r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13006
Expires: Thu, 05 Jan 2023 06:36:18 GMT
Date: Thu, 05 Jan 2023 02:59:32 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7290
Expires: Thu, 05 Jan 2023 05:01:02 GMT
Date: Thu, 05 Jan 2023 02:59:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 02:47:48 GMT
content-type: application/json
age: 704
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 225d42543c0190cdb3686bf236533f4f
13a0940800fce078487372b6b3ca614dd1ab6c31
766bbe15eb1642ac39e9b71669fbb44252471c8de5adb555cd1a76db44fbe7bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "766BBE15EB1642AC39E9B71669FBB44252471C8DE5ADB555CD1A76DB44FBE7BC"
Last-Modified: Mon, 02 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7212
Expires: Thu, 05 Jan 2023 04:59:44 GMT
Date: Thu, 05 Jan 2023 02:59:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: J0CbbmrT4RoBNWl/pqpferv2x08A7mPWtqogVX99nUNE+OKzquByevI04sn1mKP/1ZyURcGKCMg=
x-amz-request-id: G8RWXS07W95P65DJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 02:59:22 GMT
age: 10
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.678if.com/arttypehtml/5-6.html
154.203.181.133200 OK 2.2 kB URL HTTP/1.1 www.678if.com/arttypehtml/5-6.html
IP 154.203.181.133:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with CRLF line terminators
Hash 265ad27f20a6da266918e149f69f1355
d1e92fe5f372dde9ebc400378c9c96aa24ce7376
74466ff3dc04d2f6d71191b419b0749ca26b288e6d2af2829b55b15342752a5b
GET /arttypehtml/5-6.html HTTP/1.1
Host: www.678if.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 02:59:32 GMT
Content-Length: 2186
Content-Type: text/html
Server: nginx
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 02:59:32 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.678if.com/arttypehtml/5-6.html
154.203.181.133200 OK 2.2 kB URL HTTP/1.1 www.678if.com/arttypehtml/5-6.html
IP 154.203.181.133:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with CRLF line terminators
Hash 265ad27f20a6da266918e149f69f1355
d1e92fe5f372dde9ebc400378c9c96aa24ce7376
74466ff3dc04d2f6d71191b419b0749ca26b288e6d2af2829b55b15342752a5b
GET /arttypehtml/5-6.html HTTP/1.1
Host: www.678if.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 02:59:32 GMT
Content-Length: 2186
Content-Type: text/html
Server: nginx
www.678if.com/common.js
154.203.181.133200 OK 4.0 kB IP 154.203.181.133:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (466), with CRLF line terminators
Hash cf71c39ce2ac643f86289d26b2cf5554
eb23cb7e30df2fdeec0256e2a2fa1ed24366231f
4c7bf0ab99ed8e1fc2a0af9501ce6307c7dbda5da9eabb07e0538139fec86d7b
GET /common.js HTTP/1.1
Host: www.678if.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.678if.com/arttypehtml/5-6.html
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 02:59:32 GMT
Content-Length: 3981
Content-Type: application/x-javascript
Server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 02:08:11 GMT
age: 3082
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3341
Cache-Control: max-age=111779
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 02:59:33 GMT
Etag: "63b541ab-1d7"
Expires: Fri, 06 Jan 2023 10:02:32 GMT
Last-Modified: Wed, 04 Jan 2023 09:06:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.678if.com/tj.js
154.203.181.133200 OK 19 kB IP 154.203.181.133:0
File type ASCII text, with very long lines (17702), with CRLF line terminators
Hash 5d903e6bb69022e0f9ccddb798daf10c
09060250a26173b18d5ee2567ce3204a6e3a4cfb
452f9967b1da15f7ce50ff2221edd540dadb37f918db192d48703bd9bac07d90
GET /tj.js HTTP/1.1
Host: www.678if.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.678if.com/arttypehtml/5-6.html
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 02:59:32 GMT
Content-Length: 18898
Content-Type: application/x-javascript
Server: nginx
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.678if.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 05 Jan 2023 02:59:33 GMT
Etag: "4078521116"
Expires: Fri, 05 Jan 2024 02:59:33 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=1A6470F5DE11789C9171E679CB4408D7:FG=1; max-age=31536000; expires=Fri, 05-Jan-24 02:59:33 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
push.services.mozilla.com/
35.82.246.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.246.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aAf2w3HmKe07+c11iRDkmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZHTm9y9e2tv+2ZlX5v/PpYm56EY=
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 4a405206d87d23e189dabdf9fe80f687
6568684b9993861f7a1c8c96cce5403a8cbbcfcf
e5e54a2ad02fa4a679c140309afe33e3e03f1b31c08cacc3efdda04618bc1149
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 02:59:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 00:52:12 GMT
ETag: "6568684b9993861f7a1c8c96cce5403a8cbbcfcf"
Last-Modified: Thu, 05 Jan 2023 00:52:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2655
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7848f56a09810b51-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 64a157954a2336405fe40f6a79b44c55
4777c2ff7b07003c14273c9c24ad9081256a2805
56522abe6022511c6bb9983b3816805451711fa450fa2a29dc6e89b3274f3264
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56522ABE6022511C6BB9983B3816805451711FA450FA2A29DC6E89B3274F3264"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 05 Jan 2023 08:59:34 GMT
Date: Thu, 05 Jan 2023 02:59:34 GMT
Connection: keep-alive
www.678if.com/favicon.ico
154.203.181.133200 OK 2.2 kB URL HTTP/1.1 www.678if.com/favicon.ico
IP 154.203.181.133:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with CRLF line terminators
Hash 265ad27f20a6da266918e149f69f1355
d1e92fe5f372dde9ebc400378c9c96aa24ce7376
74466ff3dc04d2f6d71191b419b0749ca26b288e6d2af2829b55b15342752a5b
GET /favicon.ico HTTP/1.1
Host: www.678if.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.678if.com/arttypehtml/5-6.html
Cookie: __tins__21364731=%7B%22sid%22%3A%201672887563615%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201672889363615%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 02:59:33 GMT
Content-Length: 2186
Content-Type: text/html
Server: nginx
api.share.baidu.com/s.gif?l=http://www.678if.com/arttypehtml/5-6.html
39.156.68.163200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.678if.com/arttypehtml/5-6.html
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.678if.com/arttypehtml/5-6.html HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.678if.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 05 Jan 2023 02:59:34 GMT
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13157
Expires: Thu, 05 Jan 2023 06:38:51 GMT
Date: Thu, 05 Jan 2023 02:59:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13157
Expires: Thu, 05 Jan 2023 06:38:51 GMT
Date: Thu, 05 Jan 2023 02:59:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cf33ce3c68b01f0c8f73549306ccfbc
621283dc19de9d911c21e75236b7218fd0096909
f5127032147e1659d3c9ad662b54a857c57020bb8daa4fd9974909b91224cdb8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5872
x-amzn-requestid: f0588feb-4ca9-432e-bc7c-ab307d8cc6ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d__SgGluIAMFq_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afdf43-6e144cc95664318821e4830e;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:05:39 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 875SOR1X-4quWSEJiR5x9l9rpVI3JD-oaousZQFF4SnwwM4nXigvqQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:54:01 GMT
age: 68733
etag: "621283dc19de9d911c21e75236b7218fd0096909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cecd6a1a228ac55f193a180229d3a33
9e5fd5a101828d5491305deb539dc5836c5b3065
7bbd9e261625c2d2a700a817c2f10b779c8463baacda02f9f34161c08487ca31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8721
x-amzn-requestid: 8e0c9bb9-d00e-47dc-8847-7e94edf1fae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eAA8tEPwIAMF6sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afe1ea-32a8c3572fabb11d35d0ca8c;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:16:58 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: wL4yI6X5FFE7MTEuxkfmgR8OGTxhca6zQBPxJXjiRSAmzYGefL_ZYw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:31:52 GMT
age: 70062
etag: "9e5fd5a101828d5491305deb539dc5836c5b3065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 008614d302ad57bc6502ad5e07652378
968bc262d2939ec6f0dce9d852682c0aaf86d3d7
5eab9a2591f0f9761ba3b90a5a191b79b6326cccb1ee6b586b00dfc1517c8db6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4248
x-amzn-requestid: 17ccfd69-0d12-42ac-b111-059a68735e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCutmF7mIAMFW2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0f7f0-5e1653641a0303815656a578;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 03:03:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nR6vOzio5JonZZq2SZTwpYBaOUlL9Dw5ntz93jS__r16JEGVqc8Xhw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 06:06:12 GMT
age: 75202
etag: "968bc262d2939ec6f0dce9d852682c0aaf86d3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f22f65ce84ef540224278e198edbe5dd
e64e4d49a0a630036019dbb06a8e5a526323975f
ad334d8c521c61a83836cecc0c2b2e19381d361c75a8f79a2c00536fdad5f4df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7329
x-amzn-requestid: 0ffe55a3-cf07-43cd-b4df-4187d2e2686a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVzQFCVIAMFtww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39ce1-1ddb337722ed75aa22e9637a;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:11:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3vR1Lk9_7Cde_rqOrhIxG9afQbr6agHxi2_3lBuSEWmXQAlnW5qokA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 03:36:23 GMT
age: 84191
etag: "e64e4d49a0a630036019dbb06a8e5a526323975f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c820340d5ed98c9573754e3a749bf40c
09d31b45d4cc16c4d321e616e5445d9ba921a1ba
2a69c58358ae763ddef6603f783d7d25c465ff4d3777e6bd540c1b673381813a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8307
x-amzn-requestid: 008b9a75-d739-4c2b-97ee-125dab1961a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eH6EJF0uIAMFd8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b30a1a-3f738a875090ce970fba51f5;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 16:45:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -2r9e3QyrKCQGQVFWS-XL71lb7b3DyO1Svt4tTWZlh6Cnzoo2rnaFg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 02:24:43 GMT
age: 2091
etag: "09d31b45d4cc16c4d321e616e5445d9ba921a1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nba.tb2w8avl.club/common.php?val=daxiangjiao&t=0.2797183739073801?v=03957189825115349
156.240.106.189200 OK 8.6 kB URL HTTP/2 nba.tb2w8avl.club/common.php?val=daxiangjiao&t=0.2797183739073801?v=03957189825115349
IP 156.240.106.189:0
ASN #140227 Hong Kong Communications International Co., Limited
Hash cd3786c52bc9b30cd481ed73eed74f74
074d5a1b1ee3c5949d70f65691a4ad217ed46813
a9dd5f944657fb274f5d330955d7327775709625284d2e5b342700f48a48a904
GET /common.php?val=daxiangjiao&t=0.2797183739073801?v=03957189825115349 HTTP/1.1
Host: nba.tb2w8avl.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.678if.com
Connection: keep-alive
Referer: http://www.678if.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:04:18 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 40426829d0db9008ece07e25f46993d9
4afcc998cbb3da1d80185b859704ddebc158d857
150fda2748700e760fe986d3ecba419aed167b708020175e5e7dbb56e20856ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "150FDA2748700E760FE986D3ECBA419AED167B708020175E5E7DBB56E20856CA"
Last-Modified: Tue, 03 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 05 Jan 2023 08:59:35 GMT
Date: Thu, 05 Jan 2023 02:59:35 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2eab4c316b611bdc9af4049b4440de0a
b36a1a69b9cdd5d29813bb23860f22c55821ec80
eba90b03ae91406a41941b9a221d644703151caab59878f0ac7d65be02dcec79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBA90B03AE91406A41941B9A221D644703151CAAB59878F0AC7D65BE02DCEC79"
Last-Modified: Tue, 03 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Thu, 05 Jan 2023 08:58:51 GMT
Date: Thu, 05 Jan 2023 02:59:37 GMT
Connection: keep-alive
api.jhzy6xxl.club/1672887858.html
118.107.43.9200 OK 36 kB URL HTTP/2 api.jhzy6xxl.club/1672887858.html
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
Hash 6256d4b56b355b61d36f46c511299939
24bb4b61faea63284ee21153d005d23f172a1932
24e5944910760dc9a9bce2848a2634c2361e99e2aff6ddb5c39892ece6d83bd3
GET /1672887858.html HTTP/1.1
Host: api.jhzy6xxl.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.678if.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:35 GMT
content-type: text/html
last-modified: Sat, 18 Dec 2021 07:18:36 GMT
vary: Accept-Encoding
etag: W/"61bd8b4c-427"
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cloudfly-node01
X-Firefox-Spdy: h2
api.kzk44ih0.world/static/js/index.046d5a0f.js
112.213.116.93200 OK 35 kB URL HTTP/2 api.kzk44ih0.world/static/js/index.046d5a0f.js
IP 112.213.116.93:0
ASN #64050 BGPNET Global ASN
Hash 703f103b86298210f0a4d5c7439775de
5931cf26b1408fd3a94b9858b8e9db290e95d6b4
d7e7fabb98644fdeb4d1e8054f32c2181f3d85a85362a338f81bbd15b6e76309
GET /static/js/index.046d5a0f.js HTTP/1.1
Host: api.kzk44ih0.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/?tt=1672887860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:37 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
vary: Accept-Encoding
etag: W/"6381861a-1bb43"
expires: Thu, 05 Jan 2023 04:45:27 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cloudfly-node9
cdn-cache: HIT
X-Firefox-Spdy: h2
api.kzk44ih0.world/static/search.png
112.213.116.93200 OK 690 B URL HTTP/2 api.kzk44ih0.world/static/search.png
IP 112.213.116.93:0
ASN #64050 BGPNET Global ASN
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a179ac8d63fa71c8339fd4d30d48c64e
76635704a1ad75435f8bf1fe924e36281258df49
1f6da2f31a4af79a702fa2a594600a3308c0d0f251c8c7ccba2dd03139c33e1e
GET /static/search.png HTTP/1.1
Host: api.kzk44ih0.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/?tt=1672887860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:39 GMT
content-type: image/png
content-length: 690
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
etag: "6381861a-2b2"
expires: Mon, 30 Jan 2023 15:08:12 GMT
cache-control: max-age=2592000
via: cloudfly-node9
cdn-cache: HIT
X-Firefox-Spdy: h2
api.kzk44ih0.world/static/loading.svg
112.213.116.93200 OK 1.8 kB URL HTTP/2 api.kzk44ih0.world/static/loading.svg
IP 112.213.116.93:0
ASN #64050 BGPNET Global ASN
File type exported SGML document, ASCII text
Hash 91762b2af9bdefdd58f5a5b6e7387361
0a511968514d38a4702c5585ead7c01d4f20def0
d887368f18aa4483d5a267a86d1ff5d26a09048bb1c93c0ac9d374e438014342
GET /static/loading.svg HTTP/1.1
Host: api.kzk44ih0.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/?tt=1672887860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:40 GMT
content-type: image/svg+xml
content-length: 1784
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
etag: "6381861a-6f8"
via: cloudfly-node9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 72cc89f9ec9d515f905cc45f429311f1
ce01f4b3ad4afb1ba32ed46971ca5e7d4523759d
003beca7b51bf91c7321e6e7e3936e49928c72892765b3f6128b94b1f2bc229c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "003BECA7B51BF91C7321E6E7E3936E49928C72892765B3F6128B94B1F2BC229C"
Last-Modified: Tue, 03 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7382
Expires: Thu, 05 Jan 2023 05:02:42 GMT
Date: Thu, 05 Jan 2023 02:59:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ba0bb07761a0392b2430d634c02524eb
21e307805f0c1f8a547d9ab7a01f8cfceb3da44c
ab54d6b229b0b825a7178b4b14fb0fef38ae21f1088cd588535fecbec8c25704
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB54D6B229B0B825A7178B4B14FB0FEF38AE21F1088CD588535FECBEC8C25704"
Last-Modified: Tue, 03 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=736
Expires: Thu, 05 Jan 2023 03:11:56 GMT
Date: Thu, 05 Jan 2023 02:59:40 GMT
Connection: keep-alive
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 05 Jan 2023 02:59:40 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?7e5e3dfa6de61bfd4b1abb18528745ab
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?7e5e3dfa6de61bfd4b1abb18528745ab
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 3777f17326649dbcb0ee074309ce5eb2
33193bad1456db8bcfdc28a58bfdb25a5f73321d
8718311b3977068b0d1cf388be7b91b2647e343d9ff08f6ea63779198bf91788
GET /hm.js?7e5e3dfa6de61bfd4b1abb18528745ab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 02:59:40 GMT
Etag: 3af015a1172e277809155b69c6e526a2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=ED6BCD2F629B810F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
13.227.254.125200 OK 185 kB URL HTTP/2 kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
IP 13.227.254.125:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 185 kB (184926 bytes)
Hash 214553bbbe765499c15ec4271f4bbd23
8fa439d96daee17a9c0b86546dba5cb8fa25b076
34924659831f47a88bb09ee743e6e993c7b98c6038e0d6f9ba93123ba0a92a50
GET /e74b75b58cdf79b04bfb0592f5a858dc.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 184926
last-modified: Mon, 19 Dec 2022 08:24:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 15:59:46 GMT
etag: "214553bbbe765499c15ec4271f4bbd23"
x-cache: Hit from cloudfront
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: LRmFz2IXUPnM82GZl2LiH11D7cpDuC9K0N3bQc69eDZE5f5YWCCyFg==
age: 39595
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9c836f586349b3a3967a90cee6e3c939
1abc258819e8a0e1171be99169658c89ed2c2115
eea17fc43e8dd89f6c487fbe6e0f1ef1a012a6e493515724be51512195324b1c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148057
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 02:59:40 GMT
Etag: "63b5dc75-117"
Expires: Fri, 06 Jan 2023 20:07:17 GMT
Last-Modified: Wed, 04 Jan 2023 20:07:17 GMT
Server: nginx
Content-Length: 279
kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
13.227.254.6200 OK 199 kB URL HTTP/2 kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 13.227.254.6:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 199 kB (198998 bytes)
Hash 9055b16bfddceb4d71a64601d99cc1fe
08f43efa14ead275ed58613dfe4715982679fe30
9f39213220495f96b8fbef7974ce8cef0eeaffeb6416328de8f7469254aab886
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 198998
last-modified: Thu, 15 Dec 2022 02:16:31 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 04:47:37 GMT
etag: "9055b16bfddceb4d71a64601d99cc1fe"
x-cache: Hit from cloudfront
via: 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: Gng1PGW59eontGIZ72m3w4Vr8aVIo9P-Q8ndRpqppft_xYfI6fhK6Q==
age: 79924
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9c836f586349b3a3967a90cee6e3c939
1abc258819e8a0e1171be99169658c89ed2c2115
eea17fc43e8dd89f6c487fbe6e0f1ef1a012a6e493515724be51512195324b1c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=148057
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 02:59:41 GMT
Etag: "63b5dc75-117"
Expires: Fri, 06 Jan 2023 20:07:18 GMT
Last-Modified: Wed, 04 Jan 2023 20:07:17 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash f05e3f099900559b4b56ed635cc514b1
60d5554c431aafe114e4750cca302e432c3e7f4f
6e64695a37514f8e8e451fe8a24faa5b9f7f2ddbd1be7e083a4684aa5b594b16
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153276
Date: Thu, 05 Jan 2023 02:59:41 GMT
Etag: "63b5e209-1d7"
Expires: Fri, 06 Jan 2023 21:34:17 GMT
Last-Modified: Wed, 04 Jan 2023 20:31:05 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7ssxovLYBrnjd4zZUjVmE8nm0TUl51Y322t4GTeld_UWDjF8s8WSew==
Age: 3793
kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
104.21.234.153200 OK 211 kB URL HTTP/2 kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 104.21.234.153:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kzk44ih0.world/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 02:59:41 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Sat, 28 Jan 2023 08:36:37 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 584584
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKJPJx2AvCq4SAzX7kB%2BhYcckCXPR78ws4yI3%2BHrxr%2BJzoWuF6636aiPyl7YMb8icqIPH29e5iohGzv9J4kgZHum3rgy6m62V6hTwJGiGA0csE8YEeOKwVWyDGxi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7848f595ae0edd76-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
13.227.254.101200 OK 400 kB URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 13.227.254.101:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 07:21:52 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 db75d9999621c662b2eccf4f496b12aa.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: ZyOOJlHQyRiH1vxAY8Qot3EaAZzHKnMnDVGU00BI9yR_tww0t3x0oA==
age: 70668
X-Firefox-Spdy: h2
kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
13.227.254.117200 OK 393 kB URL HTTP/2 kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP 13.227.254.117:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 393 kB (393378 bytes)
Hash a930de5ec6e818c397927d0c8e288eb4
5740c07c68ec2828cf3544a76afa1755077a6f57
e5a218bd1dc9bc6410f36069969a1c36a3f34f0d42079c4bd02ec8c19421bee0
GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: kzett.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 393378
last-modified: Tue, 03 Jan 2023 03:28:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 05:17:09 GMT
etag: "a930de5ec6e818c397927d0c8e288eb4"
x-cache: Hit from cloudfront
via: 1.1 1ce5b4ee9f2f36701e8515d9d8ae140c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: VGbaiN1VKpmWKawZ1uzjAAQzLm1n2XR5Y0OKW44wAHlnKrSe-8ir3g==
age: 78152
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2042669376&si=7e5e3dfa6de61bfd4b1abb18528745ab&su=https%3A%2F%2Fapi.jhzy6xxl.club%2F&v=1.3.0&lv=1&sn=41161&r=0&ww=1268&u=https%3A%2F%2Fapi.kzk44ih0.world%2F%3Ftt%3D1672887860%23%2F&tt=dxj
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2042669376&si=7e5e3dfa6de61bfd4b1abb18528745ab&su=https%3A%2F%2Fapi.jhzy6xxl.club%2F&v=1.3.0&lv=1&sn=41161&r=0&ww=1268&u=https%3A%2F%2Fapi.kzk44ih0.world%2F%3Ftt%3D1672887860%23%2F&tt=dxj
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2042669376&si=7e5e3dfa6de61bfd4b1abb18528745ab&su=https%3A%2F%2Fapi.jhzy6xxl.club%2F&v=1.3.0&lv=1&sn=41161&r=0&ww=1268&u=https%3A%2F%2Fapi.kzk44ih0.world%2F%3Ftt%3D1672887860%23%2F&tt=dxj HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 02:59:41 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9FD6F379E605A68C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
13.227.254.104200 OK 566 kB URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 13.227.254.104:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 565615
last-modified: Mon, 19 Dec 2022 09:06:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 06:56:25 GMT
etag: "6a2c609ad0c46bb1b8d9cd39eacde625"
x-cache: Hit from cloudfront
via: 1.1 900a893b03bf29fa958d4587d585157e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: TdJYfv_StuDnfnlBEqziQa12tvo8EukIz5kIzxKuUlswZUH2jEGtPQ==
age: 72196
X-Firefox-Spdy: h2
api.kzk44ih0.world/static/js/chunk-vendors.cbebd8a9.js
112.213.116.93200 OK 0 B URL HTTP/2 api.kzk44ih0.world/static/js/chunk-vendors.cbebd8a9.js
IP 112.213.116.93:0
ASN #64050 BGPNET Global ASN
GET /static/js/chunk-vendors.cbebd8a9.js HTTP/1.1
Host: api.kzk44ih0.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/?tt=1672887860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:37 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
vary: Accept-Encoding
etag: W/"6381861a-b4f96"
expires: Thu, 05 Jan 2023 04:45:27 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cloudfly-node9
cdn-cache: HIT
X-Firefox-Spdy: h2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.83200 OK 0 B URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.83:0
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 15:30:45 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 322d4a6b5dc93fed92dc98b4eacf25ca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: byeIJ9Lr5kuSSkzJN4Mltk03-09A1HfdTMnuneP-rk8orhi90MssDA==
age: 41336
X-Firefox-Spdy: h2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
13.227.254.70200 OK 0 B URL HTTP/1.1 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 13.227.254.70:0
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 506851
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:08:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 04 Jan 2023 12:30:03 GMT
ETag: "720e80d2a7ff4cf1bbf0b1608c2f35de"
X-Cache: Hit from cloudfront
Via: 1.1 3c724fc8704aec61a7bab068ccd978fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: M_NawaPl3QgfP5RcF9Jm__eytYWvEh79YvMXGGxo-mxF0UQnQj6NdQ==
Age: 52178
kveww.com/99462c01e85acc1311bebac224df6cce.gif
13.227.254.95200 OK 0 B URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP 13.227.254.95:0
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 845326
last-modified: Thu, 15 Dec 2022 01:49:18 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 07:02:03 GMT
etag: "c3e13dfb200737af2e68b42c07f28465"
x-cache: Hit from cloudfront
via: 1.1 58b09a46630ea2f6a75154a66e58b2e6.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: G9LnbyQhuqV18JvAAewozD2PRkVSMRTXkCz4s08b8091olxERw0rvg==
age: 73480
X-Firefox-Spdy: h2
api.kzk44ih0.world/static/index.2772579d.css
112.213.116.93200 OK 0 B URL HTTP/2 api.kzk44ih0.world/static/index.2772579d.css
IP 112.213.116.93:0
ASN #64050 BGPNET Global ASN
GET /static/index.2772579d.css HTTP/1.1
Host: api.kzk44ih0.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/?tt=1672887860
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:37 GMT
content-type: text/css
last-modified: Sat, 26 Nov 2022 03:20:58 GMT
vary: Accept-Encoding
etag: W/"6381861a-17031"
expires: Thu, 05 Jan 2023 04:45:27 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cloudfly-node9
cdn-cache: HIT
X-Firefox-Spdy: h2
api.jhzy6xxl.club/js/jquery.js
118.107.43.9200 OK 0 B URL HTTP/2 api.jhzy6xxl.club/js/jquery.js
IP 118.107.43.9:0
ASN #64050 BGPNET Global ASN
GET /js/jquery.js HTTP/1.1
Host: api.jhzy6xxl.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.jhzy6xxl.club/1672887858.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:35 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 07:35:02 GMT
vary: Accept-Encoding
etag: W/"61cabe26-109b"
expires: Thu, 05 Jan 2023 05:37:52 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cloudfly-node01
X-Firefox-Spdy: h2
api.kzk44ih0.world/h5/web.php/index/config
112.213.116.93200 OK 0 B URL HTTP/2 api.kzk44ih0.world/h5/web.php/index/config
IP 112.213.116.93:0
ASN #64050 BGPNET Global ASN
GET /h5/web.php/index/config HTTP/1.1
Host: api.kzk44ih0.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://api.kzk44ih0.world/?tt=1672887860
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cloudfly-node9
cdn-cache: HIT
X-Firefox-Spdy: h2
api.kzk44ih0.world/h5/web.php/index/type
112.213.116.93200 OK 0 B URL HTTP/2 api.kzk44ih0.world/h5/web.php/index/type
IP 112.213.116.93:0
ASN #64050 BGPNET Global ASN
GET /h5/web.php/index/type HTTP/1.1
Host: api.kzk44ih0.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://api.kzk44ih0.world/?tt=1672887860
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cloudfly-node9
cdn-cache: HIT
X-Firefox-Spdy: h2
api.kzk44ih0.world/h5/web.php/index/base
112.213.116.93200 OK 0 B URL HTTP/2 api.kzk44ih0.world/h5/web.php/index/base
IP 112.213.116.93:0
ASN #64050 BGPNET Global ASN
GET /h5/web.php/index/base HTTP/1.1
Host: api.kzk44ih0.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://api.kzk44ih0.world/?tt=1672887860
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 02:59:39 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cloudfly-node9
cdn-cache: HIT
X-Firefox-Spdy: h2
kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
13.227.254.6200 OK 0 B URL HTTP/2 kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
IP 13.227.254.6:0
GET /712c8059cb44f5944e47108c6b8dd5bd.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1121344
last-modified: Thu, 15 Dec 2022 01:54:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 05:46:56 GMT
etag: "1fa329c2303bf5a0d2ffd8d484269fbc"
x-cache: Hit from cloudfront
via: 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: s51wn8cIh3bZIdQSOWhvw5b_AUuFR12T2mZT0Sa6p-yLNuOHGarBsA==
age: 76365
X-Firefox-Spdy: h2
kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
13.227.254.85200 OK 0 B URL HTTP/2 kzehh.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP 13.227.254.85:0
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: kzehh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 20 Dec 2022 23:20:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa0d2acb6ab662531e95cf2a187fa40.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6tKO5AaQr7XIn8bA_XGgMe6vCdqYCBwIoZQiqugnbYkUCHbtKDeyzw==
age: 1309173
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200sas.gif
220.128.218.220200 OK 0 B URL HTTP/2 taiwtp1.com/xin/200200sas.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kzk44ih0.world/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 02:52:57 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Sat, 04 Feb 2023 02:52:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2