801c775
e7d882296777d7e5d3663e3cf47344f5672812b7f89683b32d394b5028a43f24
GET /8baa999a8a1670103e06df33ee3c3699.gif HTTP/1.1
Host: kvthhh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 336917
last-modified: Wed, 14 Sep 2022 10:33:34 GMT
etag: "6321adfe-52415"
expires: Fri, 11 Nov 2022 11:32:19 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 750520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iT8jCv1rZ74cyjGXD%2FWNSEGOjihllX3E4sWB2xdPrvgjW2pMkrBJeBaA0mIS5uL7zwm3OXVxDbh7cL0U%2BEoLTxSUv3Vf5nlBlY1QP4F5MKH723ICbqWHllku%2BxPM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e32f660b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c417fc7634ffaf757e9758e282715aa1
9d86928dea6d9bc41277a5a3dff9d7ca1ae31521
070384d2108585f7d11d4a2744d20adc6a3bd79eabcdea78353c6c09e4c639bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129954
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Etag: "6351721d-117"
Expires: Sat, 22 Oct 2022 16:06:53 GMT
Last-Modified: Thu, 20 Oct 2022 16:06:53 GMT
Server: nginx
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d759b964ac65b19041e3c6fd75468afd
3bf5d2e203251c1eafae4bf385efea3c4558387a
631208d5fb94dae4befb1f4a2249b38cd9da8141b5c44490b08af846a7671ac9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "631208D5FB94DAE4BEFB1F4A2249B38CD9DA8141B5C44490B08AF846A7671AC9"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4761
Expires: Fri, 21 Oct 2022 05:20:20 GMT
Date: Fri, 21 Oct 2022 04:00:59 GMT
Connection: keep-alive
kvhsss.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
104.21.37.222200 OK 566 kB URL HTTP/2 kvhsss.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 104.21.37.222:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kvhsss.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
etag: "63441a05-8a16f"
expires: Wed, 16 Nov 2022 16:00:02 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 302457
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ve0hndngzJYGj2qMO%2FQJ%2BhhdLebMhoMxH1wkTewI8%2FO7fCpstznHaay73jLGadHm5PrL9Y3DBeH%2BwYs7FuYepUXglUQvL8bpY4rvl1sqyo%2FZ2pwjXCP786L6UPcP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e39eecb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 736567441514371a689b871ff6c42b93
3fb124fcd85bc45af8d2d6085a24d8dfa01b5894
cf4e93488a4a3e7719122e225b6a2c37147185c75acc756b47f9dfb8b6ef7cfc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5928
Cache-Control: max-age=151371
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Etag: "6351ae9e-117"
Expires: Sat, 22 Oct 2022 22:03:50 GMT
Last-Modified: Thu, 20 Oct 2022 20:25:02 GMT
Server: ECS (amb/6BB0)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mxpEmQKZIUM
IP 142.250.74.3:0
Hash 566d75e10b45bc8c1f908a6bfdca5fc2
b713e203d4f32c9a0826535a16eb490af88ba196
5db75b0b16c620c742032c7f1d302d85eca290e43605956cea95f09069763668
POST /s/gts1p5/mxpEmQKZIUM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: text/html
content-length: 162
location: https://kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkiii.top/ca302b14c051bf41d75347daaf6e7ab3.gif
104.21.234.205200 OK 199 kB URL HTTP/2 kvkiii.top/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 104.21.234.205:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 199 kB (198998 bytes)
Hash 9055b16bfddceb4d71a64601d99cc1fe
08f43efa14ead275ed58613dfe4715982679fe30
9f39213220495f96b8fbef7974ce8cef0eeaffeb6416328de8f7469254aab886
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvkiii.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 198998
last-modified: Sat, 16 Apr 2022 08:19:50 GMT
etag: "625a7c26-30956"
expires: Sun, 20 Nov 2022 03:31:07 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1792
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqsZsmcrsoTS4%2FtlpTTbNZOoIHp%2BLfpM0POjWMK4ekkXM6pfXmFxlpZl0t6QUk8EaBrQub7MYCc9%2B1EhPeqkprxcc5RNaHzw977cLF8050XNXaO071PczJeghcK%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e3adf374cd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkiii.top/712c8059cb44f5944e47108c6b8dd5bd.gif
104.21.234.205200 OK 1.1 MB URL HTTP/2 kvkiii.top/712c8059cb44f5944e47108c6b8dd5bd.gif
IP 104.21.234.205:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.1 MB (1121344 bytes)
Hash 1fa329c2303bf5a0d2ffd8d484269fbc
c4a5918bcb480a578cee1cceb5aec7da15530fbc
bcb751146958967d4032f10a6f91bfc63759b7cbeee76e5428d3604cf1e4923e
GET /712c8059cb44f5944e47108c6b8dd5bd.gif HTTP/1.1
Host: kvkiii.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 1121344
last-modified: Sun, 26 Jun 2022 12:14:24 GMT
etag: "62b84da0-111c40"
expires: Fri, 11 Nov 2022 01:50:52 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 785407
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G40D1kkbG0cF8SzQs0ZjToCrGthUUZ0Cwi3wezNxLUQTY0c8cqSnFVkbBeMAeDhKiTf8cggxXHFB2UFupgZIW0JHzPOpJ%2BNPrzWOS0vzTEVCer%2B0tLWMysqRGh1B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e32d9774cd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
172.67.218.101200 OK 864 kB URL HTTP/2 kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 172.67.218.101:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Sat, 19 Nov 2022 21:59:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 21666
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zff2uCqOwP4VoYneOqlphcIkItgtk4TToll2L5CP0hiV1emyG9i9Am3SYvhsPJ6uerOshY1PsLya6TkYai9rjIa5r2RXc7pZ7XA3wLrmss3hU0njHNthABxX%2F%2B0I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e40899b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 159abcce44709dee3de5193add8ec451
d86e1071b08c4ccc8c1c3e6270dd61e3f1ed46fd
3b6273f6850d0a2eba3f276decb87cb5da3bf3fde5dedefa8802c1658948592b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=140766
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Etag: "63519c59-117"
Expires: Sat, 22 Oct 2022 19:07:05 GMT
Last-Modified: Thu, 20 Oct 2022 19:07:05 GMT
Server: nginx
Content-Length: 279
acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
104.21.33.223200 OK 400 kB URL HTTP/2 acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 104.21.33.223:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoossu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 16 Nov 2022 04:07:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 345188
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVEqWX5VGqIjmsazERAJLNAL47gx1yQAMnYZXUj931plRDe5fnzcicnMrGXvHR58aVa6JUHwiqDqgcqUl5KJepYdueno4kfCayXrpoT9tba8o8uMiKvu4swYiStv1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e44802b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9b82ce6e952705728ecd788bb662780b
827bbd6455ef2949a5cef849ebd7a095bca1997e
e02e91f0488b8292a1107c09f2d933966ee5a99769f51bf69f92116df3dccae1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130306
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Etag: "6351737d-118"
Expires: Sat, 22 Oct 2022 16:12:45 GMT
Last-Modified: Thu, 20 Oct 2022 16:12:45 GMT
Server: nginx
Content-Length: 280
kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
104.21.78.249200 OK 211 kB URL HTTP/2 kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 104.21.78.249:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Mon, 24 Oct 2022 00:00:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2347226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB%2BfDquIfvd7gHr50UKYlbmjzakik5YTsB6xTh%2BHkRv00JKTP1YaTjCypM8IR37PKQnIXpa%2FlzfdPyCRjvlAdIaeuTrSEbH69l5xh97%2BdPBFgDm%2FAuJCkoCXtGWU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e4adc7b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d759b964ac65b19041e3c6fd75468afd
3bf5d2e203251c1eafae4bf385efea3c4558387a
631208d5fb94dae4befb1f4a2249b38cd9da8141b5c44490b08af846a7671ac9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "631208D5FB94DAE4BEFB1F4A2249B38CD9DA8141B5C44490B08AF846A7671AC9"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4761
Expires: Fri, 21 Oct 2022 05:20:20 GMT
Date: Fri, 21 Oct 2022 04:00:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 00c2bb70902b76ab3388a690aaefc24e
29a87d9e1e32ebf8fb537101ebc4b5ab531d5373
2e1526906c637c477ba43b35d046c4f8cd70c85369031d7addf256640a99b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3388
Cache-Control: max-age=150634
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Etag: "6351b5a9-2d7"
Expires: Sat, 22 Oct 2022 21:51:33 GMT
Last-Modified: Thu, 20 Oct 2022 20:55:05 GMT
Server: ECS (amb/6BB0)
X-Cache: HIT
Content-Length: 727
ocsp.pki.goog/s/gts1p5/Ww6r2bCjfLU
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ww6r2bCjfLU
IP 142.250.74.3:0
Hash 18ce16a16996df5e2363b47c053dd760
853f8f7af82e1b336409be93a0e2a2e0ff48dd5e
4b2bb85cfbf42a5f865124c7b5e94beb4efc5e698e291b5600e4f4913ca4389b
POST /s/gts1p5/Ww6r2bCjfLU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 778c7de22fb00691defcb74cead25a2b
0776c047edfa6ac4c7fc89f9afc0f070015d0980
5d1ecc24eb776be6ab5a238f491dd8452220a2c9eb244c4164da8edbc1aa2759
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=142934
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Etag: "6351a4d1-118"
Expires: Sat, 22 Oct 2022 19:43:13 GMT
Last-Modified: Thu, 20 Oct 2022 19:43:13 GMT
Server: nginx
Content-Length: 280
p3.douyinpic.com/obj/tos-cn-i-dy/dc48a3566f6e49dbb290055aad58e1f2
47.246.44.229200 OK 416 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/dc48a3566f6e49dbb290055aad58e1f2
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 1920 x 180, 8-bit/color RGB, non-interlaced\012- data
Size 416 kB (415932 bytes)
Hash 59eb635ac1e1db62ab9ee87b4897a52d
66e76debba701193e8f9e5f7077fbee199571980
0bd636a22972c8f183ae9fd89cdbecaf7593115368e8909c3d679f455a9ca4dc
GET /obj/tos-cn-i-dy/dc48a3566f6e49dbb290055aad58e1f2 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 415932
date: Sat, 27 Aug 2022 13:42:35 GMT
cache-control: max-age=31536000
imagex-fmt: png2png
last-modified: Sat, 27 Aug 2022 13:18:04 GMT
nw-session-id: 20220827211804010138172202166D891B7499g02dy
nw-session-trace: 2022-08-27T21:18:04.457086583+08:00 109
x-bdcdn-cache-status: TCP_HIT
x-length: 415932
x-powered-by: ImageX
x-response-date: Sat, 27 Aug 2022 21:18:04 GMT
x-tt-logid: 20220827211804010138172202166D891B
via: n150-056-076, cache25.l2de2[0,11,206-0,H], cache23.l2de2[12,0], cache23.l2de2[12,0], cache4.se1[0,0,200-0,H], cache1.se1[2,0]
x-request-ip: fdbd:dc02:22:599::149
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 0155fab0627e4bb1e71d0a6e0a3617be2ce2fd0cf90a14e64827c2974909e9a8436fe5de07fb525cfdb40f32b22d077d66c2da91265ceee78bd01852aa2ba54c6176c03df5d333e50f3a992b85baeaffa521101c58d7b0e8c6d7914e5bba80c7a0
x-response-lb: image
ali-swift-global-savetime: 1661607756
age: 4717103
x-cache: HIT TCP_MEM_HIT dirn:2:49766409
x-swift-savetime: Wed, 31 Aug 2022 14:21:46 GMT
x-swift-cachetime: 31188050
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516663248597063525e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c417fc7634ffaf757e9758e282715aa1
9d86928dea6d9bc41277a5a3dff9d7ca1ae31521
070384d2108585f7d11d4a2744d20adc6a3bd79eabcdea78353c6c09e4c639bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129954
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Etag: "6351721d-117"
Expires: Sat, 22 Oct 2022 16:06:53 GMT
Last-Modified: Thu, 20 Oct 2022 16:06:53 GMT
Server: nginx
Content-Length: 279
hm.baidu.com/hm.js?7e5e3dfa6de61bfd4b1abb18528745ab
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?7e5e3dfa6de61bfd4b1abb18528745ab
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash c13ea63ee21af202f61cab0d1ceef44c
63678d3cc7f2c499fde3c1cb65c58557090c257f
891d32e956615fe9f6969263d965714ad3c026a396e20a821f863bb7ee92f1a5
GET /hm.js?7e5e3dfa6de61bfd4b1abb18528745ab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11332
Content-Type: application/javascript
Date: Fri, 21 Oct 2022 04:00:58 GMT
Etag: b2d05cfd850c989cd9db21a97da15874
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7E154E29D81CBDB4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kvhlll.top/99462c01e85acc1311bebac224df6cce.gif
104.21.233.123200 OK 845 kB URL HTTP/2 kvhlll.top/99462c01e85acc1311bebac224df6cce.gif
IP 104.21.233.123:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kvhlll.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 845326
last-modified: Mon, 15 Aug 2022 06:10:27 GMT
etag: "62f9e353-ce60e"
expires: Sat, 19 Nov 2022 20:50:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 25853
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2H0vN07U4ksBdf1Dn0M%2BAs1Hd2bdhzkdaFYKZkbT%2BQ5eyBPjOUjhkvvrBXn6N5zCVKppFFeZL0G9qcjr6hqDkbD0prFC2KBGmRaaMIx4WifFutxevRMdCs%2BmpxxU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e4f80072e8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10cb849995a02747bdc05a61ffc87f0f
c4dddeefb8fdf24743b7fd246695d655d2f8dd94
207f391c90a6bcad30802b1ef44b4ce26c0aea262de4ba1e0364d81c1047ff7f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "207F391C90A6BCAD30802B1EF44B4CE26C0AEA262DE4BA1E0364D81C1047FF7F"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19420
Expires: Fri, 21 Oct 2022 09:24:39 GMT
Date: Fri, 21 Oct 2022 04:00:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 159abcce44709dee3de5193add8ec451
d86e1071b08c4ccc8c1c3e6270dd61e3f1ed46fd
3b6273f6850d0a2eba3f276decb87cb5da3bf3fde5dedefa8802c1658948592b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=140766
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Etag: "63519c59-117"
Expires: Sat, 22 Oct 2022 19:07:05 GMT
Last-Modified: Thu, 20 Oct 2022 19:07:05 GMT
Server: nginx
Content-Length: 279
p3.douyinpic.com/obj/tos-cn-i-dy/9693f5918c424564abdf4ceba3f906bc
47.246.44.229200 OK 41 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/9693f5918c424564abdf4ceba3f906bc
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 120\012- data
Hash 519a13c774ff6fa399cca52b95b54e6a
0ca6c062122d0a8db32a95141d0c83b8a1291e71
8d1eb951ed46a1a675b95d407201b6e1dd94b417a2c1e4137c2cd18152233956
GET /obj/tos-cn-i-dy/9693f5918c424564abdf4ceba3f906bc HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 40591
date: Fri, 30 Sep 2022 06:47:59 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 30 Sep 2022 06:42:18 GMT
nw-session-id: 2022093014421801020908713100B85159s7rs703dy
nw-session-trace: 2022-09-30T14:42:18.948733991+08:00 26
x-bdcdn-cache-status: TCP_HIT
x-length: 40591
x-powered-by: ImageX
x-response-date: Fri, 30 Sep 2022 14:42:18 GMT
x-tt-logid: 2022093014421801020908713100B85159
via: n150-053-224, cache8.l2de2[0,0,206-0,H], cache26.l2de2[1,0], cache26.l2de2[1,0], cache3.se1[0,0,200-0,H], cache1.se1[4,0]
x-request-ip: fdbd:dc02:22:54::97
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=4
x-tt-trace-host: 01713454d6c7f98b3a61040842078bd46d18f36153a2e4e26d11287538488168388ed565fe4b69a309b8f29194a180ab10a2333785e91b6f73b3b79978b4311dbe4c123217b903c64d6c78577f546ed16702362bf7a5d5c9813e9ed292cf5eb514
x-response-lb: image
ali-swift-global-savetime: 1664520479
age: 1804380
x-cache: HIT TCP_MEM_HIT dirn:11:22512406
x-swift-savetime: Fri, 30 Sep 2022 07:09:44 GMT
x-swift-cachetime: 31534695
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516663248597073526e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 736567441514371a689b871ff6c42b93
3fb124fcd85bc45af8d2d6085a24d8dfa01b5894
cf4e93488a4a3e7719122e225b6a2c37147185c75acc756b47f9dfb8b6ef7cfc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=145443
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 04:00:59 GMT
Etag: "6351ae9e-117"
Expires: Sat, 22 Oct 2022 20:25:02 GMT
Last-Modified: Thu, 20 Oct 2022 20:25:02 GMT
Server: nginx
Content-Length: 279
p3.douyinpic.com/obj/tos-cn-i-dy/c625d24c037244f9b1c7748745035f0a
47.246.44.229200 OK 36 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/c625d24c037244f9b1c7748745035f0a
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 120\012- data
Hash 4621dcd42a92841873cdee6feeeab93c
734b963b11784ede56dd145112ef991284ba8d40
b9c7c80d4d49bec4653cc9e7dec64cdcfb50414d32347d7cb6eb50dbdc8260df
GET /obj/tos-cn-i-dy/c625d24c037244f9b1c7748745035f0a HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 36069
date: Fri, 30 Sep 2022 06:48:09 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 30 Sep 2022 06:42:22 GMT
nw-session-id: 2022093014422201013113605218B8ADB9jrm7j03dy
nw-session-trace: 2022-09-30T14:42:22.849174641+08:00 18
x-bdcdn-cache-status: TCP_HIT
x-length: 36069
x-powered-by: ImageX
x-response-date: Fri, 30 Sep 2022 14:42:22 GMT
x-tt-logid: 2022093014422201013113605218B8ADB9
via: n131-119-219, cache17.l2de2[0,0,206-0,H], cache15.l2de2[0,0], cache15.l2de2[1,0], cache5.se1[0,0,200-0,H], cache1.se1[2,0]
x-request-ip: fdbd:dc03:11:628::202
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01713454d6c7f98b3a61040842078bd46d779f3843751ec2b14a1354feef3c18936a12ad30be0579f1a8d3b4ffb6eabd29a260d6b1fb9eb9ec31a017d158cb92ab1d1d7f62d8e4bb8ee5565ee9202b169dc18a1382be9fba0caeb539a11df712dc
x-response-lb: image
ali-swift-global-savetime: 1664520489
age: 1804370
x-cache: HIT TCP_MEM_HIT dirn:1:213535790
x-swift-savetime: Fri, 30 Sep 2022 07:09:44 GMT
x-swift-cachetime: 31534705
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516663248597253553e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/6f5d28746d2c43dc9d1002ac01d5e62c
47.246.44.229200 OK 75 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/6f5d28746d2c43dc9d1002ac01d5e62c
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /obj/tos-cn-i-dy/6f5d28746d2c43dc9d1002ac01d5e62c HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 75259
date: Sat, 27 Aug 2022 13:42:35 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 27 Aug 2022 13:18:04 GMT
nw-session-id: 202208272118040102100491453F6D08559zbgj02dy
nw-session-trace: 2022-08-27T21:18:04.37517575+08:00 30
x-bdcdn-cache-status: TCP_HIT
x-length: 75259
x-powered-by: ImageX
x-response-date: Sat, 27 Aug 2022 21:18:04 GMT
x-tt-logid: 202208272118040102100491453F6D0855
via: n204-100-041, cache2.l2de2[0,0,206-0,H], cache2.l2de2[1,0], cache2.l2de2[1,0], cache1.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc01:26:265::25
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0155fab0627e4bb1e71d0a6e0a3617be2ca4044bc5731428ec72d3c5ab2fd96c22f9954deb17721e14963532a1e05ed0513eadfac1bffac9339ffa220bfd76d681b2f65d65a0d5f00839e1548de6cc8599afae01984ab6aa430d1e45c24f7a94ca
x-response-lb: image
ali-swift-global-savetime: 1661607755
age: 4717104
x-cache: HIT TCP_MEM_HIT dirn:11:63252968
x-swift-savetime: Wed, 31 Aug 2022 14:21:46 GMT
x-swift-cachetime: 31188049
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516663248597133535e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/ff09ae377131428a8b982348965ec239
47.246.44.229200 OK 123 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/ff09ae377131428a8b982348965ec239
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 200\012- data
Size 123 kB (122929 bytes)
Hash 1ab87e5b31fba9799b0d7918802bc69b
bc77041b86ffa80fc6a545193dc7a1ba0a38e2c6
555d64a26a1e6a19942bf68e3866fd2608295f36257dbf608af3eb306614fcdd
GET /obj/tos-cn-i-dy/ff09ae377131428a8b982348965ec239 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 122929
date: Sat, 27 Aug 2022 13:42:35 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 27 Aug 2022 13:18:05 GMT
nw-session-id: 202208272118040101501072270E704668w52dn01dy
nw-session-trace: 2022-08-27T21:18:05.032924758+08:00 57
x-bdcdn-cache-status: TCP_HIT
x-length: 122929
x-powered-by: ImageX
x-response-date: Sat, 27 Aug 2022 21:18:05 GMT
x-tt-logid: 202208272118040101501072270E704668
via: n204-100-030, cache16.l2de2[0,0,206-0,H], cache25.l2de2[1,0], cache25.l2de2[2,0], cache7.se1[0,0,200-0,H], cache1.se1[5,0]
x-request-ip: fdbd:dc01:21:307::156
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=5
x-tt-trace-host: 0155fab0627e4bb1e71d0a6e0a3617be2c04309723fc1e23cd2676dd7cb77acd4f60f360670230aa8bb67958773427e6b7739dbf6e41579bac248bd41294602897f0357e192c5b7c7d43ffe71deb347be080f5461b2cbbcf77a6227392cf59dd58
x-response-lb: image
ali-swift-global-savetime: 1661607755
age: 4717104
x-cache: HIT TCP_MEM_HIT dirn:7:76703897
x-swift-savetime: Wed, 31 Aug 2022 14:21:46 GMT
x-swift-cachetime: 31188049
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516663248597303555e
X-Firefox-Spdy: h2
link.imgapp.top/images/63368fc78360dffab4893ec1.gif
23.225.228.58302 Found 280 B URL HTTP/2 link.imgapp.top/images/63368fc78360dffab4893ec1.gif
IP 23.225.228.58:0
Hash 9b82ce6e952705728ecd788bb662780b
827bbd6455ef2949a5cef849ebd7a095bca1997e
e02e91f0488b8292a1107c09f2d933966ee5a99769f51bf69f92116df3dccae1
GET /images/63368fc78360dffab4893ec1.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9693f5918c424564abdf4ceba3f906bc
cache-control: max-age=86400
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/5ad94eb8d511479580fca511037924fb
47.246.44.229200 OK 1.1 MB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/5ad94eb8d511479580fca511037924fb
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.1 MB (1140556 bytes)
Hash 76570df04168772dcdda42a036e5332c
8dece06ebc23e71f2021ca99b6ab130f0f0d323b
7d21fd873c6e60e3472fcbb3e472dd3d94fb5e3a608be3df940ca8b2867a886f
GET /obj/tos-cn-i-dy/5ad94eb8d511479580fca511037924fb HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1140556
date: Tue, 18 Oct 2022 23:27:15 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 18 Oct 2022 15:31:01 GMT
nw-session-id: 2022101823310101015110608440532293thbq803dy
nw-session-trace: 2022-10-18T23:31:01.420351148+08:00 119
x-bdcdn-cache-status: TCP_HIT
x-length: 1140556
x-powered-by: ImageX
x-response-date: Tue, 18 Oct 2022 23:31:01 GMT
x-tt-logid: 2022101823310101015110608440532293
via: n204-098-025, cache20.l2de2[0,0,206-0,H], cache1.l2de2[1,0], cache1.l2de2[1,0], cache4.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc01:26:287::138
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 011a3c9c05f19c6b9646633bb19001d81f0150a9b0c37de03231fcee2dec43289e380260fcb24ed91c1fc8846723553ef9213c7006a67d2df3c15270415a7d80d3b32eddfe60f2377d265a4f9a783a66804a5526d7c4f17323c822caadedee28b4
x-response-lb: image
ali-swift-global-savetime: 1666135635
age: 189224
x-cache: HIT TCP_MEM_HIT dirn:4:11586193 mlen:0
x-swift-savetime: Thu, 20 Oct 2022 09:41:17 GMT
x-swift-cachetime: 31412758
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516663248597383568e
X-Firefox-Spdy: h2
kvhccc.top/e74b75b58cdf79b04bfb0592f5a858dc.gif
104.21.233.190200 OK 185 kB URL HTTP/2 kvhccc.top/e74b75b58cdf79b04bfb0592f5a858dc.gif
IP 104.21.233.190:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 185 kB (184926 bytes)
Hash 214553bbbe765499c15ec4271f4bbd23
8fa439d96daee17a9c0b86546dba5cb8fa25b076
34924659831f47a88bb09ee743e6e993c7b98c6038e0d6f9ba93123ba0a92a50
GET /e74b75b58cdf79b04bfb0592f5a858dc.gif HTTP/1.1
Host: kvhccc.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:00:59 GMT
content-type: image/gif
content-length: 184926
last-modified: Wed, 25 May 2022 14:01:09 GMT
etag: "628e36a5-2d25e"
expires: Sat, 19 Nov 2022 11:41:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 58754
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6UY9yyJrBV9gODXn47tZeAoRqiLgGSJwsW3skIyRBJ7UnSX%2FVUR1nGBnnoRLObUth2Wf%2Fdsj3FP7Tn51MPx7cxkBopk19ceGNwS93bvmkWmg5TkanNu1VsfwNM4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e6dc68dccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 3d428b21658488b1fa30358999c9db8a
fa7f4c0f1a1c19ae7eb3ce3b6ac1633bd4b7933a
83427fb9d20f58b8ab087af1cba8dcee19784406d5e946baab7607b6c4d6eaed
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Fri, 21 Oct 2022 04:01:00 GMT
Connection: keep-alive
X-N: S
kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.21.33.12200 OK 919 kB URL HTTP/2 kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.21.33.12:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvhooo.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.ca0agxyy.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 04:01:00 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Sun, 20 Nov 2022 02:01:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7198
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zfa65%2FB5KvUtLzTHWuZqL%2B8pIQfjq5l0jpUlqSU0DNlBElndXdO1XbqGTnEaZG5nq3zjK9HUYKZrZzysb%2FNx8mozlS4VqtdOgc70ZFyxA6t4GOSI8QPKb1xvt4eS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d716e72c1f0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.ca0agxyy.world/static/index.2772579d.css
20.24.217.103200 OK 0 B URL HTTP/2 api.ca0agxyy.world/static/index.2772579d.css
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /static/index.2772579d.css HTTP/1.1
Host: api.ca0agxyy.world
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/?tt=1666325088
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:55 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 08:50:28 GMT
vary: Accept-Encoding
etag: W/"634a7454-17031"
expires: Fri, 21 Oct 2022 03:18:33 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/79c0b1bf91414608a7b59ad7dfa6fd6e
47.246.44.229200 OK 0 B URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/79c0b1bf91414608a7b59ad7dfa6fd6e
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /obj/tos-cn-i-dy/79c0b1bf91414608a7b59ad7dfa6fd6e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1687977
date: Mon, 17 Oct 2022 17:50:55 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 17 Oct 2022 17:50:55 GMT
nw-session-id: 2022101801505501017507313410ED0212g686d02dy
nw-session-trace: 2022-10-18T01:50:55.190778522+08:00 77
x-bdcdn-cache-status: TCP_MISS
x-length: 1687977
x-powered-by: ImageX
x-response-date: Tue, 18 Oct 2022 01:50:55 GMT
x-tt-logid: 2022101801505501017507313410ED0212
via: n132-055-194, cache21.l2ot7-1[0,0,206-0,H], cache8.l2ot7-1[0,0], cache8.l2ot7-1[2,0], cache8.se1[0,0,200-0,H], cache1.se1[1,0]
x-request-ip: fdbd:dc03:15:231::134
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01f8ec259067e9538909d628064bec591d032a48a9f706a509d5732b71f626a61c3b168561c3db81ca3e18152a48544efa63a8d543dc0b3b4fb7b3cb9c63d1c241746fb6f34b6bd29a743bad580010ae9b1678508b13ccd77de8bc3c886443f133
x-response-lb: image
ali-swift-global-savetime: 1666029055
age: 295804
x-cache: HIT TCP_MEM_HIT dirn:1:294265872 mlen:0
x-swift-savetime: Wed, 19 Oct 2022 14:40:07 GMT
x-swift-cachetime: 31374648
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516663248597173539e
X-Firefox-Spdy: h2
link.imgapp.top/images/62d5242999f6fb3f851b2388.gif
23.225.228.58302 Found 0 B URL HTTP/2 link.imgapp.top/images/62d5242999f6fb3f851b2388.gif
IP 23.225.228.58:0
GET /images/62d5242999f6fb3f851b2388.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ff09ae377131428a8b982348965ec239
cache-control: max-age=86400
X-Firefox-Spdy: h2
api.ipj8ts1p.club/web.php/index/showType
20.24.217.103200 OK 0 B URL HTTP/2 api.ipj8ts1p.club/web.php/index/showType
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /web.php/index/showType HTTP/1.1
Host: api.ipj8ts1p.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.ca0agxyy.world
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
link.imgapp.top/images/62e372d723e4f48ec9831c4e.png
23.225.228.58302 Found 0 B URL HTTP/2 link.imgapp.top/images/62e372d723e4f48ec9831c4e.png
IP 23.225.228.58:0
GET /images/62e372d723e4f48ec9831c4e.png HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/dc48a3566f6e49dbb290055aad58e1f2
cache-control: max-age=86400
X-Firefox-Spdy: h2
api.ca0agxyy.world/static/js/index.029b76c6.js
20.24.217.103200 OK 0 B URL HTTP/2 api.ca0agxyy.world/static/js/index.029b76c6.js
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /static/js/index.029b76c6.js HTTP/1.1
Host: api.ca0agxyy.world
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/?tt=1666325088
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:55 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 08:50:28 GMT
vary: Accept-Encoding
etag: W/"634a7454-1bb77"
expires: Fri, 21 Oct 2022 03:18:33 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
link.imgapp.top/images/63368fc78360dffab4893ec2.gif
23.225.228.58302 Found 0 B URL HTTP/2 link.imgapp.top/images/63368fc78360dffab4893ec2.gif
IP 23.225.228.58:0
GET /images/63368fc78360dffab4893ec2.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/c625d24c037244f9b1c7748745035f0a
cache-control: max-age=86400
X-Firefox-Spdy: h2
link.imgapp.top/images/62c535de9493f72e6cb8d63f.gif
23.225.228.58302 Found 0 B URL HTTP/2 link.imgapp.top/images/62c535de9493f72e6cb8d63f.gif
IP 23.225.228.58:0
GET /images/62c535de9493f72e6cb8d63f.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5ad94eb8d511479580fca511037924fb
cache-control: max-age=86400
X-Firefox-Spdy: h2
link.imgapp.top/images/62c535de9493f72e6cb8d641.gif
23.225.228.58302 Found 0 B URL HTTP/2 link.imgapp.top/images/62c535de9493f72e6cb8d641.gif
IP 23.225.228.58:0
GET /images/62c535de9493f72e6cb8d641.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/79c0b1bf91414608a7b59ad7dfa6fd6e
cache-control: max-age=86400
X-Firefox-Spdy: h2
ccapi.api-daxiangjiao.com/common.php?val=daxiangjiao&t=0.3642872048575906?v=013472195040713542
156.240.106.112200 OK 0 B URL HTTP/2 ccapi.api-daxiangjiao.com/common.php?val=daxiangjiao&t=0.3642872048575906?v=013472195040713542
IP 156.240.106.112:0
ASN #140227 Hong Kong Communications International Co., Limited
GET /common.php?val=daxiangjiao&t=0.3642872048575906?v=013472195040713542 HTTP/1.1
Host: ccapi.api-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.worthyfeeds.com
Connection: keep-alive
Referer: http://www.worthyfeeds.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 04:04:46 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.ii6-daxiangjiao.com/1666325086.html
20.205.123.153200 OK 0 B URL HTTP/2 api.ii6-daxiangjiao.com/1666325086.html
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /1666325086.html HTTP/1.1
Host: api.ii6-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.worthyfeeds.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:54 GMT
content-type: text/html
last-modified: Sat, 18 Dec 2021 07:18:36 GMT
vary: Accept-Encoding
etag: W/"61bd8b4c-427"
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cdn-node-a9-new-hk-02
cdn-cache: MISS
X-Firefox-Spdy: h2
api.ii6-daxiangjiao.com/js/jquery.min.js
20.205.123.153200 OK 0 B URL HTTP/2 api.ii6-daxiangjiao.com/js/jquery.min.js
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/jquery.min.js HTTP/1.1
Host: api.ii6-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ii6-daxiangjiao.com/1666325086.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:54 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 13:00:00 GMT
vary: Accept-Encoding
etag: W/"617012d0-15d84"
expires: Fri, 21 Oct 2022 03:16:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cdn-node-a9-new-hk-02
cdn-cache: HIT
X-Firefox-Spdy: h2
api.ii6-daxiangjiao.com/js/api.php
20.205.123.153200 OK 0 B URL HTTP/2 api.ii6-daxiangjiao.com/js/api.php
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /js/api.php HTTP/1.1
Host: api.ii6-daxiangjiao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://api.ii6-daxiangjiao.com
Connection: keep-alive
Referer: https://api.ii6-daxiangjiao.com/1666325086.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 21 Oct 2022 04:00:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=1
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cdn-node-a9-new-hk-02
X-Firefox-Spdy: h2
link.imgapp.top/images/62c537979493f72e6cb8d642.gif
23.225.228.58302 Found 0 B URL HTTP/2 link.imgapp.top/images/62c537979493f72e6cb8d642.gif
IP 23.225.228.58:0
GET /images/62c537979493f72e6cb8d642.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ca0agxyy.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6f5d28746d2c43dc9d1002ac01d5e62c
cache-control: max-age=86400
X-Firefox-Spdy: h2