r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14003
Expires: Mon, 19 Dec 2022 12:35:15 GMT
Date: Mon, 19 Dec 2022 08:41:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18227
Expires: Mon, 19 Dec 2022 13:45:39 GMT
Date: Mon, 19 Dec 2022 08:41:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 19 Dec 2022 08:34:22 GMT
content-type: application/json
age: 450
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7411
Expires: Mon, 19 Dec 2022 10:45:23 GMT
Date: Mon, 19 Dec 2022 08:41:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oK3YxiV1p4BmXoSsYl54P62PsUntcuwo/7od1imaBCIb5PEHYP+tXKKz1lHLT4jpLiLFBa15yac=
x-amz-request-id: 3QM9EF681BG6E53A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 19 Dec 2022 08:28:57 GMT
age: 775
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 19 Dec 2022 08:08:01 GMT
age: 2032
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
znhcf.cn/
165.3.46.231200 OK 3.7 kB IP 165.3.46.231:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (419)
Hash 20587627da373e259aef8897f5ec148b
168146170a3c7832bc59ccfcedd001eb88173e67
1b465f11f081ad7cea57a1688b25af6c93081427b4eb860634a9f2ba8b1206ae
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: znhcf.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Dec 2022 08:41:53 GMT
Content-Type: text/html
Last-Modified: Fri, 02 Dec 2022 07:48:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6389adc4-2629"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 543
Cache-Control: max-age=88441
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:41:53 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 09:15:54 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
znhcf.cn/favicon.ico
165.3.46.231200 OK 3.7 kB IP 165.3.46.231:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (419)
Hash 20587627da373e259aef8897f5ec148b
168146170a3c7832bc59ccfcedd001eb88173e67
1b465f11f081ad7cea57a1688b25af6c93081427b4eb860634a9f2ba8b1206ae
GET /favicon.ico HTTP/1.1
Host: znhcf.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://znhcf.cn/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Dec 2022 08:41:53 GMT
Content-Type: text/html
Last-Modified: Fri, 02 Dec 2022 07:48:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6389adc4-2629"
Content-Encoding: gzip
push.services.mozilla.com/
52.88.25.203101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.25.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j/adTXHWVeAb6XGoRBcH+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KiLi30zjcJROkYEi9WW/TCzIL7U=
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash a041e26dbb765d73f255699570df7ae4
6acd9b86181bec3cfb64155f0ce237d10206944c
584c9d4ca8d9ea5e5971f0f76cf1e393b1d872e30612833dfd7903a2cdfcf643
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 23 Dec 2022 05:25:54 GMT
ETag: "6acd9b86181bec3cfb64155f0ce237d10206944c"
Last-Modified: Mon, 19 Dec 2022 05:25:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2754
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bed782588ab4f3-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 58b8069df42173b4a1aa054d06ec4043
aaf71d8c91c1dfcce79bf7307b46e6d5ca3cb7e1
43557c097fef37d662acd0936ca5caf36a54e22ce84d49ebea44cdc8863ea8de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43557C097FEF37D662ACD0936CA5CAF36A54E22CE84D49EBEA44CDC8863EA8DE"
Last-Modified: Sat, 17 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Dec 2022 14:41:54 GMT
Date: Mon, 19 Dec 2022 08:41:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17222
Expires: Mon, 19 Dec 2022 13:28:56 GMT
Date: Mon, 19 Dec 2022 08:41:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17222
Expires: Mon, 19 Dec 2022 13:28:56 GMT
Date: Mon, 19 Dec 2022 08:41:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17222
Expires: Mon, 19 Dec 2022 13:28:56 GMT
Date: Mon, 19 Dec 2022 08:41:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0773ba795a9e9a70038c6d8c64ebfa2
3d1db768017331da152d0df6cf5bc6ea6c813b83
46c25962e3bad9785a77bd8f51021460bcf44e9907c725c38329b6dadf560a44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8722
x-amzn-requestid: 88a7ab87-3bee-429d-9d3d-8969f6908c65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKGGkH2UIAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a5090-072ab9b341d4c00622492ee8;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 22:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lpuH1nfNTFrtEUzxSDBEtunOkPU7Y5cP5PSVlJQ43YkRBrRX4OukPg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:36:45 GMT
age: 39909
etag: "3d1db768017331da152d0df6cf5bc6ea6c813b83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71e9a308430eff340bb55c56b64fcc63
63d49b26322a1dca8ed669c1abafc27ee7f7c4b2
e3c8917124f2d13de6d1c0a1f1539f035abef31bbbf2246e77db44d9a3e29b61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12161
x-amzn-requestid: 6ad8283c-3d3d-41f0-ada7-1b0d20568aa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dXIZIGZFIAMFubg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639f876d-0bc6f28d582f63b35a494472;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gJgluMuS-cEZnEk8LNtVJk02T883tD8OZJy4BftXFGhJ6tHeLGrcqw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:35:55 GMT
age: 39959
etag: "63d49b26322a1dca8ed669c1abafc27ee7f7c4b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d9d95001bfc942895a41fb4bbd50c56
67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9
042c3809a802ef44ff6de8a270194cdf69cc3ba9d8f5192110dda7829d2d52d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5710
x-amzn-requestid: 9e587daa-7632-4765-a8c5-6cea13058bac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJEp6IAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-63c04fa4691c32f914301a3d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cRZhQNysDphRjUTZ7bCgTbwlYYVWgXvMMmPJSv6RysKbK0bWOY1cpA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 22:12:47 GMT
age: 37747
etag: "67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F956cf952-1c2d-4c51-b322-8a251d3893bf.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F956cf952-1c2d-4c51-b322-8a251d3893bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c9ed63c9760a5b3826550e59a96f43
912a87f2df4a93717a3817bb9c9bf0071b2fce7e
5e75e2e9bbc0d3e992f72257923c97ff8d037fcbf5ccf092e100ae26af2b2d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F956cf952-1c2d-4c51-b322-8a251d3893bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4362
x-amzn-requestid: e88d6aea-c8f7-45e5-9f10-07bc6efb4b9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dObYsEa1IAMFa_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c0c37-1f4852530ab1b5b73a088601;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 06:12:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8kTjTJyZbKvpI1rr0dfrwSJ4TuPBLiedSh26aiDivz5lPM_6tO_Stg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:35:59 GMT
age: 39955
etag: "912a87f2df4a93717a3817bb9c9bf0071b2fce7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c714628a486b8d09101fe1115b4a25
a859bec81457e5b3511fb7612b65bcd4be790f21
41586527c64614c69c2833d2eb9a0e5e03906388a39ae16443b45dd6885329af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 30f541b7-557c-45c6-a639-596ec624d6b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJtzFJPIAMFaow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebcbe-221f45c41cc4ac943f78ce6c;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:09:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f_sUIMBle-AT5Od_IJdlhNc1razIfG8LYIi1tEsIyWtMRBs063gjwQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 07:18:00 GMT
age: 5034
etag: "a859bec81457e5b3511fb7612b65bcd4be790f21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8576327b06d5d8259e87bfeb71761ff5
2b2e5694e77b30f2e2cdfddd8ad616be214c9df2
377ffbcb85710900d97b1d99522a8087a6c66bcb778be42da806283cae833715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5654
x-amzn-requestid: b9f6e88a-f07b-4c6c-b823-9b9e928274ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKtB8Eb5oAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a8ed9-3c8888ca41c995d67a09fa50;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:04:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FaoiV9Jr3-1aqI-rVbXAYEMTsG_cjqVxmr0di-CbJaQBwIbb6BRg6A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 13:23:41 GMT
age: 69493
etag: "2b2e5694e77b30f2e2cdfddd8ad616be214c9df2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?abfe89dcca0d831c8deaa661053efe61
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?abfe89dcca0d831c8deaa661053efe61
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 1c0c9d9d4805236b7453e5c287b94336
d3761a5f0021f9d27b717e52b6a4178472d012c4
c1fb7a7aa62285ba557a54282d10c2223c9500fbfd0c53c4acbbb8503de2ef19
GET /hm.js?abfe89dcca0d831c8deaa661053efe61 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://znhcf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 19 Dec 2022 08:41:54 GMT
Etag: fa861e820bf73779fff35af8e77fa660
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D861F9E49FA5ED80; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.ll-av-02.com/template/m1938pc/ads/250.js
45.32.9.216200 OK 885 B URL HTTP/2 www.ll-av-02.com/template/m1938pc/ads/250.js
IP 45.32.9.216:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (318)
Hash 450bed4c1c7ab6401eba1909f8b6dae5
52a3512bfee71b115f8bb7d5c45f98ffa3ee0b19
d1de02a6d08748d0c014be64ac74b16d90b71f3a42bed76264579a9f3775907c
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:54 GMT
content-type: application/javascript
content-length: 885
last-modified: Mon, 12 Dec 2022 05:45:39 GMT
etag: "6396c003-375"
expires: Mon, 19 Dec 2022 20:41:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ll-av-02.com/template/m1938pc/images/ico-msg.png
45.32.9.216404 Not Found 146 B URL HTTP/2 www.ll-av-02.com/template/m1938pc/images/ico-msg.png
IP 45.32.9.216:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/images/ico-msg.png HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 19 Dec 2022 08:41:54 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
www.ll-av-02.com/template/m1938pc/ads/tj.js
45.32.9.216200 OK 252 B URL HTTP/2 www.ll-av-02.com/template/m1938pc/ads/tj.js
IP 45.32.9.216:0
Hash a6f8ae651d1e632bc3d0b4f924216baa
2a308361619069297db5e674d54e36c96ee0998a
82ad30fa6664292e5d6ffcffc200b7ea7bcb701fd2faf2380d3e1fc47cbc9e63
GET /template/m1938pc/ads/tj.js HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:54 GMT
content-type: application/javascript
content-length: 252
last-modified: Mon, 21 Nov 2022 06:53:17 GMT
etag: "637b205d-fc"
expires: Mon, 19 Dec 2022 20:41:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ll-av-02.com/template/m1938pc/css/app.css
45.32.9.216200 OK 8.3 kB URL HTTP/2 www.ll-av-02.com/template/m1938pc/css/app.css
IP 45.32.9.216:0
Hash eb315850b1a9b602d1be65864fa51785
09b59424b4da06d16526fdff814b41d54b650a93
90c7b0af824dfbff2b0e04eafaf69035e9148822edd1b3da9f4e92c4711ff670
GET /template/m1938pc/css/app.css HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:54 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 02:41:08 GMT
vary: Accept-Encoding
etag: W/"637ae544-773e"
expires: Mon, 19 Dec 2022 20:41:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ll-av-02.com/template/m1938pc/images/ico-msg.png
45.32.9.216404 Not Found 146 B URL HTTP/2 www.ll-av-02.com/template/m1938pc/images/ico-msg.png
IP 45.32.9.216:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/images/ico-msg.png HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 19 Dec 2022 08:41:55 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
www.ll-av-02.com/template/m1938pc/images/logo.png
45.32.9.216404 Not Found 146 B URL HTTP/2 www.ll-av-02.com/template/m1938pc/images/logo.png
IP 45.32.9.216:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/images/logo.png HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/template/m1938pc/css/app.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 19 Dec 2022 08:41:55 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
www.ll-av-02.com/template/m1938pc/images/icon_seacrh.svg
45.32.9.216200 OK 1.2 kB URL HTTP/2 www.ll-av-02.com/template/m1938pc/images/icon_seacrh.svg
IP 45.32.9.216:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (778), with CRLF line terminators
Hash 3204634b4fabc6f478bf7151192370cb
fe37d1bdd310701ce38fd3faf5413d21650ba44e
238083d508af51f4548bdb8faf7f262df8706494b8dea5e8524441e13f2b3416
GET /template/m1938pc/images/icon_seacrh.svg HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/template/m1938pc/css/app.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:55 GMT
content-type: image/svg+xml
content-length: 1194
last-modified: Sun, 20 Nov 2022 07:04:29 GMT
etag: "6379d17d-4aa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?5ec38ee5b5312dafe61209dbf677f050
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?5ec38ee5b5312dafe61209dbf677f050
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 0e0cd7ac9116610acd96afa6c39c5a36
1421e03e65c4a6dd5353a4518a286d45938ce0fe
617a11a48094986d818df120ca06c26cafaea8617801fa227ade48671439e196
GET /hm.js?5ec38ee5b5312dafe61209dbf677f050 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 19 Dec 2022 08:41:55 GMT
Etag: 018f304ce200655cd9ab52fbea9226dc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8A8329F1F2B11887; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1919090489&si=5ec38ee5b5312dafe61209dbf677f050&su=http%3A%2F%2Fznhcf.cn%2F&v=1.3.0&lv=1&sn=34676&r=0&ww=1268&u=https%3A%2F%2Fwww.ll-av-02.com%2F&tt=%E6%92%B8%E6%92%B8AV%7Cwww.ll-av-02.com
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1919090489&si=5ec38ee5b5312dafe61209dbf677f050&su=http%3A%2F%2Fznhcf.cn%2F&v=1.3.0&lv=1&sn=34676&r=0&ww=1268&u=https%3A%2F%2Fwww.ll-av-02.com%2F&tt=%E6%92%B8%E6%92%B8AV%7Cwww.ll-av-02.com
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1919090489&si=5ec38ee5b5312dafe61209dbf677f050&su=http%3A%2F%2Fznhcf.cn%2F&v=1.3.0&lv=1&sn=34676&r=0&ww=1268&u=https%3A%2F%2Fwww.ll-av-02.com%2F&tt=%E6%92%B8%E6%92%B8AV%7Cwww.ll-av-02.com HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 19 Dec 2022 08:41:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=52A79B05B6D431CE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 435e358fe86bc8cde910d34af240ae0e
20c2e84146bbf1a2a37b4091681ecab45da18215
6c5d3c44a23c3c0715fb7e5f815691bdb09479770d8129863e86143507fdcc7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C5D3C44A23C3C0715FB7E5F815691BDB09479770D8129863E86143507FDCC7E"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15053
Expires: Mon, 19 Dec 2022 12:52:49 GMT
Date: Mon, 19 Dec 2022 08:41:56 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 344edb2b3ded27b7674fb7396735ab0e
f0947a5a207226a9cef5832ff8a3606243b83793
c8f8b79ce1bfda5b092234c56a06322d357ea6a79cd844902204c6f52e2dd500
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8F8B79CE1BFDA5B092234C56A06322D357EA6A79CD844902204C6F52E2DD500"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8451
Expires: Mon, 19 Dec 2022 11:02:48 GMT
Date: Mon, 19 Dec 2022 08:41:57 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 344edb2b3ded27b7674fb7396735ab0e
f0947a5a207226a9cef5832ff8a3606243b83793
c8f8b79ce1bfda5b092234c56a06322d357ea6a79cd844902204c6f52e2dd500
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8F8B79CE1BFDA5B092234C56A06322D357EA6A79CD844902204C6F52E2DD500"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20486
Expires: Mon, 19 Dec 2022 14:23:23 GMT
Date: Mon, 19 Dec 2022 08:41:57 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 344edb2b3ded27b7674fb7396735ab0e
f0947a5a207226a9cef5832ff8a3606243b83793
c8f8b79ce1bfda5b092234c56a06322d357ea6a79cd844902204c6f52e2dd500
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8F8B79CE1BFDA5B092234C56A06322D357EA6A79CD844902204C6F52E2DD500"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15191
Expires: Mon, 19 Dec 2022 12:55:08 GMT
Date: Mon, 19 Dec 2022 08:41:57 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 344edb2b3ded27b7674fb7396735ab0e
f0947a5a207226a9cef5832ff8a3606243b83793
c8f8b79ce1bfda5b092234c56a06322d357ea6a79cd844902204c6f52e2dd500
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8F8B79CE1BFDA5B092234C56A06322D357EA6A79CD844902204C6F52E2DD500"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15103
Expires: Mon, 19 Dec 2022 12:53:40 GMT
Date: Mon, 19 Dec 2022 08:41:57 GMT
Connection: keep-alive
ddcdn.pic-726-baidu.com/uptu/20221215/mw9h1MkI/1.jpg
172.67.25.105200 OK 11 kB URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/mw9h1MkI/1.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 641e6f63a42650a2ba67d7dc0e6c3a9f
09a0ffefd0134a09c6556acb570b7326b00084fe
7124d83cacc25009e200ac38112beaea8d73a57d44faea9ac981680b89bccf4c
GET /uptu/20221215/mw9h1MkI/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/jpeg
content-length: 10915
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11543, status=webp_bigger
etag: "639dec07-2d17"
expires: Tue, 17 Jan 2023 23:59:42 GMT
last-modified: Sat, 17 Dec 2022 16:19:19 GMT
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 31335
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed7958815b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/uptu/20221215/wR7mK5YJ/1.jpg
172.67.25.105200 OK 306 B URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/wR7mK5YJ/1.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 71ea144cd0a24b06be35b04ca7a3f8c0
ea900c40944043eeadbe1047310a1d4f82abce02
22c528cbf179ded674e2f999a11c483f828b058e32a67e18096d95d37db9251a
GET /uptu/20221215/wR7mK5YJ/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/webp
content-length: 306
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=1878
content-disposition: inline; filename="1.webp"
etag: "639dec08-756"
expires: Tue, 17 Jan 2023 23:59:42 GMT
last-modified: Sat, 17 Dec 2022 16:19:20 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 31335
accept-ranges: bytes
server: cloudflare
cf-ray: 77bed7958812b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/uptu/20221215/19JHtUI4/1.jpg
172.67.25.105200 OK 3.8 kB URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/19JHtUI4/1.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3e45ac1c31f72a584d2299fc0b02597f
957a2b892c0b0d15679fcb1fb68aaac050f54b44
5f860473185958660731e3eaf1f0a05823982aa20dd080aeb0da63db3a03fb61
GET /uptu/20221215/19JHtUI4/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/webp
content-length: 3848
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6391
content-disposition: inline; filename="1.webp"
etag: "639dec04-18f7"
expires: Mon, 16 Jan 2023 21:46:22 GMT
last-modified: Sat, 17 Dec 2022 16:19:16 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 125735
accept-ranges: bytes
server: cloudflare
cf-ray: 77bed795880eb527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/images/2022/11/27/guochan10510.jpg
172.67.25.105200 OK 52 kB URL HTTP/2 ddcdn.pic-726-baidu.com/images/2022/11/27/guochan10510.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 870c9f7200fa624406a80df5e11ae026
9fd5b7d6c95f4dcb8b6c56bfa49cf782c12172ba
4a98ba8b811d3d09524ffeb5eb3019ddb1024b3a72a962033fe5c67b18213aba
GET /images/2022/11/27/guochan10510.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/webp
content-length: 52288
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=82316
content-disposition: inline; filename="guochan10510.webp"
etag: "6381f7c1-1418c"
expires: Wed, 18 Jan 2023 05:20:12 GMT
last-modified: Sat, 26 Nov 2022 11:25:53 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 12105
accept-ranges: bytes
server: cloudflare
cf-ray: 77bed7959820b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/uptu/20221215/7mIxZs4I/1.jpg
172.67.25.105200 OK 6.2 kB URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/7mIxZs4I/1.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cc3824abda969edb4c5308c897b16433
dd473c9b4ce9590a3465bc52f18877759685e9ae
32e5a31356dbb665e5b4c76cda0007dc63270cda3eb21be4a9b4b9e45f8d7a7e
GET /uptu/20221215/7mIxZs4I/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/webp
content-length: 6208
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8669
content-disposition: inline; filename="1.webp"
etag: "639dec05-21dd"
expires: Tue, 17 Jan 2023 23:59:42 GMT
last-modified: Sat, 17 Dec 2022 16:19:17 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 31335
accept-ranges: bytes
server: cloudflare
cf-ray: 77bed7959817b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/uptu/20221215/v2bFZ7af/1.jpg
172.67.25.105200 OK 8.5 kB URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/v2bFZ7af/1.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc08aa836a5a39ee161db69c995bc062
41057b858aab79dd54425ef236cc3e93d24114f1
a3a230656e9691855997d1f89e3add753797f0a1ea0eac78885990d4366b3133
GET /uptu/20221215/v2bFZ7af/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/webp
content-length: 8528
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10159
content-disposition: inline; filename="1.webp"
etag: "639dec08-27af"
expires: Mon, 16 Jan 2023 21:46:22 GMT
last-modified: Sat, 17 Dec 2022 16:19:20 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 125735
accept-ranges: bytes
server: cloudflare
cf-ray: 77bed795983db527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/uptu/20221215/81ERdSQA/1.jpg
172.67.25.105200 OK 7.4 kB URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/81ERdSQA/1.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 32e737fdd42e25bfcb04402a3e4a7eb0
0e2d44c14cac64e4ea862ec71dce5c0be343763b
cbaaa4bc451c3374d59dc7356ac2722d6e532a8fbecc10ed30a6d4e57e6c60ed
GET /uptu/20221215/81ERdSQA/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/webp
content-length: 7446
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9643
content-disposition: inline; filename="1.webp"
etag: "639dec05-25ab"
expires: Mon, 16 Jan 2023 21:46:22 GMT
last-modified: Sat, 17 Dec 2022 16:19:17 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 125735
accept-ranges: bytes
server: cloudflare
cf-ray: 77bed795983eb527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/uptu/20221215/QKdB6ca9/1.jpg
172.67.25.105200 OK 6.0 kB URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/QKdB6ca9/1.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 70d554b68bd28ffc791263beeec68119
bc167c385787dbdb72f44526411a63c32f031c51
3bec95d2c2f718d179ad72a87c240790aff5b8aa22e1dceaa8f21dbf4f39c109
GET /uptu/20221215/QKdB6ca9/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/webp
content-length: 5972
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7941
content-disposition: inline; filename="1.webp"
etag: "639dec07-1f05"
expires: Mon, 16 Jan 2023 21:46:22 GMT
last-modified: Sat, 17 Dec 2022 16:19:19 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 125735
accept-ranges: bytes
server: cloudflare
cf-ray: 77bed795a849b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/uptu/20221215/v0zGs0G0/1.jpg
172.67.25.105200 OK 7.5 kB URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/v0zGs0G0/1.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0672fef684e86b78769c73176913e1ff
756d8daf67227821a9069117fd708219833efe24
17e8e320132cba46988973ef96a8387eec37b0572cb958491ac7d05d32ef5c87
GET /uptu/20221215/v0zGs0G0/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/webp
content-length: 7468
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9153
content-disposition: inline; filename="1.webp"
etag: "639dec08-23c1"
expires: Mon, 16 Jan 2023 21:46:22 GMT
last-modified: Sat, 17 Dec 2022 16:19:20 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 125735
accept-ranges: bytes
server: cloudflare
cf-ray: 77bed795a84bb527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/uptu/20221215/P4YpsHek/1.jpg
172.67.25.105200 OK 1.8 kB URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/P4YpsHek/1.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1175e4a6da1bdb654d8fdd283e43f679
4dbd8ac00b2d3be0ecd358a0051f83f2769d2cf5
e799fc47e656368ea5fc1cd57c322c3202c4c5c3969c111d9176b60eb8695389
GET /uptu/20221215/P4YpsHek/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/webp
content-length: 1752
access-control-allow-origin: *
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=3548
content-disposition: inline; filename="1.webp"
etag: "639dec07-ddc"
expires: Mon, 16 Jan 2023 21:46:22 GMT
last-modified: Sat, 17 Dec 2022 16:19:19 GMT
vary: Accept
access-control-allow-credentials: : true
cf-cache-status: HIT
age: 125735
accept-ranges: bytes
server: cloudflare
cf-ray: 77bed795a846b527-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c32df227ccc6a746b70b6552ac9d7a4e
bfcfaec75b03345968d9d10774678172429c1800
817703af3316b05058434a389c3632fef33fe220e7ef5edac051a439525a01aa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Dec 2022 11:24:24 GMT
Expires: Fri, 23 Dec 2022 11:24:23 GMT
Etag: "bfcfaec75b03345968d9d10774678172429c1800"
Cache-Control: max-age=354745,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77bed794ac2cb50b-OSL
ddcdn.pic-726-baidu.com/upload/vod/2018-12-14/15447944659.jpg
172.67.25.105200 OK 7.8 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2018-12-14/15447944659.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6d672679c14a329412430bb1e8eb5f03
231100254fe9ec019023efdf2044bf767e4dc40b
3b9681abdb94448e5cdba58c425f74598009b5230e91de1e062b8e9618706ac2
GET /upload/vod/2018-12-14/15447944659.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/jpeg
content-length: 7810
last-modified: Fri, 14 Dec 2018 13:34:25 GMT
etag: "5c13b161-1e82"
expires: Wed, 18 Jan 2023 08:41:57 GMT
cache-control: max-age=31536000
access-control-allow-credentials: : true
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed7959829b527-OSL
X-Firefox-Spdy: h2
www.ll-av-02.com/template/m1938pc/ads/960.js
45.32.9.216200 OK 11 kB URL HTTP/2 www.ll-av-02.com/template/m1938pc/ads/960.js
IP 45.32.9.216:0
Hash 971df5ba7561e02dece5307189aa50d9
644d8410c1286fbc91d1a24d510d3962714e3659
1d3d8c24f2c1c5223997090db53c6a3163785cb30c73ec5946bbafac9ca4f72b
GET /template/m1938pc/ads/960.js HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:54 GMT
content-type: application/javascript
last-modified: Sun, 18 Dec 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"639e9b0e-1489"
expires: Mon, 19 Dec 2022 20:41:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/uptu/20221215/4Ldv11Lb/1.jpg
172.67.25.105200 OK 8.7 kB URL HTTP/2 ddcdn.pic-726-baidu.com/uptu/20221215/4Ldv11Lb/1.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash de03855ce9dcb8c32798209abb401515
c3e224ccee48ef246206030de0f56f6539911859
b8f50b606d3adcea3499dcc17b0d9d7d2d5ff1f4b6acd4df172c4f04460298c1
GET /uptu/20221215/4Ldv11Lb/1.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/jpeg
content-length: 8700
last-modified: Sat, 17 Dec 2022 16:19:17 GMT
etag: "639dec05-21fc"
expires: Wed, 18 Jan 2023 08:41:57 GMT
cache-control: max-age=31536000
access-control-allow-credentials: : true
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed7959819b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/upload/vod/2018-12-17/15450570604.jpg
172.67.25.105200 OK 8.2 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2018-12-17/15450570604.jpg
IP 172.67.25.105:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash a5d896248c50b80c05d8846b0822ca1c
f63da875974ec07638ebba7221d68a63437fc54c
0453233624d9330d2113edde30fbaea05353bccd97b71263356251bfeb7408f0
GET /upload/vod/2018-12-17/15450570604.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/jpeg
content-length: 8164
last-modified: Mon, 17 Dec 2018 14:31:00 GMT
etag: "5c17b324-1fe4"
expires: Wed, 18 Jan 2023 08:41:57 GMT
cache-control: max-age=31536000
access-control-allow-credentials: : true
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed7959838b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/upload/vod/2018-12-17/15450571430.jpg
172.67.25.105200 OK 5.9 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2018-12-17/15450571430.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 75f57313ae201c3bf6c0ad5e55fa9502
d99ba36b304ccee21dc9ad37ab9358f8dadbe2e1
0eef458a51fa6e0ff9da67e3166bd7c03388ed5a0b444381ddb23261111dd99d
GET /upload/vod/2018-12-17/15450571430.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/jpeg
content-length: 5864
last-modified: Mon, 17 Dec 2018 14:32:23 GMT
etag: "5c17b377-16e8"
expires: Wed, 18 Jan 2023 08:41:57 GMT
cache-control: max-age=31536000
access-control-allow-credentials: : true
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed7959837b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/upload/vod/2018-12-12/154462871715.jpg
172.67.25.105200 OK 9.9 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2018-12-12/154462871715.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e2425d42594cf7d6ebac8de9d9651436
9ecf2f1c7acdd8d9f92a268e3a7cefd422ea73d0
f8b4948bf142005f3d5b9e51df97eedb3d09b3835a3c340d20c7a5b8c8676d25
GET /upload/vod/2018-12-12/154462871715.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/jpeg
content-length: 9869
last-modified: Wed, 12 Dec 2018 15:31:57 GMT
etag: "5c1129ed-268d"
expires: Wed, 18 Jan 2023 08:41:57 GMT
cache-control: max-age=31536000
access-control-allow-credentials: : true
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed7959822b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/upload/vod/2018-12-14/15447945330.jpg
172.67.25.105200 OK 11 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2018-12-14/15447945330.jpg
IP 172.67.25.105:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 5a9703f22638d8046679ffb13576308c
6dcc5b10c0625ca6e8f4721abf35fb9c900d3771
638c4186125a519a4bce1c4af469363aa74f277403df3858ee50111084745c44
GET /upload/vod/2018-12-14/15447945330.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/jpeg
content-length: 10599
last-modified: Fri, 14 Dec 2018 13:35:33 GMT
etag: "5c13b1a5-2967"
expires: Wed, 18 Jan 2023 08:41:57 GMT
cache-control: max-age=31536000
access-control-allow-credentials: : true
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed7959824b527-OSL
X-Firefox-Spdy: h2
www.ll-av-02.com/template/m1938pc/ads/250.gif
45.32.9.216200 OK 397 kB URL HTTP/2 www.ll-av-02.com/template/m1938pc/ads/250.gif
IP 45.32.9.216:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 397 kB (396964 bytes)
Hash 7b42e791e269b8425a0f380efdd8e5fd
10c09c8f711478c7aeccc988c076d299fafcbbfa
00ef96678470106e95be9f6f4dc07debbbb63a96db839adbf17e5e04e27caf60
GET /template/m1938pc/ads/250.gif HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:55 GMT
content-type: image/gif
content-length: 396964
last-modified: Wed, 23 Nov 2022 04:59:24 GMT
etag: "637da8ac-60ea4"
expires: Wed, 18 Jan 2023 08:41:55 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvegg.com/72c6d38db25bb1596bd27a0f5716821b.gif
172.83.155.45200 OK 250 kB URL HTTP/2 kvegg.com/72c6d38db25bb1596bd27a0f5716821b.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 250 kB (250112 bytes)
Hash 70726a2c83ff355a82c1438f1f8cd31d
f3f76125f9ba333f1a2f30b633a99baa8df781bd
a2553ce629178b3a4850cd032075da81a2e01313d524caeba5d57c9613f7afff
GET /72c6d38db25bb1596bd27a0f5716821b.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:57 GMT
content-type: image/gif
content-length: 250112
last-modified: Sun, 18 Dec 2022 07:33:17 GMT
etag: "639ec23d-3d100"
expires: Mon, 19 Dec 2022 20:41:57 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 12059
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftDBnd7SZ9iFeVAVO8uahK0N8%2FDcu01lGmz9aV0VN9vNJS0qbMWerWP3VvqflnYKDt1WIMC2vG%2FqkRSibWWQyFqurFcUnY8NaxYqOmBlbkfbEcanhoTNC9d0fSOt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77b76475de8d8447-YVR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 65a4e38c6bd00735669ea1c4617c2283
49fec5eb11469db07a1751b8699b56c6d8866af8
c0da2d66756039f0dcd081b201d10bac19abfb8c589f52ca762fb13f5fdf34ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0DA2D66756039F0DCD081B201D10BAC19ABFB8C589F52CA762FB13F5FDF34AD"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9841
Expires: Mon, 19 Dec 2022 11:25:58 GMT
Date: Mon, 19 Dec 2022 08:41:57 GMT
Connection: keep-alive
ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8089.jpg
172.67.25.105200 OK 107 kB URL HTTP/2 ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8089.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 820x462, components 3\012- data
Size 107 kB (107171 bytes)
Hash bb8869804737cacd46cd80cd74062765
b9545a3d31f24804925ba7d88b83e10e98b46ce0
c5946e80702fd8093cbd79396d197e2a07c8669f88da5e34a5adf9cf1320044d
GET /images/2022/11/30/wuma8089.jpg HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:58 GMT
content-type: image/jpeg
content-length: 107171
last-modified: Tue, 29 Nov 2022 12:27:47 GMT
etag: "6385fac3-1a2a3"
expires: Wed, 18 Jan 2023 08:41:57 GMT
cache-control: max-age=31536000
access-control-allow-credentials: : true
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed795981db527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/upload/vod/2018-12-17/201812171545051315.png
172.67.25.105200 OK 171 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2018-12-17/201812171545051315.png
IP 172.67.25.105:0
File type PNG image data, 270 x 405, 8-bit/color RGB, non-interlaced\012- data
Size 171 kB (171400 bytes)
Hash bbc7411c79741c39a93794ca9d665571
a2c163cc4db9569b44624dbc5e0f1104222d0bfc
7be77645f0781be78f17933d54fed580c5e555536fe542f4a6437798a73cb81f
GET /upload/vod/2018-12-17/201812171545051315.png HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:58 GMT
content-type: image/png
content-length: 171400
last-modified: Mon, 17 Dec 2018 12:55:15 GMT
etag: "5c179cb3-29d88"
expires: Wed, 18 Jan 2023 08:41:57 GMT
cache-control: max-age=31536000
access-control-allow-credentials: : true
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed7959830b527-OSL
X-Firefox-Spdy: h2
ddcdn.pic-726-baidu.com/upload/vod/2018-12-17/201812171545044245.png
172.67.25.105200 OK 179 kB URL HTTP/2 ddcdn.pic-726-baidu.com/upload/vod/2018-12-17/201812171545044245.png
IP 172.67.25.105:0
File type PNG image data, 270 x 344, 8-bit/color RGB, non-interlaced\012- data
Size 179 kB (178591 bytes)
Hash f45e50aa884b3859397a1854445a6ea3
d515f33c75acdaa0a46755cffe01b84264484af5
cfc0cb7469e7898bff68439cbd512404df6f5b1b31ef3dcff805bcaa4a7a7f24
GET /upload/vod/2018-12-17/201812171545044245.png HTTP/1.1
Host: ddcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:41:58 GMT
content-type: image/png
content-length: 178591
last-modified: Mon, 17 Dec 2018 10:57:25 GMT
etag: "5c178115-2b99f"
expires: Wed, 18 Jan 2023 08:41:57 GMT
cache-control: max-age=31536000
access-control-allow-credentials: : true
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77bed795982eb527-OSL
X-Firefox-Spdy: h2
fadacaitp.com/68-960-120.gif
20.27.49.198200 OK 401 kB URL HTTP/1.1 fadacaitp.com/68-960-120.gif
IP 20.27.49.198:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 401 kB (400945 bytes)
Hash 9fbf9d879621ef82d00bbb169cec4d60
4b62aea21dcb0d806ce5cf16730d71623b62c346
ce9a330e2c52e766e70dad2f843ba49e5a5263e1b2ce57b21536792c5d636b41
GET /68-960-120.gif HTTP/1.1
Host: fadacaitp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:57 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Dec 2022 12:14:30 GMT
ETag: W/"639c6126-6f44c"
Expires: Sun, 15 Jan 2023 12:18:42 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ky.lvcfgus.cn/960X80.gif
218.66.171.198200 OK 334 kB IP 218.66.171.198:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 334 kB (333835 bytes)
Hash 9bda367b284938fd826380119ede7fc2
9d8593ffcbd9b1d76df01d5d56f0470e7ee8ea1a
3d0b1ac24ba2b9b8e5386571980f8421a7881a34d8c38753f2dcbd1b7fc96174
GET /960X80.gif HTTP/1.1
Host: ky.lvcfgus.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Mon, 19 Dec 2022 08:41:58 GMT
content-type: image/gif
content-length: 333835
x-oss-request-id: 6397B5320E14E439372DE309
etag: "9BDA367B284938FD826380119EDE7FC2"
last-modified: Tue, 29 Nov 2022 08:28:09 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11817855677551308811
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: m9o2eyhJOP2CY4ARnt5/wg==
x-oss-server-time: 2
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 27447c3e6ed420cd752d56d679aaa3b1
e0bdf8fd9af90acf67b9e6946c0295f05891477b
feb27ed7e335d59f907b55d7939238d553112417612adbf43e4529fe02f7db25
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 16 Dec 2022 13:47:35 GMT
Expires: Fri, 23 Dec 2022 13:47:34 GMT
Etag: "e0bdf8fd9af90acf67b9e6946c0295f05891477b"
Cache-Control: max-age=363334,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77bed7a0fc0db50b-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 190de920f62c8a37b613ddbeb549f5ce
960c9363fa9e97784f5c483f80eb2f2209a5a370
eb748385a80d4a4f3d674e17283d410bc30f1fa8372d4ea643a58958487139e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 16 Dec 2022 01:44:18 GMT
Expires: Fri, 23 Dec 2022 01:44:17 GMT
Etag: "960c9363fa9e97784f5c483f80eb2f2209a5a370"
Cache-Control: max-age=319937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77bed7a11c2bb50c-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 86bc97de567d925a2c9be00a873c6d0e
51f91c2bc11da4f2dbcc313498048d76fab58684
d67f85bf01f4b7dab702ef047347f7ac26adb839392feb97898943d0ebe79572
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 14:32:38 GMT
Expires: Sun, 25 Dec 2022 14:32:37 GMT
Etag: "51f91c2bc11da4f2dbcc313498048d76fab58684"
Cache-Control: max-age=538837,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77bed7a15c91b50b-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 96ab7670d9f6f9fe33cbccff2e20115e
a93bf4c5b768bccc01ba5f562a1f01dc75850a5a
5143c0d2a9f175ecf212f9debc99d1701bed6e4ba3c5bb6dcc6aab2686883aba
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Dec 2022 09:52:06 GMT
Expires: Fri, 23 Dec 2022 09:52:05 GMT
Etag: "a93bf4c5b768bccc01ba5f562a1f01dc75850a5a"
Cache-Control: max-age=349205,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77bed7a16ca5b50c-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 13b805294ee5c8512104879674002c19
0b20409529f50c5b82965d3cd49771093b392eb6
67f1ae6367cfcd6a5f825a279fcea3363c4952b1b2075c513a12c12a9fc8d6ea
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 00:51:34 GMT
Expires: Sat, 24 Dec 2022 00:51:33 GMT
Etag: "0b20409529f50c5b82965d3cd49771093b392eb6"
Cache-Control: max-age=403173,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77bed7a11cf30b31-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8c970138943366961291d08ef151cfd3
6342d7d66a8696ea6585d02f5333cfd9dcb18b96
ce1eaeb4c99d02886d998c694b83faaa456b8138818e4e4fa0f19ca13693d9d2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 03:03:18 GMT
Expires: Sun, 25 Dec 2022 03:03:17 GMT
Etag: "6342d7d66a8696ea6585d02f5333cfd9dcb18b96"
Cache-Control: max-age=497477,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77bed7a12c7db524-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 43c39e7462bcf22a9b094d79884d6150
aaa88921bf20e996e351de74a222f5b4660cc6a0
c4e51fc0f7e5e56aaffba95095c0173ed9a4bbfc4b5840653ea18a637f0894f5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 08:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 22:31:42 GMT
Expires: Sun, 25 Dec 2022 22:31:41 GMT
Etag: "aaa88921bf20e996e351de74a222f5b4660cc6a0"
Cache-Control: max-age=567581,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77bed7a12e2eb512-OSL
www.ll-av-02.com/template/m1938pc/ads/we.js
45.32.9.216200 OK 753 kB URL HTTP/2 www.ll-av-02.com/template/m1938pc/ads/we.js
IP 45.32.9.216:0
Size 753 kB (753138 bytes)
Hash bf8e50a5c465f7748b332007f06ca3dd
f9bbcdcb2713dc0ee0374409223812407ca76eb6
3fd484519f98223b066ee25804f9c11078ea2c5e5fc1c4c3772352d27eb2e653
GET /template/m1938pc/ads/we.js HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:54 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 05:45:39 GMT
vary: Accept-Encoding
etag: W/"6396c003-ded"
expires: Mon, 19 Dec 2022 20:41:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
585227ybn.com/5453f46673d94e4db73e7f9f8ffec528.gif
103.170.15.107200 OK 654 kB URL HTTP/1.1 585227ybn.com/5453f46673d94e4db73e7f9f8ffec528.gif
IP 103.170.15.107:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 654 kB (653713 bytes)
Hash 6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
Analyzer Verdict Alert quad9 Sinkholed
GET /5453f46673d94e4db73e7f9f8ffec528.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6395c651-9f991"
Date: Sun, 18 Dec 2022 09:00:13 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 11 Dec 2022 12:00:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-37
Content-Length: 653713
www.ll-av-02.com/static/js/jquery.js
45.32.9.216200 OK 395 kB URL HTTP/2 www.ll-av-02.com/static/js/jquery.js
IP 45.32.9.216:0
Size 395 kB (395411 bytes)
Hash 80a78aed0a4e2969abc9172f2ceb4f1a
85aefd5a015110749eb31069172145ed272dce4c
fc7dcbeb1051c1af4d7d2f7747be3ee819f5882e8436965ccd73901db477bde0
GET /static/js/jquery.js HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:54 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 18:04:35 GMT
vary: Accept-Encoding
etag: W/"61afa233-169d5"
expires: Mon, 19 Dec 2022 20:41:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
287335kmu.com/cbc9f6c7aaeb44719bf5c82d67594e98.gif
103.170.15.82200 OK 553 kB URL HTTP/1.1 287335kmu.com/cbc9f6c7aaeb44719bf5c82d67594e98.gif
IP 103.170.15.82:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /cbc9f6c7aaeb44719bf5c82d67594e98.gif HTTP/1.1
Host: 287335kmu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6379c6fa-86f72"
Date: Wed, 14 Dec 2022 11:38:07 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 20 Nov 2022 06:19:38 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-12
Content-Length: 552818
5993qq.com/f06fd72875dd4f3789acaaefe41fc27c.gif
103.170.15.92200 OK 684 kB URL HTTP/1.1 5993qq.com/f06fd72875dd4f3789acaaefe41fc27c.gif
IP 103.170.15.92:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 684 kB (683474 bytes)
Hash ba813a4b9580b3da278e68a1c3e3a954
6d843c3c02ad3270abd575c460ec26ed615578f4
574301fcb45a6820cf36903b271324e32c210c335539d8f1a406f000e1f0e72e
Analyzer Verdict Alert quad9 Sinkholed
GET /f06fd72875dd4f3789acaaefe41fc27c.gif HTTP/1.1
Host: 5993qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "634d2e70-a6dd2"
Date: Sat, 17 Dec 2022 13:21:02 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 17 Oct 2022 10:29:04 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Length: 683474
www.ll-av-02.com/
45.32.9.216200 OK 430 kB IP 45.32.9.216:0
Size 430 kB (430466 bytes)
Hash 2893273efa45ca37e6bac507a1f8ed29
7ea2edfdfe25fbcc24d7b6088cd3c9d9eb19e8f5
b8fffb954b7bd1f87433709b3c49e1ed8ec5a6b7567d2f3daa73d7184c88aa9c
GET / HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://znhcf.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:54 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
897263tqs.com/d863df12b2b84e3bb13dc0ed52b48db2.gif
103.170.15.107200 OK 580 kB URL HTTP/1.1 897263tqs.com/d863df12b2b84e3bb13dc0ed52b48db2.gif
IP 103.170.15.107:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 580 kB (580315 bytes)
Hash 1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
GET /d863df12b2b84e3bb13dc0ed52b48db2.gif HTTP/1.1
Host: 897263tqs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6395c695-8dadb"
Date: Tue, 13 Dec 2022 04:37:28 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 11 Dec 2022 12:01:25 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-37
Content-Length: 580315
www.ll-av-02.com/static/js/jquery.lazyload.js
45.32.9.216200 OK 0 B URL HTTP/2 www.ll-av-02.com/static/js/jquery.lazyload.js
IP 45.32.9.216:0
GET /static/js/jquery.lazyload.js HTTP/1.1
Host: www.ll-av-02.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ll-av-02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:41:54 GMT
content-type: application/javascript
last-modified: Tue, 07 Dec 2021 18:04:35 GMT
vary: Accept-Encoding
etag: W/"61afa233-8b8"
expires: Mon, 19 Dec 2022 20:41:54 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2