r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10825
Expires: Mon, 05 Dec 2022 23:21:24 GMT
Date: Mon, 05 Dec 2022 20:20:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1140
Cache-Control: max-age=138560
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:20:59 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:50:19 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 20:20:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 40
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7180
Expires: Mon, 05 Dec 2022 22:20:39 GMT
Date: Mon, 05 Dec 2022 20:20:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bZlwbmwXuccBNDSMJgv5wGlbl+7LPeO/nLUcXRBdHPUUb0G4O7vk8TMZv0X1bvOKANZk30GGMj2Kz2+/l1Cdkw==
x-amz-request-id: 3YW9K12E7YVT9DXA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 19:46:48 GMT
age: 2051
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:20:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 20:11:19 GMT
cache-control: public,max-age=3600
age: 580
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
z6705.cn/
168.206.192.164301 Moved Permanently 0 B IP 168.206.192.164:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: z6705.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: nginx
Location: http://www.z6705.cn/
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1126
Cache-Control: max-age=133478
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:00 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:25:38 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: u/g8IQ6Jpq1AjHYTre9J7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HM+iG3uVNxek++yxWpI+MMKz74w=
www.z6705.cn/
168.206.192.164200 OK 796 B IP 168.206.192.164:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash c2566c00721affa544f10d439a71edd0
f58a3f32717f38d19b86110039575c7ea7afa8cd
fa58815ed600606701160ab15ee3cd6e691ddabeabeac545b1ff9dfaac689609
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.z6705.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:20:48 GMT
Content-Length: 796
Content-Type: text/html
Server: nginx
www.z6705.cn/common.js
168.206.192.164200 OK 2.5 kB IP 168.206.192.164:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash adc95d40b83d1dc9649fd7f886e52c5a
59d49fe986ca6c196e2197d531ca17498095f678
4619ef25991f90a3a2337b323887670218e77de636ee0b32700b12292818e51d
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.z6705.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.z6705.cn/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:20:49 GMT
Content-Length: 2463
Content-Type: application/x-javascript
Server: nginx
www.z6705.cn/tj.js
168.206.192.164200 OK 318 B IP 168.206.192.164:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ef6adb373fb58299c0c7373c8e39980d
7a575ea00f1a5d19c219d2b8345c298c477ebf0f
7ca593573e8ffaf6155dd55b81324f2a62fb4f3cf3dfb160417782c795f276ad
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.z6705.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.z6705.cn/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:20:49 GMT
Content-Length: 318
Content-Type: application/x-javascript
Server: nginx
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10692
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:21:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10692
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:21:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 81152
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 33279
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 81416
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 81077
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 63307
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 81502
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.z6705.cn/
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 05 Dec 2022 20:21:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
112.34.113.148200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.z6705.cn/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 05 Dec 2022 20:21:01 GMT
Etag: "4078521116"
Expires: Tue, 05 Dec 2023 20:21:01 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F2DD4238EE03330B0A60F5273FBEBC50:FG=1; max-age=31536000; expires=Tue, 05-Dec-23 20:21:01 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash c452cda32ee361c855d2f354228b5af7
d68ed7672bc514554d53025b477ede8ba0fa3ca0
6f57e7db36c0f8a24154f7e5d11351a309f2c2d727a408449de756aa8d5e211c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 09 Dec 2022 18:40:59 GMT
ETag: "d68ed7672bc514554d53025b477ede8ba0fa3ca0"
Last-Modified: Mon, 05 Dec 2022 18:41:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2856
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774f7c61b9410b51-OSL
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 293
Origin: http://www.z6705.cn
Connection: keep-alive
Referer: http://www.z6705.cn/
HTTP/1.1 200
Server: CloudWAF
Date: Mon, 05 Dec 2022 20:21:02 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=19bd66ac5c51e952c5a; path=/
HWWAFSESTIME=1670271659246; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.z6705.cn
Access-Control-Allow-Credentials: true
api.share.baidu.com/s.gif?l=http://www.z6705.cn/
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.z6705.cn/
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.z6705.cn/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.z6705.cn/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 05 Dec 2022 20:21:02 GMT
js.users.51.la/21196331.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21196331.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash f11ce1d655b650f3b7f38481f1f6cb21
5505863b95c09047334cbd2663fee1fd5df8e264
4ca413829f0236f3c71cedc39bc0890bb5f8d92d7b83d1b97269af5cda733e43
GET /21196331.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.z6705.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Mon, 05 Dec 2022 20:21:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=1fd1e34fbed19bf0a84; path=/
HWWAFSESTIME=1670271658121; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
api.share.baidu.com/s.gif?l=http://www.z6705.cn/
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.z6705.cn/
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.z6705.cn/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.z6705.cn/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 05 Dec 2022 20:21:03 GMT
www.z6705.cn/favicon.ico
168.206.192.164200 OK 796 B IP 168.206.192.164:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash c2566c00721affa544f10d439a71edd0
f58a3f32717f38d19b86110039575c7ea7afa8cd
fa58815ed600606701160ab15ee3cd6e691ddabeabeac545b1ff9dfaac689609
GET /favicon.ico HTTP/1.1
Host: www.z6705.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.z6705.cn/
Cookie: __vtins__Jfxwsb38wBG7URVd=%7B%22sid%22%3A%20%223cc35f23-f687-5204-8bd6-3654e0656454%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201670273458919%2C%20%22ct%22%3A%201670271658919%7D; __51uvsct__Jfxwsb38wBG7URVd=1; __51vcke__Jfxwsb38wBG7URVd=b43d7bdb-6e9b-52ff-b642-f862859b9eb8; __51vuft__Jfxwsb38wBG7URVd=1670271658925; __tins__21196331=%7B%22sid%22%3A%201670271660236%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201670273460236%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:20:51 GMT
Content-Length: 796
Content-Type: text/html
Server: nginx
154.82.85.101/djo999.html
154.82.85.101200 OK 569 B URL HTTP/1.1 154.82.85.101/djo999.html
IP 154.82.85.101:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 7f1cd238c317a830c2d5517879a380b0
4fe89b4073d5636c9c9dab7a01c8c6c8d93f3635
471a084fe3a63f654ffd8a32199fe06cbf6e114c93eaec63e5e689079cf749e6
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /djo999.html HTTP/1.1
Host: 154.82.85.101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.z6705.cn/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 20:21:24 GMT
Content-Type: text/html
Content-Length: 569
Last-Modified: Wed, 30 Nov 2022 08:59:52 GMT
Connection: keep-alive
ETag: "63871b88-239"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0bb40c18fd8819b1806cb950c9338cc
7b9fb556fea0ccc10dd55deced310ae1dfb8ca55
0aa378e002f24ef1e0a8568acc666ee776ce966d8e4115686719186cfdeea135
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AA378E002F24EF1E0A8568ACC666EE776CE966D8E4115686719186CFDEEA135"
Last-Modified: Mon, 05 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Tue, 06 Dec 2022 02:20:49 GMT
Date: Mon, 05 Dec 2022 20:21:04 GMT
Connection: keep-alive
ia.51.la/go1?id=21196331&rt=1670271660236&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1670271660236&tt=%25E8%2587%25AA%25E8%25B4%25A1%25E8%2588%25AA%25E8%25B4%25B9%25E4%25BC%25A0%25E5%25AA%2592%25E5%25B9%25BF%25E5%2591%258A%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.z6705.cn%252F&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21196331&rt=1670271660236&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1670271660236&tt=%25E8%2587%25AA%25E8%25B4%25A1%25E8%2588%25AA%25E8%25B4%25B9%25E4%25BC%25A0%25E5%25AA%2592%25E5%25B9%25BF%25E5%2591%258A%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.z6705.cn%252F&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21196331&rt=1670271660236&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1670271660236&tt=%25E8%2587%25AA%25E8%25B4%25A1%25E8%2588%25AA%25E8%25B4%25B9%25E4%25BC%25A0%25E5%25AA%2592%25E5%25B9%25BF%25E5%2591%258A%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.z6705.cn%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.z6705.cn/
HTTP/1.1 200
Server: CloudWAF
Date: Mon, 05 Dec 2022 20:21:04 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=233dd5474199742c272; path=/
HWWAFSESTIME=1670271661670; path=/
www.mmzya1.com/template/m1938pc/static/picture/play.png
164.88.76.177200 OK 914 B URL HTTP/2 www.mmzya1.com/template/m1938pc/static/picture/play.png
IP 164.88.76.177:0
ASN #137951 Clayer Limited
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d0bcf0dff3f7074e9a3ce72a06b4a9a8
48fbeab48ed57e626fe00e5e6617b7729726995e
ed0681b32fabd508fcc2aa62f2408181053043302e8089fd200da0649981f972
GET /template/m1938pc/static/picture/play.png HTTP/1.1
Host: www.mmzya1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:21:05 GMT
content-type: image/png
content-length: 914
last-modified: Fri, 17 Jun 2022 02:29:26 GMT
etag: "62abe706-392"
expires: Wed, 04 Jan 2023 20:21:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mmzya1.com/template/m1938pc/static/images/arrow_up.png
164.88.76.177200 OK 398 B URL HTTP/2 www.mmzya1.com/template/m1938pc/static/images/arrow_up.png
IP 164.88.76.177:0
ASN #137951 Clayer Limited
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 353247650251bb3b54b709aa3441deb0
9784d902cbdfbf51cbe3f0281098575311fd5d2f
cdd12906b6861716ac4c33bcb08ff9164f9269b304748e54886482e773d26aec
GET /template/m1938pc/static/images/arrow_up.png HTTP/1.1
Host: www.mmzya1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:21:05 GMT
content-type: image/png
content-length: 398
last-modified: Fri, 17 Jun 2022 02:29:24 GMT
etag: "62abe704-18e"
expires: Wed, 04 Jan 2023 20:21:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mmzya1.com/template/m1938pc/static/images/share.png
164.88.76.177200 OK 3.2 kB URL HTTP/2 www.mmzya1.com/template/m1938pc/static/images/share.png
IP 164.88.76.177:0
ASN #137951 Clayer Limited
File type PNG image data, 39 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 02f6a2fe1a4a8668aca32a1c08040c0f
72d7273e5e561ed4c70bd0ccef8e66407b9e7ce0
30a473f2f6a26ac3d2fb1538744d781985d6051cf1e8a54a4e8a8d1fabb0e8f8
GET /template/m1938pc/static/images/share.png HTTP/1.1
Host: www.mmzya1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:21:05 GMT
content-type: image/png
content-length: 3172
last-modified: Fri, 17 Jun 2022 02:29:30 GMT
etag: "62abe70a-c64"
expires: Wed, 04 Jan 2023 20:21:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tukudhgg.vip/logotp/klm29.gif
188.114.96.1200 OK 707 kB URL HTTP/2 tukudhgg.vip/logotp/klm29.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 707 kB (706607 bytes)
Hash de65e95ed6ad16569325d0eb6f948afa
4cedbb4fb40fb0d35efd617b3b207e78ffe4d85a
88e67b99365a0814cbdf10fd982322516af9f2bb613f1c72e218ba32a7a31fca
GET /logotp/klm29.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 706607
last-modified: Mon, 02 May 2022 08:41:33 GMT
etag: "626f993d-ac82f"
expires: Tue, 20 Dec 2022 05:44:52 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1308169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ql%2FOfIFteVnAnjFPN9%2B5%2FNkIIDuA6nyhEjtX4cQ7ibTAiF4b6JHnccBB4LIpZrhLl9agG%2B%2FTLi1ytS38E8WdGwAqFYvslLEad6FnF87GdZJA9rtaEQc7dTEoHmEimLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7cef0eb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tukudhgg.vip/logotp/xpj200.gif
188.114.96.1200 OK 423 kB URL HTTP/2 tukudhgg.vip/logotp/xpj200.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 423 kB (422639 bytes)
Hash e9fbb3e8331bcc6b705b7bc3c44a22bb
6f1c2c9b38a1f5c31e0d59d8f2bec101b5cbb329
bb0c7a32e541641e9c3f5899048ec245463de2bc5efc698b1e6bc528e8e2951a
GET /logotp/xpj200.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 422639
last-modified: Sat, 10 Sep 2022 08:46:22 GMT
etag: "631c4ede-672ef"
expires: Wed, 28 Dec 2022 09:48:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 642728
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQ2yKlcwB39bsW1MjRKWT4KEPYlbXFNsCw1%2Fm9ZBFxYRsyybmInx1lb8kUzqSvan4ctUUvMHASO%2FyJdJ0vcRoPVJblX3yoLppm5JJyGepNnrgUqD8CP0deOLhwEZx%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7cff21b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tukudhgg.vip/lm/aaa122.gif
188.114.96.1200 OK 514 kB URL HTTP/2 tukudhgg.vip/lm/aaa122.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 320 x 186\012- data
Size 514 kB (513487 bytes)
Hash eb6ae4c3d42252ba0149361e28da9f18
b42e20c95a707951729969f9250f0b66f3ab4992
43abb0219a75601add12728d8c9a91af813a1342cc8b70acc6d5d5429af2fb62
GET /lm/aaa122.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 513487
last-modified: Wed, 25 May 2022 14:05:09 GMT
etag: "628e3795-7d5cf"
expires: Wed, 04 Jan 2023 10:41:00 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 34795
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlwAK0XNGyOSjfxIS1XhEc6kqyuFcPRe%2FU2%2FqTj%2BRRIbppGwR%2BskmvqLHRaHbVaa4fSXxAFswrXAnXPccDx8Mr8tz6F6hw8Qfrf1xsEfi1Gp4OiK6bTYXQJRsKznWT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7d2f66b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb0ec72ea0b708174096885b479301c4
57e958ea2bc85185f39355dcdaae95571c63c86e
fff3c51e24ddfa86e895497cf9122db7effa2b5b85cc788aa3d608cb6cf10e9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FFF3C51E24DDFA86E895497CF9122DB7EFFA2B5B85CC788AA3D608CB6CF10E9D"
Last-Modified: Sat, 03 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2447
Expires: Mon, 05 Dec 2022 21:01:53 GMT
Date: Mon, 05 Dec 2022 20:21:06 GMT
Connection: keep-alive
fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/11/22/cc16487.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Tue, 06 Dec 2022 04:20:49 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/11/20/heyzo4538.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Tue, 06 Dec 2022 04:20:49 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8be67a70fd028d33a22f0c2c7007d0dd
3d3513a1cd9287da230de40fd574d7c098ea176b
aa0244c48ad68962ec2622a9ba94cf9c5e08bb5ef837061e1a3bf9e546d1b95f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA0244C48AD68962EC2622A9BA94CF9C5E08BB5EF837061E1A3BF9E546D1B95F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5717
Expires: Mon, 05 Dec 2022 21:56:23 GMT
Date: Mon, 05 Dec 2022 20:21:06 GMT
Connection: keep-alive
tukudhgg.vip/logotp/tiangx01.gif
188.114.96.1200 OK 193 kB URL HTTP/2 tukudhgg.vip/logotp/tiangx01.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 193 kB (192700 bytes)
Hash 1f96742e79c464754770d21b824c422e
2eacc04050d6b364ca38e67f740f5019ba609d72
90b4a34013848befc26d1e21f30afa75bb896fb8775cfb283e0d1f4d9bc1a294
GET /logotp/tiangx01.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 192700
last-modified: Sun, 19 Jun 2022 13:11:00 GMT
etag: "62af2064-2f0bc"
expires: Tue, 20 Dec 2022 05:44:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1308172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjqFVj2xWrytSCNOh8%2BZAkMW5v5WMqSXOMx8Q6oWw0JF19itf0FPCVOP2Bb0zoVNPW9bPlZc2JF%2FPGXEq9g7DVNPMpQV8GCzFUccETNUcSp%2BU5%2Fs3s%2BHQNXL3WkuCXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7d6feeb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tupkku.top/logotp/xfb66.gif
104.21.51.97200 OK 624 kB URL HTTP/2 tupkku.top/logotp/xfb66.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 145 x 145\012- data
Size 624 kB (623748 bytes)
Hash a32d51e341cd89abbece4c69d304f22d
66079b18e75f9469f4be074e9bc02ba0d85c4361
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
GET /logotp/xfb66.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 623748
last-modified: Fri, 15 Apr 2022 17:52:24 GMT
etag: "6259b0d8-98484"
expires: Sun, 01 Jan 2023 09:43:04 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 297477
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2cU926fhJ69GCtt88BEpNA7XZj3f%2FSK5eC1bVyL%2FIGiqjC5dk9nJyjJH5qE9Fs2KGX%2Fn42mTFXofza1tAp%2Feztxxjv%2Fb8Y%2Fi1molS8hxOzVq9%2ByWhicJpse023a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7d6ac8b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
IP 216.58.211.3:0
Hash a5d78aa82cfbdcbd461c5eb9e8567830
5bef23db0bf36986dc92dcd61cf33eacde58560d
084726e951dbb428d403761fca4a1e2181b18145b931915a0e74e08226fd20ab
POST /s/gts1p5/t1eJGFHGm7w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
IP 216.58.211.3:0
Hash a5d78aa82cfbdcbd461c5eb9e8567830
5bef23db0bf36986dc92dcd61cf33eacde58560d
084726e951dbb428d403761fca4a1e2181b18145b931915a0e74e08226fd20ab
POST /s/gts1p5/t1eJGFHGm7w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
IP 216.58.211.3:0
Hash a5d78aa82cfbdcbd461c5eb9e8567830
5bef23db0bf36986dc92dcd61cf33eacde58560d
084726e951dbb428d403761fca4a1e2181b18145b931915a0e74e08226fd20ab
POST /s/gts1p5/t1eJGFHGm7w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
IP 216.58.211.3:0
Hash a5d78aa82cfbdcbd461c5eb9e8567830
5bef23db0bf36986dc92dcd61cf33eacde58560d
084726e951dbb428d403761fca4a1e2181b18145b931915a0e74e08226fd20ab
POST /s/gts1p5/t1eJGFHGm7w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 57fd26eb19e056c0b5a4634b7a38d78d
89d1305ffd83e2a976b6e08fff2dcb7da71d03bb
b98976c11dc74fa1b09cb8c18cde845cc102f86d958035e355e71e3845f90dfd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B98976C11DC74FA1B09CB8C18CDE845CC102F86D958035E355E71E3845F90DFD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7032
Expires: Mon, 05 Dec 2022 22:18:18 GMT
Date: Mon, 05 Dec 2022 20:21:06 GMT
Connection: keep-alive
tukudhgg.vip/hf/980x60shijben7018.gif
188.114.96.1200 OK 268 kB URL HTTP/2 tukudhgg.vip/hf/980x60shijben7018.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 980 x 60\012- data
Size 268 kB (267512 bytes)
Hash 34e57dc459ce5df818ab3103bbd76f26
eec5e1f7e1f3497851f9205b5ae9ecc41ba50433
9a4e61b64619aab6b170118d37c240eedfda5c790031408e2529a0df7bea2cc8
GET /hf/980x60shijben7018.gif HTTP/1.1
Host: tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 267512
last-modified: Sun, 27 Nov 2022 14:34:11 GMT
etag: "63837563-414f8"
expires: Tue, 27 Dec 2022 17:53:27 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 700052
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=053WfgfrYSq25jxNYI6pKs%2BzDgrA1%2BIlSwXqWz7N1JuRcivCV3mljj0DOE98IwzEhMEo2%2B%2FtUMk9XvMsT9fkxUFivU%2BwocYZKV7OFzUBKgGC%2BI8jWu9aE35q5OtxarA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7e291eb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 31567d9eb83fa0b6f4407d1adff42e3e
fa9fa73d84651d397c63399e273304ae5500f8f3
ddde7996cae8c83cd9a8ae075e81170469a32d6864c4773bc46f05348294b0ab
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 09 Dec 2022 17:36:17 GMT
ETag: "fa9fa73d84651d397c63399e273304ae5500f8f3"
Last-Modified: Mon, 05 Dec 2022 17:36:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3367
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774f7c7e2e190b51-OSL
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 57fd26eb19e056c0b5a4634b7a38d78d
89d1305ffd83e2a976b6e08fff2dcb7da71d03bb
b98976c11dc74fa1b09cb8c18cde845cc102f86d958035e355e71e3845f90dfd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B98976C11DC74FA1B09CB8C18CDE845CC102F86D958035E355E71E3845F90DFD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16835
Expires: Tue, 06 Dec 2022 01:01:41 GMT
Date: Mon, 05 Dec 2022 20:21:06 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 57fd26eb19e056c0b5a4634b7a38d78d
89d1305ffd83e2a976b6e08fff2dcb7da71d03bb
b98976c11dc74fa1b09cb8c18cde845cc102f86d958035e355e71e3845f90dfd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B98976C11DC74FA1B09CB8C18CDE845CC102F86D958035E355E71E3845F90DFD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16792
Expires: Tue, 06 Dec 2022 01:00:58 GMT
Date: Mon, 05 Dec 2022 20:21:06 GMT
Connection: keep-alive
www.tukudhgg.vip/logotp/swrhe.gif
188.114.96.1200 OK 156 kB URL HTTP/2 www.tukudhgg.vip/logotp/swrhe.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 156 kB (156311 bytes)
Hash c1cd6fbcc60e4242fb31eb894d7d9450
1b0a2ba85f38fa452a391250067e916ac7b61345
aca31490b0e0478395648fb5f6ce318b56a4a443c7a64e069c71cee6c0f0bb44
GET /logotp/swrhe.gif HTTP/1.1
Host: www.tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 156311
last-modified: Wed, 08 Jun 2022 08:25:23 GMT
etag: "62a05cf3-26297"
expires: Sun, 01 Jan 2023 09:43:04 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 297477
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jt%2BLa5c7dvoX1crLuBgXv5E7Ty%2Bf6psCIpx72GJZJFwVn2Dh2PN1L%2FMMuOPjVJ8Wa56s16f9zb2PwNHlJaPVMd6oNg4Jg7fJ8w7OqJyASvPVpHO%2FnReL72ZVM2J7CX4MlXwH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7e6989b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tukudhgg.vip/hf/wang602.gif
188.114.96.1200 OK 875 kB URL HTTP/2 www.tukudhgg.vip/hf/wang602.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 961 x 82\012- data
Size 875 kB (874783 bytes)
Hash a2fb53ffd95f97887826abebea62513c
383ca8074e26fe16c406db211cbe5cba41e91f65
05c8180bd75026280aab15eabb7b113a44d97deb29fbf70ade8a954d4d70e51e
GET /hf/wang602.gif HTTP/1.1
Host: www.tukudhgg.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 874783
last-modified: Sat, 24 Sep 2022 02:18:02 GMT
etag: "632e68da-d591f"
expires: Wed, 04 Jan 2023 10:40:59 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 34796
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coiHXB4V9swEqeR0bHknsIi2Y2FQgw4WmfdmWgbC%2FaqtV%2Fx4qr178RIVuts9wqtDDyVSdx4M7YsukhEaWbBn2tlDDi0B0Z%2Fx6aAVH%2BGCNcFydTQgNpMoIW3c3v%2BRANEmFxpx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7e7995b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
45.150.164.154301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 45.150.164.154:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: text/html
content-length: 162
location: https://kvkaaa.top/ca302b14c051bf41d75347daaf6e7ab3.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tupkku.top/logotp/bbzy7.gif
104.21.51.97200 OK 111 kB URL HTTP/2 tupkku.top/logotp/bbzy7.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 108 x 108\012- data
Size 111 kB (110624 bytes)
Hash e3240f80fa3623e4bc4675c955beb241
fb5f06e85933d6e6a8e0f98e28c16b44844b3ae3
d595e4b9e1341db392c7d348474e94c200802c5e35290b7e4f9a4a4ad653bd1d
GET /logotp/bbzy7.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 110624
last-modified: Sun, 19 Jun 2022 13:14:29 GMT
etag: "62af2135-1b020"
expires: Sun, 01 Jan 2023 09:43:04 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 297477
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FeeJ8pklWVKWXLi%2BDMyTyNXHNvEdt%2B%2Fi2VnU26MIJLvQmzK%2BTtRfpX1USCsSDU5Ar%2Fmv%2BWmnfjkYiFJ1%2BtRe7YbL8V0CDybwL34eAGF6QKuFD5t3e3JaFpgvypg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7e9c5db50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0a54b99084cab951441f7df375f94ced
c8b23131bf4ea9f95c4c4ecfe7d29910bd79d873
b6f618fd8ff2b9e23c90fef6c426f70493f3b9df8e07031423e91a6a2e729794
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B6F618FD8FF2B9E23C90FEF6C426F70493F3B9DF8E07031423E91A6A2E729794"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 02:21:07 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
IP 216.58.211.3:0
Hash ebe2426e976fbc8675e61b0630fd282c
074e1f95a00182168e83661cf2ca2f7c732f87fc
fa490c5df5077f791e55cfda7f93a84d41053944e03e0efdc04fd17b4f02f0b8
POST /s/gts1p5/swCvH5hS9-4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
IP 216.58.211.3:0
Hash ebe2426e976fbc8675e61b0630fd282c
074e1f95a00182168e83661cf2ca2f7c732f87fc
fa490c5df5077f791e55cfda7f93a84d41053944e03e0efdc04fd17b4f02f0b8
POST /s/gts1p5/swCvH5hS9-4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tupkku.top/lm/spk320.gif
104.21.51.97200 OK 137 kB IP 104.21.51.97:0
File type GIF image data, version 89a, 720 x 428\012- data
Size 137 kB (136930 bytes)
Hash 8ee25a766c10b2ade919dad65e1c9b37
a1d17bdfcda79dbf1ff41eed3e899db67c6c16c6
b9720e5b3ae93583e8e915eddc4c9c00d915c81be0ca0f20069443f18f37c0bb
GET /lm/spk320.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 136930
last-modified: Thu, 15 Sep 2022 09:25:05 GMT
etag: "6322ef71-216e2"
expires: Sun, 01 Jan 2023 09:43:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 297480
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEnTzsrH1z9bVbeLRBWWzXaW6lGaBovBolXL%2F94Bf6I4hnPuyji3x7Ncz7eUxTjlMEbZOY0aWC3E%2FETS2FoeSN9ZHoblwrXUpZg7%2FfOCf%2B8nURcT4waYaQGmmX6P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7efcf2b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzeaa.com/156ce1c412d70d7463f3422999b2e5bc.gif
98.126.214.50301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/156ce1c412d70d7463f3422999b2e5bc.gif
IP 98.126.214.50:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /156ce1c412d70d7463f3422999b2e5bc.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: text/html
content-length: 162
location: https://kvkeee.top/156ce1c412d70d7463f3422999b2e5bc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeaa.com/5759ea7a28dd179d7bcf5b0d44daa6b7.gif
98.126.214.50301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/5759ea7a28dd179d7bcf5b0d44daa6b7.gif
IP 98.126.214.50:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5759ea7a28dd179d7bcf5b0d44daa6b7.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: text/html
content-length: 162
location: https://kvkeee.top/5759ea7a28dd179d7bcf5b0d44daa6b7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tupkku.top/91uu/xyue960x60.gif
104.21.51.97200 OK 230 kB URL HTTP/2 tupkku.top/91uu/xyue960x60.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 230 kB (229930 bytes)
Hash 76dec3030c8fdc5f837dc226d8f7f632
3fbc4dc3e1f08883383582f633f9b8a689dcf970
4df3846bef871f01c842e1724b6adbcf8f0384f8cb0a5b78e3091cdddc6d2586
GET /91uu/xyue960x60.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 229930
last-modified: Wed, 30 Nov 2022 16:57:02 GMT
etag: "63878b5e-3822a"
expires: Sun, 01 Jan 2023 09:43:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 297480
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4b%2ByjhqJCy6YB5bzjZHq8sqIvwC%2FXTWGTgMjuSrczXlE6mLrkd888%2BvwWKfYkMRDWxHyXSWMZeU29%2FQE4NJISX31xDWbu6VGFMSby4%2Blc3wQhx2pDPo46YqHxKh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7f3d46b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 70154788a2d9496af5855061ba22c01c
4ae78738a5a7a58ebb93eebf84e15a1e38f9a8c9
c9d77f902704d92b2a3bf820e9282b40cb73222486cbd360aa1568e1c0cc57ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=144957
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:07 GMT
Etag: "638de5f0-116"
Expires: Wed, 07 Dec 2022 12:37:04 GMT
Last-Modified: Mon, 05 Dec 2022 12:37:04 GMT
Server: nginx
Content-Length: 278
www.tupkku.top//lm/spk190.gif
104.21.51.97200 OK 173 kB URL HTTP/2 www.tupkku.top//lm/spk190.gif
IP 104.21.51.97:0
File type GIF image data, version 89a, 720 x 428\012- data
Size 173 kB (173345 bytes)
Hash 35311cb75e25f68d1dad6a630474ece2
e48ba5dcba824a35199fc4fc843be185c53f7f3b
c4ea26086533e343ba5eb059ca8d027490d161fca19228180f13f0032f91d901
GET //lm/spk190.gif HTTP/1.1
Host: www.tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 173345
last-modified: Thu, 15 Sep 2022 09:25:11 GMT
etag: "6322ef77-2a521"
expires: Sun, 01 Jan 2023 09:43:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 297480
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtaRO%2FMbIq0jSvs%2Ffea6a21nFVckfunVnyn7sf2HHep0pPjhK3cgRAAox4V9wm8fFZXJ2LGBN1YVbOqvuW%2FYYmUvKDpvJuVkcyWTb6ce2TdePaxXLU0vlHWfksvY6tDGVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7f5d67b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash a703428d0843c269def92d35f8bb2863
129e6407bc2e08cb48a4f8264f4d1ff99c709fdc
0a4e2888585fd463b854eab9b1ae74127809f7f50f68abca67f51d3425ea342b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 09 Dec 2022 20:08:49 GMT
ETag: "129e6407bc2e08cb48a4f8264f4d1ff99c709fdc"
Last-Modified: Mon, 05 Dec 2022 20:08:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 172
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774f7c7f5b3b0afe-OSL
www.tukky.vip/91uu/91uu60.gif
104.21.27.152200 OK 26 kB URL HTTP/2 www.tukky.vip/91uu/91uu60.gif
IP 104.21.27.152:0
File type GIF image data, version 89a, 980 x 60\012- data
Hash 465314ce79ce6f8cfe4c183d176c1de2
ae8b9aabd887f97ac1d167c60724e54f96826640
81f1fb09701374b4142569654f494e080ede60db59188e27f58df1d641ebc1cc
GET /91uu/91uu60.gif HTTP/1.1
Host: www.tukky.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 25715
last-modified: Sun, 16 Oct 2022 23:17:43 GMT
etag: "634c9117-6473"
expires: Mon, 05 Dec 2022 20:32:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2550942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVJCc5zdqIJv7JRp9m75%2FXysh0jTw6aq8KJiKTASXvQO04w%2F1babCKLgvx1lRPlxeP26SFK0681bqmuWXcQeRpra8xJ8bDYi8WIFdKiSvpHyVOxN33haxIVyLoRLL7RA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7f5b410afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tukky.vip/hf/lghyr001.gif
172.67.142.245200 OK 87 kB URL HTTP/2 tukky.vip/hf/lghyr001.gif
IP 172.67.142.245:0
File type GIF image data, version 89a, 960 x 120\012- data
Hash c93b3ed293066d747d880ea368f305c3
7847cf128db1b0cc6f25cbfb54125348bf6dda97
79a2ddaa98a1421d78798163acdce3928ac97d2f63e5a7a64ff011180661a2b3
GET /hf/lghyr001.gif HTTP/1.1
Host: tukky.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 86697
last-modified: Tue, 31 May 2022 12:17:08 GMT
etag: "62960744-152a9"
expires: Sun, 11 Dec 2022 07:22:53 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2079913
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYCo8r01p%2FU8gtUMCHpOk4dC0H2tMkKkqSd5uDVCEi6oUoURQaraWqY6m7A9Z85V2iFOpzB9%2BIHB7hl19UiH4Sxax3PZooVEnkS9wwhmzqSFwKE9v3bUPf3%2FeTo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7f5a4cb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash a703428d0843c269def92d35f8bb2863
129e6407bc2e08cb48a4f8264f4d1ff99c709fdc
0a4e2888585fd463b854eab9b1ae74127809f7f50f68abca67f51d3425ea342b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 09 Dec 2022 20:08:49 GMT
ETag: "129e6407bc2e08cb48a4f8264f4d1ff99c709fdc"
Last-Modified: Mon, 05 Dec 2022 20:08:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 172
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774f7c7f8d2eb4f9-OSL
www.aoattsetp.vip/hf/dxsp001.gif
104.21.84.153200 OK 110 kB URL HTTP/2 www.aoattsetp.vip/hf/dxsp001.gif
IP 104.21.84.153:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 110 kB (110246 bytes)
Hash 3d25ac0f4a94e61bbbb48f399e7a27fa
1d01229e98b157bdff2dfc50a6ee8774c9827a52
83e77a17495a57cc92d27a7d7377c4452dc93e017c8e403305f5ec940a834c4f
GET /hf/dxsp001.gif HTTP/1.1
Host: www.aoattsetp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 110246
last-modified: Fri, 19 Aug 2022 17:28:34 GMT
etag: "62ffc842-1aea6"
expires: Wed, 04 Jan 2023 15:26:06 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 17689
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WN1yK38FL6fu4FGKIbCx5pUUE1jJbG2LVR7CWznlNctfY6Eu9ockxKHGtirYnyiSIW2BMQoHdKnex064OxcisBpjmXX8EjH1PMucBhRmtT6D%2B7USGkR6%2BHlz8pAPUxpEGAUcQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7faa92b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13765
Expires: Tue, 06 Dec 2022 00:10:32 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP 216.58.211.3:0
Hash 08c7f2e9d19100f54770556fd4f70a95
854a03d059b9c90a4f3761dab5aa2394162556de
48bc484db65d7e5180857d5a9bebc1b7b51e9d7aefbafa4d1ed467e5538714a6
POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kvevv.com/507cb482a1ab80c11715f64fba692ed7.gif
18.155.68.9200 OK 18 kB URL HTTP/1.1 kvevv.com/507cb482a1ab80c11715f64fba692ed7.gif
IP 18.155.68.9:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash b175478d50325fdaa0e211ef735aed04
28ccb0e0bfb3aa6605d11beaf2cb86362cafd138
e0afe8f2c90a3fcd7c8d55d6dfa8de20cae719c28dedb86c8e846c97ca67e18e
GET /507cb482a1ab80c11715f64fba692ed7.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 17721
Connection: keep-alive
Date: Mon, 05 Dec 2022 10:42:53 GMT
Last-Modified: Fri, 25 Nov 2022 07:39:16 GMT
ETag: "b175478d50325fdaa0e211ef735aed04"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: LoifCPBwLSS6hWT7LcerROrx7nryJtXQIWZJ8pmlESln4eFI9x-eUg==
Age: 34695
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 40775c54333db78b7a42225e2003d11a
d68300664366584d0359e86c998de3cc5bad50e2
23582031d8a75f84d9ca1dc61ba38a41c09ba22c7ec1a5f2524435be5bb8c25f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "23582031D8A75F84D9CA1DC61BA38A41C09BA22C7EC1A5F2524435BE5BB8C25F"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13826
Expires: Tue, 06 Dec 2022 00:11:33 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13837
Expires: Tue, 06 Dec 2022 00:11:44 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
www.tupku.top/lm/ssd.jpg
188.114.97.1200 OK 5.2 kB IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x68, components 3\012- data
Hash afef47e54b6a9a656791ca67efdab209
12a667dc2184993ce8dc8dbada8bf4649ee9a449
69bc9f756135ce1187c04b847403d8f6103204f9c7550df228925fddfb4edcea
GET /lm/ssd.jpg HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/jpeg
content-length: 5153
last-modified: Sat, 16 Jul 2022 07:43:04 GMT
etag: "62d26c08-1421"
expires: Mon, 02 Jan 2023 22:35:43 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 164717
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WClWr7avHJ42M6kOe%2BcSfJWbjXeEoxmuisN%2F8qsDDq0%2FAmPaoIvZ%2BgfPfr4W8qc73S8ZU9eevXsGgM8S99na7%2B%2BhUsTW2EEm6H6WhTfDs%2FWrg%2FCu28Y8faCBlQ%2BJb%2FIc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c804f11b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 40775c54333db78b7a42225e2003d11a
d68300664366584d0359e86c998de3cc5bad50e2
23582031d8a75f84d9ca1dc61ba38a41c09ba22c7ec1a5f2524435be5bb8c25f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "23582031D8A75F84D9CA1DC61BA38A41C09BA22C7EC1A5F2524435BE5BB8C25F"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13972
Expires: Tue, 06 Dec 2022 00:13:59 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ca7654969438f44f601e8fa2b78dd3af
323450363441db9ad549e6568b4af38be8baf395
422299f3f10239d467d693844e9884443cb3801fe04b298f81e425bce14f5a91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422299F3F10239D467D693844E9884443CB3801FE04B298F81E425BCE14F5A91"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14292
Expires: Tue, 06 Dec 2022 00:19:19 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
aoattsetp.vip/logotp/wt01.gif
104.21.84.153200 OK 479 kB URL HTTP/2 aoattsetp.vip/logotp/wt01.gif
IP 104.21.84.153:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 479 kB (479032 bytes)
Hash 7f8ee4f985772f6a9c0256ae8b86186d
69a2b0b1d7e19fb38d21533fd22eff1bcf1f9abd
f3458aa5d6e2c3ba4a261dedd7a76da61915b7b2911d19b05cf23d6b04b40117
GET /logotp/wt01.gif HTTP/1.1
Host: aoattsetp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 479032
last-modified: Mon, 02 May 2022 08:41:22 GMT
etag: "626f9932-74f38"
expires: Wed, 04 Jan 2023 16:08:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 15151
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6OW6wY6N7wrbielMAiUNfXErcMZmcLXBe6m76gYYpk9SEgTYQ9qCGnzsKIf9F17uMPsBLof562EW3hV9hm%2F5b92c8oAKRfaUld%2FsOvFGiamnNkkEp%2BZrXcIAY5bun34"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c80ac4bb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tupku.top/logotp/fff.gif
188.114.97.1200 OK 109 kB IP 188.114.97.1:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 109 kB (108625 bytes)
Hash 7f746939550d2ae41686ebf019a90ed7
8fccfd19873d3f91ba8b2d36680c42b650c653b2
16b6f5f802abc23c5788ad49bf0d3036db36fac0fd728e19548de61c54316252
GET /logotp/fff.gif HTTP/1.1
Host: tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 108625
last-modified: Sun, 19 Jun 2022 13:14:28 GMT
etag: "62af2134-1a851"
expires: Mon, 02 Jan 2023 22:35:43 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 164717
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z30LSGDJvZTGeDcUkUL1%2F9cLob5Vr9OnVPgko76PmlMojLyOL2qXt5nDb9D8UY739FUJWCaJzJ0S0e78cXW3oC5QbtPBLfol5fEeqT3goi6IOjh9KLQRIRAw2qY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c809f89b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tupku.top/logotp/pbu02.gif
188.114.97.1200 OK 401 kB URL HTTP/2 tupku.top/logotp/pbu02.gif
IP 188.114.97.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 401 kB (400770 bytes)
Hash 4f3db3f38763de0ea489d3ba3edc7af6
1e6e714ef1bc451c4e4a4a64563a481563357cc7
400b2183b3f7084d610f0b748b6665bd755b353eeec6c98b572b64a1a7a2b1a6
GET /logotp/pbu02.gif HTTP/1.1
Host: tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 400770
last-modified: Sun, 19 Jun 2022 13:11:01 GMT
etag: "62af2065-61d82"
expires: Mon, 02 Jan 2023 22:35:43 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 164717
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQj9ibikqdTOBg18iVmytpIBVkO133U96OQv%2FCYt1T0wONoDnJq1TChgqVmBK2XE5JWRAQdGk2917j0wiTaQLUmd%2FrJ%2B4aAdrFzhOR1HVw7UoU8cpLAFGkn5Prg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c80af92b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 197ef32d65e8677ca87c6f3ae5ec8954
41f9af8c4e9216406b94e7608d75c21ea61c508f
01bb61a205b1b4071a7baccdb0c22b07cb58f0a36979d995055142a398a8e1b9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 18:50:26 GMT
Expires: Sat, 10 Dec 2022 18:50:25 GMT
Etag: "41f9af8c4e9216406b94e7608d75c21ea61c508f"
Cache-Control: max-age=425957,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c80bcc51c02-OSL
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2a1358666f9fd523c2aaa5127244033f
0d7b214cb2a603958169e3279ffab8b86f705548
22d0c7f5c6d8c9420e5430dcd69b6fee3ac5a2c5617e4920c64c8cfb5e5668eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "22D0C7F5C6D8C9420E5430DCD69B6FEE3AC5A2C5617E4920C64C8CFB5E5668EB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Tue, 06 Dec 2022 02:20:58 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f8b76b242fd2e8879cdfc7fbd1415faf
1871f8392aa2d3c3e8578d55db36191afc9327ec
361971753f91e7cad9e1bddef1c21a30753abbfb3b7f1cec82c8031700224ec1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 23:53:08 GMT
Expires: Sat, 10 Dec 2022 23:53:07 GMT
Etag: "1871f8392aa2d3c3e8578d55db36191afc9327ec"
Cache-Control: max-age=444119,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c813a3cb51d-OSL
aooacctp.vip/lm/se5.gif
172.67.161.53200 OK 397 kB IP 172.67.161.53:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 397 kB (396964 bytes)
Hash 7b42e791e269b8425a0f380efdd8e5fd
10c09c8f711478c7aeccc988c076d299fafcbbfa
00ef96678470106e95be9f6f4dc07debbbb63a96db839adbf17e5e04e27caf60
GET /lm/se5.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 396964
last-modified: Wed, 25 May 2022 14:04:51 GMT
etag: "628e3783-60ea4"
expires: Wed, 07 Dec 2022 13:30:26 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2403470
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIqMq1I56gZMXxzMreEXevWAiTAvZITa%2F%2Bs0hwfxRWalX0FSJ%2B2EsyFZoyo47kwsgQry%2BGvUaYOIBmmM8khi6c3rVsdqoN0BOVyPUpqBm2ZuHQ1JuU9OPreyf8Mt91E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c816c41fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvevv.com/00cac4fde2e514f897f6e62f20c51d1f.gif
18.155.68.9200 OK 82 kB URL HTTP/1.1 kvevv.com/00cac4fde2e514f897f6e62f20c51d1f.gif
IP 18.155.68.9:0
File type GIF image data, version 89a, 960 x 80\012- data
Hash 62f39c1c0c44a8d8d01f8d3f72921ce3
94b052ad190771bc28a0d2925f342b364775c004
1fa3b28afa7262c9e4c7f1473a073f8b3b4275aa754418b5a21a7248cf6f758b
GET /00cac4fde2e514f897f6e62f20c51d1f.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 82442
Connection: keep-alive
Date: Mon, 05 Dec 2022 10:42:50 GMT
Last-Modified: Tue, 29 Nov 2022 08:08:19 GMT
ETag: "62f39c1c0c44a8d8d01f8d3f72921ce3"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: P4nU1Ayr0I_4o2-dTvOF6jsEisf9mNHx3fXAvzZl_bFR_qx6d_5JYQ==
Age: 34698
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/2vpvcrhqnye13362vpvcrhqnye316374.jpg
104.22.12.214200 OK 7.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/2vpvcrhqnye13362vpvcrhqnye316374.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 46b100853d47a9237408928303b0884b
ff09f4d6e7fba9ff21ff7b1d8d2065ab979f668b
fd591eddbe2a629133fd7c50734c619046788e98f9e225d617aede7116a31856
GET /upload/vod/2022/11-28/13/2vpvcrhqnye13362vpvcrhqnye316374.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 7892
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9455
content-disposition: inline; filename="2vpvcrhqnye13362vpvcrhqnye316374.webp"
etag: "638448df-24ef"
last-modified: Mon, 28 Nov 2022 05:36:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c7ffc8eb52d-OSL
X-Firefox-Spdy: h2
kzemm.com/cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif
45.150.164.154301 Moved Permanently 162 B URL HTTP/2 kzemm.com/cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif
IP 45.150.164.154:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif HTTP/1.1
Host: kzemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: text/html
content-length: 162
location: https://kvkaaa.top/cfdc8ba8b8b2b2b0b6a72490e60ccb65.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/qmtiuoytxmq1451qmtiuoytxmq186010.jpg
104.22.12.214200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/qmtiuoytxmq1451qmtiuoytxmq186010.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da415f209283f24157dfc4d9bd2a675e
a7f4704d2fee01b1b48aaefc7e36a185c8e27681
7fd9bef2da80589c959b0c55ce6333aba2bb6a89e447bef69f88c848ffe7ea60
GET /upload/vod/2022/11-27/14/qmtiuoytxmq1451qmtiuoytxmq186010.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 7996
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10123
content-disposition: inline; filename="qmtiuoytxmq1451qmtiuoytxmq186010.webp"
etag: "638308e6-278b"
last-modified: Sun, 27 Nov 2022 06:51:18 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c7ffc90b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/qqsypgx22wl1336qqsypgx22wl296370.jpg
104.22.12.214200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/qqsypgx22wl1336qqsypgx22wl296370.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af05b52622cc028b09b7f740849c6bce
12d7f43bc583d324db70e5ebd601a7eab1b8c2e1
58d1591f93994e54a244ee817410bd7576964903438d96ea285e80366a83bdb8
GET /upload/vod/2022/11-28/13/qqsypgx22wl1336qqsypgx22wl296370.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 8640
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9963
content-disposition: inline; filename="qqsypgx22wl1336qqsypgx22wl296370.webp"
etag: "638448dd-26eb"
last-modified: Mon, 28 Nov 2022 05:36:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c7ffc8bb52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/0p5y04gxf3g14510p5y04gxf3g356048.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/0p5y04gxf3g14510p5y04gxf3g356048.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 6ab611efbb7482120b3a580be8bf156d
70e4b8957a39bab37f2f544e95067f2594e9c409
1460cd1179df07fbc880ee31c58ac0327b29448050eb1a83d0582e36a3738aeb
GET /upload/vod/2022/11-27/14/0p5y04gxf3g14510p5y04gxf3g356048.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/jpeg
content-length: 10356
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10803, status=webp_bigger
etag: "638308f7-2a33"
last-modified: Sun, 27 Nov 2022 06:51:35 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c7ffc95b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/zifqmcf5thj1337zifqmcf5thj056420.jpg
104.22.12.214200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/zifqmcf5thj1337zifqmcf5thj056420.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b81d6a69d6066dfecab237ff328f8692
eb2b5a11c4e100f84f4f3d953bb112f81ca5aa6d
4b0ac511812ad98ab64f64b7c9d50fbcc2cfa2a9c3f214e478d25dd9787581a7
GET /upload/vod/2022/11-28/13/zifqmcf5thj1337zifqmcf5thj056420.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 6582
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7774
content-disposition: inline; filename="zifqmcf5thj1337zifqmcf5thj056420.webp"
etag: "63844901-1e5e"
last-modified: Mon, 28 Nov 2022 05:37:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c7ffca2b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/vwm1mutnrmz1451vwm1mutnrmz196014.jpg
104.22.12.214200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/vwm1mutnrmz1451vwm1mutnrmz196014.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4706d912ec005cca22472f633f67a2ed
dc6ab3a493226d1685145684edaad65dce72adcf
6400cb7305af477024e3ec1ad94ecbe839be403ffab5fd72bbd245897cd47a99
GET /upload/vod/2022/11-27/14/vwm1mutnrmz1451vwm1mutnrmz196014.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 8480
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8915
content-disposition: inline; filename="vwm1mutnrmz1451vwm1mutnrmz196014.webp"
etag: "638308e7-22d3"
last-modified: Sun, 27 Nov 2022 06:51:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c7ffc93b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/rkqv0cw43wv1337rkqv0cw43wv066422.jpg
104.22.12.214200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/rkqv0cw43wv1337rkqv0cw43wv066422.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e4dd6122fa96e67bdd827ac3f6382eb
a1b0c2542396400f809351125c7b83ad72c05b23
d683bc82e9004d1013205fa7e0741636972a55617b2b6661c1a2a3eae04f6973
GET /upload/vod/2022/11-28/13/rkqv0cw43wv1337rkqv0cw43wv066422.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 5972
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7178
content-disposition: inline; filename="rkqv0cw43wv1337rkqv0cw43wv066422.webp"
etag: "63844902-1c0a"
last-modified: Mon, 28 Nov 2022 05:37:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c7ffca4b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/ai0az4pnj2m1448ai0az4pnj2m165998.jpg
104.22.12.214200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/ai0az4pnj2m1448ai0az4pnj2m165998.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 74530321cc8c9689898b976625b7eda1
fa7e076dcc2c47ee6f70eba9a092ddf6253ddd2c
377a05b94e746c9e9593bbdcf685d9bbcc92cba3ae7227611ac5559cf86ae7c1
GET /upload/vod/2022/11-27/14/ai0az4pnj2m1448ai0az4pnj2m165998.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 8110
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9246
content-disposition: inline; filename="ai0az4pnj2m1448ai0az4pnj2m165998.webp"
etag: "63830830-241e"
last-modified: Sun, 27 Nov 2022 06:48:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c800ccbb52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/k1jwgxaxq3r1336k1jwgxaxq3r286368.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/k1jwgxaxq3r1336k1jwgxaxq3r286368.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec3d083320ae9992a11f17a21b20ee89
586f2958d1ff89acac67ea66182fbfbef2ac7cb1
5bed870eae706d0421a793a5f2c23efb9497a540cd8730864b6810da2104df06
GET /upload/vod/2022/11-28/13/k1jwgxaxq3r1336k1jwgxaxq3r286368.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 10466
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11376
content-disposition: inline; filename="k1jwgxaxq3r1336k1jwgxaxq3r286368.webp"
etag: "638448dc-2c70"
last-modified: Mon, 28 Nov 2022 05:36:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c7ffc89b52d-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f8b76b242fd2e8879cdfc7fbd1415faf
1871f8392aa2d3c3e8578d55db36191afc9327ec
361971753f91e7cad9e1bddef1c21a30753abbfb3b7f1cec82c8031700224ec1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 23:53:08 GMT
Expires: Sat, 10 Dec 2022 23:53:07 GMT
Etag: "1871f8392aa2d3c3e8578d55db36191afc9327ec"
Cache-Control: max-age=444119,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c810b92b523-OSL
hm.baidu.com/hm.js?cd4966c6bfc698dc34e4f0611b2ef124
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?cd4966c6bfc698dc34e4f0611b2ef124
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash 24314299fdc47a98226d812d4020885c
d2f063b966021f038ba6329ff00a03d143911df0
ce48210487d53b0dbe1ea9a18851be8e3f2dac8f4befd6fd7bf1b106a287de6d
GET /hm.js?cd4966c6bfc698dc34e4f0611b2ef124 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Mon, 05 Dec 2022 20:21:07 GMT
Etag: 325020c12542ec850e2a167491f405f7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=57CB879949F028DA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/l432zekapwn1337l432zekapwn096428.jpg
104.22.12.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/l432zekapwn1337l432zekapwn096428.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1be853a56372d31df2de7c0090643fc8
4d8466e459013861a6e31254032119a821b6b84a
f0ce9d820575ad38965af536db13de606c6e7235b0ed8234961f169d270e506a
GET /upload/vod/2022/11-28/13/l432zekapwn1337l432zekapwn096428.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 6944
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8146
content-disposition: inline; filename="l432zekapwn1337l432zekapwn096428.webp"
etag: "63844905-1fd2"
last-modified: Mon, 28 Nov 2022 05:37:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c7ffca6b52d-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/gel4gicol5t1448gel4gicol5t145994.jpg
104.22.12.214200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/gel4gicol5t1448gel4gicol5t145994.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5de5690cb4c52f1e268f50e17927f4e9
5d0548e5b033cebb458cb670c5609a6bd1f095a0
cd54ceabc054713822356f6a4747d5b9fa0d55eb2950f4d675ab2ba8ce05e431
GET /upload/vod/2022/11-27/14/gel4gicol5t1448gel4gicol5t145994.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 8080
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9092
content-disposition: inline; filename="gel4gicol5t1448gel4gicol5t145994.webp"
etag: "6383082e-2384"
last-modified: Sun, 27 Nov 2022 06:48:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c802cf2b52d-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f8b76b242fd2e8879cdfc7fbd1415faf
1871f8392aa2d3c3e8578d55db36191afc9327ec
361971753f91e7cad9e1bddef1c21a30753abbfb3b7f1cec82c8031700224ec1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 23:53:08 GMT
Expires: Sat, 10 Dec 2022 23:53:07 GMT
Etag: "1871f8392aa2d3c3e8578d55db36191afc9327ec"
Cache-Control: max-age=444119,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c813d851c02-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash ac42b66f8eed5be3d6bc7a5f517e7ca4
ab436b2a48df3d77e5b9943048e8f6e959b04d2e
e971705586bc6523e6f42ba1ea01923a06c380f719977e2c7e8cfd035a6de915
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 23:13:52 GMT
Expires: Sun, 11 Dec 2022 23:13:51 GMT
Etag: "ab436b2a48df3d77e5b9943048e8f6e959b04d2e"
Cache-Control: max-age=528163,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c815af30b55-OSL
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/soczq4vmtvx1448soczq4vmtvx186002.jpg
104.22.12.214200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/soczq4vmtvx1448soczq4vmtvx186002.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 1dbbb3d7f633e7ec2f9e8c1a1cca8f81
7fe946ba5ec0036e20a202f5f2d59aeadf5ab5f1
0063d9c2d1bacf52ecdde5cf25b9fb4721c72dcfca8922fb8bed2ef37b403e45
GET /upload/vod/2022/11-27/14/soczq4vmtvx1448soczq4vmtvx186002.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/jpeg
content-length: 13262
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13813, status=webp_bigger
etag: "63830832-35f5"
last-modified: Sun, 27 Nov 2022 06:48:18 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c807d64b52d-OSL
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 7dc74a47e6b702e43133cdd92f2ddb47
61252860c51bad27731920890e55c1b76237f871
16e7c709433235efac88aee152786d9b62e19f79be2758879bb495a38f257982
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=1
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 7dc74a47e6b702e43133cdd92f2ddb47
61252860c51bad27731920890e55c1b76237f871
16e7c709433235efac88aee152786d9b62e19f79be2758879bb495a38f257982
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=1
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 7dc74a47e6b702e43133cdd92f2ddb47
61252860c51bad27731920890e55c1b76237f871
16e7c709433235efac88aee152786d9b62e19f79be2758879bb495a38f257982
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=94
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 7dc74a47e6b702e43133cdd92f2ddb47
61252860c51bad27731920890e55c1b76237f871
16e7c709433235efac88aee152786d9b62e19f79be2758879bb495a38f257982
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=94
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/kdxjxxihz0w1448kdxjxxihz0w176000.jpg
104.22.12.214200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/kdxjxxihz0w1448kdxjxxihz0w176000.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e8c5237a2774641c7347195c616c1d25
07eb5a0bf61cb48e6eeba3789e4b2c83268e5a6a
5012dc2acafb65dddbded0622ddf8fe3500ca3b868722e24c1df750b17b17ba6
GET /upload/vod/2022/11-27/14/kdxjxxihz0w1448kdxjxxihz0w176000.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 7508
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8797
content-disposition: inline; filename="kdxjxxihz0w1448kdxjxxihz0w176000.webp"
etag: "63830831-225d"
last-modified: Sun, 27 Nov 2022 06:48:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c808d72b52d-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0a54b99084cab951441f7df375f94ced
c8b23131bf4ea9f95c4c4ecfe7d29910bd79d873
b6f618fd8ff2b9e23c90fef6c426f70493f3b9df8e07031423e91a6a2e729794
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B6F618FD8FF2B9E23C90FEF6C426F70493F3B9DF8E07031423E91A6A2E729794"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 02:21:07 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/mfwnifi054q1448mfwnifi054q155996.jpg
104.22.12.214200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/mfwnifi054q1448mfwnifi054q155996.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b5f6cf0d89a9f4571cea207c102cf991
b966d4f960eb98d75b38a599d64c119d2371d681
ad8c839cbddd92059b076f1c1774a4834378e816c0b8dd2f350125f3fab53b0c
GET /upload/vod/2022/11-27/14/mfwnifi054q1448mfwnifi054q155996.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/webp
content-length: 7548
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8800
content-disposition: inline; filename="mfwnifi054q1448mfwnifi054q155996.webp"
etag: "6383082f-2260"
last-modified: Sun, 27 Nov 2022 06:48:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 774f7c809d81b52d-OSL
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash ce34130c49aee3cb72f1a6c7bb5828e5
0f1f3fd825f6a547f8ae154369ee53f9233abbae
c77a26c5aee9304a88436232fbfb3ea928ad8b78cf47ea7e99bde26cdb01d55a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 09 Dec 2022 17:25:31 GMT
ETag: "0f1f3fd825f6a547f8ae154369ee53f9233abbae"
Last-Modified: Mon, 05 Dec 2022 17:25:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3422
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774f7c82dfe30afe-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d102864fb42b04166eefdedd4102cc48
f9aeaeb3eeec06b19df00db7afb3a7be2b636652
4ea2848f12fc8200e88ff7e6e4f4144ce92032cbea39dd4ced7f56e851ab156c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4EA2848F12FC8200E88FF7E6E4F4144CE92032CBEA39DD4CED7F56E851AB156C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8777
Expires: Mon, 05 Dec 2022 22:47:24 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d102864fb42b04166eefdedd4102cc48
f9aeaeb3eeec06b19df00db7afb3a7be2b636652
4ea2848f12fc8200e88ff7e6e4f4144ce92032cbea39dd4ced7f56e851ab156c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4EA2848F12FC8200E88FF7E6E4F4144CE92032CBEA39DD4CED7F56E851AB156C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8777
Expires: Mon, 05 Dec 2022 22:47:24 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
raw.githubusercontent.com/fenghuang89/fengh008/main/960x802%20(1).gif
185.199.111.133200 OK 704 kB URL HTTP/2 raw.githubusercontent.com/fenghuang89/fengh008/main/960x802%20(1).gif
IP 185.199.111.133:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 704 kB (704472 bytes)
Hash 0f71b91a91874f2631d3ba81fdcf640d
6cb9c0105bc20ed6673ee18339452522ef42a75b
2019be28217d86bcf511a9ced1ffbdf4f70c51f795284b751b42e5c43fb8aba2
GET /fenghuang89/fengh008/main/960x802%20(1).gif HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: image/gif
etag: W/"8ef53af4598fbad2c063b5d8855048ba22cca77cb386fa1bb44e9abd13aedbdb"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 4D40:217D:B5BABA:F639AE:638E5223
accept-ranges: bytes
date: Mon, 05 Dec 2022 20:21:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670271667.852349,VS0,VE2
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: e924923713294b89a38bee9769be6634b5efed23
expires: Mon, 05 Dec 2022 20:26:06 GMT
source-age: 144
content-length: 704472
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 823c50fd1df64025799b1e4991819681
ae23029f6cac30cadcff80870ad09d64e95a048a
0df2d6ece5979117b25359de83294c160268485c84c8c17c8a3f5503c73da243
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=845
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
X-N: S
ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
IP 216.58.211.3:0
Hash a5d78aa82cfbdcbd461c5eb9e8567830
5bef23db0bf36986dc92dcd61cf33eacde58560d
084726e951dbb428d403761fca4a1e2181b18145b931915a0e74e08226fd20ab
POST /s/gts1p5/t1eJGFHGm7w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads-6686.top/96060.gif
123.253.107.219200 OK 570 kB IP 123.253.107.219:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 570 kB (570462 bytes)
Hash 60393bbfab3aac9d2d4b557ba0752c41
4da3fa5126e9b68041eec58e3b794b28565ddd0a
b7c0b7710cec9c28a60532612d277bfe56400b95f4f524eb7d049a7b4ea73750
GET /96060.gif HTTP/1.1
Host: ads-6686.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: load-edge/2.1.1
date: Mon, 05 Dec 2022 20:21:06 GMT
content-type: image/gif
content-length: 570462
last-modified: Mon, 14 Nov 2022 07:57:56 GMT
etag: "6371f504-8b45e"
strict-transport-security: max-age=31536000
lp-geo: edge-gxr4
lp-addr: 91.90.42.154
lp-request: 618c5791-455a-4c2b-b827-663865bf358f
lp-id: 4f0efa2962ba319fc906f5f8bc56b53d
expires: Mon, 05 Dec 2022 20:26:06 GMT
cache-control: max-age=300
lp-cache: HIT
lp-cache-hit: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a5e73ae633cecbc65d4929a188021ea6
8a612cd4f12fa0062270f13581c96ae67edae824
a77e66056b53df293e55763ad4364e41ec5ce375a19d5e25b8df163d39778599
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 01:54:29 GMT
Expires: Mon, 12 Dec 2022 01:54:28 GMT
Etag: "8a612cd4f12fa0062270f13581c96ae67edae824"
Cache-Control: max-age=537800,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c832f02b523-OSL
ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
IP 216.58.211.3:0
Hash ebe2426e976fbc8675e61b0630fd282c
074e1f95a00182168e83661cf2ca2f7c732f87fc
fa490c5df5077f791e55cfda7f93a84d41053944e03e0efdc04fd17b4f02f0b8
POST /s/gts1p5/swCvH5hS9-4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 531bd639f4f61d16f50c5c35dc6fdecd
3d8c31fed880be8680c9246c0f1e2e7ed8f7bd05
887ee2e67bbf391e423fb710752e8d623728b903afaf6f5f4a0072ca3b3d3b2b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "887EE2E67BBF391E423FB710752E8D623728B903AFAF6F5F4A0072CA3B3D3B2B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21075
Expires: Tue, 06 Dec 2022 02:12:22 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/t1eJGFHGm7w
IP 216.58.211.3:0
Hash a5d78aa82cfbdcbd461c5eb9e8567830
5bef23db0bf36986dc92dcd61cf33eacde58560d
084726e951dbb428d403761fca4a1e2181b18145b931915a0e74e08226fd20ab
POST /s/gts1p5/t1eJGFHGm7w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kvevv.com/e7f9f10003ea879f17dc5225d425ec00.gif
18.155.68.9200 OK 173 kB URL HTTP/1.1 kvevv.com/e7f9f10003ea879f17dc5225d425ec00.gif
IP 18.155.68.9:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 173 kB (173021 bytes)
Hash e05745ed3860abbc9c406904ee2a1d54
898c622e86a922a68d6e145d247d6365e52c560a
b6a52aaa03f3bfbd11492c59432af69d14f2e792db32ba1e2e9e81329a6f0819
GET /e7f9f10003ea879f17dc5225d425ec00.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 173021
Connection: keep-alive
Date: Mon, 05 Dec 2022 10:42:52 GMT
Last-Modified: Tue, 29 Nov 2022 08:05:17 GMT
ETag: "e05745ed3860abbc9c406904ee2a1d54"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 16074517396ff3ce754e4ac422c346c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: 4ajo-ww43ngD7Vtq2qw60fmkMi5tOYnC7Q4UWIN14UVRqqwsWLoGng==
Age: 34695
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 70154788a2d9496af5855061ba22c01c
4ae78738a5a7a58ebb93eebf84e15a1e38f9a8c9
c9d77f902704d92b2a3bf820e9282b40cb73222486cbd360aa1568e1c0cc57ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=144957
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:07 GMT
Etag: "638de5f0-116"
Expires: Wed, 07 Dec 2022 12:37:04 GMT
Last-Modified: Mon, 05 Dec 2022 12:37:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
fmlb.netlbtu.com/upload/vod/2019/11-08/08/opoobkgdijt0841opoobkgdijt0521578.jpg
45.89.209.74200 OK 8.5 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/08/opoobkgdijt0841opoobkgdijt0521578.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5fbac22fa03d79efdce31f60fa5e9732
cd875ef41617bacb9a7eb598937a1281f6b06a23
abd67c12f8a3d39cedbf158c2f965cf6f0cb3f75ed76d6e7ade37dba541e6779
GET /upload/vod/2019/11-08/08/opoobkgdijt0841opoobkgdijt0521578.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 04:20:50 GMT
Content-Type: image/jpeg
Content-Length: 8476
Last-Modified: Fri, 25 Nov 2022 12:33:25 GMT
Connection: keep-alive
ETag: "6380b615-211c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-14/00/tymrhrxy12x0008tymrhrxy12x272357.jpg
45.89.209.74200 OK 9.4 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-14/00/tymrhrxy12x0008tymrhrxy12x272357.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2bb16d13621e429dcef63713a0b0ceaa
bbac180e6dedca2852a4b166b36096e13da5c0e0
272283c5f650e4163afc6cc25374557d2b1992560e81fd457ef410989d74db14
GET /upload/vod/2020/04-14/00/tymrhrxy12x0008tymrhrxy12x272357.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 04:20:50 GMT
Content-Type: image/jpeg
Content-Length: 9416
Last-Modified: Fri, 25 Nov 2022 12:30:14 GMT
Connection: keep-alive
ETag: "6380b556-24c8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/swCvH5hS9-4
IP 216.58.211.3:0
Hash ebe2426e976fbc8675e61b0630fd282c
074e1f95a00182168e83661cf2ca2f7c732f87fc
fa490c5df5077f791e55cfda7f93a84d41053944e03e0efdc04fd17b4f02f0b8
POST /s/gts1p5/swCvH5hS9-4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fmlb.netlbtu.com/upload/vod/2019/11-08/04/fvpyz2ayps20456fvpyz2ayps22212910.jpg
45.89.209.74200 OK 9.4 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/fvpyz2ayps20456fvpyz2ayps22212910.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 717x538, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5810c8c1db2ffd5de39c9ddfbeca3889
bdd3f083cd89df109622707ea24f8b956957ec08
b016ca5b8958ccb73702e18a617eaef58b71373cfe5347be4764d1c9411e5e11
GET /upload/vod/2019/11-08/04/fvpyz2ayps20456fvpyz2ayps22212910.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 04:20:50 GMT
Content-Type: image/jpeg
Content-Length: 9365
Last-Modified: Fri, 25 Nov 2022 12:36:03 GMT
Connection: keep-alive
ETag: "6380b6b3-2495"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e339475c1c05cbcfe71ff00f2dbb8c7e
a17d1daf3fadee44cc9094172f6fd6bc2980d1d2
a7c92484eea29fd5676c89e30bbf2426cb4db1c64fe998f629345e27ac975eed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7C92484EEA29FD5676C89E30BBF2426CB4DB1C64FE998F629345E27AC975EED"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=345
Expires: Mon, 05 Dec 2022 20:26:52 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 149c63992e188996f093bc4996532517
7d29c02784ca95a746975773844b92deee51ed80
40c57089485effb174127718813057dd60c88ba9fbb9dc0bdd43d5ba9f09413d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C57089485EFFB174127718813057DD60C88BA9FBB9DC0BDD43D5BA9F09413D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8079
Expires: Mon, 05 Dec 2022 22:35:46 GMT
Date: Mon, 05 Dec 2022 20:21:07 GMT
Connection: keep-alive
fmlb.netlbtu.com/upload/vod/2020/04-13/18/paduxq3kdo51807paduxq3kdo5061436.jpg
45.89.209.74200 OK 13 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-13/18/paduxq3kdo51807paduxq3kdo5061436.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c85eed472453e0686cc5166826c0a8aa
316b4c7bb61beeac126a97b6be0c497e0df99215
34aff1fcbc65cb5b4e53e3661792168673743ad3983a5eb8815043254fe59fdf
GET /upload/vod/2020/04-13/18/paduxq3kdo51807paduxq3kdo5061436.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 04:20:50 GMT
Content-Type: image/jpeg
Content-Length: 12636
Last-Modified: Fri, 25 Nov 2022 12:30:14 GMT
Connection: keep-alive
ETag: "6380b556-315c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2020/04-14/00/tldlwxhed1v0011tldlwxhed1v242714.jpg
45.89.209.74200 OK 8.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2020/04-14/00/tldlwxhed1v0011tldlwxhed1v242714.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a60c65bcf84aa6af295e24841892a6d8
bfc7b7bfba8da47fdca757267cdef925f3c64b9c
8aa639f7e54d94112c02e9d588b7d9d4e8477083dac302f644ac60a98d436f98
GET /upload/vod/2020/04-14/00/tldlwxhed1v0011tldlwxhed1v242714.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 04:20:50 GMT
Content-Type: image/jpeg
Content-Length: 8010
Last-Modified: Fri, 25 Nov 2022 12:36:03 GMT
Connection: keep-alive
ETag: "6380b6b3-1f4a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash be96384f67d739bfc777eca2009aa2d5
7e24abfcfc315abef7279fdc6eb7e9e1e0a5d4a0
44970ac66b02239944ce92795d167d11bcf2b6e402dff67d7416906fd7dab826
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 13:11:48 GMT
Expires: Mon, 12 Dec 2022 13:11:47 GMT
Etag: "7e24abfcfc315abef7279fdc6eb7e9e1e0a5d4a0"
Cache-Control: max-age=578439,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c831d52b51d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b844a7e8c9b7b4326b6b19d2e217ed4e
b24055f4b0538e15a75b90b907cb6a1d99fe03c8
be828713d878838e286022f6ec6cb5c12f7f14cf1eba8894bd981b08b8c25af8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 11:18:49 GMT
Expires: Fri, 09 Dec 2022 11:18:48 GMT
Etag: "b24055f4b0538e15a75b90b907cb6a1d99fe03c8"
Cache-Control: max-age=312460,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c8428bab523-OSL
kvkaaa.top/ca302b14c051bf41d75347daaf6e7ab3.gif
104.21.235.136200 OK 199 kB URL HTTP/2 kvkaaa.top/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 104.21.235.136:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 199 kB (198998 bytes)
Hash 9055b16bfddceb4d71a64601d99cc1fe
08f43efa14ead275ed58613dfe4715982679fe30
9f39213220495f96b8fbef7974ce8cef0eeaffeb6416328de8f7469254aab886
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvkaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mmzya1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 198998
last-modified: Sat, 16 Apr 2022 08:19:50 GMT
etag: "625a7c26-30956"
expires: Fri, 23 Dec 2022 04:10:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1095038
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YOTMFMTzOAMsgP%2Fq7ljKdEjWDEy3goMAvD0%2BZzN3WdAdshaoV%2BMKMscRXVWalnonTWVnUPAr%2FH%2FlskjLVConfWl88ZGAAnOg1QdSehDDBQIoMTn5oDK3FWWB0K4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f7c83efbb7785-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1829190445&si=cd4966c6bfc698dc34e4f0611b2ef124&su=http%3A%2F%2F154.82.85.101%2F&v=1.3.0&lv=1&sn=46655&r=0&ww=1264&u=https%3A%2F%2Fwww.mmzya1.com%2F&tt=%E7%8C%AB%E7%8C%AB%E8%B5%84%E6%BA%90
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1829190445&si=cd4966c6bfc698dc34e4f0611b2ef124&su=http%3A%2F%2F154.82.85.101%2F&v=1.3.0&lv=1&sn=46655&r=0&ww=1264&u=https%3A%2F%2Fwww.mmzya1.com%2F&tt=%E7%8C%AB%E7%8C%AB%E8%B5%84%E6%BA%90
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1829190445&si=cd4966c6bfc698dc34e4f0611b2ef124&su=http%3A%2F%2F154.82.85.101%2F&v=1.3.0&lv=1&sn=46655&r=0&ww=1264&u=https%3A%2F%2Fwww.mmzya1.com%2F&tt=%E7%8C%AB%E7%8C%AB%E8%B5%84%E6%BA%90 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 05 Dec 2022 20:21:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=FF27A8F854E1A522; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP 216.58.211.3:0
Hash 08c7f2e9d19100f54770556fd4f70a95
854a03d059b9c90a4f3761dab5aa2394162556de
48bc484db65d7e5180857d5a9bebc1b7b51e9d7aefbafa4d1ed467e5538714a6
POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:21:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 764f1240f880ac5e74f57fff6c581c20
7391073a4a230cef6c5ae49c364ea15b712163dd
030eb47d5a8b2a6f030248e44583a7ce9545a845246ad87ab577e6284366386b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 20:52:34 GMT
Expires: Fri, 09 Dec 2022 20:52:33 GMT
Etag: "7391073a4a230cef6c5ae49c364ea15b712163dd"
Cache-Control: max-age=346885,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c83e8961c02-OSL
kzenn.com/b3d9a37730111812e9e40be25e336998.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kzenn.com/b3d9a37730111812e9e40be25e336998.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /b3d9a37730111812e9e40be25e336998.gif HTTP/1.1
Host: kzenn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: text/html
content-length: 162
location: https://kvkkkk.top/b3d9a37730111812e9e40be25e336998.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b844a7e8c9b7b4326b6b19d2e217ed4e
b24055f4b0538e15a75b90b907cb6a1d99fe03c8
be828713d878838e286022f6ec6cb5c12f7f14cf1eba8894bd981b08b8c25af8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 11:18:49 GMT
Expires: Fri, 09 Dec 2022 11:18:48 GMT
Etag: "b24055f4b0538e15a75b90b907cb6a1d99fe03c8"
Cache-Control: max-age=312459,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c8438e70b59-OSL
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2deeed8770184d99ea1f9e4f9b025fad
6723ff8d56a066239c76ecd84bd44ce04141e8e0
88b12045703aad55aaae265c24abf9125c76f88b3258fd72d0b08e1e0eb50218
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "88B12045703AAD55AAAE265C24ABF9125C76F88B3258FD72D0B08E1E0EB50218"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Tue, 06 Dec 2022 02:20:12 GMT
Date: Mon, 05 Dec 2022 20:21:08 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2deeed8770184d99ea1f9e4f9b025fad
6723ff8d56a066239c76ecd84bd44ce04141e8e0
88b12045703aad55aaae265c24abf9125c76f88b3258fd72d0b08e1e0eb50218
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "88B12045703AAD55AAAE265C24ABF9125C76F88B3258FD72D0B08E1E0EB50218"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Tue, 06 Dec 2022 02:20:12 GMT
Date: Mon, 05 Dec 2022 20:21:08 GMT
Connection: keep-alive
p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mwIzZHqu31YwoYpfrN2UPt1Q8YRJL74JSYfRichdiaKicp9g/0
43.154.254.32200 OK 49 kB URL HTTP/2 p.qlogo.cn/qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mwIzZHqu31YwoYpfrN2UPt1Q8YRJL74JSYfRichdiaKicp9g/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 200 x 200\012- data
Hash f9cfee83620ed3913a15407857b6197d
3597be679b25e44e95145a07161b4e90cf20bd90
6f4244d3ceee89f0facba0cd11e13fa817910870df4a83631941db13ce5a4297
GET /qqmail_head/zsUXYY6y4cIcdXHoJqzib7YJkw8Jmib8mwIzZHqu31YwoYpfrN2UPt1Q8YRJL74JSYfRichdiaKicp9g/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 48866
vary: Accept,Origin
last-modified: Mon, 21 Nov 2022 09:11:11 GMT
cache-control: max-age=2592000
x-delay: 52 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 48866
chid: 0
fid: 0
x-nws-log-uuid: 6e10498e-56dc-4dc0-960a-a50e1471fe9d
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5456ef30be59c16b5ffd346dcceffbad
46afce4abe9ede113fe1d05576d6c746d3bf5b8a
0a4727cf965cef09186c13fe853f963fb1690b0b9cb0bb7443d13172461d0b25
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:21:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 11:55:12 GMT
Expires: Sat, 10 Dec 2022 11:55:11 GMT
Etag: "46afce4abe9ede113fe1d05576d6c746d3bf5b8a"
Cache-Control: max-age=401042,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f7c848fdab51d-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 15728ef34e867a7e32e7254c29300603
3d5e818523a63ab21051dc4f19e3f038e81a3a8c
8b4681b49c6f30fe078d79b5ffcc16f7fdbf5464c6783802ca0541e39b698d90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4681B49C6F30FE078D79B5FFCC16F7FDBF5464C6783802CA0541E39B698D90"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16196
Expires: Tue, 06 Dec 2022 00:51:04 GMT
Date: Mon, 05 Dec 2022 20:21:08 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2a1358666f9fd523c2aaa5127244033f
0d7b214cb2a603958169e3279ffab8b86f705548
22d0c7f5c6d8c9420e5430dcd69b6fee3ac5a2c5617e4920c64c8cfb5e5668eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "22D0C7F5C6D8C9420E5430DCD69B6FEE3AC5A2C5617E4920C64C8CFB5E5668EB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Tue, 06 Dec 2022 02:20:58 GMT
Date: Mon, 05 Dec 2022 20:21:08 GMT
Connection: keep-alive
www.mmzya1.com/
164.88.76.177200 OK 0 B IP 164.88.76.177:0
ASN #137951 Clayer Limited
GET / HTTP/1.1
Host: www.mmzya1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://154.82.85.101/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:21:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
3p8801.co/yy-960x120.gif
107.148.202.17200 OK 0 B IP 107.148.202.17:0
GET /yy-960x120.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 64647
last-modified: Sat, 12 Nov 2022 07:15:02 GMT
etag: "636f47f6-fc87"
expires: Wed, 04 Jan 2023 20:21:07 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
45.89.209.74200 OK 0 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/11/22/cc16487.jpg
IP 45.89.209.74:0
GET /images/2021/11/22/cc16487.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 04:20:50 GMT
Content-Type: image/jpeg
Content-Length: 186946
Last-Modified: Fri, 25 Nov 2022 12:36:03 GMT
Connection: keep-alive
ETag: "6380b6b3-2da42"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
n0600.com/33930d0b3a2a4bba8710c02df43b9e32.gif
20.222.119.28200 OK 0 B URL HTTP/2 n0600.com/33930d0b3a2a4bba8710c02df43b9e32.gif
IP 20.222.119.28:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /33930d0b3a2a4bba8710c02df43b9e32.gif HTTP/1.1
Host: n0600.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 20 Nov 2022 15:57:49 GMT
etag: W/"637a4e7d-3c8c8"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
8499683.com/8499/s/960x80.gif
172.247.50.229200 OK 0 B URL HTTP/2 8499683.com/8499/s/960x80.gif
IP 172.247.50.229:0
GET /8499/s/960x80.gif HTTP/1.1
Host: 8499683.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 421071
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "66ccf-5ed03b0c9cba8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/PiajxSqBRaEJJRn8gJmldAhC0pUPnSjTFH6FcgBhB2kVWjPtY3SD2Cm5xNlroRYb93Y8NP94aKl8/0
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaEJJRn8gJmldAhC0pUPnSjTFH6FcgBhB2kVWjPtY3SD2Cm5xNlroRYb93Y8NP94aKl8/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/PiajxSqBRaEJJRn8gJmldAhC0pUPnSjTFH6FcgBhB2kVWjPtY3SD2Cm5xNlroRYb93Y8NP94aKl8/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
content-length: 421071
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:45:00 GMT
cache-control: max-age=2592000
x-delay: 230 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 421071
chid: 0
fid: 0
x-nws-log-uuid: 2762a2bb-ef28-4edf-9715-82a39a7a02a9
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
45.89.209.74200 OK 0 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/11/20/heyzo4538.jpg
IP 45.89.209.74:0
GET /images/2021/11/20/heyzo4538.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 06 Dec 2022 04:20:50 GMT
Content-Type: image/jpeg
Content-Length: 43129
Last-Modified: Fri, 25 Nov 2022 12:36:03 GMT
Connection: keep-alive
ETag: "6380b6b3-a879"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.mmzya1.com/template/m1938pc/ads/dddlll.js
164.88.76.177200 OK 0 B URL HTTP/2 www.mmzya1.com/template/m1938pc/ads/dddlll.js
IP 164.88.76.177:0
ASN #137951 Clayer Limited
GET /template/m1938pc/ads/dddlll.js HTTP/1.1
Host: www.mmzya1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:21:05 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 10:41:02 GMT
vary: Accept-Encoding
etag: W/"637b55be-5de"
expires: Tue, 06 Dec 2022 08:21:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.1152555.com/images/638e0aa0ea63faf255bd13dd.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.1152555.com/images/638e0aa0ea63faf255bd13dd.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/638e0aa0ea63faf255bd13dd.gif HTTP/1.1
Host: img.1152555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d079412e07f4ea6b6f84c97374501c8
X-Firefox-Spdy: h2
n0611.com/e4597d94b7c64d2cbd906c4116922097.gif
20.222.160.211200 OK 0 B URL HTTP/2 n0611.com/e4597d94b7c64d2cbd906c4116922097.gif
IP 20.222.160.211:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /e4597d94b7c64d2cbd906c4116922097.gif HTTP/1.1
Host: n0611.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:21:07 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 20 Nov 2022 15:57:26 GMT
etag: W/"637a4e66-5bacd"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.mmzya1.com/template/m1938pc/static/css/style.css
164.88.76.177200 OK 0 B URL HTTP/2 www.mmzya1.com/template/m1938pc/static/css/style.css
IP 164.88.76.177:0
ASN #137951 Clayer Limited
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.mmzya1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:21:05 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 03:51:54 GMT
vary: Accept-Encoding
etag: W/"62abfa5a-6320"
expires: Tue, 06 Dec 2022 08:21:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.mmzya1.com/template/m1938pc/ads/dh.js
164.88.76.177200 OK 0 B URL HTTP/2 www.mmzya1.com/template/m1938pc/ads/dh.js
IP 164.88.76.177:0
ASN #137951 Clayer Limited
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: www.mmzya1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:21:05 GMT
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 15:18:42 GMT
vary: Accept-Encoding
etag: W/"638e0bd2-4848"
expires: Tue, 06 Dec 2022 08:21:05 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
768tupian.oss-cn-shenzhen.aliyuncs.com/vip150.gif
120.77.166.19200 OK 0 B URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/vip150.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /vip150.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: image/gif
Content-Length: 163824
Connection: keep-alive
x-oss-request-id: 638E52B3703D5E31313513F6
Accept-Ranges: bytes
ETag: "AEE6CE5E72915C46735B4AB2E7A0191B"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 18189287716440317141
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: rubOXnKRXEZzW0qy56AZGw==
x-oss-server-time: 2
768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
120.77.166.19200 OK 0 B URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mmzya1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 05 Dec 2022 20:21:07 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 638E52B34EAD113636A71026
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3