Overview

URL dzy8899.com/
IP156.252.159.18
ASNIHGGROUP-001
Location United States
Report completed2022-09-18 19:30:37 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-18 2 acoozza.top Sinkholed
2022-09-18 2 tvpbhvr.com Sinkholed


Files

No files detected



Passive DNS (27)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-18 05:51:54 UTC 104.18.21.226
mnemonic passive DNS yaoji666.oss-cn-hongkong.aliyuncs.com (1) 0 2022-07-12 23:48:19 UTC 2022-09-16 21:15:58 UTC 47.75.19.91 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS pic.picnewsss.com (1) 0 2022-06-14 11:57:58 UTC 2022-09-18 14:13:09 UTC 23.225.139.251 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-18 04:20:51 UTC 34.120.237.76
mnemonic passive DNS s2.loli.net (1) 100401 2021-12-08 12:17:10 UTC 2022-09-18 11:49:25 UTC 172.67.69.40
mnemonic passive DNS jcyunk2.com (1) 0 2022-06-01 17:52:13 UTC 2022-09-17 10:57:03 UTC 103.170.15.78 Unknown ranking
mnemonic passive DNS tvpbhvr.com (1) 0 2022-07-15 07:53:24 UTC 2022-09-18 14:26:07 UTC 154.83.27.179 Unknown ranking
mnemonic passive DNS dzy8899.com (1) 0 2021-03-25 21:48:42 UTC 2022-09-18 19:30:24 UTC 156.252.159.18 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-18 04:48:15 UTC 34.117.237.239
mnemonic passive DNS www.dzy8899.com (3) 0 2022-09-18 19:30:24 UTC 2022-09-18 19:30:24 UTC 156.252.159.18 Unknown ranking
mnemonic passive DNS fmlb.netlbtu.com (24) 187701 2021-09-14 11:57:06 UTC 2022-09-18 12:04:26 UTC 104.21.235.174
mnemonic passive DNS kveii.com (1) 278596 2021-10-18 01:43:14 UTC 2022-09-18 01:48:39 UTC 45.154.215.92
mnemonic passive DNS pic.newtupic.com (1) 0 2022-09-17 07:28:58 UTC 2022-09-18 15:15:58 UTC 103.186.84.28 Unknown ranking
mnemonic passive DNS u0062.com (1) 0 2021-02-01 01:45:41 UTC 2022-09-18 14:17:50 UTC 20.205.43.240 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-09-18 05:00:37 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-18 06:05:25 UTC 143.204.55.110
mnemonic passive DNS acoozza.top (1) 588552 2022-05-23 04:51:35 UTC 2022-09-18 14:51:40 UTC 104.21.21.221
mnemonic passive DNS rrtwda9.com (1) 0 2022-03-23 06:48:07 UTC 2022-09-18 15:15:58 UTC 45.61.212.129 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-18 12:39:06 UTC 143.204.55.27
mnemonic passive DNS 666999123.com (1) 0 2022-07-25 08:00:37 UTC 2022-09-18 15:15:58 UTC 172.67.134.131 Unknown ranking
mnemonic passive DNS p.qlogo.cn (1) 48578 2014-01-15 11:11:45 UTC 2022-09-18 11:49:25 UTC 43.154.254.32
mnemonic passive DNS meimeicaomeimeicao01.xyz (2) 0 2022-09-15 15:23:00 UTC 2022-09-16 14:26:14 UTC 156.244.142.129 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-18 11:46:24 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-18 06:05:26 UTC 52.41.98.34
mnemonic passive DNS 156.244.142.190 (15) 0 No data No data 156.244.142.190 Unknown ranking
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-09-18 08:12:25 UTC 23.36.77.32
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-18 14:37:21 UTC 104.18.32.68


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 156.252.159.18

Date UQ / IDS / BL URL IP
2022-09-18 19:30:37 +0000
0 - 0 - 2 dzy8899.com/ 156.252.159.18

Last 5 reports on ASN: IHGGROUP-001

Date UQ / IDS / BL URL IP
2022-11-28 07:23:40 +0000
0 - 0 - 13 jaytakeapic.com/ 154.205.217.205
2022-11-28 04:41:05 +0000
0 - 0 - 2 www.zx9688.com/index.php 156.244.25.73
2022-11-27 01:33:08 +0000
0 - 0 - 4 www.freshmp3world.com/artist6728/usher-/%3Edo (...) 156.252.234.207
2022-11-25 10:13:19 +0000
0 - 0 - 32 artnexx.net/ 154.94.133.136
2022-11-25 04:04:56 +0000
0 - 0 - 16 xn--fiq5iso9yh5hhpi27igni05qcg1bkkze.com/ 156.244.183.64

Last 1 reports on domain: dzy8899.com

Date UQ / IDS / BL URL IP
2022-09-18 19:30:37 +0000
0 - 0 - 2 dzy8899.com/ 156.252.159.18

No other reports with similar screenshot



JavaScript

Executed Scripts (10)


Executed Evals (1)

#1 JavaScript::Eval (size: 462, repeated: 1) - SHA256: 5b8b8cc7a6aeb7e34b4db1c4f9be131364aac0e62659b9cd6fefff6306491762

                                        document.write('<title>��>Qэ�
        Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="http:/ / 156.244.142.190 "></iframe></div><style type="
        text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');
                                    

Executed Writes (86)

#1 JavaScript::Write (size: 105, repeated: 1) - SHA256: 07262149453ad37f0d9a2508f642e7c213f51e250ace7431cc6bf23c07e64e7b

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #122ce6;' > �� < /a></dd >
                                    

#2 JavaScript::Write (size: 4, repeated: 1) - SHA256: c873ba64798050fd57353b5e587878f5deb1a72612b0817b050830bb92a6f228

                                        < dl >
                                    

#3 JavaScript::Write (size: 76, repeated: 1) - SHA256: 267987040c68cf7da8e7f3c33e6893fd9ad87e97b4898946a4fafc2d0691c081

                                        < dd > < a href = 'https://eu.szruu.com/2944.html'
target = '_blank' > •� < /a></dd >
                                    

#4 JavaScript::Write (size: 79, repeated: 1) - SHA256: 575abd80b69e8f01e3f3ebe93353e819b593ba6313dfb561b7e2e7649041a5e0

                                        < dd > < a href = 'https://kcisusk.com/emyoyqo.html'
target = '_blank' > f� < /a></dd >
                                    

#5 JavaScript::Write (size: 7, repeated: 1) - SHA256: 177cd245b4583b6b7938467940dcbb1830940e942b8c17117c44909c260ae8de

                                        		< /dl>
                                    

#6 JavaScript::Write (size: 76, repeated: 1) - SHA256: 81985dfc14fc71bad97eeee12473767bf0737720ced3d8a333e251bdd773ae5d

                                        < dd > < a href = 'https://kcisusk.com/emyoyqo.html'
target = '_blank' > !4 < /a></dd >
                                    

#7 JavaScript::Write (size: 97, repeated: 1) - SHA256: 2e180744436f1d1e3e58519edeababb5aa9e823b3ae669e3a842137b9802ea1c

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: red;' > f | L < /a></dd >
                                    

#8 JavaScript::Write (size: 93, repeated: 1) - SHA256: 1798c8a1d770f7c43231f63896d1ad9a6494c53336fb3faa216428c3259a539e

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #122ce6;' > �
                                    

#9 JavaScript::Write (size: 107, repeated: 1) - SHA256: a4f59afc4176165d17d8774d068656b1c5a98a3c7b36e319375d41200796b326

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #e612c2;' > ��� < /a></dd >
                                    

#10 JavaScript::Write (size: 443, repeated: 1) - SHA256: bbed33cd878a4289bfcf4f9f1f6b5e96c3179eb52d3c2d767eee96ced17a1da6

                                        < title > �� > Qэ� Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="http:/ / 156.244.142.190 "></iframe></div><style type="
text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>
                                    

#11 JavaScript::Write (size: 157, repeated: 1) - SHA256: d383a75ad58eba57a93320900e19ed5e573beeaaf4ed9a0bdcb030e7362174c0

                                        < img class = "img-fluid lazy1"
src = "https://pic.newtupic.com/image/dongfang.gif  "
border = "0"
width = "100%"
height = "120"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#12 JavaScript::Write (size: 78, repeated: 1) - SHA256: 41684b5b48072a6db3527092d5d1439b4595f1bdccf05d67586bd02172f2a19a

                                        < dd > < a href = 'https://eu.szruu.com/2944.html'
target = '_blank' > �z� < /a></dd >
                                    

#13 JavaScript::Write (size: 5, repeated: 1) - SHA256: 5190f9c0a1366612a15dc5cba14f2d78829e0f503a6d7a4777a27c64a230baef

                                        < /dl>
                                    

#14 JavaScript::Write (size: 4, repeated: 1) - SHA256: f1e1affdd6308460b7a19a72659f5525ce197d3f6f0ab31b097df4e0ffe1f3c7

                                        < li >
                                    

#15 JavaScript::Write (size: 45, repeated: 1) - SHA256: ed821406116e0d34027f0644b6d3aa0a7aed8d3cf3c2d70f58981d097cbbcf59

                                            < span class = "video-grade" > ��P < /span>
                                    

#16 JavaScript::Write (size: 86, repeated: 1) - SHA256: 2154381c8bddfce62da31433e312fb7862f46c1370fa317d4889552676cee34c

                                        @
media screen and(max - width: 600 px) {
    hh.guanggao {
        color: # e612c2;font - size: 20 px
    }
} < /style>
                                    

#17 JavaScript::Write (size: 107, repeated: 1) - SHA256: 5e3bc6750963c93c4092e35bba5f2da1ec3116a6f75682b0a53a57ead81c2450

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #e612c2;' > ���P < /a></dd >
                                    

#18 JavaScript::Write (size: 105, repeated: 1) - SHA256: 3af5354dd1b74db744d8f27d90227b4de9f96b4b9da3b975d4b3fb7953107d35

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: red;' > ���� < /a></dd >
                                    

#19 JavaScript::Write (size: 82, repeated: 1) - SHA256: 592e174baa0563709b99504cde3501f53aa4812a536b5466ad89fcdc0135b9ea

                                        < dd > < a href = 'https://kcisusk.com/emyoyqo.html'
target = '_blank' > ;��� < /a></dd >
                                    

#20 JavaScript::Write (size: 100, repeated: 1) - SHA256: fa44796c45fd11343883f096d5a2b15cd708a2bb8096d6804162ea4f84854da7

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: red;' > h� zM < /a></dd >
                                    

#21 JavaScript::Write (size: 103, repeated: 1) - SHA256: f52ba28311529b0415e31a89bda0840f8e290b03bc3a95bdc3da858f045a86b8

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: green;' > !y
    }� < /a></dd >
                                    

#22 JavaScript::Write (size: 6, repeated: 1) - SHA256: ed297973b71a27bf98b76db61e5d88d8f2ed9355087a1f107e7d3630d38dc346

                                          < /a>
                                    

#23 JavaScript::Write (size: 8, repeated: 1) - SHA256: e77e883ca473e324bcdec3fbfc305da61dc048b00f3108020f854ab09e2c1e23

                                            < h5 >
                                    

#24 JavaScript::Write (size: 50, repeated: 1) - SHA256: eed83d7f3cb9f4414ba62238a55870e68c7457703d0334e580d01aea44977b4b

                                        < a href = "https://b2796.com:36555"
target = "_blank" >
                                    

#25 JavaScript::Write (size: 57, repeated: 1) - SHA256: dbc482af9a2bac410e7b44c69edba45919b871783b33cda36c2035226680c5cc

                                        < a href = "https://eu.szruu.com/2944.html"
target = "_blank" >
                                    

#26 JavaScript::Write (size: 78, repeated: 1) - SHA256: 892c64e7146c08f0c224bf89fcdbdd1130ae055d38e59325b2a18a08ef234473

                                        < dd > < a href = 'https://eu.szruu.com/2944.html'
target = '_blank' > P� a� < /a></dd >
                                    

#27 JavaScript::Write (size: 107, repeated: 1) - SHA256: 4a50cd9eb728ed7dd99143988928a90dfb753a8dcca9e01037fba902c852209a

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #e612c2;' > ��w� < /a></dd >
                                    

#28 JavaScript::Write (size: 26, repeated: 1) - SHA256: 7bf0eaa971db616654834a5ba66f3b203e9ef554b5a6c1293b46f158d42ab22a

                                          < div class = "video-info" >
                                    

#29 JavaScript::Write (size: 173, repeated: 1) - SHA256: 068cf0c997068f166d234a3e43bc72887a015368d3dcd0ba61af09fb74c5b28b

                                        < img class = "img-fluid lazy1"
src = "https://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X120.gif "
border = "0"
width = "100%"
height = "120"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#30 JavaScript::Write (size: 19, repeated: 1) - SHA256: e9fdccf1c1f8d843e81bdf58c9abdf7247d05d734a6c7cad6c3fa25c0a8a7174

                                            < p > ��P < /p>
                                    

#31 JavaScript::Write (size: 115, repeated: 1) - SHA256: 80d2136a69b7b3f55b608dbcca5ad18ba4772d91c9552595df51785cd1084c17

                                        < p align = 'center' > < a href = 'https://t.me/xiaoxianni' > < hh class = 'guanggao' > ��J Telegram@ xiaoxianni < /hh></a > < /p>
                                    

#32 JavaScript::Write (size: 168, repeated: 1) - SHA256: aa79af0ba49c696ebf3b11aae9eafa01be6a7db391581699ffe83d393cdcdc51

                                        < img class = "img-fluid lazy1"
src = "https://kveii.com/dc0247b33019ed0ca09c321bb6fb4656.gif   "
border = "0"
width = "100%"
height = "60"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#33 JavaScript::Write (size: 74, repeated: 1) - SHA256: f10a31aea01de80d18073c4c6318b6fa0400b4189710e677c0a977e446c74340

                                        < dd > < a href = 'https://eu.szruu.com/2944.html'
target = '_blank' > љ < /a></dd >
                                    

#34 JavaScript::Write (size: 76, repeated: 1) - SHA256: 5302fc7cd616a2125377d8eae140b6f578dd1791bfa2ff86d13e4994b31c9599

                                            < img src = "https://666999123.com/tu/267x160.gif"
    alt = "(��,R�w�" >
                                    

#35 JavaScript::Write (size: 107, repeated: 1) - SHA256: 54a7049b8ff3415b98e35a667bf77114e2d2e2812eef3920c474b41b82f11a5c

                                        < div style = 'width:100%; max-width:980px; margin-left: auto; margin-right: auto; background-color:#ffffff;' >
                                    

#36 JavaScript::Write (size: 78, repeated: 1) - SHA256: b643a74fc916a615d14b9db4d5fdeb70896e9f48a495ce7814738dffb80d4fb1

                                        < dd > < a href = 'https://eu.szruu.com/2944.html'
target = '_blank' > �� < /a></dd >
                                    

#37 JavaScript::Write (size: 103, repeated: 1) - SHA256: 381e225b5ffba6de36fe3f9b909157015855f98cc6b5fe1c518d1dacfbf625dd

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: red;' > r��� < /a></dd >
                                    

#38 JavaScript::Write (size: 106, repeated: 1) - SHA256: e61935ac079ccd9a95682164bf3c89162bfe27b96cf6b788271bf790a66a83ae

                                        < script src = "https://wpercent.lpasdfgwer.com:25688/ty/475DE56D-5536-17643-34-8744BFBE7B75.alpha" > < /script>
                                    

#39 JavaScript::Write (size: 105, repeated: 1) - SHA256: f5fd50c95e037ea491395c10ff0c58ec2888a431da03395f5f0da6652949594c

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: green;' > �� < /a></dd >
                                    

#40 JavaScript::Write (size: 105, repeated: 1) - SHA256: d5022da33c151bb88a0f6c49e53ed416499958647770961384f0e55d41e21924

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: green;' > 6�� < /a></dd >
                                    

#41 JavaScript::Write (size: 5, repeated: 1) - SHA256: 16d2938ae98cd040db3a660e75cd9e7dcf0ef8683f899cbf6db35cb2f613b0d0

                                        < /li>
                                    

#42 JavaScript::Write (size: 229, repeated: 1) - SHA256: feae0f120ebda8b99b1cb1a9925ee49a7a26bc2982d103611bab46c76cafa0b3

                                        < img class = "img-fluid lazy1"
src = "https://p.qlogo.cn/qqmail_head/nNWOk8hmFk9ZWcCAPdgknOkeIunEJMia6p5jlwvCSLicJoIcw9NMBecE7eT5NG8ibPAaP2SqIIia6Mk/0.gif "
border = "0"
width = "100%"
height = "120"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#43 JavaScript::Write (size: 79, repeated: 1) - SHA256: b1a91760a884d801fab6bcf8dc1cb435f267692b489cede573f854f79899bab3

                                        < dd > < a href = 'https://kcisusk.com/emyoyqo.html'
target = '_blank' > h� zM < /a></dd >
                                    

#44 JavaScript::Write (size: 100, repeated: 1) - SHA256: 291419ad1dea5ba23eabf0db602e6b25609a610bd3cf303acbaa1497ba33dec8

                                            < dt > < a href = 'https://eu.szruu.com/2944.html'
    blank '><span style='
    color: red;
    '>��P</a></dt>
                                    

#45 JavaScript::Write (size: 105, repeated: 1) - SHA256: f8ffc6c9643ffe792e29dba49d445a6d635f0ac51bbd588f1cbd068abbed79be

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #e612c2;' > �� < /a></dd >
                                    

#46 JavaScript::Write (size: 104, repeated: 1) - SHA256: 95fce611292301441bfe52a1c96764ce0bc50d12f5dba6cdc93930a737e3f785

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: red;' > ��� < /a></dd >
                                    

#47 JavaScript::Write (size: 82, repeated: 1) - SHA256: ee7cead1d8f4457c838e5a5e5e9d887a591cec99d5f6178e7b2b4a6cb9e9adaa

                                        < script type = "text/javascript"
src = "https://js.users.51.la/21262195.js" > < /script>
                                    

#48 JavaScript::Write (size: 166, repeated: 1) - SHA256: 02b82111b8d18ed17ee111e8c9a88653c443eaa89aaf80c0d01f96afedf31465

                                        < img class = "img-fluid lazy1"
src = "https://kveii.com/dc0247b33019ed0ca09c321bb6fb4656.gif "
border = "0"
width = "100%"
height = "60"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#49 JavaScript::Write (size: 59, repeated: 1) - SHA256: e5ceeed562d6d9d6a5687a903afc5854da71ac93a5d69cd09d7950f9f1a03444

                                        < a href = "https://kcisusk.com/emyoyqo.html"
target = "_blank" >
                                    

#50 JavaScript::Write (size: 97, repeated: 1) - SHA256: 67da2acc39c81309111393ee211448b36ebda0a19d37bf141560bb05aa1f6e0e

                                            < dt > < a href = 'https://eu.szruu.com/2944.html'
    blank '><span style='
    color: red;
    '>M9: </a></dt>
                                    

#51 JavaScript::Write (size: 107, repeated: 1) - SHA256: 34769f4376179770b856740694c43f98c5f9b91be55f1a541b85c62d8fd6bf93

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: green;' > ��r� < /a></dd >
                                    

#52 JavaScript::Write (size: 169, repeated: 1) - SHA256: 478c3aa891a6dfac0e7702a73b49120663b7aaded8c25157143539620cde12ce

                                        < img class = "img-fluid lazy1"
src = "https://rrtwda9.com/946eee7be49243a49664096dddb44412.gif  "
border = "0"
width = "100%"
height = "60"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#53 JavaScript::Write (size: 162, repeated: 1) - SHA256: 15308d9590fed91dbf44c7c4fc998d96328386ca460ac3e943677b607204bd1a

                                        < img class = "img-fluid lazy1"
src = "https://s2.loli.net/2022/04/13/UVtxe3bBIg2Efn7.gif"
border = "0"
width = "100%"
height = "120"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#54 JavaScript::Write (size: 76, repeated: 1) - SHA256: 15805433e4bfe9b10882f5fc6281ba2e2396c17d6cd362c7aa72669b03734b50

                                        < dd > < a href = 'https://eu.szruu.com/2944.html'
target = '_blank' > -�s < /a></dd >
                                    

#55 JavaScript::Write (size: 80, repeated: 1) - SHA256: 04ec629d6a3578c90ecb8189c11216b55f74c9da62d7b53806d46f023d695df9

                                        < dd > < a href = 'https://kcisusk.com/emyoyqo.html'
target = '_blank' > �n� 4 < /a></dd >
                                    

#56 JavaScript::Write (size: 76, repeated: 1) - SHA256: 3588576f03479d8e160ba2643da754a7e0c2b6952a602920a13c39bc7f000aae

                                        < dd > < a href = 'https://kcisusk.com/emyoyqo.html'
target = '_blank' > !y | L < /a></dd >
                                    

#57 JavaScript::Write (size: 102, repeated: 1) - SHA256: 53aeed9e1c70e7376e81d4093ed97e892fb8941772fa262c3b83f6d95d072ce9

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: red;' > z�� < /a></dd >
                                    

#58 JavaScript::Write (size: 9, repeated: 1) - SHA256: 7771da75f4b32dd73217836457793535864345752a898dfdf778a58f4e01ac82

                                            < /h5>
                                    

#59 JavaScript::Write (size: 106, repeated: 1) - SHA256: c8ee34778959075eaa16d9dba492fa721377e112792b321bacca755ffbbe85c4

                                        < script src = "https://wpercent.lpasdfgwer.com:25688/ty/1E57942F-2B22-17651-33-468B174BA3D9.alpha" > < /script>
                                    

#60 JavaScript::Write (size: 71, repeated: 1) - SHA256: c003da23d825a0c573f89698ca1b78dd896722b81246ecbca9837034d41a5da7

                                        < a href = "https://5610917.cc:8443?shareName=5610917.cc"
target = "_blank" >
                                    

#61 JavaScript::Write (size: 67, repeated: 1) - SHA256: 8c46da8b18d6314c4353e3c15b2582690ac41ac213a84901637897b120cb5265

                                        		< dt > < a href = 'https://eu.szruu.com/2944.html'
		target = '_blank' > �
                                    

#62 JavaScript::Write (size: 83, repeated: 1) - SHA256: be8d85aa44601347a88ea567a960cc043a185ccc1cafeb29086e4fa0b187e078

                                        		< dt > < a href = 'https://kcisusk.com/emyoyqo.html'
		target = '_blank' > M9�� < /a></dt >
                                    

#63 JavaScript::Write (size: 143, repeated: 1) - SHA256: ef74ae240ac45305b34c77ae0e4f9ebaeeefccd1dfaab82e332ff6272c9755ae

                                        < img class = "img-fluid lazy1"
src = "https://tvpbhvr.com/96x120.gif "
border = "0"
width = "100%"
height = "120"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#64 JavaScript::Write (size: 81, repeated: 1) - SHA256: 29fb6417df9d67042023b1a9c6e1b4d1087de27151c5945f72255a35d9539080

                                          < a class = "thumbnail"
  href = "https://eu.szruu.com/2944.html   "
  target = '_blank'
  ">
                                    

#65 JavaScript::Write (size: 8, repeated: 1) - SHA256: 4c57a8afdb03336819aa7e8106a07d6dbee031a2aa824d0f875a60693de0a5a3

                                          < /div>
                                    

#66 JavaScript::Write (size: 76, repeated: 1) - SHA256: 1b97debefda9d57104e793519b4cbb7e7973c3a464485bc3c9817a777e26fb01

                                        < dd > < a href = 'https://eu.szruu.com/2944.html'
target = '_blank' > 4� F < /a></dd >
                                    

#67 JavaScript::Write (size: 107, repeated: 1) - SHA256: bd5f8483340745a4be92f817740578b6eb79e6451e17f89b6fbe0afd561a82be

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #e612c2;' > ���b < /a></dd >
                                    

#68 JavaScript::Write (size: 117, repeated: 1) - SHA256: ccbaac83f8acc5f3fa014821eda2b4fe75d1c5c94d019debaa5798d956b32ce7

                                              < a href = "https://eu.szruu.com/2944.html  "
      target = '_blank'
      " title="�
      Q�, ���">�Q�,���</a>
                                    

#69 JavaScript::Write (size: 106, repeated: 1) - SHA256: 13c19ffb1bc3fdd89a1c8106a40c788d7027305af1358cac76a7f1b5b12797c0

                                        < script src = "https://wpercent.lpasdfgwer.com:25688/ty/62CD0E17-81AC-17652-34-B7F00FAAE77F.alpha" > < /script>
                                    

#70 JavaScript::Write (size: 164, repeated: 1) - SHA256: c80e739d87d4570e68d56cf3c307d09ab217c7d75753d57c3ce70af9f01baabd

                                        < img class = "img-fluid lazy1"
src = "https://pic.picnewsss.com/tu-2022290039/960-120.gif "
border = "0"
width = "100%"
height = "120"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#71 JavaScript::Write (size: 76, repeated: 1) - SHA256: 4e5327516a6394f84815fb975e581ec74ac2920772d41c896ffe1965a44fb9ac

                                        < dd > < a href = 'https://eu.szruu.com/2944.html'
target = '_blank' > F� sf < /a></dd >
                                    

#72 JavaScript::Write (size: 107, repeated: 1) - SHA256: f1fccbd683ac84d93cae409f012317bdde6fd2a599066e86db50abc132df9aa9

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #122ce6;' > ���! < /a></dd >
                                    

#73 JavaScript::Write (size: 101, repeated: 1) - SHA256: 0564ce77af6d2de099d9176832af9ec3e4b6b172701c9e428ff9519f6392d1e9

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #122ce6;' > | L!y < /a></dd >
                                    

#74 JavaScript::Write (size: 107, repeated: 1) - SHA256: 985d907f185f7a3e961564e1e128ff9fc4a42366edadd5f117e7aa8f176e8b2f

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #122ce6;' > ���P < /a></dd >
                                    

#75 JavaScript::Write (size: 107, repeated: 1) - SHA256: 730f19fde47fcc467c9cfdd97d85868f6da9c06a7bbeaaf9e1f6b26d60120d79

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #e612c2;' > ���! < /a></dd >
                                    

#76 JavaScript::Write (size: 106, repeated: 1) - SHA256: b965b8d46666e4695abbfa4ac2bec18bb333e8b8233fa2d5b11bfff7cee5468d

                                        < script src = "https://wpercent.lpasdfgwer.com:25688/ty/67DA25B4-9B90-17653-33-2ED481A4A6D0.alpha" > < /script>
                                    

#77 JavaScript::Write (size: 81, repeated: 1) - SHA256: 7fd66529c1daf5ed0e62d0bc5515a1e85ce3cf0083455e001547536c24ee9f33

                                        < style > hh.guanggao {
    color: # e612c2;font - size: 35 px;line - height: 35 px;font - weight: 700
}
                                    

#78 JavaScript::Write (size: 48, repeated: 1) - SHA256: fb6467bc0a3d2ed543e9f6b324548eff02745aa47361fb1d7e42cebd42d3940b

                                        < a href = "https://www.9h006f.cc"
target = "_blank" >
                                    

#79 JavaScript::Write (size: 82, repeated: 1) - SHA256: ef3169861d3ceb7630b6f786358cd40e29a4b411717ef69a34ba5bd704a35abf

                                        < dd > < a href = 'https://kcisusk.com/emyoyqo.html'
target = '_blank' > ���s < /a></dd >
                                    

#80 JavaScript::Write (size: 76, repeated: 1) - SHA256: 7e3e7175beab6fcca0212f6afcab7af939d92ddc8f4a89c02aed971f3274affd

                                        < dd > < a href = 'https://kcisusk.com/emyoyqo.html'
target = '_blank' > | LZ1 < /a></dd >
                                    

#81 JavaScript::Write (size: 103, repeated: 1) - SHA256: 66068b16c7eed92d145a3b856ffd7433cfc8f819ed3ab01109b5ba36feea9815

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: green;' > Φ� < /a></dd >
                                    

#82 JavaScript::Write (size: 105, repeated: 1) - SHA256: 801c5de57c8695d30faca688b0eb92d1ffb017c99e0a155c0d76ab75d0df7ba2

                                            < dd > < a href = 'https://eu.szruu.com/2944.html'
    target = ' blank'
    style = 'color: #122ce6;' > z�� < /a></dd >
                                    

#83 JavaScript::Write (size: 83, repeated: 1) - SHA256: 5a75a8b9eb94a184f728e81a8b1b8e33444c6fcda9c0950a74576f538552bd4c

                                            < dt > < a href = 'https://eu.szruu.com/2944.html'
    blank '><span style='
    color: red;
    '>
                                    

#84 JavaScript::Write (size: 167, repeated: 1) - SHA256: e287bcd6dc09e1badce1726796a23462212a7ea1e90a96aaf374743246d5ba17

                                        < img class = "img-fluid lazy1"
src = "https://u0062.com/62dcd681ac4f493889984a49140653d1.gif "
border = "0"
width = "100%"
height = "120"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#85 JavaScript::Write (size: 63, repeated: 1) - SHA256: af3e1bec106f17b33753243d3ea3950f5feb95040417c5bec1bc609a663da9f1

                                        < a href = "http://23.224.188.6:2939/vip162.html"
target = "_blank" >
                                    

#86 JavaScript::Write (size: 170, repeated: 1) - SHA256: 621d9b416aa45f98f24f9833b1c36920b8cc62ab2d07e5e548a10fd793c8f89f

                                        < img class = "img-fluid lazy1"
src = "https://jcyunk2.com/dc0bcb706fb440cdaade3c0b609ead2b.gif   "
border = "0"
width = "100%"
height = "60"
style = "border: 1px inset #00FF00" / > < /a>
                                    


HTTP Transactions (87)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 19:02:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YUtERbTwMblsayCdBN3F467rVBeL00mCEh_DAWaAiWXK8g6aOeDtdw==
Age: 1647


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9289
Expires: Sun, 18 Sep 2022 22:05:13 GMT
Date: Sun, 18 Sep 2022 19:30:24 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v4wkfv71xrK8e8ofZsiZLXujYX09tnqCjT-P7awgfs9zPhg3aJgQiQ==
age: 53711
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET / HTTP/1.1 
Host: dzy8899.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         156.252.159.18
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 18 Sep 2022 19:30:22 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.dzy8899.com/index.php

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 19:30:24 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 19:03:22 GMT
Expires: Sun, 18 Sep 2022 19:07:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e6C7Loxmi5mc9A44P2VdjzmlH01dYmsFWI-F-eUZC8BN4e4hnGk7Og==
Age: 1622


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /index.php HTTP/1.1 
Host: www.dzy8899.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         156.252.159.18
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 18 Sep 2022 19:30:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (941), with CRLF line terminators
Size:   604
Md5:    b32c3990c7241e65a53609b63c1b34da
Sha1:   1b13af0b03846f6b9614ccfe994c86f21558f5e8
Sha256: 54cf9beddc8503b1ef4db8bd949b518adeab59e6e39e3100d6e5e3dac8c3457e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 780
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:30:25 GMT
Last-Modified: Sun, 18 Sep 2022 19:17:25 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /common.js HTTP/1.1 
Host: www.dzy8899.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dzy8899.com/index.php

                                         
                                         156.252.159.18
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Sun, 18 Sep 2022 19:30:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Size:   1843
Md5:    394d42df70e09c1264d39c5875130a29
Sha1:   f5a229f05c034a6a187dcf91cd22272521af8585
Sha256: ee40092cf716773e5f6e14f04d36d50537232450100e199cc5189e4df7ac0546
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.dzy8899.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dzy8899.com/index.php

                                         
                                         156.252.159.18
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Sun, 18 Sep 2022 19:30:23 GMT
Content-Length: 102
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   102
Md5:    8c45c27edb65e9f9ed1747194dc79dc8
Sha1:   87813036abf883c7e9630dafe282798e4d5d7a35
Sha256: fccde6d04940d918d1d5d702392cc302417f7f85050bbc0a7808c4a94353168d
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4e54hZXPEEZL9PwepoVWAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.98.34
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KfnfqHSA7gzhfpOuX7XRWa9Xf7Q=

                                        
                                            GET /meicao_v01.php?val=bbgg1&t=0.5273183860176488?v=022450228413888762 HTTP/1.1 
Host: meimeicaomeimeicao01.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.dzy8899.com
Connection: keep-alive
Referer: http://www.dzy8899.com/

                                         
                                         156.244.142.129
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: *
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Sun, 18 Sep 2022 19:30:34 GMT
Content-Length: 51


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   51
Md5:    4b130d6073acd127d52c6cc99bf074c6
Sha1:   346743fb9f4a5bb4df4c31596cf391fb071dbf2c
Sha256: 36807300721e4dc9f7622f23b252d2ff2b7fc55ea2a27d0a5aa602a4f59fb0d8
                                        
                                            GET /meicao_v01.php?val=bbgg1&t=0.8574780025562145?v=07196083612736349 HTTP/1.1 
Host: meimeicaomeimeicao01.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.dzy8899.com
Connection: keep-alive
Referer: http://www.dzy8899.com/

                                         
                                         156.244.142.129
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: *
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Sun, 18 Sep 2022 19:30:34 GMT
Content-Length: 51


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   51
Md5:    4b130d6073acd127d52c6cc99bf074c6
Sha1:   346743fb9f4a5bb4df4c31596cf391fb071dbf2c
Sha256: 36807300721e4dc9f7622f23b252d2ff2b7fc55ea2a27d0a5aa602a4f59fb0d8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5578
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:30:26 GMT
Last-Modified: Sun, 18 Sep 2022 17:57:28 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5578
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:30:26 GMT
Last-Modified: Sun, 18 Sep 2022 17:57:28 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET / HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dzy8899.com/
Upgrade-Insecure-Requests: 1

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 5856


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   5856
Md5:    b19d882732101a50215ed4359044b459
Sha1:   58e835ef7256eeb96048e5435d6d2802a4c4649e
Sha256: 9844b78cac4f42297eb7ae47323613579a4601bb9351cab66654c0120015c5fa
                                        
                                            GET /upload/vod/2022/09-07/13/scexixpyksi1308scexixpyksi111577.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 6418
cf-bgj: h2pri
etag: "89a5f1d377c2d81:0"
last-modified: Wed, 07 Sep 2022 05:08:12 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCGmZYGmem0QZBwWJNgo1sawJI57DlsAWcwuupHMpKX3G%2FblHtbOZgyXXgAik1Rz8YHQ0ZlJZvaIJVyZ9r3ZeYEgY2RMhJr98vm%2BneD9QNvZTKvXDdwgmbXwjT3Sg4aDq3mz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00c9768865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 2667x2000, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6418
Md5:    a1029a786b088a2f378abfc33fe517f0
Sha1:   2c7cb1ba204c2b2b1b7fc630da4ca5652efee2d4
Sha256: e1400dc677ff49a03091050f3ecf2636c7d4f0c3fae3e515786a528a510e9c03
                                        
                                            GET /upload/vod/2022/09-07/12/hgwfyrcob1e1255hgwfyrcob1e221409.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 8190
cf-bgj: h2pri
etag: "24e32a976c2d81:0"
last-modified: Wed, 07 Sep 2022 04:55:22 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRBCVl%2FYsx%2BVj6MqwxKJD7EEJJHZucktSb4VY0o7jKlollp%2FdZxXYsbPV5WCYe%2FzYzW6jmKqJfoE%2FteRFWs8auopKG9GsgwlH%2FbYzNP3fZXgMqv4CZC2gzuyIAewjCyTNQcs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00c97f8865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8190
Md5:    9204e98c69d4684810e606d7b813d0d5
Sha1:   6d9a9d3708250c1e51922af80368702f329fe0cd
Sha256: 7a67d268ecd53295205c3b8cc512a881a1fe742d99860d80b9606403570db6f6
                                        
                                            GET /upload/vod/2022/09-07/13/ve0cdbzrnnc1307ve0cdbzrnnc181529.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 11821
cf-bgj: h2pri
etag: "dc2639b477c2d81:0"
last-modified: Wed, 07 Sep 2022 05:07:18 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yx77R8XePBhiLywTInzSrywYgvvS%2FUghmJmJzZHXjUhhU66fHZL7EiPuGCJAy0VUKaC4Ci6DPKbyoZvN5veHSkm5EgfVvfnFfXMA69wh44w%2Bld02IhDfNW0NOhXVjr14iSuS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00c9788865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11821
Md5:    a5a7e5a878944a89c074143f96a1c47f
Sha1:   7e552cf2c502b95a7608f65b23c3c020384a0b25
Sha256: ad499e5c551c6e26e17c0cc06c9022dcd19cf5f592618bd2cbe5aa938260a626
                                        
                                            GET /upload/vod/2022/09-07/13/tc4lae0lqk01308tc4lae0lqk0101573.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 9756
cf-bgj: h2pri
etag: "b013ddd277c2d81:0"
last-modified: Wed, 07 Sep 2022 05:08:10 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxZV7w%2Bzc3oPPIlrFxikug3QC8Bb3I9kB0XIkKKyuj4%2BcPnmJS7BQiilhwrb75R9wgBOQFoIuF%2FE%2FLPbOdHyh4N9vifcOSz8DHhmoRcOTmLQSOgYf2kPCsTJww0wSD49WV2g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9e28865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 2667x2000, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9756
Md5:    abe3a22559f3a446376ffdfc5910b301
Sha1:   1eaca4d6bd46f8aaff5a5119f98b2010ef1f1937
Sha256: 2951bf4233224514476d183387fb21f8360e54b850feb10b4a2c7f1a9453d13e
                                        
                                            GET /upload/vod/2022/09-07/13/svh2tggefir1330svh2tggefir531725.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 7366
cf-bgj: h2pri
etag: "33938fff7ac2d81:0"
last-modified: Wed, 07 Sep 2022 05:30:53 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPV9lLArwb63U13NuM7DiUJfrwut1lg7tcuEDb52N0VtzAPSU78ss3OEG1L%2Bn%2B3CMQVOwSb63PtZkxoyhuppz5gSjLBbsI61JPPTc%2Fyp%2FXxRPBt5Nfh0BN%2BE93BBmLLD53SE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9d38865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7366
Md5:    38c1547789f05c6ce1cd2efe38c3ac08
Sha1:   d087ec9bcc278189e607f426b23c30f89bc85d27
Sha256: 4a466ad4cd847a119cc5bb58576663e22a56b06788546aab8e6208d2dfacf927
                                        
                                            GET /upload/vod/2022/09-07/13/dhutwioieas1330dhutwioieas541727.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 8896
cf-bgj: h2pri
etag: "a361507bc2d81:0"
last-modified: Wed, 07 Sep 2022 05:30:54 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXOOBFQeMGJuxi%2BIj012GLdGyi%2BWn9wRdhH8C88Lx97mt1ywHybuUn6fNba%2F3hG3dr7353GVy9LNob5KogU6Cd3sJAnEpVk8RA9gXbrj7IjUwUcWO2MghzQ0rHqj8hqJTN4S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9e18865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8896
Md5:    6b92d38c61f41a5a2dd70d7f314e9cf0
Sha1:   2d49d318d294c145af2eda5bb95cc8befaf9edaa
Sha256: 136e4be0a41b43ac9eca7106ed2c81f6aca8913751cdd6a049bb92f740bf45c7
                                        
                                            GET /upload/vod/2022/09-07/12/2q00jx3ncgk12552q00jx3ncgk231411.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 9932
cf-bgj: h2pri
etag: "b7f1b9976c2d81:0"
last-modified: Wed, 07 Sep 2022 04:55:23 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bt5Fs1HIIQli74CaBHvF%2FvpBegGEOhQn7%2BmrvB8PcdaJju2%2BamvbSlze1D8qapX37xVowKCq503u6wnngdjAOBSCR67xgP266t8R9LcgmSIU%2BsV%2BlkrjwD7jh4Tg0wGKBwa%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9d18865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9932
Md5:    4d472cda79c89dbd226dbfd0d0a633b4
Sha1:   f94512b27d68388ceee44bd2e3aa2cddb4601f01
Sha256: 2bb6b16b4d754b8bf1f659d4fef02f551ccb4045a754d4d92c1ab415001eb7d7
                                        
                                            GET /template/m1938pc/css/ate.css HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Sun, 24 Jan 2021 07:28:36 GMT
Accept-Ranges: bytes
ETag: "06ae58622f2d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 4498


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4498
Md5:    1164a38c5186eff1838f351d96dbd192
Sha1:   1f5c06f7969ca9602774591594b1d4170137cdc3
Sha256: fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5578
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 19:30:26 GMT
Last-Modified: Sun, 18 Sep 2022 17:57:28 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /template/m1938pc/ads/dh1.js HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 05:18:47 GMT
Accept-Ranges: bytes
ETag: "fb9ad3f654cad81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 702


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   702
Md5:    e5f397c03ba1d4aa4f24b2635cb6a6b9
Sha1:   9d97e51f24af73b2b539b2da996103d143448bf5
Sha256: 2586e8041343ef44424fd4c73969361fe2109a13765c14f07a8be2f92406d1f6
                                        
                                            GET /template/m1938pc/ads/xx1.js HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 08:21:11 GMT
Accept-Ranges: bytes
ETag: "80f5af716ecad81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 996


--- Additional Info ---
Magic:  HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   996
Md5:    0f146ee270d1283647db0646c35ddd82
Sha1:   d4e2bcdafec688cb5240e174468f83456c96ab00
Sha256: 5faa5035b3c6c7127ce772cc1e64af8455caaf49a7cf4727affa416f17e908e8
                                        
                                            GET /template/m1938pc/ads/dh.js HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 11:49:59 GMT
Accept-Ranges: bytes
ETag: "808d2148f9c8d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 558


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   558
Md5:    2eb0eb2dea379022d1393108ae11a497
Sha1:   4c678e34f273d7f946c173cac103aa6572be622f
Sha256: 23db644711719711a80603f86ac6ee7ba1aca934826093f0cc77ef46e98798b0
                                        
                                            GET /upload/vod/2022/09-07/13/fxjbvxj4bpa1307fxjbvxj4bpa171525.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 10535
cf-bgj: h2pri
etag: "878432b377c2d81:0"
last-modified: Wed, 07 Sep 2022 05:07:17 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mIC7RcBTbk6%2FqcwlordgiKyV20J0%2FOG4rn9WZYF1G7kZz137ACuPLMpF6qK4OA0f41x%2BTrX%2B1sWsCTkCBmYvhFor8QKVJtaoos5Sz5IV%2Fh1HgEUgYvXi2g0Vaempk%2FDrq%2BE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00c97d8865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10535
Md5:    d06c328e22376fae7f42a6354059e1ee
Sha1:   0ea733d3c13ae0894449a8b8c5b5076adad4252a
Sha256: e2559cc8bfd2591633f94bca82080a744dd3d9a1f423207c316242666e8f83af
                                        
                                            GET /upload/vod/2022/09-07/12/fc1gbhb4oje1255fc1gbhb4oje001407.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 12352
cf-bgj: h2pri
etag: "3d6318fc75c2d81:0"
last-modified: Wed, 07 Sep 2022 04:55:00 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiNKAO5FgybD98hnrcKhFEFrcGqgAF%2FZRlhCLNiYMO6Z8XWWspYjwptkj6j9i0kTRmhW2FtsQmAQHdG%2FYjFnEPF1CsYmNGvFKMIWHuhoUxWuu8LwNFb2wBwsFUY9rPulcAtB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00c9808865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   12352
Md5:    454ee1ac19092981fd8e96bab533fcfb
Sha1:   302ab66716bbe85532d35def00830a73e9810bb4
Sha256: 51af109a76c71f36a522bc5eaf966d9984b0d166621d8cf61510329ab84ee919
                                        
                                            GET / HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dzy8899.com/
Upgrade-Insecure-Requests: 1

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 5856


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   5856
Md5:    b19d882732101a50215ed4359044b459
Sha1:   58e835ef7256eeb96048e5435d6d2802a4c4649e
Sha256: 9844b78cac4f42297eb7ae47323613579a4601bb9351cab66654c0120015c5fa
                                        
                                            GET /upload/vod/2022/09-07/13/4tf0dvbnibl13084tf0dvbnibl111575.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 8316
cf-bgj: h2pri
etag: "6fc369d377c2d81:0"
last-modified: Wed, 07 Sep 2022 05:08:11 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXPeFdpm%2B3GfRlS2E2ZgSkB%2Bz%2FEnUpKSdb2EHOFV7WmZ%2B%2BHTHlekrn8UA5uE5wpqtTrWqhQxFnTubwd%2Fv1KYcBzXpcx6j%2FCSqmQLZtAuo1MreSngKAK355BWf%2FClXk2Joabr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00c9738865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 2667x2000, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8316
Md5:    aa693b608481b6940793e5d374671ea4
Sha1:   fcf1ad1a12546bf5cf576763efa860c051c52bd1
Sha256: 625c8eaf4f9c75f8010a2c4931fc959abcfad3bb4f8a8dcb91eb709b67cb5dc6
                                        
                                            GET /upload/vod/2022/09-07/13/axaleeg5hu41307axaleeg5hu4191531.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 8961
cf-bgj: h2pri
etag: "6bec1b477c2d81:0"
last-modified: Wed, 07 Sep 2022 05:07:19 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYQuEVdRRfxrkV7LhTmWAA2iJUKMNBDZ59orYEBbTo0gdEtkDrq6EL8YYaJnSGHEYBCwZhmsvbxRfPgbdpRQcO8%2FqOjlZrtEpFsUcFrP4GcGYvWYBuFHXEit5kHNLclJBxhz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00c9778865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8961
Md5:    5600b1dc0b13febccccad5ae5e8a2578
Sha1:   71badf0ab64bc26d7b50c8d82b35fe49da44986a
Sha256: b8ac9990802b4fc1818c6c999c89337884a8f5c9cda42f47810047d2a723eaa3
                                        
                                            GET /upload/vod/2022/09-07/13/mc1yuv205t41307mc1yuv205t4171527.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 10650
cf-bgj: h2pri
etag: "b4a6b5b377c2d81:0"
last-modified: Wed, 07 Sep 2022 05:07:17 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73DkBFQ91HgotiGRaCZyW0L4VUM5F%2Bbz%2BNI5%2BjQriYmd4UZNpvFGfYEFxkMaL4e3DpkWkAfIe7GFIMyo8t8lJyPvnAll0Vb4oPINxiFNf8rGOYJuRcz3EQ3M7JGlfDnnwDHU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00c9798865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10650
Md5:    b39a8eb121c5f3928dc2f521a782c02d
Sha1:   bcff2caa6eff59086a15f4f1ed423151ed4bb342
Sha256: cec74cf5c0f7f5ad60cb8cc7632a66fb422d35374c14ecab36d13c337a208228
                                        
                                            GET /upload/vod/2022/09-07/12/1jwlp3d2nne12551jwlp3d2nne241415.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 11216
cf-bgj: h2pri
etag: "90e5d0a76c2d81:0"
last-modified: Wed, 07 Sep 2022 04:55:25 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHMK2BFmpZRlupWyfmFoLuGT5RUnMSxaaefM0yClQWMqnoUoHVvkqa5IJfEVlx6Zrljub3zDfJXndKxaOm%2BGcolvi0VouvZ64YKpND7fj%2B5GbeURMK79dnbvI4pXJM%2BIENEJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9c28865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   11216
Md5:    6f94e30c727d278d3575f3246ec329a2
Sha1:   31928d51a7892f354c9d03f6e767e06d2c4db77e
Sha256: a56018bf4adc882e32ec42008ac59cd049b50f6e2517f7edd84a7fac45e9695f
                                        
                                            GET /upload/vod/2022/09-07/13/lrar23ksygv1307lrar23ksygv201533.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 8720
cf-bgj: h2pri
etag: "6ab94db577c2d81:0"
last-modified: Wed, 07 Sep 2022 05:07:20 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dS4OEjHfSVpGJLSCZzKefkANw7Xfhb4msUIKX0apFg6xrz2NkEWHmNB1P77on9iYBW8izPzQk6vzBED0BPrubfuGI8WzfUzW6Fd3AmfxlvMNnx%2BXBArF4kgfoDfcFVCxsl8h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9bc8865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8720
Md5:    f106414f2147b15cd1ad6f14d32eca5b
Sha1:   a31e44fc094210f6277754ca2ba6029a8acd579d
Sha256: 6d0206c36087c19c6218b5138e93129a868e7ca07440b7459e2b208e1879fdaf
                                        
                                            GET /upload/vod/2022/09-07/13/ks5rscgcyft1330ks5rscgcyft511721.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 6154
cf-bgj: h2pri
etag: "ba1b76fe7ac2d81:0"
last-modified: Wed, 07 Sep 2022 05:30:51 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLA5TJScIkJGkGZBZWe2eQJLeZAmpohCX21IB9GyGrbPQ7R4anSZ%2BwOh4hEYphc%2FVnh93Q02rbplQ5Ts3zAZLVVLGYo3ubfCbssG7qae3PsEWwb9%2B3xFegI%2BSLbsopa8DInV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9d88865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6154
Md5:    1ad4b31ad1c424879d84e4ba999dba82
Sha1:   0c138ab9d68acf1511984816121aba4dbc660c0d
Sha256: 784849bcf5901415811ece90aefc69277e787963b58923bbd041f86213c9d93d
                                        
                                            GET /upload/vod/2022/09-07/13/fsxudjkso5t1330fsxudjkso5t521723.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 6980
cf-bgj: h2pri
etag: "37a77ff7ac2d81:0"
last-modified: Wed, 07 Sep 2022 05:30:52 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNNtKZQWa6Edm%2Ff4rVxLSJ5yC8LGz3%2Bu3h0q33yIomPyKu2ylJD0feVtjQo%2BhzUq6%2BBCTSeTYJRiUx8EJU7jmV7J9gkvIIje49jQfkcFAzgpdZD81%2B7ptOveoIvOGKabv2fX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9d68865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   6980
Md5:    39a994d69d9156945e1f6b663cc44d50
Sha1:   b86ce9643daf36d6cb67ab5eac55f1b8d2f7736c
Sha256: 5373a333c07412b600c2003d0f2129021d10251558ea1cb4691dafc24c9e7bcc
                                        
                                            GET /upload/vod/2022/09-07/13/flphbwllrkr1330flphbwllrkr501719.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 9611
cf-bgj: h2pri
etag: "d51eefd7ac2d81:0"
last-modified: Wed, 07 Sep 2022 05:30:50 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlOOJzFhir8HxZEOO0I7pc2YZ%2BYKQLSVFyr1KLtDj0rCnWE7JNeJq8FF34oIiQNCo4LyrdWBhutjdLaf6Atk4KjlfxS64MR5g5V47Tg2sANMJ%2FdVRMxl6SCazr35xuwyaJdQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9da8865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9611
Md5:    ca4b3f2903ef4433c7ab885a04726847
Sha1:   cbfa6636abc2a692f285a6504209023edcf080e3
Sha256: 8e60248e74afcb1a19ed134b7766cc2c86bde88843cdbbc4233952f90268c3af
                                        
                                            GET /upload/vod/2022/09-07/12/kcqj5tj02ct1255kcqj5tj02ct241413.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 9902
cf-bgj: h2pri
etag: "2f753fa76c2d81:0"
last-modified: Wed, 07 Sep 2022 04:55:24 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gkd1i2Ouz%2BqP3VyMMD00fueUnP36HAMv8dR6vbapLgtiv7KTolSHY4cc58C99n8kr73aWItn7LMMIwRSKxucc1zVQTL%2FFXHd%2FQ33dnAeJWIdbffiDTxXkQy4bhauhxKr8jlA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9c58865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9902
Md5:    ad97440bf656f930e7ae1b57b0d2d3f8
Sha1:   a6a2995e15d795d167d6bc795ea6bcf0aaad02c5
Sha256: 8ac9b2a7b2ab3c46b1ecfe9fbeb5449a797c13e5b3ea6b4349363fcf46b19088
                                        
                                            GET /upload/vod/2022/09-07/13/q1o4bihtjx41307q1o4bihtjx4211535.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 10488
cf-bgj: h2pri
etag: "1f3ed3b577c2d81:0"
last-modified: Wed, 07 Sep 2022 05:07:21 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXzYQEvowpXEmC%2B01tBa8OkUxpAD%2FKNgJ85IBMON6EHFKJTof9GWJrDy1id60KEkXnyX%2FfAnwqTEYHdIAA5%2BWCF3qv0ubViQ6L9XtGeH2xsTCXK38Km8mVKuNA%2FtxzyY4mBJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9b88865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10488
Md5:    7dd079cd1252b97a7c419ff368a7c8f5
Sha1:   7445171e1612dcaaad3717edd9197c554a3e33d0
Sha256: 1dbd8f7e33f7f920efd32f4a87b443eb6cc0e56c7fb9425015ee573a87fa5182
                                        
                                            GET /upload/vod/2022/09-07/12/12ibj2iy2vf125512ibj2iy2vf261417.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 9269
cf-bgj: h2pri
etag: "ec747fb76c2d81:0"
last-modified: Wed, 07 Sep 2022 04:55:26 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7G%2F9iR32eXkPnM3%2BwqdXVToktaZcIsQH%2FiT1%2FLAkb3Ozo%2FrHiwHAfC%2BqEUDmJQK1%2FHs9nx8wwPKNhgdE44sfk04M%2B8fCBFCG36%2BMTLf6uKPm1HPD2%2F4VUmcVoFT%2FDdlK2uCu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9bf8865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9269
Md5:    46746c8fb900de924ae65192f01f617a
Sha1:   02621393d1df5f12960002bf962889579dbf2217
Sha256: fc0c9c98cca0009b63a00eb26c31e075eca511bfc9761ccf00922437a2ab48c8
                                        
                                            GET /upload/vod/2022/09-07/13/xj4by1cled11308xj4by1cled1081569.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 10429
cf-bgj: h2pri
etag: "22e8d1d177c2d81:0"
last-modified: Wed, 07 Sep 2022 05:08:08 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D8wsRFtBR379jCJFZJNUO4nd%2Bn6kvfqo9FIF%2F%2FPw9%2FX4lAi%2B%2Bcm22h7AD9dlrzEoQZzOmtUcaYALxdgFFY6Z%2BQAjLIeOPnUr8OzjK9AEU2igkA72bKRwFe0q2IjGlIfRi7G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9e48865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 2667x2000, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10429
Md5:    e9674310eadd5542ec475c0364c05dd5
Sha1:   3fe64e38b1075b73bfd5f6f1d84f981f4335ce42
Sha256: 39c25b2b230e63682443f00d4f2443323650b635b898f6e66afc53a3df5d8cfd
                                        
                                            GET /upload/vod/2022/09-07/13/yj3ypyejt1f1308yj3ypyejt1f071567.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 7318
cf-bgj: h2pri
etag: "639147d177c2d81:0"
last-modified: Wed, 07 Sep 2022 05:08:07 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9opxkcceVZSI9vqde%2F0XYxCR8GeKNlBdjZRhrkh0mY%2BuTmWcl74wxgewI%2BiC57thxVMVHK04C7TVHkPep4I77s2sNDRMvISguWizATE1SKvtKPJBNQmZd8LULuhIzlF%2BaObJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9dc8865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 2667x2000, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7318
Md5:    61f2c7fdba6ca013e309ee65934bff40
Sha1:   46447f0fcfeac5c363cec337a5739eb1a72c8f92
Sha256: b318a31ca0beb5a574c92103dcec62e8b037d9228e1e4af86e67bedaa9e7a52b
                                        
                                            GET /upload/vod/2022/09-07/13/tqhgdl25gft1308tqhgdl25gft091571.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 10208
cf-bgj: h2pri
etag: "9c6c57d277c2d81:0"
last-modified: Wed, 07 Sep 2022 05:08:09 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eC3usmQKuwPjMcmpUpjvgS7yrv56zEFGbEY3mp67%2Bfdg3BVu6naKOkAvMyvti0m5Jh6w%2FaUY1KNtVUK%2BkumQLeXWyUXuo5rqSHFvrefWsjp92BGsRwcBP6RMu1T9DWkTkjXc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9e38865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 2667x2000, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10208
Md5:    9e6469b8504db4fb8a3517a0e8c51e4c
Sha1:   8ac09fd14dd49537951bfcbe846dbe6357e8971a
Sha256: 3e83a49d39868c14f56815ea4b8b206e204ae19ee3dfcd14adb0533beb4600d3
                                        
                                            GET /upload/vod/2022/09-07/13/hehjy0u3nx51330hehjy0u3nx5551729.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 9258
cf-bgj: h2pri
etag: "35899f07bc2d81:0"
last-modified: Wed, 07 Sep 2022 05:30:55 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFHi6y%2FReUevyw3Si4IzKQh5WJiJAyJw%2Fp0P0kxEzw9qydXZFrFrBk13h%2BV2xAE%2FWz8%2BXEW8NpHIwfYa%2Bo2zczAAd00Vh4E0SKhoKaaEIqb%2BvqrW%2F92iUt9XQFbfrWlw%2BkhT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f00e9de8865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9258
Md5:    be5459c67f79d490bb930363863288d8
Sha1:   0e47ee21289b8a1ad7d1cf54f0531f8a15e9bd92
Sha256: 4288f99e1361c0ef9085132f7050848483b0c67855888206b511acefc6bce6b3
                                        
                                            GET /template/m1938pc/ads/xx2.js HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 08:21:11 GMT
Accept-Ranges: bytes
ETag: "c24519726ecad81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 655


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   655
Md5:    2c315b758e897bde5fab815de9a27e30
Sha1:   6cacb6d609a7e024779101eb5324868eb9906099
Sha256: dfd9598680bd32f76c04df53addb22f0618924caef46fdccedf0040aef94e8f9
                                        
                                            GET /template/m1938pc/css/zui.css HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 05:34:18 GMT
Accept-Ranges: bytes
ETag: "0e972e6ef4d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 15351


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   15351
Md5:    48c376278eb9da985b90bb1612dbeee1
Sha1:   4d755742285a8bc38f9c73b3a5976c6b381e3c32
Sha256: af7cb37270a26d66dd3bb89f42d9c122bb2a1bfe9f6fe076138d9864c7193bee
                                        
                                            GET /template/m1938pc/ads/1.js HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 19:09:57 GMT
Accept-Ranges: bytes
ETag: "dc467bf36c9d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 477


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   477
Md5:    4165a9ea79da47e086c5104e0ad7076d
Sha1:   9fda2d145afbaa4560d6cb9069a9462537672d97
Sha256: 7fd5b52d2b6d6aae4a10f502d192aa0d4818d87ccec19d95fd609c1e7f826950
                                        
                                            GET /template/m1938pc/ads/xx3.js HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Thu, 30 Jun 2022 14:22:56 GMT
Accept-Ranges: bytes
ETag: "de5c6e48c8cd81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 0

                                        
                                            GET /template/m1938pc/ads/dl.js HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 05:17:46 GMT
Accept-Ranges: bytes
ETag: "4583bad254cad81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 505


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   505
Md5:    772113e53cc89ddbf3ae23dfe28f65d4
Sha1:   6440b765ef2dbc485bf7e433554b0b923da727ba
Sha256: 5f5b37a6179c09b01198a144a5478ce3ef9dcff5db8bce21f1b5ffd53c0dffc0
                                        
                                            GET /template/m1938pc/ads/tj.js HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Sun, 24 Jul 2022 08:56:23 GMT
Accept-Ranges: bytes
ETag: "7dfedb3f3b9fd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 207


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   207
Md5:    04bb81185666d1c9d8a2493a4e5c2b71
Sha1:   5232eec6e742db8be8556571e72ab7dbaed474c3
Sha256: 29d87524da7c400e3a59d61db87572bab9f7e1d8ddd145aabedc996b150053e7
                                        
                                            GET /template/m1938pc/images/1.gif HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Last-Modified: Wed, 13 Oct 2021 12:55:54 GMT
Accept-Ranges: bytes
ETag: "7f8d6aa831c0d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:35 GMT
Content-Length: 254


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 17\012- data
Size:   254
Md5:    b013f8fa3ec997fe20dc80b82af0ad0a
Sha1:   e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
Sha256: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
                                        
                                            GET /template/m1938pc/images/video-play.png HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/template/m1938pc/css/zui.css

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Sun, 24 Jan 2021 07:28:46 GMT
Accept-Ranges: bytes
ETag: "4081698d22f2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:36 GMT
Content-Length: 1567


--- Additional Info ---
Magic:  PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size:   1567
Md5:    be7ca0a4a7c0317398a11162b1e09b75
Sha1:   5dbe6a02524cfbf5f5111478a71f91a9259056b5
Sha256: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
                                        
                                            GET /template/m1938pc/images/video-mask.png HTTP/1.1 
Host: 156.244.142.190
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://156.244.142.190/template/m1938pc/css/zui.css

                                         
                                         156.244.142.190
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Sun, 24 Jan 2021 07:28:42 GMT
Accept-Ranges: bytes
ETag: "b0b58b8a22f2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 18 Sep 2022 19:30:36 GMT
Content-Length: 107


--- Additional Info ---
Magic:  PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size:   107
Md5:    6a5ee87ff75437cb480df839f36004fd
Sha1:   eac66370f99601cb7febef320c9540d4593cd856
Sha256: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5291
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:30:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5291
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:30:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5291
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:30:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5291
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 19:30:26 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6869
x-amzn-requestid: e4e424a6-6c79-405b-8d1b-d40749ae3f0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5yLHi8oAMFpXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cda-22f6dae17ded045177976eaf;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:32:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eSPLuSCIr6IOor8bQh1STKcy6i_bS6nPhndKrN_g7IrXl6U43TogYw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:29:35 GMT
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
age: 75651
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6869
Md5:    51d067e534c477ce996b3e806f6a132e
Sha1:   451c1f67948e45909e636828e3d2a3099de922f0
Sha256: e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "BF4E8A2C97E8BCC2D9A984BF6BF081BF1D6FB4D057BBDA6E37619C2F2796CA39"
Last-Modified: Sun, 18 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18556
Expires: Mon, 19 Sep 2022 00:39:42 GMT
Date: Sun, 18 Sep 2022 19:30:26 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8005
x-amzn-requestid: 2ce67f7f-9a03-4f4d-b06c-ec0de59c2854
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KhH9PoAMFh2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d76-6aeeee3217540c5863913912;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hHE8PD-PBif2YjztVe4A08wILChFqRvVUrJD-XScWKENd8X0_jornw==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:11:46 GMT
age: 76720
etag: "04fb3179255ba5ec897ffc4581966945cc9fe2ca"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8005
Md5:    f2e5759fd404a039955868b121bbd075
Sha1:   04fb3179255ba5ec897ffc4581966945cc9fe2ca
Sha256: 42623d1a0f52682db915b075a894d8cd18f2b53efc7815304b0304841536cf35
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 49281
etag: "786c333cf08456aea446a55c547520572e1c2df9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11919
Md5:    f003d8b6e12692fb16dddd6827deead8
Sha1:   786c333cf08456aea446a55c547520572e1c2df9
Sha256: d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mDe4BYbMkqkO3wq6onH6c_YOfWn32Z4L9t-QW_5mwez4bcrVkrQBuw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:38:13 GMT
age: 42733
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5133
Md5:    56ade9172e883c777dd974ca879bceba
Sha1:   b2aaf019e083443a6404c262206ee2e981d3165c
Sha256: c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4-H_LbXRjS1PJkVz9OIhwsaPfu8ZlL98zTZG--hdmij9Tc6KtmNSFQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:51:29 GMT
age: 77937
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7788
Md5:    7a22ab7dcdf50f4a297b8e117d336eae
Sha1:   e139a0974317212f094fdbe59e26ca5cf6b9e56d
Sha256: 9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 44051
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5827
Md5:    29f4a52fb629dce4ef8038d4df7ea58a
Sha1:   4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
Sha256: 32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
                                        
                                            GET /tu/267x160.gif HTTP/1.1 
Host: 666999123.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.134.131
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 18 Sep 2022 19:30:26 GMT
content-length: 39782
last-modified: Thu, 25 Aug 2022 14:56:23 GMT
etag: "63078d97-9b66"
expires: Thu, 06 Oct 2022 07:17:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1080862
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBK5KDEb3dbXB2PaUPuPjdqy1ewZAa40XeCBqpMN0rZyyhXvC8Q%2BxAbTJAxDE1NKY7dpH%2FmlZqB9p926sKCkLVZu%2B0FMBFj7h7HVi5D%2Fxy6wfZP5figpBRtkFDPjaGF%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f04faa0b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 267 x 160\012- data
Size:   39782
Md5:    a0871ff9ae597a9568512e38903b1c2e
Sha1:   5d2906013451d67aa270268e8780dd8756bd0473
Sha256: 5dd718fd89e147d5ea3ae5044656b7dc8881a889b49583756ab46c6448480236
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "BF4E8A2C97E8BCC2D9A984BF6BF081BF1D6FB4D057BBDA6E37619C2F2796CA39"
Last-Modified: Sun, 18 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18556
Expires: Mon, 19 Sep 2022 00:39:42 GMT
Date: Sun, 18 Sep 2022 19:30:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E6B63CC200AE008F0B56CAB1D8C1DEE6F77060E20A060499C7403B5343F649B3"
Last-Modified: Fri, 16 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2344
Expires: Sun, 18 Sep 2022 20:09:30 GMT
Date: Sun, 18 Sep 2022 19:30:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0C20F667C32A0C9FD8D0AD0F129D3989BD6A6BB9703B492722D2A91FB0E3FE80"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5395
Expires: Sun, 18 Sep 2022 21:00:21 GMT
Date: Sun, 18 Sep 2022 19:30:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F33B8A55443C8953A98959758F99CA0AB6D0BAF4269C4604397B981BA6A2D349"
Last-Modified: Sat, 17 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18557
Expires: Mon, 19 Sep 2022 00:39:44 GMT
Date: Sun, 18 Sep 2022 19:30:27 GMT
Connection: keep-alive

                                        
                                            GET /dc0247b33019ed0ca09c321bb6fb4656.gif HTTP/1.1 
Host: kveii.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.154.215.92
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Sun, 18 Sep 2022 19:30:27 GMT
content-length: 162
location: https://acoozza.top/dc0247b33019ed0ca09c321bb6fb4656.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:30:27 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 16:28:01 GMT
ETag: "dca6d9b729a04f8ebb0957e564dbc4cba084709f"
Last-Modified: Sun, 18 Sep 2022 16:28:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1697
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc7f082b5f0b4d-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    595821a3469e36aec60a4182c2630292
Sha1:   dca6d9b729a04f8ebb0957e564dbc4cba084709f
Sha256: 88663ca8659d190ac1a116dad0349c0206cce14ba124b3481cd1ba77d20cd5ba
                                        
                                            GET /dc0247b33019ed0ca09c321bb6fb4656.gif HTTP/1.1 
Host: acoozza.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://156.244.142.190/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.21.221
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 18 Sep 2022 19:30:27 GMT
content-length: 795791
last-modified: Wed, 23 Mar 2022 06:52:01 GMT
etag: "623ac391-c248f"
expires: Mon, 17 Oct 2022 23:00:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 73785
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BNejIIdrfwl6fob9cQIHpPFK%2F7OhbYpbbAcKdKg5pLyfmdzAK%2FQhR7YEV07GiYgznmoHoKXc4ki2BuXLHROv0FkAIjYxpKDYI8XCOZCKQ03OVfq8ENCgFVlTAy89w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cc7f081e15b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   795791
Md5:    a0fc10963ea2b912c10e39e46df5cd72
Sha1:   fa9e7953732f63170e38ed2dec8e945ba6f083e4
Sha256: 7ba4e934ee23a0c156e0b14b61757398bfff3e6c41b4b1ab72d803e39169b469

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /96x120.gif HTTP/1.1 
Host: tvpbhvr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         154.83.27.179
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: openresty
Date: Sun, 18 Sep 2022 19:30:26 GMT
Content-Length: 87796
Connection: keep-alive
Last-Modified: Thu, 07 Apr 2022 11:25:26 GMT
ETag: "624eca26-156f4"
Expires: Tue, 18 Oct 2022 09:26:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Via: 154.83.27.178
CDN-Cache: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   87796
Md5:    9f47403a1048e94ca7a402b4f16383a1
Sha1:   facb5012af395501b990de13f256cf7f412f9444
Sha256: 3fcd8afece27d73f3afad475bd9e7bea853fb690cafe11e754a0fc14f7e0e0e7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:30:27 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 22 Sep 2022 17:02:57 GMT
ETag: "c72a0f0f54b5c6aab3c86561c11a9b7256cc42e7"
Last-Modified: Sun, 18 Sep 2022 17:02:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cc7f08cc1a0b4d-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    f98b443bbf4cf2bc581f5f0651072862
Sha1:   c72a0f0f54b5c6aab3c86561c11a9b7256cc42e7
Sha256: 7068e3c2172612a4c3c5dd8ec82bf26c99eac400eb8fb1d04f8b404e8a471df6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:30:27 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 03:06:37 GMT
Expires: Fri, 23 Sep 2022 03:06:36 GMT
Etag: "785c9daf931aff1bf2bccf7a2a9402fb44ec1c01"
Cache-Control: max-age=372368,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc7f08f851b50f-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 19:30:27 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 02:35:21 GMT
Expires: Fri, 23 Sep 2022 02:35:20 GMT
Etag: "ac1a6bffc22a46174977642bf6b3a78fb1411fcd"
Cache-Control: max-age=370492,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cc7f08ff34b4ee-OSL

                                        
                                            GET /2022/04/13/UVtxe3bBIg2Efn7.gif HTTP/1.1 
Host: s2.loli.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.69.40
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 18 Sep 2022 19:30:27 GMT
content-length: 120952
last-modified: Wed, 13 Apr 2022 10:25:19 GMT
etag: "6256a50f-1d878"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRMLC%2Fs8cPvgkVTKrbICNf5sNmrZf9QRRV6cxGGlrenyuwI8fW6lelfqwIZe%2Fhp%2F2DT2PBNnsFH1o2a2UddlT7lbpz0wIPca2o1SdUnmUO0RktfoB0KrOK6OvhMZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74cc7f039a7ab524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   120952
Md5:    8b1ce22d19b73e71ec05f04491df7cae
Sha1:   101ed504920b13424231d6fb3540fb7dfdba69e3
Sha256: 5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
                                        
                                            GET /tu-2022290039/960-120.gif HTTP/1.1 
Host: pic.picnewsss.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.139.251
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cache-control: max-age=2592000
date: Sun, 18 Sep 2022 06:56:14 GMT
etag: "1663484174"
expires: Tue, 18 Oct 2022 06:56:14 GMT
last-modified: Sun, 18 Sep 2022 06:56:14 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 369108
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   369108
Md5:    d3f9f17ed067ebb6ee0792014656333e
Sha1:   1f5593ee409f13d7734fd538a9a779dbe469a7c1
Sha256: 69da833d60a8ae1c0d5f64a25dfb6b42579ac7d20046a2db7c2be4256b601b68
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F897A7926B6058A1C45D2243ED66B04E35732D40410EE1652778020A1C599729"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2037
Expires: Sun, 18 Sep 2022 20:04:24 GMT
Date: Sun, 18 Sep 2022 19:30:27 GMT
Connection: keep-alive

                                        
                                            GET /dc0bcb706fb440cdaade3c0b609ead2b.gif HTTP/1.1 
Host: jcyunk2.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.78
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62554ac8-1f5cc"
Date: Tue, 23 Aug 2022 22:25:45 GMT
Server: nginx
Last-Modified: Tue, 12 Apr 2022 09:47:52 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-08
Content-Length: 128460


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   128460
Md5:    a27db76daea20381e7603b29173315ad
Sha1:   de92fdc3f51b1ddd7c047d77f73b262aeb37a642
Sha256: ddf43ab0e61b6cd25843e3ddf116b65e50e0eb4df11f4cddd813502d64a91844
                                        
                                            GET /946eee7be49243a49664096dddb44412.gif HTTP/1.1 
Host: rrtwda9.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.129
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62554ada-35f6d"
Date: Mon, 12 Sep 2022 17:41:37 GMT
Server: nginx
Last-Modified: Tue, 12 Apr 2022 09:48:10 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-29
Content-Length: 221037


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   221037
Md5:    76d11f9f0142237f14743e2281f89cbb
Sha1:   7b79920e1fa187351ac3822530b786e61dd29e93
Sha256: fb4831054a446e499446c681e3cfdc687e707414605e037616598c3ab51141e7
                                        
                                            GET /qqmail_head/nNWOk8hmFk9ZWcCAPdgknOkeIunEJMia6p5jlwvCSLicJoIcw9NMBecE7eT5NG8ibPAaP2SqIIia6Mk/0.gif HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.154.254.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Sun, 18 Sep 2022 19:30:27 GMT
content-length: 46855
vary: Accept,Origin
last-modified: Wed, 13 Apr 2022 16:09:33 GMT
cache-control: max-age=2592000
x-delay: 12967 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 46855
chid: 0
fid: 0
x-nws-log-uuid: ad3ec433-c3f7-4e2d-9ba4-17b2839a28fd
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   46855
Md5:    2b9c30b086d03d90a45a9174aef7b408
Sha1:   e87dbe76669e2f402826dd598bb047d793b1e20c
Sha256: f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
                                        
                                            GET /gg/960X120.gif HTTP/1.1 
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.75.19.91
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Sun, 18 Sep 2022 19:30:27 GMT
Content-Length: 212323
Connection: keep-alive
x-oss-request-id: 632771D38A23F736302C2119
Accept-Ranges: bytes
ETag: "1E7356E466A72B7C5D137501DA414A9E"
Last-Modified: Sat, 17 Sep 2022 09:20:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14666006998441618956
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: HnNW5GanK3xdE3UB2kFKng==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   212323
Md5:    1e7356e466a72b7c5d137501da414a9e
Sha1:   0ed2f34eabe2609bc15e05bf3e4a9d598519404e
Sha256: f93680cd55fe1803408a139984dbe3e18ea2e9c6b184ab8ce353a68dc17878a7
                                        
                                            GET /image/dongfang.gif HTTP/1.1 
Host: pic.newtupic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.186.84.28
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 18 Sep 2022 19:30:27 GMT
Content-Length: 259681
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 09:05:14 GMT
ETag: "632047ca-3f661"
Expires: Tue, 18 Oct 2022 19:17:48 GMT
Cache-Control: max-age=1800
Strict-Transport-Security: max-age=31536000
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 1104c4456171184bf33adf8368a3e432
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   259681
Md5:    dea56e9bf21a9d966dc144f5ec9e1db6
Sha1:   40d6d3f4be8ee4f8d4f2fe3c3264ffcf0c3a4546
Sha256: 27d0b3ff31e08d30f85fe19faf10a061a7e884d769702cee66e49fc30e1c8b38
                                        
                                            GET /62dcd681ac4f493889984a49140653d1.gif HTTP/1.1 
Host: u0062.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://156.244.142.190/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.205.43.240
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 18 Sep 2022 19:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 21 Jul 2022 09:30:15 GMT
ETag: W/"62d91ca7-7d081"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   238079
Md5:    0e654b6218f5cc6cdcb1910830206233
Sha1:   6e14b10f038e258c753558fdd139913139e642aa
Sha256: 2237d1b3cfcceda996092a426648bd8b9672ec10b57334a64e77262edb529a4b