dolapcim.com/read-htm-tid-133349.html
206.237.132.115301 Moved Permanently 0 B URL HTTP/1.1 dolapcim.com/read-htm-tid-133349.html
IP 206.237.132.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /read-htm-tid-133349.html HTTP/1.1
Host: dolapcim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 05 Feb 2023 06:04:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.dolapcim.com/read-htm-tid-133349.html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3963
Expires: Sun, 05 Feb 2023 07:10:45 GMT
Date: Sun, 05 Feb 2023 06:04:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12657
Expires: Sun, 05 Feb 2023 09:35:39 GMT
Date: Sun, 05 Feb 2023 06:04:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 05:33:54 GMT
content-type: application/json
age: 1848
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20340
Expires: Sun, 05 Feb 2023 11:43:42 GMT
Date: Sun, 05 Feb 2023 06:04:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nmCqPwubIbH/1EWsvmsFdJmWqwEuJCu7LdEqRF2Bb4apk/22zeDtSJ8LSrscFvY+RtOHa93kvY5FgQm9i66Glw==
x-amz-request-id: 3Y54DVF5RGJF7J99
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 05:53:09 GMT
age: 693
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:42 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 05:07:20 GMT
age: 3442
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dolapcim.com/read-htm-tid-133349.html
206.237.132.115200 OK 652 B URL HTTP/1.1 www.dolapcim.com/read-htm-tid-133349.html
IP 206.237.132.115:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (974), with CRLF line terminators
Hash dd56cb9c61f7e62064219f5862b659e8
56e7d7320e222719ef7d29425b369dee2c2f5275
0f5667dfa4d314fb64be59336a7d3405bc8f8d680768ff5c78b580c1be796fce
GET /read-htm-tid-133349.html HTTP/1.1
Host: www.dolapcim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 06:04:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9603
Expires: Sun, 05 Feb 2023 08:44:46 GMT
Date: Sun, 05 Feb 2023 06:04:43 GMT
Connection: keep-alive
www.dolapcim.com/common.js
206.237.132.115200 OK 1.9 kB URL HTTP/1.1 www.dolapcim.com/common.js
IP 206.237.132.115:0
File type HTML document text\012- HTML document, ISO-8859 text, with very long lines (443), with CRLF line terminators
Hash 4e6199d34c214b339a11e6eafeb3ee49
133d97581c588cc800edb73d49d2a05d48f27bd5
de06b497bd8230df6397c5903088ce0263a656ca2a88b3d46303b609370bffcf
GET /common.js HTTP/1.1
Host: www.dolapcim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dolapcim.com/read-htm-tid-133349.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 06:04:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.35.19.71101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.19.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YibGlv2kjnjin0hXNpVOIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h59WRDgPLMw1TNi5XHJl8yqjupI=
www.dolapcim.com/tj.js
206.237.132.115200 OK 258 B IP 206.237.132.115:0
File type ASCII text, with CRLF line terminators
Hash 473508bed3dd320e5b525f9e0b4f6cc7
002fd582b4f03d17a5a91c8a19e50d91bdb26d24
e58f9a0d43e48bd66b859fda2065046f70c112feb26759bc4fe3a31b14594242
GET /tj.js HTTP/1.1
Host: www.dolapcim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dolapcim.com/read-htm-tid-133349.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 06:04:56 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
209.73.159.131/shebi-common.php?val=shebi17&t=0.8095847598614109?v=09514774092192964
209.73.159.131200 OK 90 B URL HTTP/1.1 209.73.159.131/shebi-common.php?val=shebi17&t=0.8095847598614109?v=09514774092192964
IP 209.73.159.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ec7aa2507752674ced41555bc95021ad
a942157192eccba0241035cdb901eec6dae88ae9
a5a9e93501d3c6e8e22faecd997b9569a83a8ba0e4e63abbc9fa86cabdbd66eb
Analyzer Verdict Alert quad9 Sinkholed
GET /shebi-common.php?val=shebi17&t=0.8095847598614109?v=09514774092192964 HTTP/1.1
Host: 209.73.159.131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.dolapcim.com
Connection: keep-alive
Referer: http://www.dolapcim.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 06:04:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
209.73.159.131/shebi-common.php?val=shebi17&t=0.43177933684962844?v=09050762740225521
209.73.159.131200 OK 90 B URL HTTP/1.1 209.73.159.131/shebi-common.php?val=shebi17&t=0.43177933684962844?v=09050762740225521
IP 209.73.159.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ec7aa2507752674ced41555bc95021ad
a942157192eccba0241035cdb901eec6dae88ae9
a5a9e93501d3c6e8e22faecd997b9569a83a8ba0e4e63abbc9fa86cabdbd66eb
Analyzer Verdict Alert quad9 Sinkholed
GET /shebi-common.php?val=shebi17&t=0.43177933684962844?v=09050762740225521 HTTP/1.1
Host: 209.73.159.131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.dolapcim.com
Connection: keep-alive
Referer: http://www.dolapcim.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 06:04:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/YCE8GgJKWXc
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/YCE8GgJKWXc
IP 216.58.211.3:0
Hash 9b373c62911ddc538a5a1baa75df2ebb
d3def1931867a98fc0535b17f413a5814041d20a
c309d369bc2c2bb60c0dca68715064c2bed1bdf0e3b17927f3eba4b83c633381
POST /s/gts1p5/YCE8GgJKWXc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:04:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/YCE8GgJKWXc
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/YCE8GgJKWXc
IP 216.58.211.3:0
Hash 9b373c62911ddc538a5a1baa75df2ebb
d3def1931867a98fc0535b17f413a5814041d20a
c309d369bc2c2bb60c0dca68715064c2bed1bdf0e3b17927f3eba4b83c633381
POST /s/gts1p5/YCE8GgJKWXc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:04:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/YCE8GgJKWXc
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/YCE8GgJKWXc
IP 216.58.211.3:0
Hash 9b373c62911ddc538a5a1baa75df2ebb
d3def1931867a98fc0535b17f413a5814041d20a
c309d369bc2c2bb60c0dca68715064c2bed1bdf0e3b17927f3eba4b83c633381
POST /s/gts1p5/YCE8GgJKWXc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:04:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb659bd601c6f1ab06201c1e911f2e27
881078e1cca5ae921c9f5f88db6bbc5fc8ac3d9e
093608415698b047541e16be228878314609d0ee87e9d9d34a66d24523b7f86e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "093608415698B047541E16BE228878314609D0EE87E9D9D34A66D24523B7F86E"
Last-Modified: Sat, 04 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Sun, 05 Feb 2023 12:04:03 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ff45e820f1bef9613da5330f5f5c482
bd7a9bf17e5af6258625da2d8bb9e2029b175dd0
71b1f88227c4f263fa374d74851ba06782ebfa9962d78a6b94f8b11925b7f5c0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "71B1F88227C4F263FA374D74851BA06782EBFA9962D78A6B94F8B11925B7F5C0"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 05 Feb 2023 12:04:45 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb659bd601c6f1ab06201c1e911f2e27
881078e1cca5ae921c9f5f88db6bbc5fc8ac3d9e
093608415698b047541e16be228878314609d0ee87e9d9d34a66d24523b7f86e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "093608415698B047541E16BE228878314609D0EE87E9D9D34A66D24523B7F86E"
Last-Modified: Sat, 04 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 05 Feb 2023 12:04:45 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ff45e820f1bef9613da5330f5f5c482
bd7a9bf17e5af6258625da2d8bb9e2029b175dd0
71b1f88227c4f263fa374d74851ba06782ebfa9962d78a6b94f8b11925b7f5c0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "71B1F88227C4F263FA374D74851BA06782EBFA9962D78A6B94F8B11925B7F5C0"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21547
Expires: Sun, 05 Feb 2023 12:03:52 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3825
Expires: Sun, 05 Feb 2023 07:08:30 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3825
Expires: Sun, 05 Feb 2023 07:08:30 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ff45e820f1bef9613da5330f5f5c482
bd7a9bf17e5af6258625da2d8bb9e2029b175dd0
71b1f88227c4f263fa374d74851ba06782ebfa9962d78a6b94f8b11925b7f5c0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "71B1F88227C4F263FA374D74851BA06782EBFA9962D78A6B94F8B11925B7F5C0"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 05 Feb 2023 12:04:45 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:26 GMT
age: 29599
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /yPS7hqfHgkFauS2djb/xtb.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
content-length: 0
last-modified: Fri, 23 Dec 2022 09:01:03 GMT
etag: "63a56e4f-0"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0fUUES4e%2ByZ3twyzGUzQ8hQOpbPo2prKM0mHZy9HuVzw8Bw17%2F1ibur4rQjUHSxFOERgdWSaKIGVkKLxIPyFUCV1Kdujl4nltrfdnRK0KcR4QzYgVTTTVndpclzcBw4KYVftQ8o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973516991b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a85f9ff-45f7-4467-9bcf-99adfc764c87.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a85f9ff-45f7-4467-9bcf-99adfc764c87.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e011d457dc1153c2be3958161c109d4c
7579fae4b76a48eba7acd8f8572db91191db0c19
03156808efbab06a9a28138dd185c7870a1144f758b9743878f480de863eb884
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a85f9ff-45f7-4467-9bcf-99adfc764c87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4493
x-amzn-requestid: 83e58e1a-ee1d-46a9-861c-1119166df08b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJsrFmmoAMFkdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcb7-70db4dc502641c010e29fd08;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fnUx-d1GCQ_kAeCwkEaS7f0EvS1WfNBtuk0Jhi6Q0IWpWX_PXDBR2w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 10:35:52 GMT
age: 70133
etag: "7579fae4b76a48eba7acd8f8572db91191db0c19"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 038389ad522800a64f0a3264034c8731
2fa3b2f3f5b084af3c156a3dae1995316ea83142
35ba9e679a607178f38a4b27eecad0869355ca7b8aca8d4cdbd7e229ad5f5611
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BA9E679A607178F38A4B27EECAD0869355CA7B8ACA8D4CDBD7E229AD5F5611"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 05 Feb 2023 12:04:45 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42e15cd8fe8af906b496b074ddbd0468
ae7a1bc4c2d216a3947ce1c918ecc62dd71ec484
f2cf6b784231bfd3d89650531b629206cdefbf0c0e2c6895f9d865dedf9b8c40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2CF6B784231BFD3D89650531B629206CDEFBF0C0E2C6895F9D865DEDF9B8C40"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 05 Feb 2023 12:04:45 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
tk.learning8809.com/images/xt3.gif
188.114.97.1200 OK 193 kB URL HTTP/2 tk.learning8809.com/images/xt3.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 326 x 217\012- data
Size 193 kB (193237 bytes)
Hash a15551773d50ba1bc1c91f1ac0e7a45f
603c163ea29d202ec5019fecaf202962892d6500
dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e
GET /images/xt3.gif HTTP/1.1
Host: tk.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: image/gif
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
etag: "626930ff-2f2d5"
expires: Sat, 18 Feb 2023 08:01:20 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1461805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1YSWbwLiBbWEgMhnSt57JqYMZsw0Hy5O%2BCxtxx857geA4fqnNqoJWZTPt%2BymKC8%2Ber%2BrnCzGcuoGPPlOz8UE%2B9NZ7dBekgz54YQvd2PyMuynIQs8cmqo6u9p%2Bk4xm3nKM49tHp9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973524a05b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8809.com/images/xt7.gif
188.114.97.1200 OK 269 kB URL HTTP/2 tk.learning8809.com/images/xt7.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 269 kB (269177 bytes)
Hash 3be5bc895ae3e525bbcfbb2a2696ed0f
1f3d2c548412b47b65acf224f1a6b7bf89dcf876
59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
GET /images/xt7.gif HTTP/1.1
Host: tk.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: image/gif
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
etag: "62693107-41b79"
expires: Tue, 21 Feb 2023 22:14:22 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1151422
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvAiJPiTfrAVMeY1EsFgqk1JH41%2BKdhWOsREItyPqNCTuhFTgO3%2BI8yA2KY8WuGuH2EQwjz5pY6yqyTei27ztkE71DYUM5sktkQmTL0SdZEcel692KwYdBxCwB6w5V37rK5PSjNT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973524a0ab4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8809.com/images/xt9.gif
188.114.97.1200 OK 329 kB URL HTTP/2 tk.learning8809.com/images/xt9.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 329 kB (329331 bytes)
Hash 0982fef3f808ddf5925e60c39af631ba
80d6f27859a94c2c49b9175d2e9f84e6bd9b5605
bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d
GET /images/xt9.gif HTTP/1.1
Host: tk.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: image/gif
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
etag: "62693109-50673"
expires: Mon, 06 Mar 2023 00:34:00 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 106245
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TU5wDyO5SXx%2B%2Bkqf7Hku%2FAJ2pp%2Bj3TiYk1y6CkUMtIufzl9LaNSFdfeKmGZc4fwFZQef0SbsRyKRhRMf1RLRiQL9dUd2vWvLDFIozsRYKt%2BBF2LPjCYGjQhNPekL7E1LzKnEkaVd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973524a0cb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8809.com/images/xt2.gif
188.114.97.1200 OK 377 kB URL HTTP/2 tk.learning8809.com/images/xt2.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 448 x 359\012- data
Size 377 kB (376694 bytes)
Hash 8e954a81cfc4fcdc8b1d5ff074a421a7
80810fedd18106dc58686ddc5106e7586ec38bc3
0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80
GET /images/xt2.gif HTTP/1.1
Host: tk.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: image/gif
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
etag: "626930fd-5bf76"
expires: Tue, 21 Feb 2023 22:14:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1151424
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLNolOMnHho5ocSuPOi0MtE7BuCths6EbI8xkU%2FrXeJpLoxqX3gFVWFGavvXKHe0Ol%2FYbFkyncczfy9gTIhIIZ%2Bjx68VX1OtTizUQ%2Behmwlw3fyCKedNMMXYktOnbnTdiq%2BP99lT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973524a04b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
188.114.97.1200 OK 444 kB URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
IP 188.114.97.1:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 444 kB (444030 bytes)
Hash 5da863cfe07e64bab3c282fb83ad1646
349074f3e62f440ec6aa68f0e8e769ffc8f2ddc7
418c4fd237060b1fbe8da77e2e80d01dd02a35b760f7b0fdb1e947c972fc0718
GET /yPS7hqfHgkFauS2djb/254.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 07:02:51 GMT
etag: W/"63dcb19b-3fe"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wh9Q4TW%2FRSgqDJ1r3xi16tNjmipdg0tL%2FxcqaGCPCYJgWLFCmYrE2lxhCWW4eImJwKHKrWlhODiVzjVe1Ry3MZVwMHh0Ldd7W%2BopvjQTaODCmV3hRa6b7jQf13ckskIHTYjcgNkL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79497351195ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8809.com/images/xt10.gif
188.114.97.1200 OK 624 kB URL HTTP/2 tk.learning8809.com/images/xt10.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 145 x 145\012- data
Size 624 kB (623748 bytes)
Hash a32d51e341cd89abbece4c69d304f22d
66079b18e75f9469f4be074e9bc02ba0d85c4361
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
GET /images/xt10.gif HTTP/1.1
Host: tk.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: image/gif
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
etag: "626930f8-98484"
expires: Tue, 21 Feb 2023 22:14:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1151424
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQG09vgeQWhhUlOt1vkHBMXtg0fKBDlnvZ%2FTRqdUDtrtE8qcwsPcT6UQ4xho1sJl6KQtSWAgnHOUHvqPHT%2BPMzVnPrIy2pHPBR6iAj4DIooRk%2BfLeFgD1FztwHhKYRWrPtJHhiJC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973524a01b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8809.com/images/xt12.gif
188.114.97.1200 OK 750 kB URL HTTP/2 tk.learning8809.com/images/xt12.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 750 kB (749706 bytes)
Hash 5b3e843ec7923ace3c8c52e7e3d71608
65b34236bdea1d3bb438b23eaa028df8b587cc45
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
GET /images/xt12.gif HTTP/1.1
Host: tk.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: image/gif
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
etag: "626930fc-b708a"
expires: Tue, 21 Feb 2023 22:14:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1151424
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmNkcpPLBTCvIyc4J4%2Fazs1kAHJ1p19qGXUPoRej4YPPRQsNAZE3MGeWZeL0%2FCI5MrgFw%2FqA0HoVcVsLn5GZsrIr4si2mSrHkHgCUaamreSnPLg%2B2guKzcMxk3%2B%2BbFJiQewBiQ%2BE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973524a00b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61ef2f28-06d6-4c28-b598-e80a6c49ef77.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61ef2f28-06d6-4c28-b598-e80a6c49ef77.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f4a8749b09484bfc2a8fe4b33c69624
299d7514cf29c2dbd919581883239ef44c0984dd
22a61b6e7b48eeb44339469a353efdef0dc089be670fb490627dd33adc59168b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61ef2f28-06d6-4c28-b598-e80a6c49ef77.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4526
x-amzn-requestid: 0942d90f-c9a6-40e6-9439-5da97a42cd35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fye2wEngoAMFmGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddab5e-5d3234d519561b4040eff4c3;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:48:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R1qPFlHQU4h3kdFSDUaCYaL01xjAjBuGFaC87mnu8yocmhBBMTaywQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 05:34:28 GMT
age: 1817
etag: "299d7514cf29c2dbd919581883239ef44c0984dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 28487
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tk.learning8809.com/images/xt5.gif
188.114.97.1200 OK 1.7 MB URL HTTP/2 tk.learning8809.com/images/xt5.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 1.7 MB (1693315 bytes)
Hash 036bdfc6224659a646168502a1742fb5
69ca9749e1a5f16d97d91c5c28f8c5d541093fd4
6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94
GET /images/xt5.gif HTTP/1.1
Host: tk.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: image/gif
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
etag: "62693103-19d683"
expires: Tue, 21 Feb 2023 22:14:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1151424
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIb6o0%2F4rMWQowKiEg417Bvm%2F3%2Bow9%2FzyLGiCa%2FFN7uTzAhRqPuAIQ%2BRC80GvvacgrS46EYR0zfXvHVl%2F9KU%2B9FwFO1LtfYui8q0adUkkcoUFTlzFz4RriJsXlfX4EO95TCRo2Nh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973524a06b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 038389ad522800a64f0a3264034c8731
2fa3b2f3f5b084af3c156a3dae1995316ea83142
35ba9e679a607178f38a4b27eecad0869355ca7b8aca8d4cdbd7e229ad5f5611
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BA9E679A607178F38A4B27EECAD0869355CA7B8ACA8D4CDBD7E229AD5F5611"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Sun, 05 Feb 2023 12:03:54 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 038389ad522800a64f0a3264034c8731
2fa3b2f3f5b084af3c156a3dae1995316ea83142
35ba9e679a607178f38a4b27eecad0869355ca7b8aca8d4cdbd7e229ad5f5611
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BA9E679A607178F38A4B27EECAD0869355CA7B8ACA8D4CDBD7E229AD5F5611"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21511
Expires: Sun, 05 Feb 2023 12:03:16 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
sb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
188.114.97.1200 OK 669 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
IP 188.114.97.1:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash ff3c44462c4709c0127d12fdfbc49381
4bb21721fdba30c772f9b04735b8aee0c34ce7a2
d5465bfda4d7c95da437fc8bc20055a4232b0b396d9fa483cd86e60831277406
GET /yPS7hqfHgkFauS2djb/252.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 07:03:02 GMT
etag: W/"63dcb1a6-3fd"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBFCS67VjjlYo3xGcw5Ad1tqfGLlqtiWghHF839eunHyY2IuJz6Evlf%2FkfOHuDZ9qe08AYwvNo4U%2FQwfTz0Zx8i3hW1Pk0XdaOAS%2FhNmqXX7sSPmjaJTirMZ%2BLBea5DwQiq8UAxf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973511957b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 038389ad522800a64f0a3264034c8731
2fa3b2f3f5b084af3c156a3dae1995316ea83142
35ba9e679a607178f38a4b27eecad0869355ca7b8aca8d4cdbd7e229ad5f5611
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BA9E679A607178F38A4B27EECAD0869355CA7B8ACA8D4CDBD7E229AD5F5611"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Sun, 05 Feb 2023 12:04:25 GMT
Date: Sun, 05 Feb 2023 06:04:45 GMT
Connection: keep-alive
sb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
188.114.97.1200 OK 1.6 MB URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
IP 188.114.97.1:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 1.6 MB (1640137 bytes)
Hash fc5092c0264201d51615026bbeed1393
b374905323fa962eff1f48bbb105f07ec21a1043
e4bc3b2647d260712d7e8ae92450b62b40c552b83698e5d91e4f0d7b2d7f30fd
GET /yPS7hqfHgkFauS2djb/253.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 08:48:47 GMT
vary: Accept-Encoding
etag: W/"63ca556f-421"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOk9RSULK58KbrPzoGvQ%2FoxtYfm2mnVjE0RVqgffJzeeoDcd6G%2Bqj7J3EO4hJnfNpERsvrBVwjCZZVmvcUzshH8UlDWtzdOtcOtvaVbtqJ7Y51VOxfunw%2BAw9k%2FJbAafiOnsYxYa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794973511959b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tk.learning8809.com/images/xt6.gif
188.114.97.1200 OK 2.2 MB URL HTTP/2 tk.learning8809.com/images/xt6.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 152 x 152\012- data
Size 2.2 MB (2168710 bytes)
Hash a0d945b4c30bc77735161545d1e00072
87c77a030ae771c3010d1215f73d1426e03f48dd
8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb
GET /images/xt6.gif HTTP/1.1
Host: tk.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: image/gif
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
etag: "62693105-211786"
expires: Tue, 21 Feb 2023 22:14:22 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1151423
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8L%2Bb%2BOqb5lqMseXNDeL6%2BHptAbMT550QSazMc%2FEBIF9z4bkWfis%2B0dNnmei5YJYV1jP5f5d8qVb6Inrj6eUhRf97soeA0o0cmS1iNBA7%2FveOan3LIz8gAHrX6Ws26p%2FlMOdGaZ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794973524a08b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b596a8e984911df703e15c72d25d513
a1fa1355f4de6f246d35bed9f128e13fc9dc4e72
aba708124199ec6b0ce86ac14c6c18d233ff405071a7f22522217c2fcb0aa9b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13557
x-amzn-requestid: 981a0f31-e874-4392-a81d-12d667020700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-JGEsoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca85a-7398031f2676734c65447e5b;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dDjAyq5pSck1A4V9vIFxwjPfUfo4B23FmPmq9AJwxGLqy6m99zEH-Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 28487
etag: "a1fa1355f4de6f246d35bed9f128e13fc9dc4e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d632f8be93820b9746f76146fe3ff0e
7e5e9b16819af678ba84ddb6f45c073e659e2f4e
26ad66cf5e4fe4de99ad31b5c4f0fa3d05c085be04610de8ad80989528c100bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6434
x-amzn-requestid: ccf74c35-c654-4a9a-8121-ab27fc4cd862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WWYFbJoAMFgSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f5-10dedb6a287acd2b10cdfdb4;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3bv0yNuzTWh742AZFesuU0caKmg0nMFc3P0bLYkhGd-TAeg5R9W_vQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:28 GMT
age: 29598
etag: "7e5e9b16819af678ba84ddb6f45c073e659e2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 14b1e472947470a10363aa6e2d5c2318
3d06c701489fbcf98a6ccee17c501737ea365b44
d16bee1bf44cb6dc3688a2f6ea465f823f98bafa3acf1e2e36fe0ed8c974df36
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:04:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 09 Feb 2023 04:42:30 GMT
ETag: "3d06c701489fbcf98a6ccee17c501737ea365b44"
Last-Modified: Sun, 05 Feb 2023 04:42:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 284
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79497354c844b512-OSL
www.gg123456789gg.com//upload/vod/20230204-1/501f20f521b8cab27989637b6c5deccf.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/501f20f521b8cab27989637b6c5deccf.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash a302e5d47bfe5e1bc0db293fc83effcb
1f99461bce3d91f8a830b8fb3d09030e7ec3c80f
449771ddc49b427a552e05dac59d2c0daea404f0f95f363acacf0fef8b32228d
GET //upload/vod/20230204-1/501f20f521b8cab27989637b6c5deccf.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 10821
last-modified: Sat, 04 Feb 2023 07:30:09 GMT
etag: "63de0981-2a45"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/9b9c78c4c5550909547639e108096e30.jpg
136.0.141.5200 OK 7.1 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/9b9c78c4c5550909547639e108096e30.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 8a88c3c9f490588818516936aafab3aa
19d5332925edf4ef19a13f055ce689bc4b546030
42371ae7b115f3eebdb4a5b16eb64dd624f05c84a64e8fe8820f666d30e921cf
GET //upload/vod/20230204-1/9b9c78c4c5550909547639e108096e30.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 7072
last-modified: Sat, 04 Feb 2023 07:30:09 GMT
etag: "63de0981-1ba0"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/81886c1de009782616e73a547e92a875.jpg
136.0.141.5200 OK 8.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/81886c1de009782616e73a547e92a875.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 0236e7258a94aa76b4924bf07607921b
92bd0acc301dd54c33f75a415c0d2424f9929e4d
0a09302b95dbf9c81e8679cc3a75bba8ca3640ff2d4328e40e9e8bd577b0b5fa
GET //upload/vod/20230204-1/81886c1de009782616e73a547e92a875.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 8610
last-modified: Sat, 04 Feb 2023 07:30:08 GMT
etag: "63de0980-21a2"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
klx3.zhgmjglh808k.com/
104.21.46.182200 OK 14 kB IP 104.21.46.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash bed4b20529e2917586e1f6f053d7c60a
f5666b19a337b931b24b67b45de01db7e1b97f50
e72907833064dc3333912343397613cb5910fe4775334f8f4b9f8706c24abe56
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: klx3.zhgmjglh808k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dolapcim.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:44 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4aWXOshOXWXWOqhAQyKHBGThf%2FC51BcvjnDFMaI2VdnK98vjjNRgN8XVGKdDi4sBkFKw6gKQPYfBjS6qJVuwm2wgnV6Ja4D6C8%2FRkS5RGuoxqfC7vUad9j6%2BvGFy0GFetzx%2FJ2Deuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79497347ef1cb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/dce55ad9c0ff1075d481e63c25d2375e.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/dce55ad9c0ff1075d481e63c25d2375e.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 367895d699cb1a9b4affdb19423b3cc2
dd1979a84089cd3f86b9ede68a23aaf98d7afde4
df469988fb14fc32d2c5971b632428af14a4cdeb40b0d1b24ab7237ddd9f9993
GET //upload/vod/20230204-1/dce55ad9c0ff1075d481e63c25d2375e.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 10096
last-modified: Sat, 04 Feb 2023 07:30:08 GMT
etag: "63de0980-2770"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
klx3.zhgmjglh808k.com/template/m1938pc/css/ate.css
104.21.46.182200 OK 15 kB URL HTTP/2 klx3.zhgmjglh808k.com/template/m1938pc/css/ate.css
IP 104.21.46.182:0
File type ASCII text, with CRLF line terminators
Hash a45f9b36bf4fdfdc77527d6c787f0548
e7601612c6a66141875744b3a1b127b6e113cb3c
a1acda8ba267ef0a7b3a2403005ac8eb717cdfe080fcbf913ef222b277a9b221
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: klx3.zhgmjglh808k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:44 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
vary: Accept-Encoding
etag: W/"61be9b34-126e4"
expires: Sun, 05 Feb 2023 06:48:16 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40587
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYuN8p6ICEReSUZV7PFck%2Brdis4Az34gfrdWd6thTuQ4ecMwB2nWT%2Bj04vPfuCWStFYx%2BOvQ582JBU54dToGN6gtjUum9XQbDrgA19nES0%2FVU8oRmAyPjgl9esl81fnYI2pTucpDQ%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949734b18e3b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/d446b84b3c1d8faa95c02eab3c4a3df8.jpg
136.0.141.5200 OK 9.1 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/d446b84b3c1d8faa95c02eab3c4a3df8.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 340f273abaa780669e298bdd0a4d5178
b9f1c2329d3745bb43761660575d8c2b90bb56eb
c0eee0c4526d70663d2b9af970a2d99b5162aa55f06b26050bf95caaf5fd9e2d
GET //upload/vod/20230204-1/d446b84b3c1d8faa95c02eab3c4a3df8.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 9055
last-modified: Sat, 04 Feb 2023 07:30:10 GMT
etag: "63de0982-235f"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
js.users.51.la/21278761.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21278761.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash f699a4e503fc96bb448fbeeacd19e72b
02d1fa6a3772ec3c809a06b2c67abd16f2c1469c
3865324eadef796b018a5eee7bbdd260fd2ee812abe42204517b2ac6c07d779e
GET /21278761.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Sun, 05 Feb 2023 06:04:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=37bf222327d12d0a485; path=/
HWWAFSESTIME=1675577085200; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.gg123456789gg.com//upload/vod/20230127-1/a1e74d748a2c1ee759e9d449bbb42d78.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/a1e74d748a2c1ee759e9d449bbb42d78.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 12f96eb25064c0170bacb90a19016036
78c1c8c561350d488599a9d9c4b0184be9366231
8c94957fab90a52936b944610e6e24a334cd64945cf7e920c732cfcf1565435c
GET //upload/vod/20230127-1/a1e74d748a2c1ee759e9d449bbb42d78.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 13415
last-modified: Fri, 27 Jan 2023 11:30:08 GMT
etag: "63d3b5c0-3467"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230127-1/3e378a3fd8f648f21ae979b18c60de04.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/3e378a3fd8f648f21ae979b18c60de04.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 71139b0dd059ea306310aa8a693f1cad
6ebcc977202f755842955366d2c8124063b5bcde
0a673a758ab02f2ffec153cef209d62c49f352c868664c401aeffb822784fe2e
GET //upload/vod/20230127-1/3e378a3fd8f648f21ae979b18c60de04.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 14336
last-modified: Fri, 27 Jan 2023 11:30:08 GMT
etag: "63d3b5c0-3800"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230127-1/e70b93d3f917f1ebe4abfbed959a2f5d.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/e70b93d3f917f1ebe4abfbed959a2f5d.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0d82e6bc2ff355e73bc45477f2abc9fc
42b406f7ea7d73ab153024949fe0c68bc77b5822
e74ffc4ad999ab74cbf17d45a82c7b9982ca95a134f20462e7ae1861f317dd53
GET //upload/vod/20230127-1/e70b93d3f917f1ebe4abfbed959a2f5d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12744
last-modified: Fri, 27 Jan 2023 11:30:08 GMT
etag: "63d3b5c0-31c8"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230127-1/c488f04d04b65d6a7fe6dcc92980c683.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/c488f04d04b65d6a7fe6dcc92980c683.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 4c0d2650bb15a9c874ea06e843da7227
7d05cbceab9a1185cb5d017f1811c001251ee1cb
d37837495d813e5f3c01e5b5e3bb7b3d7fb38231232d8375cfc80c155556000f
GET //upload/vod/20230127-1/c488f04d04b65d6a7fe6dcc92980c683.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 14921
last-modified: Fri, 27 Jan 2023 11:30:08 GMT
etag: "63d3b5c0-3a49"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230127-1/a7e9bfc4f606bccc930b596c892a3723.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/a7e9bfc4f606bccc930b596c892a3723.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 1030-769, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 51859558400.000000\012- data
Hash f16a09d03e9969ff8494e899aa8be3ed
289f0bca263e93896df4380da2531a3f8d0f57e9
9df542117bc646e8266d549d403cf7f78c6d1e1699f61803c6c2b4fc440ba776
GET //upload/vod/20230127-1/a7e9bfc4f606bccc930b596c892a3723.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12550
last-modified: Fri, 27 Jan 2023 11:30:07 GMT
etag: "63d3b5bf-3106"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230127-1/5fce7fa20e551e089c1a81e12d91341a.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/5fce7fa20e551e089c1a81e12d91341a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash eb6b87039f51927b12f18b75ffc4e26b
23cca8a22b40c083ca8c8d1df73bddd9fd108549
8b993b4ec5cb25792b3e2c75d3d5c7838fcf535135c30e8acb5cbb9939de1f86
GET //upload/vod/20230127-1/5fce7fa20e551e089c1a81e12d91341a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12295
last-modified: Fri, 27 Jan 2023 11:30:07 GMT
etag: "63d3b5bf-3007"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230127-1/a52ec999815f0af1d162dd5083cfafe0.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/a52ec999815f0af1d162dd5083cfafe0.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a400cbe612577fe4060c4d1be7614b0e
6758938805864baba995934b4de8984d3f3ffe57
0d13a3d81be1a21b50ebf41aa778ed74b62a86eed46f3b7d48337d33178170f3
GET //upload/vod/20230127-1/a52ec999815f0af1d162dd5083cfafe0.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 13110
last-modified: Fri, 27 Jan 2023 11:30:07 GMT
etag: "63d3b5bf-3336"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230127-1/0ee6fd14835d24d5417e799411a01d62.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/0ee6fd14835d24d5417e799411a01d62.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 3dc3e22245530c65e316fa74dacd1d3e
12e46c44bb7be65fcaf6078cbf3bdd1427bc4867
f297c0d21dfb33120b41b4d573ef0f61879b78538e8a7f2b5be0525bb1f332c9
GET //upload/vod/20230127-1/0ee6fd14835d24d5417e799411a01d62.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 13440
last-modified: Fri, 27 Jan 2023 11:30:07 GMT
etag: "63d3b5bf-3480"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230127-1/c7f1ee65c14f403675c8e108e2ece682.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/c7f1ee65c14f403675c8e108e2ece682.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash fc84006a6c25943bedfd49de8bb6efa5
6ced52845639f16179b875f549b9c6f6c3be4a05
8b77cf4cb45dbcdaa3c20bf7aec0c6d6193b845ddd24f86ea2f8ac499cf68521
GET //upload/vod/20230127-1/c7f1ee65c14f403675c8e108e2ece682.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 10354
last-modified: Fri, 27 Jan 2023 11:30:07 GMT
etag: "63d3b5bf-2872"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230127-1/a2a86da8d5b148fdf70aa3a5a503feeb.jpg
136.0.141.5200 OK 8.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230127-1/a2a86da8d5b148fdf70aa3a5a503feeb.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash c01de90cfb86a7e8504a77c28b1df6cd
f77b0845731f4d3b02671f90e01ade8a76cacc70
616b8a7cb3e05ef1de0bd737a8fd4e5298fb08f3c8d2accae969a866e3c0ea1b
GET //upload/vod/20230127-1/a2a86da8d5b148fdf70aa3a5a503feeb.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 8585
last-modified: Fri, 27 Jan 2023 11:30:06 GMT
etag: "63d3b5be-2189"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230103-1/075b92ffc500a10b78d9991baf431f10.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230103-1/075b92ffc500a10b78d9991baf431f10.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f8007885f595d52613592195ee8239c0
2a1a1c80851c4d89e99b7b25805633604ffd643b
ad941654353e4b79b0bb697d3944a96bff8fd186acf419bfe41e12198fee2bc9
GET //upload/vod/20230103-1/075b92ffc500a10b78d9991baf431f10.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 10882
last-modified: Tue, 03 Jan 2023 02:30:02 GMT
etag: "63b3932a-2a82"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230103-1/57d47750bedf989be975e0bc11c84952.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230103-1/57d47750bedf989be975e0bc11c84952.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 2c46854204976d228296e50013abc02b
f02f7982af39ec08b8edfb80bd3368def83469f5
eb6303d55ab5015cb35e9d90ac8604e5193a5e25b6008fe9059423d5528d4c5c
GET //upload/vod/20230103-1/57d47750bedf989be975e0bc11c84952.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12630
last-modified: Tue, 03 Jan 2023 02:30:02 GMT
etag: "63b3932a-3156"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230103-1/39500d2d0dee6f775109a788429bb6f1.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230103-1/39500d2d0dee6f775109a788429bb6f1.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f2fc8f397aa6dac1cd9cf7babcb580e7
9980cc3e78f9868bb2f11a864a3535f44249499f
a7154a336ce23bfc207d860e051865b6143ff15fdad0f86962126579437a77b4
GET //upload/vod/20230103-1/39500d2d0dee6f775109a788429bb6f1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 11848
last-modified: Tue, 03 Jan 2023 02:30:02 GMT
etag: "63b3932a-2e48"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230103-1/8e4e79ebd6b033567704c61c9e994648.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230103-1/8e4e79ebd6b033567704c61c9e994648.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 5ace24fa8cfd29138634aca8f27b0182
6343ba02b84fff6c3b310380ac6e2b6c7561e8be
974e05a4ba4e0f73958b1bf222f961f2e19ad42047b9bc7541f93d38e51313a5
GET //upload/vod/20230103-1/8e4e79ebd6b033567704c61c9e994648.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 10201
last-modified: Tue, 03 Jan 2023 02:30:02 GMT
etag: "63b3932a-27d9"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230103-1/451f846caf1463d47aee3cd41190dfb1.jpg
136.0.141.5200 OK 9.7 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230103-1/451f846caf1463d47aee3cd41190dfb1.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 73d6f95c5e2d7606b3c7fd3c37543d39
5aea58d812e5a9d2ef1294a2ffca797449d38597
151d473ac5d6aa56a773468d45a054d68c67cae73892c022365e22125f0a7070
GET //upload/vod/20230103-1/451f846caf1463d47aee3cd41190dfb1.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 9693
last-modified: Tue, 03 Jan 2023 02:30:02 GMT
etag: "63b3932a-25dd"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230102-1/5c78eb2da436e09a511a048417a9f9c9.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230102-1/5c78eb2da436e09a511a048417a9f9c9.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash b508e881a78c521c20ace081ef3f1648
82053dbeae5e7127845e07b99b19caba260a52d7
4554e1fe63a3955780450c29983b7ada310375f38e01eff016691a7273a22f1a
GET //upload/vod/20230102-1/5c78eb2da436e09a511a048417a9f9c9.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12008
last-modified: Mon, 02 Jan 2023 04:30:05 GMT
etag: "63b25dcd-2ee8"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230102-1/9cd9f7c2a3ac2832e855e0af45f90f5a.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230102-1/9cd9f7c2a3ac2832e855e0af45f90f5a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 0dcdca48e51426f6fb0475c95ac04ff2
87021f3d0fdcb5af9fcb6c43ae3150ed753567a1
421f5253b8c55f77607ed9aa71a0e17a29f728fdd0878076e6d918a9e9e54c1e
GET //upload/vod/20230102-1/9cd9f7c2a3ac2832e855e0af45f90f5a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 11492
last-modified: Mon, 02 Jan 2023 04:30:05 GMT
etag: "63b25dcd-2ce4"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230102-1/c67a0ef87a151654bf8a4d5312ce50a2.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230102-1/c67a0ef87a151654bf8a4d5312ce50a2.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash d93ac08f039a9440c7ebf21192cd64b6
f0efd394c83d791b95f67821ef00e9367d328923
58abd7ec60cdc5d0b79c820dd76184c07c4c4acaf320d814d6b1bdedbc4554d7
GET //upload/vod/20230102-1/c67a0ef87a151654bf8a4d5312ce50a2.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12796
last-modified: Mon, 02 Jan 2023 04:30:05 GMT
etag: "63b25dcd-31fc"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230102-1/fb8f33e2d45291f55742c65af433e472.jpg
136.0.141.5200 OK 8.6 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230102-1/fb8f33e2d45291f55742c65af433e472.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f5af197da3c9e7247ac0fed61ed85c40
ab4688ca92d510fd3c647bc82a1577c300f5c899
44fe9d5c0b08d272c153938aa7b7b6c8af752bbb99d0dbae00e9754f32c62100
GET //upload/vod/20230102-1/fb8f33e2d45291f55742c65af433e472.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 8568
last-modified: Mon, 02 Jan 2023 04:30:05 GMT
etag: "63b25dcd-2178"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230102-1/107f62761d40d7242305f172b6bf74d4.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230102-1/107f62761d40d7242305f172b6bf74d4.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash d347fd9450e5f44f461496672bbe3eeb
f45ee1b3fc9e74004bdf7517b9ffda321eb6d201
e925627d776916305c6fb4108e6c945d244916ae682c73816ebfd46721ab3b6c
GET //upload/vod/20230102-1/107f62761d40d7242305f172b6bf74d4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 10358
last-modified: Mon, 02 Jan 2023 04:30:04 GMT
etag: "63b25dcc-2876"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/1eb13116e74a774f1b6b1e94850916f3.jpg
136.0.141.5200 OK 8.2 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/1eb13116e74a774f1b6b1e94850916f3.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash f1b1926a4df01ef310ca4cb8f6481cde
ca3b37d0ced99c5ead6f85c07c3fc312e4b8fb1d
f1a78fc560fa62edaedef0fbe6262e2c672789e1ec9c712b00cdac440dd251a6
GET //upload/vod/20230204-1/1eb13116e74a774f1b6b1e94850916f3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 8184
last-modified: Sat, 04 Feb 2023 07:30:13 GMT
etag: "63de0985-1ff8"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/4a7fb9e26f4211e519c3f4b49b9bc850.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/4a7fb9e26f4211e519c3f4b49b9bc850.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 62e9a512d235a2bb7f383e61d6e50df3
b8c56ab16d0c6ddf0bf77e289c91c5375bff5250
d85860987dc6ed957e9a9aa7b125525f091ddede66cf6816cf057999a8f2ecd9
GET //upload/vod/20230204-1/4a7fb9e26f4211e519c3f4b49b9bc850.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 11175
last-modified: Sat, 04 Feb 2023 07:30:13 GMT
etag: "63de0985-2ba7"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/b969d6fbece72812701dacf6bae83190.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/b969d6fbece72812701dacf6bae83190.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash b987a63f72c85e2411069daee98a32c4
b93a1509c4c205643b5a1fd7aeb867c168edf976
7602951aacf1bc0318fbf6151d50d6a31db9f2ad332ce3e060f7e3071a96de42
GET //upload/vod/20230204-1/b969d6fbece72812701dacf6bae83190.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 11195
last-modified: Sat, 04 Feb 2023 07:30:13 GMT
etag: "63de0985-2bbb"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/e17d9254dec318fcf50e5f8491e3359d.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/e17d9254dec318fcf50e5f8491e3359d.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash a9cbc670b811c448c7b34ac53fdd10a9
6b9a2b20da6069036b6cbf03653db73a36a85d37
6ff646669de86e95727e7c71d38b443c762c2cc2a15c7fc1fe2ae842527c4fda
GET //upload/vod/20230204-1/e17d9254dec318fcf50e5f8491e3359d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 10710
last-modified: Sat, 04 Feb 2023 07:30:12 GMT
etag: "63de0984-29d6"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/1429648e1c70a96b63313e098de5c872.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/1429648e1c70a96b63313e098de5c872.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 6dd2cdcfa7a6383b49fc68a9ea355d85
93d5071cc0f82e71f08d8686f1be9c8f958b2e43
0f50623c9161e2cb37e30c9d771eaa840af53107b35be9fbb7ce9f154bb49e29
GET //upload/vod/20230204-1/1429648e1c70a96b63313e098de5c872.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 10271
last-modified: Sat, 04 Feb 2023 07:30:12 GMT
etag: "63de0984-281f"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/e84f6f9b5ee072c4658eec7510e0f87b.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/e84f6f9b5ee072c4658eec7510e0f87b.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 340f15869cd7950cf9ba02b74dde20f8
a8ac9c4ffa53be8e77ce27178395f379796c5d2c
9e947ab5241612bdb8303303c00376e8d6279c2e60a1e52b0ae5c9b5e8e84731
GET //upload/vod/20230204-1/e84f6f9b5ee072c4658eec7510e0f87b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 11516
last-modified: Sat, 04 Feb 2023 07:30:12 GMT
etag: "63de0984-2cfc"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/bfcad3af6be49fae659149827a072447.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/bfcad3af6be49fae659149827a072447.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 8d9a4f485bb491c613a57897e3f35426
78a0bb6fbfa5bb95464c3306764c9e80c367412c
33dc9b90fcf29bdc3ce078929d4325916d578e9a328f9bacf08c346a8ecb30b1
GET //upload/vod/20230204-1/bfcad3af6be49fae659149827a072447.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12242
last-modified: Sat, 04 Feb 2023 07:30:12 GMT
etag: "63de0984-2fd2"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/823421fc930146e6cc1f1f552dd9186b.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/823421fc930146e6cc1f1f552dd9186b.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash c4da648b03bf9d36005a1cb1ebeb0dba
a505cf1f44586985f714fee6b543f29bf4bf9767
6ed0763ef6d2518e3d00946d0a8325e99e1961c513a53c998753077e235855ed
GET //upload/vod/20230204-1/823421fc930146e6cc1f1f552dd9186b.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 11534
last-modified: Sat, 04 Feb 2023 07:30:12 GMT
etag: "63de0984-2d0e"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/d4146f4819748373a14ae264013afbd6.jpg
136.0.141.5200 OK 9.9 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/d4146f4819748373a14ae264013afbd6.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 80ed8ccf01177e8942b36882be9ec194
cc3e117011f0916588a91880b19fe934e13157b9
8f28a11491f72e9835b7da9fbaa06ee21a952c64ee1b3506d2305c9c00ad2cd3
GET //upload/vod/20230204-1/d4146f4819748373a14ae264013afbd6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 9887
last-modified: Sat, 04 Feb 2023 07:30:11 GMT
etag: "63de0983-269f"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 522d89357c745e296553068027be3c0e
30af88a8e035022bc5b75f377e1ccdfe41482811
9a98b1a80298739dfcb088df76282a5453334338ee630eb6d25d95da04faa7e8
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 06:04:46 GMT
Last-Modified: Sun, 05 Feb 2023 04:30:22 GMT
Server: ECS (dcb/7F3B)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3ZMSJc-k-MCc6Z5jEyKFGHWpHrgRBFp2jVu4iOJfLE5xHOeF6p7EiQ==
Age: 5664
www.gg123456789gg.com//upload/vod/20230204-1/1a821c7d248dc808f68d0b5bd5d40008.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/1a821c7d248dc808f68d0b5bd5d40008.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 392694edb67c60b62a2460931fa67bf2
2530a0492b213a6c2be713e4d7e36df542250da4
f979e1ad52ee89e63f1caa55efabae9484ae69393ae4e8534502ec8644b21e16
GET //upload/vod/20230204-1/1a821c7d248dc808f68d0b5bd5d40008.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 11362
last-modified: Sat, 04 Feb 2023 07:30:11 GMT
etag: "63de0983-2c62"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 1e2dbbd9ce11fa40d488f69435a8050d
17e647ee8d7e435ba4038590131f81bdf29910a3
1e836f129ab861fb7e1688c45374b1336d11af9ff3f3121e41f78d7a24c3f398
GET //upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12063
last-modified: Fri, 02 Dec 2022 01:30:02 GMT
etag: "6389551a-2f1f"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
136.0.141.5200 OK 13 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 768-769, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 10.011994\012- data
Hash be311ae69aa806e335bf3f486c9c1742
1f03f482ff608cab3163afdeab73c2ed62cf2de0
385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03
GET //upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12628
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3154"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
136.0.141.5200 OK 14 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash 15016e4dc41923e35678f6879d6c2eb2
56522e64a0e2257181aa35e32e9023801e3dfeb2
b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb
GET //upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 14145
last-modified: Mon, 30 May 2022 22:30:19 GMT
etag: "6295457b-3741"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
136.0.141.5200 OK 15 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x240, components 3\012- data
Hash e102994da73de1c4f40db37257545fb5
348d2ece7d32a7ed1c2af957c22eebb8863377d0
4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9
GET //upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 15357
last-modified: Mon, 30 May 2022 22:30:20 GMT
etag: "6295457c-3bfd"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
136.0.141.5200 OK 33 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg
IP 136.0.141.5:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a1fc7657b8d6926a53055671bee349d
68ab1bc12c02da3a8def2daa09a789991b8c54e7
a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa
GET //upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 32778
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-800a"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
136.0.141.5200 OK 34 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg
IP 136.0.141.5:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02fe4fa1cab54aa6afa13de6a5ec35a1
f6ad518dfccb3aeff5d5f809d288fdb7ab177519
e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348
GET //upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 33634
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-8362"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
136.0.141.5200 OK 24 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg
IP 136.0.141.5:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 260x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e76298247b86c93518d6084cb4cccfe
c5da11c703b36e9415121d1e9f6ae7179c004ec3
95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9
GET //upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 23462
last-modified: Mon, 16 May 2022 04:30:15 GMT
etag: "6281d357-5ba6"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
136.0.141.5200 OK 12 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash bec220b3b49b05c6b75d762efb631eb7
fd0f46d366a98e8b5c8a51f2062b648a688b1252
d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7
GET //upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 12353
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-3041"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
136.0.141.5200 OK 18 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 210x299, components 3\012- data
Hash d6c8ad2c7eac5b55275ad3906346b9b1
b4e791297c2aa69be4ee4166fc70f15b76c1103b
35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6
GET //upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 18119
last-modified: Sun, 15 May 2022 04:30:18 GMT
etag: "628081da-46c7"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/f5dfb65f95a4d09a0f0be53210de1e58.jpg
136.0.141.5200 OK 11 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/f5dfb65f95a4d09a0f0be53210de1e58.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash 3187211510676b3b884c92a84455b40d
03df4580a110fcb16bc6381e8c2f79a1e147a07f
b60dfbb965708bd436ce6638b052b4c65b3373dc00a02b8e3f9f6f8b05dcea1a
GET //upload/vod/20230204-1/f5dfb65f95a4d09a0f0be53210de1e58.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 11345
last-modified: Sat, 04 Feb 2023 07:30:09 GMT
etag: "63de0981-2c51"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20230204-1/3649ad9f0c9517321f59faa59845ff14.jpg
136.0.141.5200 OK 10 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20230204-1/3649ad9f0c9517321f59faa59845ff14.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 240x320, components 3\012- data
Hash b0de8b23337248f17f8aff8b25bc538b
88ac7c0ab7c220e3f25235668a50515748d08711
c1bceeeb4d463f8085f4bf4e92c4b042b4c13df3ab9734d5160de8607e061919
GET //upload/vod/20230204-1/3649ad9f0c9517321f59faa59845ff14.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 10314
last-modified: Sat, 04 Feb 2023 07:30:09 GMT
etag: "63de0981-284a"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
klx3.zhgmjglh808k.com/template/m1938pc/css/zui.css
104.21.46.182200 OK 25 kB URL HTTP/2 klx3.zhgmjglh808k.com/template/m1938pc/css/zui.css
IP 104.21.46.182:0
File type assembler source, Unicode text, UTF-8 text, with CRLF, CR line terminators
Hash ec3361cd8dc438f2de88de9983c93841
b652261f102396ed3aba6adeef653783c1c6d129
dad4603595f1bff0af053679a527aa50ed80739d765ca95269205b721f3bac7d
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: klx3.zhgmjglh808k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:44 GMT
content-type: text/css
last-modified: Sat, 26 Mar 2022 14:15:36 GMT
vary: Accept-Encoding
etag: W/"623f2008-14f3a"
expires: Sun, 05 Feb 2023 06:48:16 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40587
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5phVp0eZ4UCBTmRUR93tKcbmpKkBbrM1nDqBmuGqWx%2Bbn6ltjSaRo4Ipgvx3XcFjkx5HblpeeYuckBe0Fce9Jg8XTZ1yL0Bf6wXRBAit2PH70mnwXNVk4vAa9h8U9AYJEFSzlNbbn38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949734b28e8b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
136.0.141.5200 OK 76 kB URL HTTP/2 www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg
IP 136.0.141.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 625x900, components 3\012- data
Hash 8df7397c01f50d1a0216d5aa5df5b616
8d6f18e7901340760b112b8ee25487d732b64e3c
c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1
GET //upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg HTTP/1.1
Host: www.gg123456789gg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:04:46 GMT
content-type: image/jpeg
content-length: 76403
last-modified: Sun, 15 May 2022 04:30:19 GMT
etag: "628081db-12a73"
expires: Tue, 07 Mar 2023 06:04:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash aff6a389a300d943101fd0b08b51bb1a
e53a7853b2afe3310b2ab9a55e987cc10437fe79
1f2ff021ab3d654e0f283e286b881ed570173227d127889152fffc0a4f638434
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:04:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 09 Feb 2023 02:47:46 GMT
ETag: "e53a7853b2afe3310b2ab9a55e987cc10437fe79"
Last-Modified: Sun, 05 Feb 2023 02:47:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1696
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949735aabe1b512-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash bf0a8a6df966aaa7ebfe8046b6f8d7e4
b4f7d5a12910fe5f2ba20b5937ad4a179164172b
06451fb0907b906157ec9ac08d2660dfa7aad853b43e0381edd0791f09e41b7e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:04:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 09 Feb 2023 03:19:10 GMT
ETag: "b4f7d5a12910fe5f2ba20b5937ad4a179164172b"
Last-Modified: Sun, 05 Feb 2023 03:19:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2583
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949735b1c0ab512-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash bf0a8a6df966aaa7ebfe8046b6f8d7e4
b4f7d5a12910fe5f2ba20b5937ad4a179164172b
06451fb0907b906157ec9ac08d2660dfa7aad853b43e0381edd0791f09e41b7e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 06:04:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 09 Feb 2023 03:19:10 GMT
ETag: "b4f7d5a12910fe5f2ba20b5937ad4a179164172b"
Last-Modified: Sun, 05 Feb 2023 03:19:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2583
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949735b2f61b4fa-OSL
u25022.com/80425b77b9bd0cff2005378bab6643ed.gif
13.227.254.7200 OK 1.2 MB URL HTTP/2 u25022.com/80425b77b9bd0cff2005378bab6643ed.gif
IP 13.227.254.7:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.2 MB (1217913 bytes)
Hash c705096a9fde58f82d85c91bbe72924a
52a49d3a5df458538c61fe3b8d50c12cc09796e4
be2b36a7353b79c2578b4ac0704ae20bb8441147fc2810b88e01dd156a52d66b
GET /80425b77b9bd0cff2005378bab6643ed.gif HTTP/1.1
Host: u25022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1217913
last-modified: Mon, 19 Dec 2022 09:01:07 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 Feb 2023 05:42:28 GMT
etag: "c705096a9fde58f82d85c91bbe72924a"
x-cache: Hit from cloudfront
via: 1.1 1ce5b4ee9f2f36701e8515d9d8ae140c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bnA_hLn4kUpSqtrwlntsFvfA3y9LK2FE6oGFej3uYS-GYWqS8Zwmuw==
age: 1339
X-Firefox-Spdy: h2
ia.51.la/go1?id=21278761&rt=1675577125529&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1675577125529&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx3.zhgmjglh808k.com%252F&pu=http%253A%252F%252Fwww.dolapcim.com%252F
183.240.166.133200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278761&rt=1675577125529&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1675577125529&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx3.zhgmjglh808k.com%252F&pu=http%253A%252F%252Fwww.dolapcim.com%252F
IP 183.240.166.133:0
ASN #56040 China Mobile communications corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278761&rt=1675577125529&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1675577125529&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx3.zhgmjglh808k.com%252F&pu=http%253A%252F%252Fwww.dolapcim.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Content-Length: 0
Date: Sun, 05 Feb 2023 06:04:48 GMT
ia.51.la/go1?id=21278761&rt=1675577125511&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1675577125511&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx3.zhgmjglh808k.com%252F&pu=http%253A%252F%252Fwww.dolapcim.com%252F
183.240.166.133200 0 B URL HTTP/1.1 ia.51.la/go1?id=21278761&rt=1675577125511&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1675577125511&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx3.zhgmjglh808k.com%252F&pu=http%253A%252F%252Fwww.dolapcim.com%252F
IP 183.240.166.133:0
ASN #56040 China Mobile communications corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21278761&rt=1675577125511&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1675577125511&tt=shebiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx3.zhgmjglh808k.com%252F&pu=http%253A%252F%252Fwww.dolapcim.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Content-Length: 0
Date: Sun, 05 Feb 2023 06:04:48 GMT
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash eab430c3553acdcb4db0030d0a3a8064
0a50448ea5f6327c82c413c9321948e42746b8e5
0a6c6d7caf6c77d4c72ea598682d0038bd0c10f82e5b2e032e08a71f19b5a4f4
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sun, 05 Feb 2023 06:04:47 GMT
Etag: bfa549644f356f08083ffdfa9f96d42e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=56F4D5747A693E4C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1047630572&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.dolapcim.com%2F&v=1.3.0&lv=1&sn=43783&r=0&ww=1268&u=https%3A%2F%2Fklx3.zhgmjglh808k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1047630572&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.dolapcim.com%2F&v=1.3.0&lv=1&sn=43783&r=0&ww=1268&u=https%3A%2F%2Fklx3.zhgmjglh808k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1047630572&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.dolapcim.com%2F&v=1.3.0&lv=1&sn=43783&r=0&ww=1268&u=https%3A%2F%2Fklx3.zhgmjglh808k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 05 Feb 2023 06:04:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4018FC9E8A6FEA1A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash f79bb5aaab19722720bc34c95bd6b532
de2f7934613632a1c05e761f59669ff1c0ee5610
c376c3aff4d98662017c40a20f56b8df6e687b98624acb4ff1ae3dd4e220b0a6
GET /hm.js?1138ebd140b7eb3f7d7147d4a8915456 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: bfa549644f356f08083ffdfa9f96d42e
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sun, 05 Feb 2023 06:04:48 GMT
Etag: 9ef095f549af2c0bd3475f50eac069ed
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FCCC7BF3D63E6738; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1675577128&rnd=1962101909&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.dolapcim.com%2F&v=1.3.0&lv=2&sn=43783&r=0&ww=1268&u=https%3A%2F%2Fklx3.zhgmjglh808k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1675577128&rnd=1962101909&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.dolapcim.com%2F&v=1.3.0&lv=2&sn=43783&r=0&ww=1268&u=https%3A%2F%2Fklx3.zhgmjglh808k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0<=1675577128&rnd=1962101909&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.dolapcim.com%2F&v=1.3.0&lv=2&sn=43783&r=0&ww=1268&u=https%3A%2F%2Fklx3.zhgmjglh808k.com%2F&tt=shebiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 05 Feb 2023 06:04:49 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=AC2EF241300BC218; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
sb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/dh.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 07:02:31 GMT
vary: Accept-Encoding
etag: W/"63dcb187-19c0"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abMUAo7gOHzexIkBD%2BJlCNVbtmuSHIC3GfKLPSAa8OtDv%2BI1KwZGQeLUKjXqOnbV4Nx2NHSjIjpNWPO42N05FVSCol3ZAklf6hxHrFXfMW730P293rRRqqeRkAh2xfaCdzBlmG77"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79497351598eb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/xx3.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 08:48:16 GMT
etag: W/"63ca5550-136"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cq7SFC%2Fp%2FtTkbd17vvih8UsQUkUE7yu2PnTMPbaNFteeYDb4qvy6sXahcHfKHmBJNjbt75eR4bnDhgeqjxoDnn8HyjDObd7zbMiBOjjeoygkAUd2htP%2B73yUEz6IRiwYp4J%2BmkiH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79497351195eb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
klx3.zhgmjglh808k.com/
104.21.46.182200 OK 0 B IP 104.21.46.182:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: klx3.zhgmjglh808k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dolapcim.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:44 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryj3tbjqxsDtgzXJ3iZVNPLG3AspT4FQRpPdfgY%2BLrB37Zec3fs2jhn9GT5F3AesMEJsSdqlT6HK0racSzxjLt5thLyP6ij85czs8w378CfRzgZsDKGFPAlaGMdo0ug5y1oPBgcg2xs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949734af8d7b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/251.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 08:48:37 GMT
vary: Accept-Encoding
etag: W/"63ca5565-427"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6%2BIA6CCF%2FLxYq%2FBg66WEGXdPsiCpVQsKw5bhYH8IVB33%2BcJcwSSPulEiSp6fbnw%2Fj4yWSdiDAyCTEafjU2D7RrH2zudcjhNRCyn8TmARiie2XvCHUEoSXfYRqpXOVOYgVVW4Z4X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794973511955b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/wz.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 07:02:12 GMT
etag: W/"63dcb174-1aa"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6I5hXN%2Bz%2FDhFbFdGFp3dtCZzhUlzLkg4SGXgjvBzajEJmJ5fV2tCo7PY6oaq44ysfo%2FYYDEn38rqYsxQxNoBrsE5vvfnIXcSegKatKlLAzuzPxTUMN5eUjz7ixQUN2AgsTTbhLN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79497351195bb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/dh1.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 08:47:05 GMT
vary: Accept-Encoding
etag: W/"633d4489-972"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FcKNV%2FF3Py%2BoTX2NG0ggtibusEUxMQjQ9Av1t7GzcbZzZcHT5Oz6I6qp1HyvF4Z%2Fx%2Fgx6xJu2eKB0UmXy2HD6Zz%2B2bnuUI2HGeZgvKbw%2FAEdZ9N2TCB5gV9cuXkQK6vzIhGcgPL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794973511953b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/foot.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 04:14:38 GMT
vary: Accept-Encoding
etag: W/"62cf982e-449"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7E8fnzxbJI1cXrGoS%2BpqKdP1oF2Hm%2Fm6JaWPU%2F0OZTLQpQrh2QArPfThDmb0fZmkv9dHSetiyPGq%2BBapbgNmGV04wUQhiPyeO%2BO0o%2FwqlQR0%2FKJkSjnXYGPWyX7I2yvYAYfpUox"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79497351195fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/wz1.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 07:02:04 GMT
etag: W/"63dcb16c-1bb"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLoYZuA7iHW3n6Ux%2Ftvy0RZRsVKG%2F%2BHMc0QoyELneINarl6cd2u7hZAIWVxT%2BkRRJ6nLyXBVUq%2BlDEp50U%2B6AyD6iyQ59MNR3MdQ1KgJMFpMzZa%2BzPikIZssITGfRjHmQpcPam4Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79497351195cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/250.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 07:03:18 GMT
etag: W/"63dcb1b6-3ff"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDgz42lCjRQqHG3Yp4QjkG4qGuq1LYeEUAzw8NnTthT2yb6ECuJAOo3bTrF8ZrTonVDQclHTxRTywqJ8Du8Me8nVLLu4WWW4MeQohJVzLipXJC%2Fqo60oNfnF9TmT%2B5%2Bdg2QIj%2Frp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79497351397ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/xx2.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 08:48:14 GMT
etag: W/"63ca554e-136"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzQ5oajhFm5oc1ZtFr3OdsM5KF4Zu4QXhZg34WGVTJ3%2BRlPax92QjgfyxsZPDQMu4LYUjkRbSJpM6YIp19x1M5IAdrjSWqYJL4xnrtrLbHsqAtiHR%2FFRGBXeKD4rsXSC0%2FAysfwY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79497351598ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/zylm.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 04:14:42 GMT
etag: W/"62cf9832-3b7"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDw34bD5%2BJRxIiylczi%2BRa3SJvGQC%2B92ZNYwgknEfdzpv%2BLhQgyY%2FVayVEzPJButQTTwfziUSTlhVAGnRw5AuV6MxQXFC5UCmCbbNjiT92lUuQ9%2BRbJTImsKlCHp6RuSZxXVhaI%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79497351195db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
188.114.97.1200 OK 0 B URL HTTP/2 sb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
IP 188.114.97.1:0
GET /yPS7hqfHgkFauS2djb/xx1.js HTTP/1.1
Host: sb.learning8809.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klx3.zhgmjglh808k.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:04:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 08:48:10 GMT
vary: Accept-Encoding
etag: W/"63ca554a-407"
expires: Sun, 05 Feb 2023 06:48:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 40588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmFLprZP1wG%2F4QyHmXSFkT%2BxuTJme9UVMbO361Lf6%2BCvY2Xc%2BQ2B8xli3Wy0LD%2BPg5cyAdsow8Haq6BKF95N09paVYM%2F6k0uANA3fVRtalEQAEEyV%2FiDRlgrJdOHIm7ljM1ykah9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794973512979b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2