firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 11:12:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tfK3YA0HLXZ55LQRW2hrBwzPVP32TIUfMt07l1KDjnn7Jb4n6qJJcA==
Age: 3508
myweblock.com/edu/panel/start/?
107.187.101.217301 Moved Permanently 0 B URL HTTP/1.1 myweblock.com/edu/panel/start/?
IP 107.187.101.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /edu/panel/start/? HTTP/1.1
Host: myweblock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Sep 2022 12:11:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.myweblock.com/edu/panel/start/?
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11003
Expires: Fri, 23 Sep 2022 15:14:10 GMT
Date: Fri, 23 Sep 2022 12:10:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xiIL6ibo_M7sAmK6ji7aMPzfKDGs568ndDOOzDhacArnBAeh_DvcEw==
age: 27333
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 12:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 12:27:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MrpmzCKP4dH8KUBIdtUrbuP6W38kZU_Hzm_7Q8oT_ysejJk2ngPu8A==
Age: 445
www.myweblock.com/edu/panel/start/?
107.187.101.217200 OK 481 B URL HTTP/1.1 www.myweblock.com/edu/panel/start/?
IP 107.187.101.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (568), with CRLF line terminators
Hash 940f80c5a19a106828d53d7bb1386577
8976d557180f526a854e2c63573d4e3e224faaa5
8b2c613f8ef0161a24a5f83e6a2ef041d426be7bbf3bd34529f649742e211827
GET /edu/panel/start/? HTTP/1.1
Host: www.myweblock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 12:11:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6466
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:10:47 GMT
Last-Modified: Fri, 23 Sep 2022 10:23:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.myweblock.com/common.js
107.187.101.217200 OK 1.9 kB URL HTTP/1.1 www.myweblock.com/common.js
IP 107.187.101.217:0
File type HTML document text\012- HTML document, ISO-8859 text, with very long lines (443), with CRLF line terminators
Hash 4ac7517d9b301d42875832d989994928
8453e60d64dad9e3928ebbff6e507645a28e73ad
53c7d31a8a1180cc79874a34be18d97fcae0992bf110e664c5856f2ec55f919c
GET /common.js HTTP/1.1
Host: www.myweblock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.myweblock.com/edu/panel/start/?
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 12:11:11 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.myweblock.com/tj.js
107.187.101.217200 OK 364 B IP 107.187.101.217:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 789d28beb2b6417f715b68f4fe870a1e
fbf03b20c547f4fd610f2a2bdf666e162cbcc5fe
cbfb13722e8ec80bdf05d47e84f460b9f4f8da2a020821489f763726c1da304d
GET /tj.js HTTP/1.1
Host: www.myweblock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.myweblock.com/edu/panel/start/?
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 12:11:11 GMT
Content-Type: application/x-javascript
Content-Length: 364
Connection: keep-alive
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ucFkadqU9V6DcXhWSX8AGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0YtRFfAS9YnMhQtlS0BkrJvXKIE=
209.73.159.134/chabi-common.php?val=chabi4&t=0.25687556474916795?v=025335999230312967
209.73.159.134200 OK 88 B URL HTTP/1.1 209.73.159.134/chabi-common.php?val=chabi4&t=0.25687556474916795?v=025335999230312967
IP 209.73.159.134:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 65c18ca04ed98b07ea99a9d541c4b4f8
926eee3a6481ac4a4fe8dc61c161f16b2adf283a
5ea972d89f4fe9887ee6a98b0803ae499dbb149d555679abfbd90fd9ab4ae22d
GET /chabi-common.php?val=chabi4&t=0.25687556474916795?v=025335999230312967 HTTP/1.1
Host: 209.73.159.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.myweblock.com
Connection: keep-alive
Referer: http://www.myweblock.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 12:10:48 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
209.73.159.134/chabi-common.php?val=chabi4&t=0.18517952272278326?v=012264369300567124
209.73.159.134200 OK 88 B URL HTTP/1.1 209.73.159.134/chabi-common.php?val=chabi4&t=0.18517952272278326?v=012264369300567124
IP 209.73.159.134:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 65c18ca04ed98b07ea99a9d541c4b4f8
926eee3a6481ac4a4fe8dc61c161f16b2adf283a
5ea972d89f4fe9887ee6a98b0803ae499dbb149d555679abfbd90fd9ab4ae22d
GET /chabi-common.php?val=chabi4&t=0.18517952272278326?v=012264369300567124 HTTP/1.1
Host: 209.73.159.134
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.myweblock.com
Connection: keep-alive
Referer: http://www.myweblock.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 12:10:48 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/gkU668us6qY
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/gkU668us6qY
IP 142.250.74.3:0
Hash 094b6fcf237ef10d2c3e0abc92da8c90
6670abca30602e92dd1aae0f66f611883a66ddbf
61c9afbfcad8e0f1921ce84e1f16a9fe7e915a3bad8dc6df9c599522c52bd939
POST /s/gts1p5/gkU668us6qY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:10:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/gkU668us6qY
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/gkU668us6qY
IP 142.250.74.3:0
Hash 094b6fcf237ef10d2c3e0abc92da8c90
6670abca30602e92dd1aae0f66f611883a66ddbf
61c9afbfcad8e0f1921ce84e1f16a9fe7e915a3bad8dc6df9c599522c52bd939
POST /s/gts1p5/gkU668us6qY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:10:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/gkU668us6qY
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/gkU668us6qY
IP 142.250.74.3:0
Hash 094b6fcf237ef10d2c3e0abc92da8c90
6670abca30602e92dd1aae0f66f611883a66ddbf
61c9afbfcad8e0f1921ce84e1f16a9fe7e915a3bad8dc6df9c599522c52bd939
POST /s/gts1p5/gkU668us6qY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:10:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5dbed1c852b63f145ef0d604a3b441a
8e3e54df166d339f80522ee2a30991ee760575ec
04eae44961893a5050c14d827c373a26cf30a34390b4a1663ad2a037b0958602
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "04EAE44961893A5050C14D827C373A26CF30A34390B4A1663AD2A037B0958602"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13992
Expires: Fri, 23 Sep 2022 16:04:01 GMT
Date: Fri, 23 Sep 2022 12:10:49 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5dbed1c852b63f145ef0d604a3b441a
8e3e54df166d339f80522ee2a30991ee760575ec
04eae44961893a5050c14d827c373a26cf30a34390b4a1663ad2a037b0958602
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "04EAE44961893A5050C14D827C373A26CF30A34390B4A1663AD2A037B0958602"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15504
Expires: Fri, 23 Sep 2022 16:29:13 GMT
Date: Fri, 23 Sep 2022 12:10:49 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5dbed1c852b63f145ef0d604a3b441a
8e3e54df166d339f80522ee2a30991ee760575ec
04eae44961893a5050c14d827c373a26cf30a34390b4a1663ad2a037b0958602
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "04EAE44961893A5050C14D827C373A26CF30A34390B4A1663AD2A037B0958602"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15504
Expires: Fri, 23 Sep 2022 16:29:13 GMT
Date: Fri, 23 Sep 2022 12:10:49 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8ff5cbc151dee3e3a20b2e24ab3703e
841d92890b034480b5601db55201b201664a5876
d87d4e59134a0dec95d89aa0689efe1a20570fd541264edc233b5a221d2bb8a5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D87D4E59134A0DEC95D89AA0689EFE1A20570FD541264EDC233B5A221D2BB8A5"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9105
Expires: Fri, 23 Sep 2022 14:42:34 GMT
Date: Fri, 23 Sep 2022 12:10:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 12:10:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b30784-fdab-4361-be4c-cde3457de8cc.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b30784-fdab-4361-be4c-cde3457de8cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31f182a35c2946cfc0286689b7124c36
9dc2210a6c1d7025080692690f8cf1b064e7af9b
33fbee038d8988be37a223f1b7f3716dcb2473512161cc4dd8d5229d2868c47e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b30784-fdab-4361-be4c-cde3457de8cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9571
x-amzn-requestid: a6825487-dc32-4129-ae63-2aad2bc90833
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHVDIAMFoNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-0669874227a8c7c60b4fb4e3;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GDOiSF2tQYYM1g-HzrOGYRdZhi97vmzrVEGKtwAKVsrd_NtmOUMDFA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:01:51 GMT
age: 50938
etag: "9dc2210a6c1d7025080692690f8cf1b064e7af9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 140438606dfec59ac72072c83068d09e
d7afd544cb4ff2e8b5b1b1b604175446bbb1e1c7
96a81922c699f53d206d4275614c29c96512b64adda5052f7f13dc67f78b9875
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:10:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:56:58 GMT
ETag: "d7afd544cb4ff2e8b5b1b1b604175446bbb1e1c7"
Last-Modified: Fri, 23 Sep 2022 09:56:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 501
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f32dee6f79b515-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0553fa41c91a6a700879ec08834d758d
bddacbd00d86d1c6b4e086cde032244037d62f28
edeca31a26b02022d4f250ea5d98fe7724648034b0cd89b14e5402d978180df4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:10:49 GMT
Server: ECS (amb/6B98)
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69a608c0a465cee64c88fb7c7bd8df11
466919e3ac2281444cb04ea044511493016828eb
83722c1f7f1bab671517ba5ee26ec8149810a6f18ec04bb0657ecef9a4e0bfa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83722C1F7F1BAB671517BA5EE26EC8149810A6F18EC04BB0657ECEF9A4E0BFA5"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6041
Expires: Fri, 23 Sep 2022 13:51:31 GMT
Date: Fri, 23 Sep 2022 12:10:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69a608c0a465cee64c88fb7c7bd8df11
466919e3ac2281444cb04ea044511493016828eb
83722c1f7f1bab671517ba5ee26ec8149810a6f18ec04bb0657ecef9a4e0bfa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83722C1F7F1BAB671517BA5EE26EC8149810A6F18EC04BB0657ECEF9A4E0BFA5"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5967
Expires: Fri, 23 Sep 2022 13:50:17 GMT
Date: Fri, 23 Sep 2022 12:10:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae63806537bc1795029ac9e522b4abb1
47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781
369fe0af9bba20526bb10c7240a7571e72726fa653bbb70d8e56fabb13cf9358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9484
x-amzn-requestid: ac493b06-28bc-4a84-ad7a-060617233da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHHiIAMFnow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-7944659e3cb7134b58da757f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OzTpgbr1HluiZtdiVUrQjTV1KMWuynatd1A8L8excXJDJsnM45A3Hg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 51454
etag: "47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 27474
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 50364
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e9de7f4507189ca3551d15206b37a296
705da0449393f04158db355bc833fa2fb9e20f37
178d12821154ae5cb0a835e32e7c634b6976e20683ff49b47fcb840e98e22cba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "178D12821154AE5CB0A835E32E7C634B6976E20683FF49B47FCB840E98E22CBA"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7095
Expires: Fri, 23 Sep 2022 14:09:05 GMT
Date: Fri, 23 Sep 2022 12:10:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e9de7f4507189ca3551d15206b37a296
705da0449393f04158db355bc833fa2fb9e20f37
178d12821154ae5cb0a835e32e7c634b6976e20683ff49b47fcb840e98e22cba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "178D12821154AE5CB0A835E32E7C634B6976E20683FF49B47FCB840E98E22CBA"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7202
Expires: Fri, 23 Sep 2022 14:10:52 GMT
Date: Fri, 23 Sep 2022 12:10:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 51748
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0553fa41c91a6a700879ec08834d758d
bddacbd00d86d1c6b4e086cde032244037d62f28
edeca31a26b02022d4f250ea5d98fe7724648034b0cd89b14e5402d978180df4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:10:50 GMT
Last-Modified: Fri, 23 Sep 2022 12:10:50 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 50602
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69a608c0a465cee64c88fb7c7bd8df11
466919e3ac2281444cb04ea044511493016828eb
83722c1f7f1bab671517ba5ee26ec8149810a6f18ec04bb0657ecef9a4e0bfa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83722C1F7F1BAB671517BA5EE26EC8149810A6F18EC04BB0657ECEF9A4E0BFA5"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5955
Expires: Fri, 23 Sep 2022 13:50:05 GMT
Date: Fri, 23 Sep 2022 12:10:50 GMT
Connection: keep-alive
cb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
104.21.86.153200 OK 672 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
IP 104.21.86.153:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash c5a4e626cda467ea5b6eadcf25b85342
645b6478796d1350791cf7310a8b60e5a43c875e
67dddc0d5d42f8d5e8833eeb5ad2c7357640b7e0585b1a46ec2924ec7062f290
GET /yPS7hqfHgkFauS2djb/253.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 10:18:16 GMT
vary: Accept-Encoding
etag: W/"632841e8-421"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIDFPCeWe2dB%2B%2FZ6Q3pO4dKmd%2BQK%2Fo%2By56f26iIwaHcQ0k5%2Fx1Wvl%2FNlEYJrJe0abHMeqqOt7e9rZSdQjYfKILIBRMdBLh%2FdMKCYS0ZK%2Brj01Drcb2VQliFV70f9fKL5bxINX3N%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded7b050afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.users.51.la/21278777.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21278777.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash de9e807c58439b7f1dcfd07aef92a952
60e9ecde5e0aa2ff63056ef1d217bb518d639c17
d7502b3ebb842a7c57646468874ae513c47e00c97649bc722ca1d350588dae97
GET /21278777.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 23 Sep 2022 12:10:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=db6ce469c6976c15ffa; path=/
HWWAFSESTIME=1663935046804; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.gg123456789gg.com//upload/vod/20220923-1/a63ee9c08f81586259d67f72c86c3e59.jpg
136.0.141.5200 OK 16 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/a63ee9c08f81586259d67f72c86c3e59.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 149956c6f95484ab2274a32dbc13487b
b4e2bb1d06f3cbd883dbfd8bce2215fa2995fbe1
f49caa245e9bb9119f802bfdb549a4c2fd707086cbfce9fef673fee76039d662
GET //upload/vod/20220923-1/a63ee9c08f81586259d67f72c86c3e59.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 15715
last-modified: Fri, 23 Sep 2022 07:30:06 GMT
etag: "632d607e-3d63"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/9230e81b6a45b6dc01912080bb36994a.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/9230e81b6a45b6dc01912080bb36994a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 1e22b77b5e18808aecad52207135b3cb
580b80fecfd2d578c08958aa666f6718c43783a5
2851fb77e319d07cf30c2900262783382a5ec7d31df32edd6406de5f78593d85
GET //upload/vod/20220923-1/9230e81b6a45b6dc01912080bb36994a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10043
last-modified: Fri, 23 Sep 2022 07:30:05 GMT
etag: "632d607d-273b"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3ecea4e032020c299a1423ec90603ad2
d27b7ef7a593af68205c60bd00c178e3353ce404
54e12e452c4de6422ec49a15f407ecbd02dbdbed97bac511b57c55bb7cb675c8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "54E12E452C4DE6422EC49A15F407ECBD02DBDBED97BAC511B57C55BB7CB675C8"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21284
Expires: Fri, 23 Sep 2022 18:05:34 GMT
Date: Fri, 23 Sep 2022 12:10:50 GMT
Connection: keep-alive
cb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
104.21.86.153200 OK 162 kB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
IP 104.21.86.153:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 162 kB (161889 bytes)
Hash 927ef9cfdc126a6f1c00506b3d135269
2450c13d2256e0059080d24c8924bff9c9240c5b
ee0f8dad0c5dc11e4b2de7e226abd9194c3eb46bfc08ef3b30fd4a1050f4867a
GET /yPS7hqfHgkFauS2djb/254.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 10:18:16 GMT
etag: W/"632841e8-3de"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNyC64EehwJd4Skdq%2FXh86sxRRaUGOL5dg14toW9ODgl1XvkIWm8%2BSw5qm5Vw6aKdPMuYExou05uKrZ%2BnuZpregJ2qMwmUpur2ezvNSXK4p760GIR%2BPP0gtl3PCyPcV3prlx1KiL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded7b060afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt12.gif
104.21.18.174200 OK 750 kB URL HTTP/2 tk.learning8808.com/images/xt12.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 750 kB (749706 bytes)
Hash 5b3e843ec7923ace3c8c52e7e3d71608
65b34236bdea1d3bb438b23eaa028df8b587cc45
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
GET /images/xt12.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/gif
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
etag: "626930fc-b708a"
expires: Thu, 29 Sep 2022 03:06:40 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2106250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyFt2YRHqPqSKc4D5gvOiTxh03sco7g8zGj6lUaOBb4%2BFiRzVTmp%2FetaK7VBgaP61%2BbNG5rHGJ0gU%2F2iqZIcvEFg65N1F4u%2BVTI0VblejyRLujswgkDrYc4EbcfAWsmVOXss4%2BcW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df18874b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
104.21.86.153200 OK 624 kB URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
IP 104.21.86.153:0
File type HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size 624 kB (624158 bytes)
Hash c352795ed90201ac17d56f58347f130a
77f272596c226308a4b671caf2ca02747de98bdf
0829dde155ab724954544570e71ef1d2300db379876fa35eb00d5a677a76c534
GET /yPS7hqfHgkFauS2djb/xx3.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 09:30:05 GMT
vary: Accept-Encoding
etag: W/"632d7c9d-5c3"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDYqCzYbKwJhaTcOTS0s%2FwSSRib7GZZA1BOAnVXportkjnq8P9XF1R9ilq8UsIHvvPT1zSxWrkOCqB2GyD03SzEtkKYoUAKdwWoE1shTIvUaxvuKIR6PE5zGQuq4fzajaR3jB10e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded7b0d0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt1.gif
104.21.18.174200 OK 444 kB URL HTTP/2 tk.learning8808.com/images/xt1.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 444 kB (443705 bytes)
Hash 8bc908398e73478d0b28d85191689891
5e9022d7583285c988d0acb55b6db7c920f3c3d0
c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
GET /images/xt1.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/gif
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
etag: "626930f7-6c539"
expires: Thu, 29 Sep 2022 03:06:40 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2106250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLzxef3MDuX7nabM72mPtPBBqnB%2FOvKIpNtL9XrQqBty1493PzdPBTSYn5asluic3%2B908UyT1S3ZF9NfrphbXxupaN5JkBK6%2F1S5kaNNi93x00yjGCRoujKFMzQcAWndOysVfN2C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df1988fb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/2adb569cf600d6eb2307a4df0723e5f4.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/2adb569cf600d6eb2307a4df0723e5f4.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 3979e2f7bfdb6997893a786388543601
1eb2d80826b523f9697cae61f1ed09d8a7dfb267
d54d8e865e22a4fcbc6f69eed53081de17e2e97fd1d77dbe420b459c45475b33
GET //upload/vod/20220923-1/2adb569cf600d6eb2307a4df0723e5f4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10296
last-modified: Fri, 23 Sep 2022 07:30:04 GMT
etag: "632d607c-2838"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
klx4.zhgmjglh81k.com/template/m1938pc/css/zui.css
104.21.13.155200 OK 18 kB URL HTTP/2 klx4.zhgmjglh81k.com/template/m1938pc/css/zui.css
IP 104.21.13.155:0
File type assembler source, Unicode text, UTF-8 text, with CRLF, CR line terminators
Hash f3c9288d2e2b1edc0257a9a59e9cdec7
a02fdb38530d66844c8dd41c1b10219ad91afeb4
b6fac4717853281b25400a3674da831f4b864fc516dc5fd9a8d63bd0b46382a1
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: klx4.zhgmjglh81k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:49 GMT
content-type: text/css
last-modified: Sat, 26 Mar 2022 14:06:26 GMT
vary: Accept-Encoding
etag: W/"623f1de2-14f3a"
expires: Fri, 23 Sep 2022 20:13:24 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 14245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FRVQAEnl8mWFrI%2BSkRRLW7BkhrsE4SPAmmv3rtDB1kEpGpepMnHIqNkBgJZGg3eqv6LGkip8lvX7wujkK%2FMoEqeq0JnhFROwsz97Mid0WPkfTHZ8vm%2Fwade%2B%2FENLZfXnAofN3Co4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32de939701c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx4.zhgmjglh81k.com/
104.21.13.155200 OK 6.0 kB IP 104.21.13.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 590dc31f16ef56d818b780ba611e389d
76065b35e138cd0cb2e16cfab57914f30bbfe227
a3ea72e117dab2a7ba94e85c6124fa6606779898c8ffa7afcd018f0821f69008
GET / HTTP/1.1
Host: klx4.zhgmjglh81k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.myweblock.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:49 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A86EI%2FMfrtzVTalaRvVB2iJ%2B87ceDFzTjoDG3CJkW57gpcIBxxYeHA%2Fr%2FqEPcTx2nWCRF7OjJjnqjy%2FHi4dEnJV%2BTU1qyIcJnn7I3esYH2KynMBQorC%2F4oPSAT%2BcEgSo%2FKF9cPSQTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32de9094c1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt2.gif
104.21.18.174200 OK 377 kB URL HTTP/2 tk.learning8808.com/images/xt2.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 448 x 359\012- data
Size 377 kB (376694 bytes)
Hash 8e954a81cfc4fcdc8b1d5ff074a421a7
80810fedd18106dc58686ddc5106e7586ec38bc3
0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80
GET /images/xt2.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/gif
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
etag: "626930fd-5bf76"
expires: Wed, 05 Oct 2022 06:59:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1573875
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTz5eg0LwMcsIeBY5y0NmtW7toOQBt3l%2Bb9Fo8g0YGDwxnlRdAYgwOsuXNjRWdsdBcUoJkGqv0nquYH0F5AKExSdaLo8Zg%2BgpmmGIhyrNPcyvm3Awhhmt3RCm4vn1qcAwFMvIAHf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df1e8e1b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/b9d9bbf7124efbe85fbe83651d54a9ef.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/b9d9bbf7124efbe85fbe83651d54a9ef.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 5d12ca7f3819c285b36d055d9f1f7f71
4542f715bd3c54bab0c2b6c43fbb9974fbcac7c5
5ec1edac91376b57d4eab569812618107f4464bb725edc9e1ed57d82c937b6a9
GET //upload/vod/20220923-1/b9d9bbf7124efbe85fbe83651d54a9ef.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11178
last-modified: Fri, 23 Sep 2022 07:30:04 GMT
etag: "632d607c-2baa"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/b17f40444f8713215219bb6765fa389f.jpg
136.0.141.5200 OK 9.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/b17f40444f8713215219bb6765fa389f.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash dab59fb2eea6dd3237448e83bbadedf0
406d24282fa199aa82619ceb8d3833909d7ad5b6
952000bb0f9132fe0827937d6281a8f6770c165e658166d9d0f1599ba8cd9edb
GET //upload/vod/20220923-1/b17f40444f8713215219bb6765fa389f.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 9183
last-modified: Fri, 23 Sep 2022 07:30:04 GMT
etag: "632d607c-23df"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt5.gif
104.21.18.174200 OK 1.7 MB URL HTTP/2 tk.learning8808.com/images/xt5.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 1.7 MB (1693315 bytes)
Hash 036bdfc6224659a646168502a1742fb5
69ca9749e1a5f16d97d91c5c28f8c5d541093fd4
6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94
GET /images/xt5.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/gif
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
etag: "62693103-19d683"
expires: Wed, 05 Oct 2022 06:59:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1573874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCT63eCEVVDkVN%2FmcGu6AUYGRUqfJhoJUSX2jLdIXGBsf0UViS95yu4QKjXgier5iykKHiEFqkWnrERmrwLVMnP5U2uBGs%2FGkkl0htri7z08F96coKZyQ9qrtWjD5M8RDoMXWT%2FS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df1e8e4b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/363ae99525aab6a4e30c07a7289bb725.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/363ae99525aab6a4e30c07a7289bb725.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 751c1c84251f6e29a1ed9add25caee2c
dd61a1ccf78a00ca9dad69cd1fcea7e34857d633
520fb31af1f9f9af3f15948a7a2a582f71f1724e59677961fe5f8a8c99511742
GET //upload/vod/20220923-1/363ae99525aab6a4e30c07a7289bb725.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 13433
last-modified: Fri, 23 Sep 2022 07:30:10 GMT
etag: "632d6082-3479"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/7a8890ae25ab65378ddf1a8f228918c3.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/7a8890ae25ab65378ddf1a8f228918c3.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash d98c89f051624ca9349d2f9a9a4953b5
3fc7e417ec6cdee099028d74d9e6e818faa2a12a
d8fb1676f35d1a5bb82f100549ff207b6db8777aa648d64d0af7cba8b0186cbd
GET //upload/vod/20220923-1/7a8890ae25ab65378ddf1a8f228918c3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10336
last-modified: Fri, 23 Sep 2022 07:30:09 GMT
etag: "632d6081-2860"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/3f1b820b9706b6b83ada5ea2c49b7b75.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/3f1b820b9706b6b83ada5ea2c49b7b75.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 8b8d2b32f82bfb94856dae6afb78ac2c
e06be94bf942a726c908df6c3fd8ed57f97481f1
35d9bc65f00ed49c4ccb2826f557086a6ebc9e555a4753f957386d63e544d0f1
GET //upload/vod/20220923-1/3f1b820b9706b6b83ada5ea2c49b7b75.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11956
last-modified: Fri, 23 Sep 2022 07:30:09 GMT
etag: "632d6081-2eb4"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/395f35d83a796ed76c9eb52d03971292.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/395f35d83a796ed76c9eb52d03971292.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 0f788915aff125dde65dd3fb3ecd2b43
ece4494e6bfc13efce0f95613b350864b6bec1cc
3dca4d66ea118f6530c8076e2c2c3eb2c17aa5128ebc2256db3d11893fddfdfb
GET //upload/vod/20220923-1/395f35d83a796ed76c9eb52d03971292.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10862
last-modified: Fri, 23 Sep 2022 07:30:09 GMT
etag: "632d6081-2a6e"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/ba568f4944df2e74c8d9343e50573c22.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/ba568f4944df2e74c8d9343e50573c22.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 5dfe5dee7d3baf6ba1d6deee0ec17faa
2c667ec91227d7885866e33821c6d5ede1033136
35c1a566379bf9c4e036af4eba641c2dce159e6a1e6e4b6c050c841b6ecbe5fa
GET //upload/vod/20220923-1/ba568f4944df2e74c8d9343e50573c22.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10409
last-modified: Fri, 23 Sep 2022 07:30:09 GMT
etag: "632d6081-28a9"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/e6163a5d99711b30c1acf412df14f3f2.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/e6163a5d99711b30c1acf412df14f3f2.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 5c01acc8d5677b3470b5b167128a577a
c485c0ca5362e58819a802433c148a69914c7606
c84aa39ef8a05cad803d781893792368bfa82d9c6b00bd2ed7f2167636f315ba
GET //upload/vod/20220923-1/e6163a5d99711b30c1acf412df14f3f2.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 12103
last-modified: Fri, 23 Sep 2022 07:30:08 GMT
etag: "632d6080-2f47"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/67eb1ca37054121c50ffe12997f8cb1c.jpg
136.0.141.5200 OK 9.5 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/67eb1ca37054121c50ffe12997f8cb1c.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash dc44ec8e8696648824ee8122ab4d1537
d12aa8d96f8a1aae380789f7be0e7ca0ba8448b5
f360dc73e8f020768cb37d1bd46e9e925f4ab7902b1ba318ca1937ec98f16b70
GET //upload/vod/20220923-1/67eb1ca37054121c50ffe12997f8cb1c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 9458
last-modified: Fri, 23 Sep 2022 07:30:08 GMT
etag: "632d6080-24f2"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/e434a337680b596d5911646b1e342578.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/e434a337680b596d5911646b1e342578.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 80e20a0c0472c5b74aab5aed9e14c9c2
81aba2e2a26a844fe50b4d336183d311955e7092
0a71113a53630fe8a3c488c1a27790fd7ab948d168f19250bcbc107cdd71b740
GET //upload/vod/20220923-1/e434a337680b596d5911646b1e342578.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11703
last-modified: Fri, 23 Sep 2022 07:30:08 GMT
etag: "632d6080-2db7"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/9f1f2797cfaab87246ce926d9b583d84.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/9f1f2797cfaab87246ce926d9b583d84.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash e8be5e8275d0616cd6a10912b992f827
d0b0f528290c541ad53f4ce45c14ad5cefc4b9dd
e1a811f168f832fc761320125f426456eaff881b7e022d34797f0c7e1d9ffb6e
GET //upload/vod/20220923-1/9f1f2797cfaab87246ce926d9b583d84.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 9985
last-modified: Fri, 23 Sep 2022 07:30:08 GMT
etag: "632d6080-2701"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 48e6e116cad3c2815f6a199d5798301c
5afe4ed9db9f8ac1375efbd7c4253582cdd92389
612dce5625c70d9c1f4767b624c7fea0c1cedb4b8772e833c68dae9de22ac869
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5367
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:10:50 GMT
Last-Modified: Fri, 23 Sep 2022 10:41:23 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 727
tk.learning8808.com/images/xt7.gif
104.21.18.174200 OK 269 kB URL HTTP/2 tk.learning8808.com/images/xt7.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 269 kB (269177 bytes)
Hash 3be5bc895ae3e525bbcfbb2a2696ed0f
1f3d2c548412b47b65acf224f1a6b7bf89dcf876
59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
GET /images/xt7.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/gif
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
etag: "62693107-41b79"
expires: Wed, 05 Oct 2022 06:59:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1573874
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAamVtXJrDN14%2FyFsUzbPc7UyuEFcj%2FJPagZ6DdXQfaniwyh%2BgqqatS2n66fE7skY772XqfDG22nezxN1CmHP%2B%2FwFJlnlc0onrGZy27Ow93TRCQyYa%2F%2BiObyz53x25SRGXpKvLRU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df2392fb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/bb88e1c3d285a136803db0d23c25496d.jpg
136.0.141.5200 OK 9.7 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/bb88e1c3d285a136803db0d23c25496d.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 977defb8266054197b818fb61bd54e83
c19838ec909f60481835a86df572d10e122e3f17
c00586ebc4c2fe73f13ea8ef20f1c6a7fcaa94b9df237ffd31c7e27d8e2be80c
GET //upload/vod/20220923-1/bb88e1c3d285a136803db0d23c25496d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 9738
last-modified: Fri, 23 Sep 2022 07:30:08 GMT
etag: "632d6080-260a"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/40b086cf44c2c60bb38e665eb583143c.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/40b086cf44c2c60bb38e665eb583143c.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 744066f8784f09045338a32637b1e58b
e8d8c4f741bd6e4f2e5a5c6c6180eda5895ae986
c2131279edc30e2427e52d01f518830eaa1dcf862d706684ba7fa3c79916e72c
GET //upload/vod/20220923-1/40b086cf44c2c60bb38e665eb583143c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 12106
last-modified: Fri, 23 Sep 2022 04:30:23 GMT
etag: "632d365f-2f4a"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/2aefa0e798a7ff1f649c8abf0c947e72.jpg
136.0.141.5200 OK 4.4 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/2aefa0e798a7ff1f649c8abf0c947e72.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 96ffe179ad3b6951e472d6a76c2ce6f6
30610891eccf57f0ce66a55d1b86584f37c5726d
f9a0f6a47e9c5453ed44bc7db1784b6dec975f26fa0db1a4aa0aaab4595e643b
GET //upload/vod/20220923-1/2aefa0e798a7ff1f649c8abf0c947e72.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 4392
last-modified: Fri, 23 Sep 2022 04:30:23 GMT
etag: "632d365f-1128"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
klx4.zhgmjglh81k.com/
104.21.13.155200 OK 2.2 MB IP 104.21.13.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 2.2 MB (2175185 bytes)
Hash 308f8618db280e2a780f4ca45fbe4883
adb661aeef3d5fb85618957dbf0325fab9dd98b0
ed49f7adfb1d9bd962b1515e27e5503022c680a62e2df1826d78deeea230d810
GET / HTTP/1.1
Host: klx4.zhgmjglh81k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.myweblock.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:49 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9Hf6eijSooAGwEXBQvvjfWy%2BukfF8OysVnWjk0tMs5eloWh3M6nzzFC1F9Rflih5qIORq2GsQA9FJkaZTkX2VQiGQved%2BaIVzA3a5gSmRfcTWAOfQ4HvfOMz4hFv6htVoLypQ99aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32de5cdae1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt9.gif
104.21.18.174200 OK 329 kB URL HTTP/2 tk.learning8808.com/images/xt9.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 329 kB (329331 bytes)
Hash 0982fef3f808ddf5925e60c39af631ba
80d6f27859a94c2c49b9175d2e9f84e6bd9b5605
bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d
GET /images/xt9.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/gif
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
etag: "62693109-50673"
expires: Sat, 01 Oct 2022 20:57:58 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1869172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HK9nypHclDacHUKF8mM9fXHBgYVetgj4xr3AzIyPO9Lqe0a2L0pvIZDVu5FT3S411vePstHfOjgMCRx%2BpY26tweYZS2FeGb3vyrX5ORz%2BP2hPvkZyASsbNDlokXVc3W9MgEiEchv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df3aaeab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/8050a733823ea639602fa3c834268be0.jpg
136.0.141.5200 OK 16 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/8050a733823ea639602fa3c834268be0.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash fc40fdb0f5e85d71d2d23adc24d6ff01
c3a5eec62dfda1f81b18dbefbfe6732f42958586
9840358727abc3aede200581b089c12013a84efa05d5953bf09bf31025ef41b9
GET //upload/vod/20220923-1/8050a733823ea639602fa3c834268be0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 16317
last-modified: Fri, 23 Sep 2022 04:30:23 GMT
etag: "632d365f-3fbd"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/a45766c608aefb103a880bf65ff35191.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/a45766c608aefb103a880bf65ff35191.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash ffff13451fa8e9b1e9c403ed25a5cc37
0e7968f9625afb0293e9bb728478c4835bd23e1c
1c8a59157355f2b4b58164ebd23cc064c1f76302efcbbce1097e0a148625ce14
GET //upload/vod/20220923-1/a45766c608aefb103a880bf65ff35191.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 12860
last-modified: Fri, 23 Sep 2022 04:30:23 GMT
etag: "632d365f-323c"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt11.gif
104.21.18.174200 OK 1.6 MB URL HTTP/2 tk.learning8808.com/images/xt11.gif
IP 104.21.18.174:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 1.6 MB (1639812 bytes)
Hash 89f17a6c0e5ecfebd7d054e27f9829a9
f8b87ba147f755491aa9753f750867d8349ced11
1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
GET /images/xt11.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/gif
content-length: 1639812
last-modified: Wed, 27 Apr 2022 12:03:06 GMT
etag: "626930fa-190584"
expires: Sun, 09 Oct 2022 18:21:37 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1187353
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dROwzJoTAz8oRWRQIyWC%2FMc74KoHyheRPKOFR%2B1DPg91BQ9SEkOwEMr09zGH6Zk0tI5QfOc6ETivxqH%2FmIX5eDf9CiBN7KDqoTDCdQpDmpq3Qs8EgfBuhuPjHwvewkaDFdWuCZwl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df2b9acb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/25b2d5f817ab73c1a02458ac8a97d85c.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/25b2d5f817ab73c1a02458ac8a97d85c.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a4135bc9e86d3feff9f2c3129bf88221
c720546b60a3233d6eb6bbd0bc059e287a865252
98f3dd60e5fb767c43c7c33f0539006c8ea74d542dc43574f2fe2d6c52461cd8
GET //upload/vod/20220923-1/25b2d5f817ab73c1a02458ac8a97d85c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10591
last-modified: Fri, 23 Sep 2022 04:30:22 GMT
etag: "632d365e-295f"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/fa83c1b8a0f380dace86619c0b98eff1.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/fa83c1b8a0f380dace86619c0b98eff1.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0b2b62bd44626028799c66c035de6330
3c462b3976eb97e9f571e394da3f5df4f8924641
94f1fe3df95a8468db19f109788d91688a09d92df0eacfe1b29a9fccd945b849
GET //upload/vod/20220923-1/fa83c1b8a0f380dace86619c0b98eff1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 13030
last-modified: Fri, 23 Sep 2022 04:30:22 GMT
etag: "632d365e-32e6"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/a2851b83bbb3a4fbe91c4c9248947a12.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/a2851b83bbb3a4fbe91c4c9248947a12.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e4fc0ad7cab8892844b8336699cad72c
1e8498975831aaf9fc9961e532a09977fa841826
8700cb25766c2d433a82dd503d0767863ee7fa242772379d258fe3d0c6f494fb
GET //upload/vod/20220923-1/a2851b83bbb3a4fbe91c4c9248947a12.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 12723
last-modified: Fri, 23 Sep 2022 04:30:22 GMT
etag: "632d365e-31b3"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/459b13f62f8f1798d534a6bcd765ffad.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/459b13f62f8f1798d534a6bcd765ffad.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 7c7a889e6775a27956d836f78529a00e
62aa5195215111680b6350792e03c7e733b24ca3
db06e3226fee438910501a704212039244eeffc337a1a9f119506a376dfcba64
GET //upload/vod/20220923-1/459b13f62f8f1798d534a6bcd765ffad.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11239
last-modified: Fri, 23 Sep 2022 04:30:22 GMT
etag: "632d365e-2be7"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/a005d6ee7c7f9941689638b4a66fe40d.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/a005d6ee7c7f9941689638b4a66fe40d.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 068db1aa5ba12cb2f6dd1a072c7ceaba
3b1e74347060b74e886abfb92bf9743b18fadb43
f3844c8006f53823f57ea0f67d37e9c9867f284483b2bd23dbd10e35abbda36c
GET //upload/vod/20220923-1/a005d6ee7c7f9941689638b4a66fe40d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 12254
last-modified: Fri, 23 Sep 2022 04:30:22 GMT
etag: "632d365e-2fde"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/f2127325e1e7022e4f645025d51f72d0.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/f2127325e1e7022e4f645025d51f72d0.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 389e3b7bfe961adaacb761cf3b5c2d76
0b9a75bd9719fa9b4142fe2f62d49bfffd8e457c
d1ff8600cce324e52bf0e740dbb4c2fb693a93268684165060052b1d1f14fa8a
GET //upload/vod/20220923-1/f2127325e1e7022e4f645025d51f72d0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 12520
last-modified: Fri, 23 Sep 2022 04:30:21 GMT
etag: "632d365d-30e8"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/b6ae3074b75e838912877a523a83994a.jpg
136.0.141.5200 OK 7.4 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/b6ae3074b75e838912877a523a83994a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 9d1e759486b565a714726f097c7a12fc
416f2159bf041c74dea20cae0ae5183a4ced2c85
09296413db6f76957db9144d73bb2362ef72b9fd36859af4741dca6809454707
GET //upload/vod/20220923-1/b6ae3074b75e838912877a523a83994a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 7388
last-modified: Fri, 23 Sep 2022 07:30:14 GMT
etag: "632d6086-1cdc"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/8d0a46ac78a8f023f8eff8af1928dde9.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/8d0a46ac78a8f023f8eff8af1928dde9.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6895bec75bd2677fd65487a5b63cf398
050e8d2f46563264f988bc2f662355631a291efa
33e930864b563fb7411d85076e46b34b565ee94a8ef794a497bee699aaaca263
GET //upload/vod/20220923-1/8d0a46ac78a8f023f8eff8af1928dde9.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11474
last-modified: Fri, 23 Sep 2022 07:30:13 GMT
etag: "632d6085-2cd2"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/43856862917da9608fbe76b736d36e59.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/43856862917da9608fbe76b736d36e59.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0611dfcebcb8038927979eef334b821c
6f3e055a9debae528a62a591a426ed66a4c0ac17
81bc9d0ea475f18afdc93f2d9c15b79a30e8228dce9d98a31bb9d67a973ab344
GET //upload/vod/20220923-1/43856862917da9608fbe76b736d36e59.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11959
last-modified: Fri, 23 Sep 2022 07:30:13 GMT
etag: "632d6085-2eb7"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/be19b84dd118bbe03d00bc06c0d6a5d0.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/be19b84dd118bbe03d00bc06c0d6a5d0.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6ff86df592545c3f9399d9dd7abae3f9
9db218a1889ba539f3b0a1b52eb53afafbae40a4
fe0176f9dfd2ac065dfeefbe96d7631c19b07642637fa76fddb7c370195aa55c
GET //upload/vod/20220923-1/be19b84dd118bbe03d00bc06c0d6a5d0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 15098
last-modified: Fri, 23 Sep 2022 07:30:13 GMT
etag: "632d6085-3afa"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/63645d326653fe6237f04cadea300bdb.jpg
136.0.141.5200 OK 9.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/63645d326653fe6237f04cadea300bdb.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 5b28407c5ef43b5e1409943eb6208691
abb2428fc21d3c11236af2a476609eba9f1dc569
5bcadaa09d003b4bce12314c440e8a32f4df286f4aa98b9d1316be01c66995da
GET //upload/vod/20220923-1/63645d326653fe6237f04cadea300bdb.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 9649
last-modified: Fri, 23 Sep 2022 07:30:13 GMT
etag: "632d6085-25b1"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/535fcc9f86553fbedb0fb3019cf302eb.jpg
136.0.141.5200 OK 9.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/535fcc9f86553fbedb0fb3019cf302eb.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 2ba3c29ae0c1b95534fb231f5b5e34f8
df826ab4415f9157c143863c97dbfcdd5fec2831
92e7602a54d1c390312f374b956ccfe042fb9ad9835362be82055670bad09ad2
GET //upload/vod/20220923-1/535fcc9f86553fbedb0fb3019cf302eb.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 9592
last-modified: Fri, 23 Sep 2022 07:30:12 GMT
etag: "632d6084-2578"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/4b1ba0be7a03800961d8cdf431649a3b.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/4b1ba0be7a03800961d8cdf431649a3b.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 4d6530e79ef75fc476fd0c0f89908b8f
b0bf036db9736ca2b1588c0357ee28d95a337858
6c958311e32c0740371161787f4dce48fb44cfed41cae17257288fa5e5cddfab
GET //upload/vod/20220923-1/4b1ba0be7a03800961d8cdf431649a3b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10069
last-modified: Fri, 23 Sep 2022 07:30:12 GMT
etag: "632d6084-2755"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/ef126e727c5bc4e0ab1188712d7e0470.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/ef126e727c5bc4e0ab1188712d7e0470.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash c41a637dcfd912029b87dcf7493c4422
9f5b7fb4f613dd65a7dc1e36a03847971524b9a0
a0e5ca0a8961b12c20d608458e8a66eddaee7e0a8221639fa6042dd357837174
GET //upload/vod/20220923-1/ef126e727c5bc4e0ab1188712d7e0470.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 12229
last-modified: Fri, 23 Sep 2022 07:30:12 GMT
etag: "632d6084-2fc5"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/2cc6498a9d031e5776a5b023bd88d83f.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/2cc6498a9d031e5776a5b023bd88d83f.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 672d42e18323a5e330f2d055f41b128c
84cf8115e1d61902900f99f11a85107516b25d6f
f8623259460232fbce9bd22cc6167dc9a48940591374f65d47dc343f292bf036
GET //upload/vod/20220923-1/2cc6498a9d031e5776a5b023bd88d83f.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10461
last-modified: Fri, 23 Sep 2022 07:30:12 GMT
etag: "632d6084-28dd"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/a7286aff3390e81f4e00503b1e8d0b07.jpg
136.0.141.5200 OK 9.8 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/a7286aff3390e81f4e00503b1e8d0b07.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 15a356f7f4e85fb8b05a0f2178ba7a30
f82b19f3e5e9d93839ece5d3b655a3b6a79d2280
2dae4a055feab093f1bea5260ab28051b33b7c03b21be65425cb1cfafb257caa
GET //upload/vod/20220923-1/a7286aff3390e81f4e00503b1e8d0b07.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 9813
last-modified: Fri, 23 Sep 2022 07:30:12 GMT
etag: "632d6084-2655"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/b2cdaa4ad759caad3105896e2b954b04.jpg
136.0.141.5200 OK 22 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/b2cdaa4ad759caad3105896e2b954b04.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e25d7fa2d6ddc0f3f68458a72072d4f1
11a4d2281116dadc1cdb6bc007a1f712e65293b0
a428db73e40cb8b0514ae23f9dc87860461ca836c9c7c52a606a1218c58531a4
GET //upload/vod/20220923-1/b2cdaa4ad759caad3105896e2b954b04.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 21638
last-modified: Fri, 23 Sep 2022 04:30:28 GMT
etag: "632d3664-5486"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7aa64c6eaaad962871704244e81d9879
55ff6669a77e40afd676eaa2296f2dd12a021570
4ac5bd844847a019401bc059ca276c422da67d0fdbf9fee0465d8088570a3057
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5BD844847A019401BC059CA276C422DA67D0FDBF9FEE0465D8088570A3057"
Last-Modified: Thu, 22 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14875
Expires: Fri, 23 Sep 2022 16:18:46 GMT
Date: Fri, 23 Sep 2022 12:10:51 GMT
Connection: keep-alive
p3.douyinpic.com/obj/tos-cn-i-dy/0c4a62a5fccb42edb578a160ec1658b8
47.246.44.230200 OK 310 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/0c4a62a5fccb42edb578a160ec1658b8
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Size 310 kB (309924 bytes)
Hash 0d38027e2b07879f6c99d55ce18e2666
b823665f8712838f4634875574e27063b2b3fe88
d96761cb212b29c7af9bbd7321bdad2ad3fcdfe5cb79af4c5b3f448a62509af4
GET /obj/tos-cn-i-dy/0c4a62a5fccb42edb578a160ec1658b8 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 309924
date: Sun, 18 Sep 2022 15:22:25 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 18 Sep 2022 14:08:42 GMT
nw-session-id: 2022091822084201015013704712F2A23Bqnzqb02dy
nw-session-trace: 2022-09-18T22:08:42.689861673+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 309924
x-powered-by: ImageX
x-response-date: Sun, 18 Sep 2022 22:08:42 GMT
x-tt-logid: 2022091822084201015013704712F2A23B
via: n132-078-071, cache14.l2de2[0,0,206-0,H], cache1.l2de2[1,0], cache1.l2de2[2,0], cache8.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc03:15:294::79
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01d47a916996dded67b1604c8b3895ee30caed3127501eb32745803330850f84a718ec827bf1cbcb1d9c2f7adb20797708ea8a961a1c667d089eb63cf84b5680aae2edb4d4380c823bae1727586a8e717ce525732f6cdee97b37644b7df018e35d
x-response-lb: image
ali-swift-global-savetime: 1663514545
age: 420505
x-cache: HIT TCP_MEM_HIT dirn:1:344796894
x-swift-savetime: Sun, 18 Sep 2022 15:33:13 GMT
x-swift-cachetime: 31535352
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16639350508892298e
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/d591711650b1878bd5c0786e874870fd.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/d591711650b1878bd5c0786e874870fd.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 85fd839b4238f6dde5de013730ce822a
60eaa8f6e727fdfa3bc9e2e76862a5d1960c84ee
3e6423b669790fd32b63b49c1d186cb6fad51c103c39817776172d1cd2a7e7dc
GET //upload/vod/20220923-1/d591711650b1878bd5c0786e874870fd.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 14492
last-modified: Fri, 23 Sep 2022 04:30:28 GMT
etag: "632d3664-389c"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/cf84ad867806ab939128779c801370a9.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/cf84ad867806ab939128779c801370a9.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 2d119563e11919183610c588b263468c
901a0ef6fed374ab25a16e02e345bfdde8b0a353
302ddec4dd4977e61c7e8b17eca0306d7be776a387e5b9afb11df24cbae81a86
GET //upload/vod/20220923-1/cf84ad867806ab939128779c801370a9.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10216
last-modified: Fri, 23 Sep 2022 04:30:27 GMT
etag: "632d3663-27e8"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/2e9b5d7c940d485a133ed4cc69c95fd8.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/2e9b5d7c940d485a133ed4cc69c95fd8.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a16922558871e8c762c7c966daab7e11
ab426cf7cfd50cbf5219b8e57e7b6c71f4dd3db3
97ce53ad43d6a4ad356eafeacf53aad26284cbb8851b8af8ae4bf57f108285a9
GET //upload/vod/20220923-1/2e9b5d7c940d485a133ed4cc69c95fd8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 10129
last-modified: Fri, 23 Sep 2022 04:30:27 GMT
etag: "632d3663-2791"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/422b8f4d400b227adc4851cccb1413b2.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/422b8f4d400b227adc4851cccb1413b2.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 23e81b070b795db058236438d616c15a
3ef54ff196e7611f043e5b052d65a434d55224d1
ae97e63a7f46040528f5afdbfb9908c8db3e6fea59676b02d5eab79f4e4d4cf1
GET //upload/vod/20220923-1/422b8f4d400b227adc4851cccb1413b2.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11977
last-modified: Fri, 23 Sep 2022 04:30:27 GMT
etag: "632d3663-2ec9"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/b3cbeeac8825b91f3ef004d712708e03.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/b3cbeeac8825b91f3ef004d712708e03.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 9eb88205a03c723e9e8cb866445d7fb1
19633392a9cbd2066d85dfc045f440ad1f68e385
4e71e7fbbb1f91a4abf0e73c00c1ba16765a7d567d60b5d246a418f33b6ff16c
GET //upload/vod/20220923-1/b3cbeeac8825b91f3ef004d712708e03.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 12352
last-modified: Fri, 23 Sep 2022 04:30:27 GMT
etag: "632d3663-3040"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/b50a9918770a786a1aa4cdcee4f61dcf.jpg
136.0.141.5200 OK 16 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/b50a9918770a786a1aa4cdcee4f61dcf.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 81796ade43bed67171672bd3d536fe0e
4634653e6c6d53b423fd0a6addd226510f23266c
f2e7ad909182e3151c52802578e8f047ed050a4d6e766608fcf408565fa43239
GET //upload/vod/20220923-1/b50a9918770a786a1aa4cdcee4f61dcf.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 15989
last-modified: Fri, 23 Sep 2022 04:30:27 GMT
etag: "632d3663-3e75"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/44192f3422724f926af5a512f2c924bd.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/44192f3422724f926af5a512f2c924bd.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e716d53cff5618ba167f6a2fef79d1c2
8962a267b0088b1f53977ac6323837865420896f
9bbf991fcf0909f3e5e9226d1f604b6da19bd7ecd4ee95f2d88ae43353fba969
GET //upload/vod/20220923-1/44192f3422724f926af5a512f2c924bd.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 15186
last-modified: Fri, 23 Sep 2022 04:30:26 GMT
etag: "632d3662-3b52"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/429c0422d845679553e19062377fc389.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/429c0422d845679553e19062377fc389.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash abd68a13b59c139f0789b116d64c5589
baf998786a81f9672d61dcd96114d28d736aa2b1
4a6984f9d2a5a1f39f89da5d1ecfc6468895abb931ac768e972be46728a03bfd
GET //upload/vod/20220923-1/429c0422d845679553e19062377fc389.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11082
last-modified: Fri, 23 Sep 2022 04:30:26 GMT
etag: "632d3662-2b4a"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/fde0b185d90a12e881085975daa69f30.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/fde0b185d90a12e881085975daa69f30.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 71b8c96079d7bc77323e454e9cb937d3
674949df7fa72f6554ab4b2213e1f9439054443d
aca1a4a80b3aec0c0dc7820c9dc2e49777fe7f7a7575bd8f478652b961ed49a1
GET //upload/vod/20220923-1/fde0b185d90a12e881085975daa69f30.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11339
last-modified: Fri, 23 Sep 2022 04:30:26 GMT
etag: "632d3662-2c4b"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/12237f7039f63abe2d7a8448c3501d68.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/12237f7039f63abe2d7a8448c3501d68.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash c66b85a83f13368e0a7018dd23f02807
80aacaae71d9adf4e8f09c677636b06ad109e215
6caee6cb4ef68f3407376e8a1247084033e28c5309d717117a0b3c7e8e1748e3
GET //upload/vod/20220923-1/12237f7039f63abe2d7a8448c3501d68.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 12274
last-modified: Fri, 23 Sep 2022 07:30:05 GMT
etag: "632d607d-2ff2"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/3a6e5a4493cd7378848b45ff9aa0947a.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/3a6e5a4493cd7378848b45ff9aa0947a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash e90394d902ad5dbfecdd81c596942f95
8095855b303da86235e63c51f71dd604a1af8737
7e15de44247d68af5c83814ec1f431c806acbeb6912700aebce2e535ea660e47
GET //upload/vod/20220923-1/3a6e5a4493cd7378848b45ff9aa0947a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 15017
last-modified: Fri, 23 Sep 2022 07:30:06 GMT
etag: "632d607e-3aa9"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/5049714eb5f5cb0d107230b4fffa6711.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/5049714eb5f5cb0d107230b4fffa6711.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 63f9bfa475aaf435e82aa73dd8206bc3
a033ef1daa1515b416e8588f9197fb3ba0faf551
0a360c9f6166808b7a5c65dbe67002c6d482ea1a29d586ba7535ca22a28e84fc
GET //upload/vod/20220923-1/5049714eb5f5cb0d107230b4fffa6711.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 14792
last-modified: Fri, 23 Sep 2022 07:30:05 GMT
etag: "632d607d-39c8"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/40bfcf47e7e98deefc55413db13a8a60.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/40bfcf47e7e98deefc55413db13a8a60.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash eab905ce889e6390558ac733fd5e2ece
0675e558f91b139001c8a38942f67aa9951faff8
1580c198678573a08680fd6f55598c3774c62836d1afbcf6acdaba44c2710209
GET //upload/vod/20220923-1/40bfcf47e7e98deefc55413db13a8a60.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 11944
last-modified: Fri, 23 Sep 2022 07:30:05 GMT
etag: "632d607d-2ea8"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220923-1/8d31df0a1c54febc6453daefd8e9c775.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220923-1/8d31df0a1c54febc6453daefd8e9c775.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash ab190bccb717f36bb5b1a8cb8ca23fde
28217c7775ac0b7f489e93cd27eddb334498d0ab
79ed9c370ef689c6fb9186aa4225af808414fecd3c583dd653d15517dbe944c8
GET //upload/vod/20220923-1/8d31df0a1c54febc6453daefd8e9c775.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/jpeg
content-length: 15192
last-modified: Fri, 23 Sep 2022 07:30:05 GMT
etag: "632d607d-3b58"
expires: Sun, 23 Oct 2022 12:10:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7aa64c6eaaad962871704244e81d9879
55ff6669a77e40afd676eaa2296f2dd12a021570
4ac5bd844847a019401bc059ca276c422da67d0fdbf9fee0465d8088570a3057
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5BD844847A019401BC059CA276C422DA67D0FDBF9FEE0465D8088570A3057"
Last-Modified: Thu, 22 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14963
Expires: Fri, 23 Sep 2022 16:20:14 GMT
Date: Fri, 23 Sep 2022 12:10:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3e80f5f7c48963d500d9202fca624112
a60c898f5facd0cb21a2538dbcbd9b8c91116a3b
0dc476a107bfce15bd2cf80c09c3fa1d12be43d3c0c28e12b13aa9c0f4ba73a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DC476A107BFCE15BD2CF80C09C3FA1D12BE43D3C0C28E12B13AA9C0F4BA73A3"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3500
Expires: Fri, 23 Sep 2022 13:09:11 GMT
Date: Fri, 23 Sep 2022 12:10:51 GMT
Connection: keep-alive
cb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
104.21.86.153200 OK 776 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
IP 104.21.86.153:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash b590aa361082572770301e4a1a80c811
4d4f35f2642efbeff1cb98b2326111ffa7ed6c43
9040463edd8fdb23f54da0ffeff1274cfb1bf702218bd4f45c7f231172cc61f7
GET /yPS7hqfHgkFauS2djb/wz1.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 09:27:46 GMT
etag: W/"62cfe192-1be"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpCEaIjRhfk9%2Bd8MY62DTEDkmjkQ7lPavcPiGLJyRlPsrGt6TN2W0R4bSOrt0gVSEwShFDeZcv2nel328iNjJwuuBhtSZFpXezRzAJPHZBT7LeYaGlIjTf2NSzM%2BJjTVLtp%2F2Ezr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded7b0a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 0f4240904cbff2dcc966efd9fbc04e94
800e389b12aaee1b06db85b0fa5981a514b51569
c858948d9a92565e41037f9d42d8426fd8ff695f2207a63137d6a96c86f3a1b5
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:10:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:53:09 GMT
ETag: "800e389b12aaee1b06db85b0fa5981a514b51569"
Last-Modified: Fri, 23 Sep 2022 09:53:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2230
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f32df70a3ab515-OSL
kveii.com/2f63247ac47b1dfb4d31a1a5cede5717.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveii.com/2f63247ac47b1dfb4d31a1a5cede5717.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2f63247ac47b1dfb4d31a1a5cede5717.gif HTTP/1.1
Host: kveii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 12:10:51 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/2f63247ac47b1dfb4d31a1a5cede5717.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kveii.com/f67b410855efed07dc1783436baaa5f7.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveii.com/f67b410855efed07dc1783436baaa5f7.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kveii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 12:10:51 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 299aa8cec4be4e86f22797b9117a1786
7968f07569d77fceec01ba5bfdc396f4efca40ee
5b63cd8a7cad8cf92c6a2f9fadbb658096ccec4c00a4e5a126438031014cf679
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:10:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 27 Sep 2022 09:54:36 GMT
ETag: "7968f07569d77fceec01ba5bfdc396f4efca40ee"
Last-Modified: Fri, 23 Sep 2022 09:54:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2386
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f32df82d77b523-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6a777b0b5f2f8eec23ca94f1c12e122a
f437fa3ec846ad938a31b5c3bc97b38d916a1037
c48d1452329724cadc6db28add7c7daa63d88e3917c300200a9763eba0a3dd1c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:10:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 00:22:25 GMT
Expires: Tue, 27 Sep 2022 00:22:24 GMT
Etag: "f437fa3ec846ad938a31b5c3bc97b38d916a1037"
Cache-Control: max-age=302492,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f32df82f85b4fa-OSL
cb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
104.21.86.153200 OK 596 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
IP 104.21.86.153:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 84f7e42a5c6e0f04594db413d1310d23
d53db5234fbdd893e5ccbe566956425e5535fb9d
d03f533d92e0ad972002e181b5967727df27c777f0792e126030da093b998cc5
GET /yPS7hqfHgkFauS2djb/251.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 12:07:43 GMT
etag: W/"631b2c8f-3d5"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2ibo%2B1euFgHw%2BEIna%2BfakgvQ8pZuKJClK8tgfyhiFIuFBLsROzumGQ%2BFeDa62XCPGHDrr0Gb6cAUFvdU3QqutekPIlWp0muQWtiOFVpY40IYaPGajVdS3miSh0zYYwaHg0cY8Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded7b030afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.x968.xyz/images/632d4ea4ae31e1e9be24e3e5.gif
23.225.222.2302 Found 1.4 kB URL HTTP/2 img.x968.xyz/images/632d4ea4ae31e1e9be24e3e5.gif
IP 23.225.222.2:0
Hash 87ea5f00694cd292bc28477098148e7e
03a6e8306737ce30aa48ced653f4102df3143e19
0188bcac4cd87473536ce8c23873a740a57a2b4df270b8f671c5b04e33ff1d0e
GET /images/632d4ea4ae31e1e9be24e3e5.gif HTTP/1.1
Host: img.x968.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7b92ceacc7d74f659f9e2093bc45481e
cache-control: max-age=3600
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
104.21.86.153200 OK 690 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
IP 104.21.86.153:0
File type HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 543d1bc9776baa62b75a97009087749d
4b6b19321e35e4673411b3dc037b9aa691bcd15a
ef912ff3b7324fd7bdc33700316a2911cf37176d1d3bfa5baf710edd320ace20
GET /yPS7hqfHgkFauS2djb/xx2.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 09:29:59 GMT
vary: Accept-Encoding
etag: W/"632d7c97-5c3"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymyI%2Fqb5Fx%2F4J2yjyANWWyFdoiV93uasx0x%2BD64dTqRRLuh7h63qnZvusFBMKxz6tSqjwxuC4nD26wnoohJwkZBykrGSWyX%2Fu9XrtsiSQOE6AMyG55sMgU3j%2FDP3KL5YNdcTtwdT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32deddb890afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/7b92ceacc7d74f659f9e2093bc45481e
47.246.44.230200 OK 820 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/7b92ceacc7d74f659f9e2093bc45481e
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 240\012- data
Size 820 kB (819511 bytes)
Hash bb1e9e576dd20c81778f900a86c762ba
d24dbe39efd9549bc2d92a347817e5be52793820
fd342e533b7d6c823e1421c0f24d986180fe56d107afef0aaa880b260c55ba38
GET /obj/tos-cn-i-dy/7b92ceacc7d74f659f9e2093bc45481e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 819511
date: Fri, 23 Sep 2022 09:30:23 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 23 Sep 2022 06:14:18 GMT
nw-session-id: 202209231414180101750890684BD1861F6kfzh02dy
nw-session-trace: 2022-09-23T14:14:18.232237722+08:00 33
x-bdcdn-cache-status: TCP_HIT
x-length: 819511
x-powered-by: ImageX
x-response-date: Fri, 23 Sep 2022 14:14:18 GMT
x-tt-logid: 202209231414180101750890684BD1861F
via: n204-098-037, cache14.l2de2[0,0,206-0,H], cache1.l2de2[1,0], cache1.l2de2[2,0], cache3.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc01:22:35::154
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 012a95e79a200f213c14d3a2d3f6924dcc7c6ec25563555ef326de6e7719413bd78f1ce047cd835565de6b125cf31d7f1d112dd40e9233e844d9cfb86dc9ae917bcdefcead62e3f5539c8d4d10747e01b97836d68b0dc3f23cb5f603a36a6ff703
x-response-lb: image
ali-swift-global-savetime: 1663925423
age: 9628
x-cache: HIT TCP_MEM_HIT dirn:11:428738632 mlen:0
x-swift-savetime: Fri, 23 Sep 2022 09:51:41 GMT
x-swift-cachetime: 31534722
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16639350515832840e
X-Firefox-Spdy: h2
kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
104.21.64.204200 OK 29 kB URL HTTP/2 kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
IP 104.21.64.204:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash a763cce2c7bc3f7bfaa94981d8d9ff47
085da887b67947c8b1e486137be2300dfabf4a69
9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc
GET /f67b410855efed07dc1783436baaa5f7.gif HTTP/1.1
Host: kvhfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:51 GMT
content-type: image/gif
content-length: 29082
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
etag: "62544489-719a"
expires: Mon, 26 Sep 2022 18:12:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2311081
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuxFm18zZ3SBv%2Fusv4CO1ljuynKCc5RPwczNoc%2Bf0haAHQAbtc7WAuDdN2QRWcM9gnFQJND%2F0%2B%2BT9plJlFyNNDZbkfsfW8VASxXvACm%2Bx3kTj735Zbj7W0Ad%2FTBZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df8af0fb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhfff.top/2f63247ac47b1dfb4d31a1a5cede5717.gif
104.21.64.204200 OK 243 kB URL HTTP/2 kvhfff.top/2f63247ac47b1dfb4d31a1a5cede5717.gif
IP 104.21.64.204:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 243 kB (242675 bytes)
Hash 5868ac57eb0ccfce58afd011ef7c72ed
d46a8cd8288da6f2a6557f5bddbfa8faad6d1f66
406b2f32818b522b4e5c2f7f5de504b89ca9a4e8b3cdfe823f2c16cd6542c807
GET /2f63247ac47b1dfb4d31a1a5cede5717.gif HTTP/1.1
Host: kvhfff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klx4.zhgmjglh81k.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:51 GMT
content-type: image/gif
content-length: 242675
last-modified: Wed, 23 Mar 2022 06:37:17 GMT
etag: "623ac01d-3b3f3"
expires: Wed, 05 Oct 2022 14:58:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1545151
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gzm0BtLFH5o17LE4m6MfMnShmkgFZSajRd9Il7aUAGH4CixLq1hOt4lZau1nMNnr3%2Bn4V40JFksJHM3EWtt62uHgPtkCx9hajJiD0Hzw5BfxCbUrI4q7Iv3u8vFY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df8ff69b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8ee954a6cba51171989f072b470cade1
f476052b4e036e3382e7e374d831d694a4d2b63a
b03acba7c66625232ef5684d7d9fb1dd286f9b6b4635b7e6065c7b53926f0837
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 23 Sep 2022 11:55:55 GMT
last-modified: Thu, 22 Sep 2022 16:25:22 GMT
expires: Thu, 29 Sep 2022 16:25:21 GMT
etag: "f476052b4e036e3382e7e374d831d694a4d2b63a"
cache-control: max-age=602057,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 74f31816da08bbcb-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1663934155
via: cache2.l2de2[0,0,304-0,H], cache16.l2de2[1,0], cache4.se1[88,87,200-0,C], cache1.se1[89,0], cache7.se1[91,0]
age: 896
x-cache: HIT TCP_MEM_HIT dirn:11:282129775
x-swift-savetime: Fri, 23 Sep 2022 12:10:51 GMT
x-swift-cachetime: 904
timing-allow-origin: *, *
eagleid: 2ff62c9b16639350515712830e, 2ff62c9b16639350515712830e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8ee954a6cba51171989f072b470cade1
f476052b4e036e3382e7e374d831d694a4d2b63a
b03acba7c66625232ef5684d7d9fb1dd286f9b6b4635b7e6065c7b53926f0837
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 23 Sep 2022 11:55:55 GMT
last-modified: Thu, 22 Sep 2022 16:25:22 GMT
expires: Thu, 29 Sep 2022 16:25:21 GMT
etag: "f476052b4e036e3382e7e374d831d694a4d2b63a"
cache-control: max-age=602057,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 74f31816da08bbcb-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1663934155
via: cache2.l2de2[0,0,304-0,H], cache16.l2de2[1,0], cache4.se1[88,87,200-0,H], cache1.se1[90,0], cache1.se1[91,0]
age: 896
x-cache: HIT TCP_REFRESH_HIT dirn:11:282129775
x-swift-savetime: Fri, 23 Sep 2022 12:10:51 GMT
x-swift-cachetime: 904
timing-allow-origin: *, *
eagleid: 2ff62c9516639350515713928e, 2ff62c9516639350515713928e
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8432c24dd8968e89b359c17a72036383
7112face674dc5a3ab8ecee459f83545f7166a4e
c0f88abb54e74a2186c90aa4d1bdf391a75d7f0d38a80be6d521098b8fa34d4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3322
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:10:51 GMT
Last-Modified: Fri, 23 Sep 2022 11:15:29 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6340c9cd62ca4568d114b35621863b36
9958dbf092d830daccc73993025e966f841f4e70
d07faeb071b1a7034bf95136c7f449f3f14844a50bf01c0edf1ef762714a699d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:10:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 17:50:02 GMT
Expires: Tue, 27 Sep 2022 17:50:01 GMT
Etag: "9958dbf092d830daccc73993025e966f841f4e70"
Cache-Control: max-age=365349,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f32df8f898b4fa-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 05136e509abe987ca57b45f17c5462cf
b76fd6b36074a705063f30e10c2bab74a01db93f
bdfe01d856df0830552333310edf4dc914efbdf987f52282fead02eaacaa7fa3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:10:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 20:00:06 GMT
Expires: Wed, 28 Sep 2022 20:00:05 GMT
Etag: "b76fd6b36074a705063f30e10c2bab74a01db93f"
Cache-Control: max-age=459553,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f32df8ff130afe-OSL
ia.51.la/go1?id=21278777&rt=1663935049746&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1663935049746&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx4.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278777&rt=1663935049746&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1663935049746&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx4.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278777&rt=1663935049746&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1663935049746&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx4.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Fri, 23 Sep 2022 12:10:51 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=ddc2012c79eefe96e54b; path=/
HWWAFSESTIME=1663935046946; path=/
ia.51.la/go1?id=21278777&rt=1663935049861&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1663935049861&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx4.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278777&rt=1663935049861&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1663935049861&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx4.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278777&rt=1663935049861&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1663935049861&tt=chabiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx4.zhgmjglh81k.com%252F&pu=http%253A%252F%252Fwww.myweblock.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Fri, 23 Sep 2022 12:10:51 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=0a6b8b263648d1e11fc; path=/
HWWAFSESTIME=1663935048610; path=/
cdn.yellowjm.com/pjs/wcg340.js
112.90.43.103200 OK 1.5 kB URL HTTP/2 cdn.yellowjm.com/pjs/wcg340.js
IP 112.90.43.103:0
ASN #17816 China Unicom IP network China169 Guangdong province
File type Unicode text, UTF-8 text, with very long lines (3006), with no line terminators
Hash 04bca95c0c794614bbb8c600bd0a340b
0525bb82700c72d87b31ee2679805952bf29c7b9
4df9efa5698a89a203ae9220861f2b2434c8761564ba48077bb371009bc0cfa3
GET /pjs/wcg340.js HTTP/1.1
Host: cdn.yellowjm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: W/"63108c79-bd6"
server: nginx
date: Fri, 23 Sep 2022 10:21:48 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Sun, 23 Oct 2022 10:21:48 GMT
accept-ranges: bytes
last-modified: Thu, 01 Sep 2022 10:42:01 GMT
content-encoding: gzip
age: 6426
content-length: 1490
x-nws-log-uuid: 17009918304744444850
x-cache-lookup: Cache Hit, Hit From Inner Cluster
cache-control: max-age=259200
X-Firefox-Spdy: h2
xox8956.com/b54fabb21dcf461696483c00e563d773.gif
103.170.15.76200 OK 14 kB URL HTTP/1.1 xox8956.com/b54fabb21dcf461696483c00e563d773.gif
IP 103.170.15.76:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 128 x 128\012- data
Hash a6018ebd9118a48b4180ee623a49f65b
7bd02f9127291c7879322552bec527d8f0fc1a49
87d507ded968cf229b266f383bd32b19c73a3d4636e88f177e8188e66a68a6b8
GET /b54fabb21dcf461696483c00e563d773.gif HTTP/1.1
Host: xox8956.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62bbfa98-34d1"
Date: Sat, 17 Sep 2022 02:51:57 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 29 Jun 2022 07:09:12 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-06
Content-Length: 13521
taiwtp1.com/img/200200.gif
220.128.218.220200 OK 75 kB URL HTTP/2 taiwtp1.com/img/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash 03c13356e00c2033df2c88cb919251eb
f3a334a0366ddda6a87034f7d6c889c4d159dc8d
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
GET /img/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:09:07 GMT
content-type: image/gif
content-length: 75259
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
etag: "6228323e-125fb"
expires: Sun, 23 Oct 2022 12:09:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
103.170.15.91200 OK 121 kB URL HTTP/1.1 bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
IP 103.170.15.91:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 100 x 100\012- data
Size 121 kB (120937 bytes)
Hash 49275d96974a0e7a765eba878974e990
a072e28e13413dad5a5c2db03d27e4cbe8b0b220
f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f
GET /ad57239e363d4a2f96c2e91f27d2aefb.gif HTTP/1.1
Host: bob5379.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62bc27d3-1d869"
Date: Sat, 17 Sep 2022 11:16:46 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 120937
taiwtp1.com/img/960240.gif
220.128.218.220200 OK 224 kB URL HTTP/2 taiwtp1.com/img/960240.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 240\012- data
Size 224 kB (223879 bytes)
Hash a39bb27f09ccd6961fe1c0f3074a8b97
0e914bc58abc78e7275d3c639e2aeb548313d627
269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020
GET /img/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:09:07 GMT
content-type: image/gif
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Sun, 23 Oct 2022 12:09:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c6dd837eca5bdb0478f7e05428b003df
7e55ebf2ada64e52d18ac8fbfb1d658c0ebc9e8a
5c0f6c33e64107fe12a86b74688611e908c298f9bfbb0b5104fdc392b6deef06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C0F6C33E64107FE12A86B74688611E908C298F9BFBB0B5104FDC392B6DEEF06"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17867
Expires: Fri, 23 Sep 2022 17:08:39 GMT
Date: Fri, 23 Sep 2022 12:10:52 GMT
Connection: keep-alive
613711567.com/0fb00f1b3f1548f0bc066f8a01a5a8f1.gif
47.75.19.14200 OK 68 kB URL HTTP/1.1 613711567.com/0fb00f1b3f1548f0bc066f8a01a5a8f1.gif
IP 47.75.19.14:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 240\012- data
Hash 7fb729164de96495010d31173b4dfde9
48e6c18b318b6dbe66739b2a97b1ca536a260a5b
eb89dbf10519257d735db5ba0731ed566cd5b8fac2a72ffd7bd299a9e8c4c10b
GET /0fb00f1b3f1548f0bc066f8a01a5a8f1.gif HTTP/1.1
Host: 613711567.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 23 Sep 2022 12:10:51 GMT
Content-Type: image/gif
Content-Length: 67749
Connection: keep-alive
x-oss-request-id: 632DA24BD0409B31364F5AB4
Accept-Ranges: bytes
ETag: "7FB729164DE96495010D31173B4DFDE9"
Last-Modified: Fri, 23 Sep 2022 06:35:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3572186298259414675
x-oss-storage-class: Standard
Content-MD5: f7cpFk3pZJUBDTEXO0396Q==
x-oss-server-time: 1
klx4.zhgmjglh81k.com/template/m1938pc/css/ate.css
104.21.13.155200 OK 16 kB URL HTTP/2 klx4.zhgmjglh81k.com/template/m1938pc/css/ate.css
IP 104.21.13.155:0
File type ASCII text, with CRLF line terminators
Hash 7f4c3f621ced1ff2cfeb75393921e78e
07de0856dc0edb1add67103a7705fd17f4d69e63
133a84ccbfc0b60694021d8b869f2db0d72bbc9ed7b1972780493702cb8a5f6d
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: klx4.zhgmjglh81k.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:49 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
vary: Accept-Encoding
etag: W/"61be9b34-126e4"
expires: Fri, 23 Sep 2022 20:13:24 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 14245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fm7l4sJDpAAsBsde6GYBSgqnSK0PNj7LPigE4wp5VFHBgqgHihVmfTNPFu2Kx3CG%2FzHcnUvB%2FSs2X5LXPlQYNuqv9tfARiFax04wBnlULEN6PkXNO2HCOY302e6kTT8t%2Bw%2BFe3H8zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32de9296a1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?9c71adf25dac6256b9218d6c1531120e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?9c71adf25dac6256b9218d6c1531120e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash 6d2bdef24a92dbb501e66eaf36856dfa
854dd0ec19ea25c5f3bd9bb2c78773f24c7e40d0
1cf72c47df4e918cbafee7fda06fcf6efffb8630b1a2bded335e03799185b125
GET /hm.js?9c71adf25dac6256b9218d6c1531120e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 12:10:52 GMT
Etag: f13127a1e54941c581a96f0d0521d521
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=56FC056917A9A8E3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
20.239.174.248200 OK 40 kB URL HTTP/1.1 n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
IP 20.239.174.248:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 35a667b9206e2693a5020fa8d30ddf77
ba818913ff0e821fefd8b24a18f8b398188cde6c
91dad25f00d7b090cf7c728b8b3db359a92652068391126fa212badd4e7e60d8
GET /8e1e9034b4a54c10bcdc828a830c011c.png HTTP/1.1
Host: n0404.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:10:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 29 Jun 2022 10:29:05 GMT
ETag: W/"62bc2971-9c77"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
47.75.19.149200 OK 298 kB URL HTTP/1.1 701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
IP 47.75.19.149:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 298 kB (298536 bytes)
Hash 9c3ba66a41c99ffee01405a837610cca
6e1ed01e150ddeb219b2917dd1f5230e8a703da5
d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5
GET /gg/200x200.gif HTTP/1.1
Host: 701.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 23 Sep 2022 12:10:51 GMT
Content-Type: image/gif
Content-Length: 298536
Connection: keep-alive
x-oss-request-id: 632DA24B7E084E3731ADFF62
Accept-Ranges: bytes
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8250722550151430017
x-oss-storage-class: Standard
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
x-oss-server-time: 1
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f18bee2e61253c91ab98b6f80f3348f4
16455c994ecdf51859f49cfe271dd9ed4819ac19
f46744792aa6a1689273cfff6fb5cd1b46aa794c3322cf0627709b053e687fa2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:10:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 02:54:11 GMT
Expires: Wed, 28 Sep 2022 02:54:10 GMT
Etag: "16455c994ecdf51859f49cfe271dd9ed4819ac19"
Cache-Control: max-age=397996,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f32e01cc8fb4fa-OSL
sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
104.21.18.174200 OK 948 B URL HTTP/2 sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
IP 104.21.18.174:0
File type ASCII text, with very long lines (1244), with CRLF line terminators
Hash 82d306ac04bb90bd8a2e8839262aba30
de4a626e902ce0a212ca36b7fb2ea8c8f9aacdaf
a7f79f01857a2f16e456f01a089a987080745e72a0a859af70e02683dda4717c
GET /yPS7hqfHgkFauS2djb/gg.css HTTP/1.1
Host: sb.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: text/css
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
vary: Accept-Encoding
etag: W/"62bc1e37-c63"
expires: Fri, 23 Sep 2022 23:13:23 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 3447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxpKhU6CddQG8ateCmKnFlNRK9pU2fXUlumjyeoBFf2R4zerVwrXJsmtzDJ99%2F8yn4o%2FsdgH5XeX62IwmtTg3JrJTBAkXjKU7eGtjYzGRQOdic3Fj3pfPx%2FBOcEubcXqSluNwZNn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32df16850b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash f27fe3e6ab4099e60c31c13e8c7da79c
ceb80f0257efe4085594ea04daf16d3d6c479331
e784165f62b27e65daf3a3c9e717e07eada3aa34ff4e52977f4dd1ecff86bc89
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 01b55d6bfe6fd80e153bb065081a53b8
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 12:10:53 GMT
Etag: bda901d4e825ca45e23d2c7686485ea2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7F4098161C96F099; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
vkhhjp.com/878c428039b74e988c41ada20a9c2f05.gif
103.170.15.61200 OK 89 kB URL HTTP/2 vkhhjp.com/878c428039b74e988c41ada20a9c2f05.gif
IP 103.170.15.61:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 240\012- data
Hash 20e63872db2f35ea3c9ec80c6e49f5a5
fe7a31cf62cd2258032a79765aa892964a2c680d
51ddb10eda79f71da14cc3d379f7ecf743a102b01e32611cbb181d09b7d64998
GET /878c428039b74e988c41ada20a9c2f05.gif HTTP/1.1
Host: vkhhjp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "631b2991-15a52"
server: nginx
date: Thu, 22 Sep 2022 23:54:15 GMT
content-type: image/gif
last-modified: Fri, 09 Sep 2022 11:54:57 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-51
content-length: 88658
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=679541491&si=9c71adf25dac6256b9218d6c1531120e&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=1&sn=1402&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx4.zhgmjglh81k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=679541491&si=9c71adf25dac6256b9218d6c1531120e&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=1&sn=1402&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx4.zhgmjglh81k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=679541491&si=9c71adf25dac6256b9218d6c1531120e&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=1&sn=1402&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx4.zhgmjglh81k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 12:10:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=218542910A8CB258; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1663935052&rnd=674364867&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=2&sn=1403&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx4.zhgmjglh81k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1663935052&rnd=674364867&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=2&sn=1403&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx4.zhgmjglh81k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1663935052&rnd=674364867&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.myweblock.com%2F&v=1.2.97&lv=2&sn=1403&r=0&ww=1268&ct=!!&u=https%3A%2F%2Fklx4.zhgmjglh81k.com%2F&tt=chabiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 12:10:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=90B519CA0D9FE5F9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
104.21.86.153200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/wz.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 09:27:46 GMT
etag: W/"62cfe192-1ac"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDpj2G%2F5IlZ4coqZk%2FKoyL5R5MSbxMYytTKbGY%2BdnWZJFHRSSRDF%2BpUCpnNZQ%2Bb18KNj5gQRD7OmuNOUsqd%2Fg5bDaDsfugNvPkrZVl0doWChfXstqXH9deCpDKcaozeytSwsZ9kw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded7b070afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.bdstatic.org/scripts/common.js
172.67.150.89200 OK 0 B URL HTTP/2 cdn.bdstatic.org/scripts/common.js
IP 172.67.150.89:0
Analyzer Verdict Alert fortinet Malware
GET /scripts/common.js HTTP/1.1
Host: cdn.bdstatic.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=78131
etag: W/"632430d6-13133"
last-modified: Fri, 16 Sep 2022 08:16:22 GMT
cache-control: max-age=1800
cf-cache-status: HIT
age: 356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WUd%2BygG%2BO0aTtDO4AoWjvzrpM4uLELo4Vsh79XJ3901kE6W0rW3rvSQ%2FJNeUSX4FVKIt6pxzNGOK7C%2B%2F9mptNZwPtrgZxFadeV8H%2F%2B%2BET26vfumP388gkYScuDs3l7wnJN9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32deee8a8b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
104.21.86.153200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/252.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 14:03:55 GMT
etag: W/"6308d2cb-3d1"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeAahNvKQkYc1efYughQc1TsVO4uO%2FElDVOZiwscZqU7rBPCsglw4qy8%2BEa3xOwdPziTsc3b0bRgb0mX9j4zoGNw730K7SR7E%2FvJtQT5%2FX2vvBOou1u5BKd8ev%2Bo%2B9V2kthIGLca"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded7b040afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
104.21.86.153200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/xtb.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Fri, 23 Sep 2022 09:29:16 GMT
vary: Accept-Encoding
etag: W/"632d7c6c-f62"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGm%2BI%2BFpvbsumzQacw77Z5WSHauqNbhj%2FaEx234%2BGNzqRYc65ersNxAV2f9jED7MFyBRj6OiXhf%2FOQHlkHspocm23kkBDonGO7eI64A6Tx4h6jiZPY9YYZzNNfi8t9Hsm9LVRaeK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded8b1b0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
104.21.86.153200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/dh.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 14:10:15 GMT
vary: Accept-Encoding
etag: W/"6319f7c7-2868"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gPEJ4YBrxt1mn7VjC%2FZgRUwY3PcQTb0df%2FrXbKMS3soMPNNV3mHooqaFZJZnzPZwmj2smph4xhvR9NJVgkrrO0n7JqBz8GHfOfknF4L%2BXiqH2pztWc63MgCtKJS74K1a%2Bt0gEgZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32deddb880afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
104.21.86.153200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/zylm.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 05:42:15 GMT
etag: W/"62a97137-3b7"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUK%2F1SaXvrNO1SMch3szaFpKg3pZwFN0Z49LVOwBYvRp1J1CiftDGXeaCr0TnoIIo%2BnRZq3Y0Y%2ByDQ62Mnv4JjgKsDLq9tPHhRThoLeCa579xC4KBp8YpPbkLgTp6U7xi4vEfGN5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded7b0b0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
104.21.86.153200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/dh1.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 04:18:19 GMT
vary: Accept-Encoding
etag: W/"62cf990b-972"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lj0Vh6qSGXIh2IJ2%2FpYpzHLYHMr3P5FVbZ3Ix8T4goYKaeO2jxdOCKoKp78uHnrhFfzqgahP9Bch15Kl5aHWf6mgm1ozPE63w9J0QwDBC7JXdNbWd0Fp%2FGsXgh7g2kf9gaXqheWa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32dedfbb20afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
104.21.86.153200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/250.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 14:10:15 GMT
etag: W/"6319f7c7-3ed"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O102K%2FSVBRT2k1VHX9LEahqh3cLDekBczaEafR%2B0l1VRUHi7ZcxLmfvoao4V8QDKq81WI7Zdu9x0xr6hp9tHOmdgsJDAUcfnpX04TZ1OoBx5pWBwHB5oDyvpnpPD1C4rPNjb3hhL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded9b460afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
104.21.86.153200 OK 0 B URL HTTP/2 cb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
IP 104.21.86.153:0
GET /yPS7hqfHgkFauS2djb/foot.js HTTP/1.1
Host: cb.learning8809.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: application/javascript
last-modified: Tue, 22 Mar 2022 07:39:03 GMT
vary: Accept-Encoding
etag: W/"62397d17-449"
expires: Sat, 24 Sep 2022 00:10:50 GMT
cache-control: max-age=43200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HE%2FZQRzBfDiXRnG7LOQvaP2Odvjyb6Ulmr%2BWNfgXJhkRbYxBiLS38UCZmeKLGtfYiCB0QAAqAQpPHkyO7gqMPtVK2eq5SsU20nMhC7POYs0S9icQmzKgBDfPYii538ICFbsP141y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f32ded7b0e0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8808.com/images/xt3.gif
104.21.18.174200 OK 0 B URL HTTP/2 tk.learning8808.com/images/xt3.gif
IP 104.21.18.174:0
GET /images/xt3.gif HTTP/1.1
Host: tk.learning8808.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx4.zhgmjglh81k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:10:50 GMT
content-type: image/gif
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
etag: "626930ff-2f2d5"
expires: Thu, 29 Sep 2022 01:38:42 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2111528
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luyoReRkE0f7Mty%2F0dE9pUs8LJb%2FN%2FdofcbtjvGK262UXfhh8alhKm9Ozrxbbb9IZXBwoB753ReXZNCOASUaGIsyQ1CfhAVoaWuDpYjMrKFg0y2%2BHWK571jAn%2FiTaxwW2Nd0YqcT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f32df1e8e2b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2