firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 23:15:28 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8SGR39NReT2_KCAsvX7NZUbXSWG9CjnF4Y1DQLFqsfM-VtDOSPSW3A==
Age: 887
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7868
Expires: Tue, 27 Sep 2022 01:41:23 GMT
Date: Mon, 26 Sep 2022 23:30:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3753
Expires: Tue, 27 Sep 2022 00:32:48 GMT
Date: Mon, 26 Sep 2022 23:30:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OJejOzXwaZPEE6TBFv7I1Kt8R04I+7EwfPJ3+XSZSXOvQoJQBOV/RDRb2n+Eal4VI3X2vJbkboZOBTFMTNOSEA==
x-amz-request-id: KP7CG275NFK9XVAY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 22:46:32 GMT
age: 2623
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
av.jc-jk.cyou/v/s:/javshare.pro/tube/127516/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0-%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81.html/title/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0%20%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81%20tube%20porn%20video
172.67.175.29200 OK 8.9 kB URL HTTP/1.1 av.jc-jk.cyou/v/s:/javshare.pro/tube/127516/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0-%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81.html/title/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0%20%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81%20tube%20porn%20video
IP 172.67.175.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10375), with CRLF line terminators
Hash 22d8d845b02edb6f6583f6771734ce10
457b1f1ad2e013853cebe751dfbe9a72570bbd3b
03938ee0cc495d52dd06bc063e4f2adfe11476e241157b17fa05e9dc64b101f8
GET /v/s:/javshare.pro/tube/127516/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0-%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81.html/title/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0%20%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81%20tube%20porn%20video HTTP/1.1
Host: av.jc-jk.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 23:30:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-av.jc-jk.cyou127.0.0.1-myhost-av.jc-jk.cyou127.0.0.1/v/s://javshare.pro/tube/127516/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0-%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81.html/title/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0%20%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81%20tube%20porn%20video
phost: av.jc-jk.cyou
line1066: notjp--myhost-av.jc-jk.cyou-filteron-
pdo106: feedvid-, cachefileb-cacpdo6/9a/37/b1af140, lfm-1-9, lmd-9, lud-884993, xfvlen-1107191, fsize-258744, played-105
pdophp-line405: -; cachetime- 14028.207108402; ctime- 20220917034134
pdoline1591: sarray-0Thai
pdoline1654: notjp-: fvkwcnt-6054
pdoline1658: notjp-: fvkwcnt-6054
pdo-line1942: $i-43$load-0.874375
Cache-Control: public, max-age=23937
genre: genre=
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: MISS
Xkey-5950: av.jc-jk.cyou/v/s:/javshare.pro/tube/127516/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0-%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81.html/title/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0%20%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81%20tube%20porn%20video-B-av.jc-jk.cyou-av.jc-jk.cyou-ssdzone---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp: av.jc-jk.cyou/v/s:/javshare.pro/tube/127516/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0-%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81.html/title/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0%20%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81%20tube%20porn%20video-B-av.jc-jk.cyou--my_zone
CF-Cache-Status: MISS
Last-Modified: Mon, 26 Sep 2022 23:30:15 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QS6iSLWqWxtVP3f51nYwaSDkOw%2FUAiJiewOcKLB4ZkaNIxwUAjIb0KQ756rlyyZLyaOiKmsQJSRbXGpum9u6yedPN1WbT2IINqn2voinkBgy6prjJY8PAtnqTcHvRY3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750fc94e2ca61c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 23:30:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
av.jc-jk.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.175.29200 OK 655 B URL HTTP/1.1 av.jc-jk.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.175.29:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: av.jc-jk.cyou
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.jc-jk.cyou/v/s:/javshare.pro/tube/127516/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0-%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81.html/title/%E0%B9%81%E0%B8%AD%E0%B8%9A%E0%B8%96%E0%B9%88%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%8A%E0%B8%B8%E0%B8%94%E0%B8%9E%E0%B8%A5%E0%B8%B0%20%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B2%E0%B8%81%20tube%20porn%20video
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 23:30:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:11:52 GMT
ETag: W/"633188f8-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALjVoPAmtiHiTnJkKk7oZVRn8IKp3IAFgVPFcr%2F8tgSXqHv1DcseA%2Bl6A5Kw5awXgmY7p5bk7%2Fh2SsBXMI4mKwMQ1dwsgzxNtpteYaUWIA5%2BsewO6eNlY5fGkoNSLNPk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750fc9521fad1c0a-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 28 Sep 2022 23:30:16 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
pdn.javshare.pro/thumbs/000/127/127516/127516_320x180.jpg
104.21.95.131200 OK 16 kB URL HTTP/2 pdn.javshare.pro/thumbs/000/127/127516/127516_320x180.jpg
IP 104.21.95.131:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 5c02461d8420c47497963802b2ac1746
364f6bab7785dc798e80542e5cbeac9ef09de07d
d985a92fdb6ad967c99702a5d4fd43e5e5d931c0b72f3ec1954efc1154bf84f2
GET /thumbs/000/127/127516/127516_320x180.jpg HTTP/1.1
Host: pdn.javshare.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.jc-jk.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:16 GMT
content-type: image/jpeg
content-length: 15648
last-modified: Thu, 02 Jun 2022 16:55:35 GMT
etag: 5c02461d8420c47497963802b2ac1746
x-timestamp: 1654188934.64027
x-trans-id: tx0017a5874a1846a090917-0062bc6560
x-openstack-request-id: tx0017a5874a1846a090917-0062bc6560
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 27 Sep 2022 22:08:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
cf-cache-status: HIT
age: 91331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMGH4OTs0yD82Ydguqfwp5DnLjqkddzc4rXygYQUGp3pcPVFVlGW%2BTWG4E7wjZvisNDIB2MDWlszXirDlGbbJz3fKOueHuF18ukoDXORRW1JSxNjfpXDnunwhlrLWdOMqPQ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750fc95268780afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f77187a801b1a987e128e57a79a09ac8
ed53b4fddf1ffd9a5c3bbc83bc8fdc4e54a32e71
f6d82880a02e84fc37eab63369e833509697af25d18003de1646a99c43bc9ce2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5677
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:16 GMT
Last-Modified: Mon, 26 Sep 2022 21:55:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f77187a801b1a987e128e57a79a09ac8
ed53b4fddf1ffd9a5c3bbc83bc8fdc4e54a32e71
f6d82880a02e84fc37eab63369e833509697af25d18003de1646a99c43bc9ce2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:16 GMT
Last-Modified: Mon, 26 Sep 2022 22:33:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f77187a801b1a987e128e57a79a09ac8
ed53b4fddf1ffd9a5c3bbc83bc8fdc4e54a32e71
f6d82880a02e84fc37eab63369e833509697af25d18003de1646a99c43bc9ce2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5677
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:16 GMT
Last-Modified: Mon, 26 Sep 2022 21:55:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 23:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 23:54:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ntrYHDX3oD2gmFbBABMElHmji-eOXDh6kmzVvxCOjmTwQhfn3cvalw==
Age: 1170
cacrip.nakadashi.pw/AV4.us.jpg
172.64.128.21200 OK 8.7 kB URL HTTP/1.1 cacrip.nakadashi.pw/AV4.us.jpg
IP 172.64.128.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3\012- data
Hash edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: cacrip.nakadashi.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.jc-jk.cyou/
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 23:30:16 GMT
Content-Type: image/jpeg
Content-Length: 8741
Connection: keep-alive
ETag: "2225-5499bcea176c0"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=360000
X-Proxy-Cache-5950: HIT
Xkey-5950: cacrip./AV4.us.jpg-A-cacrip.nakadashi.pw--cacpdo0---yes
CF-Cache-Status: HIT
Age: 173087
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qgeUBdxJ0MuZmCdyYHl8XaDQdSLX0SwrQxyCnJvyqQSr3qsa84LW3DVV1pgxInUsMSPM5%2FdmoB35OEy%2BZGcz9OzkugFmwFCO0ah5BecQQ7H16I58pLs94QToAEaOiVXEYvk%2Bow8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750fc9556b9e8895-LHR
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5264
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:16 GMT
Last-Modified: Mon, 26 Sep 2022 22:02:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58dfce41adcda759c89d64b925daf96e
c860e65e59a987caa1655756b9236bba673b994a
a9aa00889709458d74887b7fe589bb187d31ad74a5af3cec5a91c108ab18bc18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9AA00889709458D74887B7FE589BB187D31AD74A5AF3CEC5A91C108AB18BC18"
Last-Modified: Sun, 25 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8890
Expires: Tue, 27 Sep 2022 01:58:26 GMT
Date: Mon, 26 Sep 2022 23:30:16 GMT
Connection: keep-alive
fef761d01d.c97d6e3cf8.com/a68b227f3b5ae66f19abfbeba0747eba/23782?version_name=b
45.133.44.25200 OK 1.4 kB URL HTTP/2 fef761d01d.c97d6e3cf8.com/a68b227f3b5ae66f19abfbeba0747eba/23782?version_name=b
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (1358), with no line terminators
Hash 7d640f0f6892b0462155d747090df7c6
120e85e6799c89b92f8a12061f8932d7c8256f54
2f2465b53ee6c44660e674a0e0eac5957082b502c9fa4629e6b386494a118f09
GET /a68b227f3b5ae66f19abfbeba0747eba/23782?version_name=b HTTP/1.1
Host: fef761d01d.c97d6e3cf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.jc-jk.cyou
Connection: keep-alive
Referer: http://av.jc-jk.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:16 GMT
content-type: application/json
content-length: 1358
server: nginx/1.18.0
cache-control: max-age=300
expires: Mon, 26 Sep 2022 23:35:16 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cn.jpg4.pw/index.php?oldhot=all
45.155.42.223200 OK 8.7 kB URL HTTP/1.1 cn.jpg4.pw/index.php?oldhot=all
IP 45.155.42.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (64201), with CRLF line terminators
Hash ecdc80550c703738ab1d096dda9bbb39
aaa3e871fb6d6d248afe68ccd42ae4998f290dd2
421e4a480efd44e52cbdcf71100d530d24ab10ed9971866e8426191620245d3c
GET /index.php?oldhot=all HTTP/1.1
Host: cn.jpg4.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://av.jc-jk.cyou/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 26 Sep 2022 23:30:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Cake
imghost: 240026512804c008ad763d1c3-h-cnjpg4pwmh-cnjpg4pw--rm26029011b9d47b4/index.php?oldhot=all
55nloadrate: 0.5521875
Cache-Control: max-age=72000, public
Content-Encoding: gzip
Vary: Accept-Encoding
X-Proxy-Cache-la3: HIT
Xkey-la3: jcn./index.php?oldhot=allAno
Xkeylog: jcn./index.php?oldhot=allA
push.services.mozilla.com/
35.83.91.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.91.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e/Z9IIP9OJN/euV296/NtA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: odIA0UEz72YvJdBf4LrRMnCKLMw=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ec04f18f9ba53a258647cb1994c56dd
44549aba550a623a79e9284f6a7336a0ac14d5f2
1c5955f73cf81167388da0fece61394eb650771950961569de842f1e9760e5d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C5955F73CF81167388DA0FECE61394EB650771950961569DE842F1E9760E5D5"
Last-Modified: Sat, 24 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6387
Expires: Tue, 27 Sep 2022 01:16:43 GMT
Date: Mon, 26 Sep 2022 23:30:16 GMT
Connection: keep-alive
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.jc-jk.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Mon, 26 Sep 2022 23:35:16 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f77187a801b1a987e128e57a79a09ac8
ed53b4fddf1ffd9a5c3bbc83bc8fdc4e54a32e71
f6d82880a02e84fc37eab63369e833509697af25d18003de1646a99c43bc9ce2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3436
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:17 GMT
Last-Modified: Mon, 26 Sep 2022 22:33:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f77187a801b1a987e128e57a79a09ac8
ed53b4fddf1ffd9a5c3bbc83bc8fdc4e54a32e71
f6d82880a02e84fc37eab63369e833509697af25d18003de1646a99c43bc9ce2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5678
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:17 GMT
Last-Modified: Mon, 26 Sep 2022 21:55:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
104.17.24.14200 OK 4.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (10613)
Hash 9653b380e66b38af571efdafa5763f0d
835aa2c117b6b3156a3b439ec302ffa268466c55
3181b9ecf39cca87ae50e71c715a2accc9787ac8655edf1d0fc5195bd688b38f
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20990095
expires: Sat, 16 Sep 2023 23:30:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vucFVa38JkjCeL7WDxb5FeB2SGl%2BNRhg4YIyndxQtYyOSOOewd7kWzJizHzdNKZzGAG9TRwRTem7%2BGOXJw3t7PNCZBBS9hNZTvDA%2FM00vU2r79CTKGIrPMzaARwlj30AbeGTQmyD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750fc95ab976fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jsjs.gazo.space/index.php?js=very
104.21.235.170200 OK 6.8 kB URL HTTP/2 jsjs.gazo.space/index.php?js=very
IP 104.21.235.170:0
File type ASCII text, with no line terminators
Hash 25150aa83f113b9b220c053e4d47e292
d0dfdfb80cbc7410cf5e0ae11d6819a1961c450e
bc98c48aa29aff9015f984bb52408d89e509e5bb77aef3ea8ef110d77ecb1624
Analyzer Verdict Alert fortinet Phishing
GET /index.php?js=very HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:17 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: "*"
access-control-allow-headers: Cake
imghost: 2602901a11081183a-h-jsjsgazospacmh--NO-rm2400cb00211024a29959/index.php?js=very
55nloadrate: 0.06875
cache-control: max-age=360000, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWsnTX7p7x5AKFjzwHQEbX%2Fp7BO4HknCXqQmFL8rOPyW3RhYmdcoF9b3pKRNEy7O9p1V0WWaSk5tIjyVpusDEF3a%2ByDvA%2BmT9R3hER4h%2Fh5NAkerxgdZqig%2FWT1hO6JeTnM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750fc9588f820666-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 08:20:49 GMT
expires: Mon, 25 Sep 2023 08:20:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 140968
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jsjs.gazo.space/index.php?js=very
104.21.235.169200 OK 66 kB URL HTTP/2 jsjs.gazo.space/index.php?js=very
IP 104.21.235.169:0
File type ASCII text, with no line terminators
Hash 5f19776253e08a6af5812a942d845c74
6359812ef71dfa1d98546005bbd065b0ac188943
18a8c60e26e4a21df74371468a00457a5627c447ab9af403ff033f8cd41b3e65
Analyzer Verdict Alert fortinet Phishing
GET /index.php?js=very HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.jc-jk.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:16 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: "*"
access-control-allow-headers: Cake
imghost: 2602901a11081183a-h-jsjsgazospacmh--NO-rm2400cb003771024ac465b56/index.php?js=very
55nloadrate: 0.06875
cache-control: max-age=360000, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPvi9RfZkfooCjfX2w4s936eE2CFgqNOLrOtNU5LwQCmjl9T1tyPfjzJb9PM3sJI%2Bg2sFZJpAb1WLkh9H39bJ7HlmA1w9%2B6yZ%2F6AUCsw2SlOBXMMou4tpw%2FTBamwTDgcTrc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750fc952d992718a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-620120-3
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-620120-3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 4d3dba20611a4bdc9176eac4c0bbb61b
7814c266778d356572965d5cb3b9144d424fa9a7
d6661fca51272ba6cc41150e3fbb7244966b948018d5f3492cb515f0ac2ae9e7
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 23:30:17 GMT
expires: Mon, 26 Sep 2022 23:30:17 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 22:12:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash f7a3c1fe493129583ec5a3dc194598f8
1d1a6b428217f5b9a89537aaab85194a35175e0d
c7dfa59c0aaf1ce8c9c5946361621e5b15a0160c3586a831e7c9d1448e4e5440
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 23:30:17 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8719F3E297F39D2C17A9499494584A1770CA5FD4"
Expires: Tue, 27 Sep 2022 10:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2023
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750fc95b49170b39-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 23:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58dfce41adcda759c89d64b925daf96e
c860e65e59a987caa1655756b9236bba673b994a
a9aa00889709458d74887b7fe589bb187d31ad74a5af3cec5a91c108ab18bc18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9AA00889709458D74887B7FE589BB187D31AD74A5AF3CEC5A91C108AB18BC18"
Last-Modified: Sun, 25 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8889
Expires: Tue, 27 Sep 2022 01:58:26 GMT
Date: Mon, 26 Sep 2022 23:30:17 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 97bdae5883c43e46246d6c53784dfa5c
93165164a5746ebf5dc8ab0773dd955c8af68113
f44fcb661584741143a593eb5ea2c8ca6e6cb0c9bdf8cfcd6c9b4037031abda9
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 23:30:17 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 30 Sep 2022 21:53:11 GMT
ETag: "93165164a5746ebf5dc8ab0773dd955c8af68113"
Last-Modified: Mon, 26 Sep 2022 21:53:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1660
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750fc95d39f60b39-OSL
mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fcn.jpg4.pw%2Findex.php%3Foldhot%3Dall&page-ref=http%3A%2F%2Fav.jc-jk.cyou%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hhx5mg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1611327315824%3Ahid%3A1039906223%3Az%3A0%3Ai%3A20220926233015%3Aet%3A1664235016%3Ac%3A1%3Arn%3A825925135%3Arqn%3A1%3Au%3A1664235016456554814%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A60%2C147%2C147%2C1%2C%2C0%2C%2C585%2C%2C%2C%2C%2C%3Ans%3A1664235014615%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664235016%3At%3A%E9%81%8E%E5%8E%BB%E3%81%AE%E4%BA%BA%E6%B0%97%E3%82%AD%E3%83%BC%E3%83%AF%E3%83%BC%E3%83%89%E5%80%89%E5%BA%AB%20Daily%20hot%20search%20phrases%EF%BC%88%E5%BD%93%E6%97%A5%E4%BA%BA%E6%B0%97%E9%A0%86%EF%BC%89&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fcn.jpg4.pw%2Findex.php%3Foldhot%3Dall&page-ref=http%3A%2F%2Fav.jc-jk.cyou%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hhx5mg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1611327315824%3Ahid%3A1039906223%3Az%3A0%3Ai%3A20220926233015%3Aet%3A1664235016%3Ac%3A1%3Arn%3A825925135%3Arqn%3A1%3Au%3A1664235016456554814%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A60%2C147%2C147%2C1%2C%2C0%2C%2C585%2C%2C%2C%2C%2C%3Ans%3A1664235014615%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664235016%3At%3A%E9%81%8E%E5%8E%BB%E3%81%AE%E4%BA%BA%E6%B0%97%E3%82%AD%E3%83%BC%E3%83%AF%E3%83%BC%E3%83%89%E5%80%89%E5%BA%AB%20Daily%20hot%20search%20phrases%EF%BC%88%E5%BD%93%E6%97%A5%E4%BA%BA%E6%B0%97%E9%A0%86%EF%BC%89&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash b760862c6ac9c64edfbee623b9163fb1
4d074610e59a6a65822d17ac83c032b02f0323e3
6457a5b4e00bb0b56676bb286cfbe18f3d68ec80b8ccd3388ba027f2585d5efc
GET /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fcn.jpg4.pw%2Findex.php%3Foldhot%3Dall&page-ref=http%3A%2F%2Fav.jc-jk.cyou%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hhx5mg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1611327315824%3Ahid%3A1039906223%3Az%3A0%3Ai%3A20220926233015%3Aet%3A1664235016%3Ac%3A1%3Arn%3A825925135%3Arqn%3A1%3Au%3A1664235016456554814%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A60%2C147%2C147%2C1%2C%2C0%2C%2C585%2C%2C%2C%2C%2C%3Ans%3A1664235014615%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664235016%3At%3A%E9%81%8E%E5%8E%BB%E3%81%AE%E4%BA%BA%E6%B0%97%E3%82%AD%E3%83%BC%E3%83%AF%E3%83%BC%E3%83%89%E5%80%89%E5%BA%AB%20Daily%20hot%20search%20phrases%EF%BC%88%E5%BD%93%E6%97%A5%E4%BA%BA%E6%B0%97%E9%A0%86%EF%BC%89&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cn.jpg4.pw
Referer: http://cn.jpg4.pw/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Mon, 26 Sep 2022 23:30:17 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://cn.jpg4.pw
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 26-Sep-2022 23:30:17 GMT
last-modified: Mon, 26-Sep-2022 23:30:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 26 Sep 2022 23:30:17 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Tue, 27 Sep 2022 00:30:17 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fef761d01d.c97d6e3cf8.com/a68b227f3b5ae66f19abfbeba0747eba/23782?version_name=c
45.133.44.24200 OK 1.4 kB URL HTTP/2 fef761d01d.c97d6e3cf8.com/a68b227f3b5ae66f19abfbeba0747eba/23782?version_name=c
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (1358), with no line terminators
Hash 7d640f0f6892b0462155d747090df7c6
120e85e6799c89b92f8a12061f8932d7c8256f54
2f2465b53ee6c44660e674a0e0eac5957082b502c9fa4629e6b386494a118f09
GET /a68b227f3b5ae66f19abfbeba0747eba/23782?version_name=c HTTP/1.1
Host: fef761d01d.c97d6e3cf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cn.jpg4.pw
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:17 GMT
content-type: application/json
content-length: 1358
server: nginx/1.18.0
cache-control: max-age=300
expires: Mon, 26 Sep 2022 23:35:17 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ec04f18f9ba53a258647cb1994c56dd
44549aba550a623a79e9284f6a7336a0ac14d5f2
1c5955f73cf81167388da0fece61394eb650771950961569de842f1e9760e5d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C5955F73CF81167388DA0FECE61394EB650771950961569DE842F1E9760E5D5"
Last-Modified: Sat, 24 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Tue, 27 Sep 2022 01:16:43 GMT
Date: Mon, 26 Sep 2022 23:30:17 GMT
Connection: keep-alive
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Mon, 26 Sep 2022 23:35:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10329
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Mon, 26 Sep 2022 23:30:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10329
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Mon, 26 Sep 2022 23:30:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10329
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Mon, 26 Sep 2022 23:30:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10329
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Mon, 26 Sep 2022 23:30:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa70ece15044b7318cb11ae5e37a64e7
04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 36107
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e88b78ede0e4583585d6bb805fb39470
edff303440c5972381295b4b2602bd3f77f6702a
ce55a1ff5c71ec43884b74a08cd32ef75cb0632a91f3fe8b150f5ead499375a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6487
x-amzn-requestid: cd11b94b-24be-4e6d-bce3-a480b2c1cc23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDWDQEYAIAMFetw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633136e1-5fcb76b5408fdfa20ec55dd8;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 05:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GcEH02ZlJM-8wUvNf7K7rK7f1cs6_m4i9UYUNxXUGzcDTEz74JH3cA==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:59:28 GMT
age: 5450
etag: "edff303440c5972381295b4b2602bd3f77f6702a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash efaaa002eb6251769ea6dbf306ced3a1
9f99fa947a603fd6b10ff149e379cd04ad83d27a
238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 28859
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 6060
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.gazo.space/index.php?js=av4&advertisement&
104.21.235.170200 OK 43 kB URL HTTP/2 js.gazo.space/index.php?js=av4&advertisement&
IP 104.21.235.170:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (6448), with CRLF line terminators
Hash 51f148219f5bd33f8ef9d091b941258d
2a349252000dd142e5960949b88a52f10943625f
bd88cacda3f39330aba118287dcc418af197bd6e3fb8057424fe40c1adc24c3e
GET /index.php?js=av4&advertisement& HTTP/1.1
Host: js.gazo.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://av.jc-jk.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:16 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsgazospacmh--GB-rm2400cb003781024ac47b2a4/index.php?js=av4&advertisement&
55nloadrate: 0.6171875
cache-control: public, max-age=7200, s-max-age=1800
vary: Accept-Encoding
cf-cache-status: HIT
age: 789
last-modified: Mon, 26 Sep 2022 23:17:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0v4OgA8xgVb5GeL2BFIcZcHUaJlAoixkJv87%2F9hqPdV6ZLDZ%2Bjzubw%2F83zEZ%2BZxHzUVDHyRCs9xabU1Ua2jdxIcx9pqu%2Fie1uvkYBAG8m6ohJdskA1%2BC5KjooSZgBP7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750fc952e872dd76-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91d97447a6a35813e57d942f685544c4
3b660de9902fbfcf2efb477f40480b08545ebc5f
08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11881
x-amzn-requestid: 4562e550-9c0f-407b-be2a-3c5d8901d444
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2apSEPuIAMF5TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0b08-5c5f052f146d25a7190412d1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:13:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EAiLlHN2h6EPX0idrlQG4TIyGBMt_In0_Tpy79foal99j4xoRasO-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:49 GMT
age: 3989
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=c
116.202.204.12200 OK 1.3 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=c
IP 116.202.204.12:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (1348), with no line terminators
Hash bbda46d2c84fad9040db1c46e3d7ce8b
d3eea78490ac4c91b86c0b3e53f7a785edb247bf
04b9c98709c58e189099978e383a482d90509607e7c883a6efde6a878fd33028
GET /tags?tag_id=23782&timezone_olson=UTC&version_name=c HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cn.jpg4.pw
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 26 Sep 2022 23:30:18 GMT
content-type: application/json
content-length: 1348
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=23782
157.90.84.246204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=23782
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cn.jpg4.pw/
Origin: http://cn.jpg4.pw
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Mon, 26 Sep 2022 23:30:18 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://cn.jpg4.pw
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
fp.metricswpsh.com/fp?tag_id=23782
157.90.84.246200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=23782
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash d8ded99ae3089c609f0f3dfd190a3299
aa378c43d5b8dc4887db4f93f86a319f75731b6f
f5526ab1e5df71c978b3db3ada96990b256be308611834bea29d342b88338000
POST /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22265
Origin: http://cn.jpg4.pw
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 26 Sep 2022 23:30:18 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://cn.jpg4.pw
Set-Cookie: id=6390041328579682911; Expires=Tue, 26 Sep 2023 23:30:18 GMT; Secure; SameSite=None
Vary: Origin
ce49b2810e.cc3f3eedbb.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyNDI1NzE2MzQ3MDQ2MjM4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOC4xIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ2LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiIlRTklODElOEUlRTUlOEUlQkIlRTMlODElQUUlRTQlQkElQkElRTYlQjAlOTclRTMlODIlQUQlRTMlODMlQkMlRTMlODMlQUYlRTMlODMlQkMlRTMlODMlODklRTUlODAlODklRTUlQkElQUIlMkNEYWlseSUyQ2hvdCUyQ3NlYXJjaCUyQ3BocmFzZXMlRUYlQkMlODglRTUlQkQlOTMlRTYlOTclQTUlRTQlQkElQkElRTYlQjAlOTclRTklQTAlODYlRUYlQkMlODklMjAifQ==
45.133.44.24200 OK 0 B URL HTTP/2 ce49b2810e.cc3f3eedbb.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyNDI1NzE2MzQ3MDQ2MjM4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOC4xIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ2LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiIlRTklODElOEUlRTUlOEUlQkIlRTMlODElQUUlRTQlQkElQkElRTYlQjAlOTclRTMlODIlQUQlRTMlODMlQkMlRTMlODMlQUYlRTMlODMlQkMlRTMlODMlODklRTUlODAlODklRTUlQkElQUIlMkNEYWlseSUyQ2hvdCUyQ3NlYXJjaCUyQ3BocmFzZXMlRUYlQkMlODglRTUlQkQlOTMlRTYlOTclQTUlRTQlQkElQkElRTYlQjAlOTclRTklQTAlODYlRUYlQkMlODklMjAifQ==
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyNDI1NzE2MzQ3MDQ2MjM4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOC4xIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ2LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiIlRTklODElOEUlRTUlOEUlQkIlRTMlODElQUUlRTQlQkElQkElRTYlQjAlOTclRTMlODIlQUQlRTMlODMlQkMlRTMlODMlQUYlRTMlODMlQkMlRTMlODMlODklRTUlODAlODklRTUlQkElQUIlMkNEYWlseSUyQ2hvdCUyQ3NlYXJjaCUyQ3BocmFzZXMlRUYlQkMlODglRTUlQkQlOTMlRTYlOTclQTUlRTQlQkElQkElRTYlQjAlOTclRTklQTAlODYlRUYlQkMlODklMjAifQ== HTTP/1.1
Host: ce49b2810e.cc3f3eedbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cn.jpg4.pw
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:18 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7dce4cdef529f023d7a162c96135a07d
b6cb3258ea1bb516b2f3422e3b6a5cba8b75c858
8cd7e63f4f9919835db232ac49e825233c0ab259e4ccfa84445d705aab2d7b5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CD7E63F4F9919835DB232AC49E825233C0AB259E4CCFA84445D705AAB2D7B5C"
Last-Modified: Sun, 25 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14989
Expires: Tue, 27 Sep 2022 03:40:07 GMT
Date: Mon, 26 Sep 2022 23:30:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7dce4cdef529f023d7a162c96135a07d
b6cb3258ea1bb516b2f3422e3b6a5cba8b75c858
8cd7e63f4f9919835db232ac49e825233c0ab259e4ccfa84445d705aab2d7b5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CD7E63F4F9919835DB232AC49E825233C0AB259E4CCFA84445D705AAB2D7B5C"
Last-Modified: Sun, 25 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14989
Expires: Tue, 27 Sep 2022 03:40:07 GMT
Date: Mon, 26 Sep 2022 23:30:18 GMT
Connection: keep-alive
e1de143963.cc3f3eedbb.com/in/multy
168.119.25.22204 No Content 0 B URL HTTP/2 e1de143963.cc3f3eedbb.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: e1de143963.cc3f3eedbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cn.jpg4.pw/
Origin: http://cn.jpg4.pw
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.18.0
date: Mon, 26 Sep 2022 23:30:18 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=1&event_id=3a7b59b7-b8e8-47bb-b10c-4d4176374056&subid=809032184&sid=1197448281&spot_id=17050&created_at=2022-09-26&timezone=0&ver=7.3.0&is_native=1
168.119.25.22200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=3a7b59b7-b8e8-47bb-b10c-4d4176374056&subid=809032184&sid=1197448281&spot_id=17050&created_at=2022-09-26&timezone=0&ver=7.3.0&is_native=1
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=3a7b59b7-b8e8-47bb-b10c-4d4176374056&subid=809032184&sid=1197448281&spot_id=17050&created_at=2022-09-26&timezone=0&ver=7.3.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cn.jpg4.pw
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 26 Sep 2022 23:30:18 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
cn.jpg4.pw/favicon.ico
45.155.42.223404 Not Found 209 B IP 45.155.42.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
GET /favicon.ico HTTP/1.1
Host: cn.jpg4.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cn.jpg4.pw/index.php?oldhot=all
Cookie: cnt=0; _ym_uid=1664235016456554814; _ym_d=1664235016
HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Mon, 26 Sep 2022 23:30:19 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 209
Connection: close
e1de143963.cc3f3eedbb.com/in/multy
168.119.25.22200 OK 10 kB URL HTTP/2 e1de143963.cc3f3eedbb.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10055), with no line terminators
Hash 55e6ba50a6826c42584707153e1f52c7
5d530ca2090a57d73b01c193ca1a447fb42f32a1
88051afdf225e755397e277a332a3aa96920fc0a99725e9f6d348da4c90f852a
POST /in/multy HTTP/1.1
Host: e1de143963.cc3f3eedbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 854
Origin: http://cn.jpg4.pw
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 26 Sep 2022 23:30:19 GMT
content-type: application/json
content-length: 10057
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
e1de143963.cc3f3eedbb.com/in/show/?mid=1215767648&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1197448281&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.3.0&ver_c=&refdom=cn.jpg4.pw&hostname=auc-inpage-hz-2-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-09-26&is_native=4&auction_queue=0&burl=fsabvvegKVxZHzZ4lE5m2FyFPYaFkLG1W-YTFm2nQEBb4o6ZYofGUA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=0&adblock=0&auction_host=dch&mm=0&yc=0&render_type=hq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB25-3&min_cpm=0&placement_type_id=&skin_test=1&verify_hash=3df50d2c610547d416893dfbd8ea9136&score=38.13162169264624&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fcn.jpg4.pw%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0&v2_track=0&url=j76eNfq4nqElfs-VvSVwVkQhUXdT85xk31Fkvwpi7hY3MnAYR_DU5tPCZZI-mlS3Fl2dry21s17Uu-u2pMVS7sEG6hU-GJgu0X-izmWsoa6KTZWPyffl5Uc5R5fh_HL9MRh60tw_G6IB58pThWkJ4-hP73uuQO6f9es0dm1sYytIr_wLfg&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=29&vertical_id=0&real_bid=0&pr=av.jc-jk.cyou&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=&mlc=1&format=utilityBottomAlarm-slide-b_r-body&mlf=1&cpa=49d22358-674d-42bd-af0e-e29bbc58f4ea
168.119.25.22302 Found 0 B URL HTTP/2 e1de143963.cc3f3eedbb.com/in/show/?mid=1215767648&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1197448281&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.3.0&ver_c=&refdom=cn.jpg4.pw&hostname=auc-inpage-hz-2-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-09-26&is_native=4&auction_queue=0&burl=fsabvvegKVxZHzZ4lE5m2FyFPYaFkLG1W-YTFm2nQEBb4o6ZYofGUA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=0&adblock=0&auction_host=dch&mm=0&yc=0&render_type=hq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB25-3&min_cpm=0&placement_type_id=&skin_test=1&verify_hash=3df50d2c610547d416893dfbd8ea9136&score=38.13162169264624&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fcn.jpg4.pw%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0&v2_track=0&url=j76eNfq4nqElfs-VvSVwVkQhUXdT85xk31Fkvwpi7hY3MnAYR_DU5tPCZZI-mlS3Fl2dry21s17Uu-u2pMVS7sEG6hU-GJgu0X-izmWsoa6KTZWPyffl5Uc5R5fh_HL9MRh60tw_G6IB58pThWkJ4-hP73uuQO6f9es0dm1sYytIr_wLfg&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=29&vertical_id=0&real_bid=0&pr=av.jc-jk.cyou&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=&mlc=1&format=utilityBottomAlarm-slide-b_r-body&mlf=1&cpa=49d22358-674d-42bd-af0e-e29bbc58f4ea
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=1215767648&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1197448281&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.3.0&ver_c=&refdom=cn.jpg4.pw&hostname=auc-inpage-hz-2-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-09-26&is_native=4&auction_queue=0&burl=fsabvvegKVxZHzZ4lE5m2FyFPYaFkLG1W-YTFm2nQEBb4o6ZYofGUA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=0&adblock=0&auction_host=dch&mm=0&yc=0&render_type=hq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB25-3&min_cpm=0&placement_type_id=&skin_test=1&verify_hash=3df50d2c610547d416893dfbd8ea9136&score=38.13162169264624&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fcn.jpg4.pw%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0&v2_track=0&url=j76eNfq4nqElfs-VvSVwVkQhUXdT85xk31Fkvwpi7hY3MnAYR_DU5tPCZZI-mlS3Fl2dry21s17Uu-u2pMVS7sEG6hU-GJgu0X-izmWsoa6KTZWPyffl5Uc5R5fh_HL9MRh60tw_G6IB58pThWkJ4-hP73uuQO6f9es0dm1sYytIr_wLfg&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=29&vertical_id=0&real_bid=0&pr=av.jc-jk.cyou&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=&mlc=1&format=utilityBottomAlarm-slide-b_r-body&mlf=1&cpa=49d22358-674d-42bd-af0e-e29bbc58f4ea HTTP/1.1
Host: e1de143963.cc3f3eedbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Mon, 26 Sep 2022 23:30:19 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
X-Firefox-Spdy: h2
e1de143963.cc3f3eedbb.com/in/show/?mid=1215767648&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1197448281&cid=12694&price=0&is_cpm=1&cpm=0.038&ecpm=0.03534&crid=3006&crtid=f70aa6a0d437f901eea3e30be1aacaa8&tcid=0&out_id=0&ver=7.3.0&ver_c=&refdom=cn.jpg4.pw&hostname=auc-inpage-hz-2-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664407819&created_at=2022-09-26&is_native=1&auction_queue=0&burl=r3dHI5Wl41FWxMrQLGEA-rAkKw2FFv-L4qkR6ZQNRxHfibVlGrhJMg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7317050&adblock=0&auction_host=dch&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0010488496226927588&placement_type_id=&skin_test=1&verify_hash=a0ecc71e00cec8537344520b3790da51&score=38.13162169264624&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fcn.jpg4.pw%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.038&v2_track=0&url=tbQyz82RIW4zcQKvNjAmaenBf_P4eyNHUWZrjGzJF6xcCYPYTjmaPNTiR1_l_2qbxIbcjvKMhRrUXSA5gWnv9Hcp5IQ2F5cmGvBv7xPBxv2tLw3daorHahwf_65TEEAefrbbe2hXgfjE-0rMSdC_XzP-SBPCvTnKh6Lr25MMClsAbftca1dyUFqfFmMG9cYnY-0V9l7g-z6O1mLPb7MQpPHHuC_9kM2zqADpqWGtHSHjfwRjXNNILylbT978logtWqdDizu-GgpKEY6Ko6naPUB61Sh-YhRM0snRLGqyYco4Fwmf6srBcS256HihHBxbJyfViICLtgINvtV0jVVM2dz3gqE3jVxrfhr5N93nmRtvDG0b4uvRegeyvpTpOxFP8nwCmlT1ff3cL4ss3oirwV0rmtnoToYbXboAMG7m5REC7-JQZIbbRJr2r8h16ndvQF3xT-IqRjoUl9HB9ofyQGMJw28EKCxiLxba68DzdQeAS6IYHAj6es10_134So3QL2cdJB1T05_6zrc96sRI_SVeCX3pzPdOkSEe2w-TOtoI5rrDj0fvQYvMgiqBDO2O31zd6g43hKJs_ug66GlM67WwA2Da4h5PgJZRsHOn-CTBbmhKC_O_M1c9j0Vg8VUG-ABkNKWKYRE_HjbiE4pNmBP8TWV6ooFT1d02Zmyc3ZkqMCFK1jlY-cKAj-DmN1AsOPXqONn72Er-EiVdcP8P2_94VLmReH3RxC3fq6SPaBEdgvmhjLHm5RAXpJ3af9MsOdSX7bLQtaNYX-Ohl3jqpC-W-GhBEnNb-TiYBo1uT1QrlrLVeunoRzVY-Q4-8yV-0OGm97-RxHzNvuieyTFhxUOafMOrCvyWD0_bVe2BAy0ow8_9zj8HKvua72b_HZBAQaf6HaAR67hIIJMcy07iNKKfkTdsoVsYTJmjRwUeXep5uRlRXClF8m1qjysZutSLudsVE0aSfPQz8o_wI4BBRARmv1rioYznHzxRDiLzCWsIBbKYiJbuOjGu9Yu3PRd0V6yqg1ZS955y_n0qqll3udm4QWckVuHNttTq12K1zRhovivcNalfsruyqKYkTN2ZrSbwCMKbHtWt6Ly7_110O0X3RQ2tyAZx065klMeY96KwnyiotykBNltSMAniwuJF7wAroAsrXCC5nbzb2Irz-ljGt61U93qBrIJja9MAWgOC0bjdbjoYdXP6jU8zdDPMpRF8P6Ew3aHYTn_GY-GhjiyKU8L068naJwSVDNQqa0pPv54Qh2oMN_o8vrDMiw7tsOYBHGnTL62TN1tG9KWpz_1C-1XqvCxM37y9aSg8KPFa9sE6Vopk8HoHsqTuz8wr7_I1FY0v8B5SBbgCk8dKvm-MNRB9RgS7KAGNajUddic5P9IhlCIrLcWmUXLFCtDsSIrLZn1AF0f4EFlqVNiQ5tWx3QbJg9KnVCHvhJHAeRFt2AT5GBeNMgGdRKCKWZk5Ihm8HxxIhTq3tfk9Q5bksTvJmj7cJhNKYjj3mjhkdWjA27pExppC-MHDAarDJpk8xaNUMdaEB6wwTJtAfOt7fkVjIjuNUNMhQ2Dieda5ktQ8tbadczBExHITtRsdURBYANVICoA9BHN2Q7tGhHUWTqP5PR7lS_u5xL_AuBKmrjqrFA0-pWVCDTL8ODYiXeFqUMQQHZd__I-CdSqpIHjEk2Bpnd-6Ns_ncT8qj0qjZKn80N-BN0Ud__h_m0XOw2eB2b_AW9VGQDOhvkAxm0TCHM2gZTs&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F374%2F374539%2Fconversions%2FuaDvnmZE-minify.jpg&skin_id=29&vertical_id=0&real_bid=0.03534&pr=av.jc-jk.cyou&user_keywords=&auc_type=1&aid=127&ext_cid=107155&device_theme=light&keywords=&format=utilityBottomAlarm-slide-b_r-body&cpa=07c8fd13-362c-4460-afac-73dc0211e27d
168.119.25.22302 Found 0 B URL HTTP/2 e1de143963.cc3f3eedbb.com/in/show/?mid=1215767648&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1197448281&cid=12694&price=0&is_cpm=1&cpm=0.038&ecpm=0.03534&crid=3006&crtid=f70aa6a0d437f901eea3e30be1aacaa8&tcid=0&out_id=0&ver=7.3.0&ver_c=&refdom=cn.jpg4.pw&hostname=auc-inpage-hz-2-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664407819&created_at=2022-09-26&is_native=1&auction_queue=0&burl=r3dHI5Wl41FWxMrQLGEA-rAkKw2FFv-L4qkR6ZQNRxHfibVlGrhJMg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7317050&adblock=0&auction_host=dch&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0010488496226927588&placement_type_id=&skin_test=1&verify_hash=a0ecc71e00cec8537344520b3790da51&score=38.13162169264624&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fcn.jpg4.pw%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.038&v2_track=0&url=tbQyz82RIW4zcQKvNjAmaenBf_P4eyNHUWZrjGzJF6xcCYPYTjmaPNTiR1_l_2qbxIbcjvKMhRrUXSA5gWnv9Hcp5IQ2F5cmGvBv7xPBxv2tLw3daorHahwf_65TEEAefrbbe2hXgfjE-0rMSdC_XzP-SBPCvTnKh6Lr25MMClsAbftca1dyUFqfFmMG9cYnY-0V9l7g-z6O1mLPb7MQpPHHuC_9kM2zqADpqWGtHSHjfwRjXNNILylbT978logtWqdDizu-GgpKEY6Ko6naPUB61Sh-YhRM0snRLGqyYco4Fwmf6srBcS256HihHBxbJyfViICLtgINvtV0jVVM2dz3gqE3jVxrfhr5N93nmRtvDG0b4uvRegeyvpTpOxFP8nwCmlT1ff3cL4ss3oirwV0rmtnoToYbXboAMG7m5REC7-JQZIbbRJr2r8h16ndvQF3xT-IqRjoUl9HB9ofyQGMJw28EKCxiLxba68DzdQeAS6IYHAj6es10_134So3QL2cdJB1T05_6zrc96sRI_SVeCX3pzPdOkSEe2w-TOtoI5rrDj0fvQYvMgiqBDO2O31zd6g43hKJs_ug66GlM67WwA2Da4h5PgJZRsHOn-CTBbmhKC_O_M1c9j0Vg8VUG-ABkNKWKYRE_HjbiE4pNmBP8TWV6ooFT1d02Zmyc3ZkqMCFK1jlY-cKAj-DmN1AsOPXqONn72Er-EiVdcP8P2_94VLmReH3RxC3fq6SPaBEdgvmhjLHm5RAXpJ3af9MsOdSX7bLQtaNYX-Ohl3jqpC-W-GhBEnNb-TiYBo1uT1QrlrLVeunoRzVY-Q4-8yV-0OGm97-RxHzNvuieyTFhxUOafMOrCvyWD0_bVe2BAy0ow8_9zj8HKvua72b_HZBAQaf6HaAR67hIIJMcy07iNKKfkTdsoVsYTJmjRwUeXep5uRlRXClF8m1qjysZutSLudsVE0aSfPQz8o_wI4BBRARmv1rioYznHzxRDiLzCWsIBbKYiJbuOjGu9Yu3PRd0V6yqg1ZS955y_n0qqll3udm4QWckVuHNttTq12K1zRhovivcNalfsruyqKYkTN2ZrSbwCMKbHtWt6Ly7_110O0X3RQ2tyAZx065klMeY96KwnyiotykBNltSMAniwuJF7wAroAsrXCC5nbzb2Irz-ljGt61U93qBrIJja9MAWgOC0bjdbjoYdXP6jU8zdDPMpRF8P6Ew3aHYTn_GY-GhjiyKU8L068naJwSVDNQqa0pPv54Qh2oMN_o8vrDMiw7tsOYBHGnTL62TN1tG9KWpz_1C-1XqvCxM37y9aSg8KPFa9sE6Vopk8HoHsqTuz8wr7_I1FY0v8B5SBbgCk8dKvm-MNRB9RgS7KAGNajUddic5P9IhlCIrLcWmUXLFCtDsSIrLZn1AF0f4EFlqVNiQ5tWx3QbJg9KnVCHvhJHAeRFt2AT5GBeNMgGdRKCKWZk5Ihm8HxxIhTq3tfk9Q5bksTvJmj7cJhNKYjj3mjhkdWjA27pExppC-MHDAarDJpk8xaNUMdaEB6wwTJtAfOt7fkVjIjuNUNMhQ2Dieda5ktQ8tbadczBExHITtRsdURBYANVICoA9BHN2Q7tGhHUWTqP5PR7lS_u5xL_AuBKmrjqrFA0-pWVCDTL8ODYiXeFqUMQQHZd__I-CdSqpIHjEk2Bpnd-6Ns_ncT8qj0qjZKn80N-BN0Ud__h_m0XOw2eB2b_AW9VGQDOhvkAxm0TCHM2gZTs&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F374%2F374539%2Fconversions%2FuaDvnmZE-minify.jpg&skin_id=29&vertical_id=0&real_bid=0.03534&pr=av.jc-jk.cyou&user_keywords=&auc_type=1&aid=127&ext_cid=107155&device_theme=light&keywords=&format=utilityBottomAlarm-slide-b_r-body&cpa=07c8fd13-362c-4460-afac-73dc0211e27d
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=1215767648&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=809032184&sid=1197448281&cid=12694&price=0&is_cpm=1&cpm=0.038&ecpm=0.03534&crid=3006&crtid=f70aa6a0d437f901eea3e30be1aacaa8&tcid=0&out_id=0&ver=7.3.0&ver_c=&refdom=cn.jpg4.pw&hostname=auc-inpage-hz-2-c&site_id=3117050&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664407819&created_at=2022-09-26&is_native=1&auction_queue=0&burl=r3dHI5Wl41FWxMrQLGEA-rAkKw2FFv-L4qkR6ZQNRxHfibVlGrhJMg&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7317050&adblock=0&auction_host=dch&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0010488496226927588&placement_type_id=&skin_test=1&verify_hash=a0ecc71e00cec8537344520b3790da51&score=38.13162169264624&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fcn.jpg4.pw%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.038&v2_track=0&url=tbQyz82RIW4zcQKvNjAmaenBf_P4eyNHUWZrjGzJF6xcCYPYTjmaPNTiR1_l_2qbxIbcjvKMhRrUXSA5gWnv9Hcp5IQ2F5cmGvBv7xPBxv2tLw3daorHahwf_65TEEAefrbbe2hXgfjE-0rMSdC_XzP-SBPCvTnKh6Lr25MMClsAbftca1dyUFqfFmMG9cYnY-0V9l7g-z6O1mLPb7MQpPHHuC_9kM2zqADpqWGtHSHjfwRjXNNILylbT978logtWqdDizu-GgpKEY6Ko6naPUB61Sh-YhRM0snRLGqyYco4Fwmf6srBcS256HihHBxbJyfViICLtgINvtV0jVVM2dz3gqE3jVxrfhr5N93nmRtvDG0b4uvRegeyvpTpOxFP8nwCmlT1ff3cL4ss3oirwV0rmtnoToYbXboAMG7m5REC7-JQZIbbRJr2r8h16ndvQF3xT-IqRjoUl9HB9ofyQGMJw28EKCxiLxba68DzdQeAS6IYHAj6es10_134So3QL2cdJB1T05_6zrc96sRI_SVeCX3pzPdOkSEe2w-TOtoI5rrDj0fvQYvMgiqBDO2O31zd6g43hKJs_ug66GlM67WwA2Da4h5PgJZRsHOn-CTBbmhKC_O_M1c9j0Vg8VUG-ABkNKWKYRE_HjbiE4pNmBP8TWV6ooFT1d02Zmyc3ZkqMCFK1jlY-cKAj-DmN1AsOPXqONn72Er-EiVdcP8P2_94VLmReH3RxC3fq6SPaBEdgvmhjLHm5RAXpJ3af9MsOdSX7bLQtaNYX-Ohl3jqpC-W-GhBEnNb-TiYBo1uT1QrlrLVeunoRzVY-Q4-8yV-0OGm97-RxHzNvuieyTFhxUOafMOrCvyWD0_bVe2BAy0ow8_9zj8HKvua72b_HZBAQaf6HaAR67hIIJMcy07iNKKfkTdsoVsYTJmjRwUeXep5uRlRXClF8m1qjysZutSLudsVE0aSfPQz8o_wI4BBRARmv1rioYznHzxRDiLzCWsIBbKYiJbuOjGu9Yu3PRd0V6yqg1ZS955y_n0qqll3udm4QWckVuHNttTq12K1zRhovivcNalfsruyqKYkTN2ZrSbwCMKbHtWt6Ly7_110O0X3RQ2tyAZx065klMeY96KwnyiotykBNltSMAniwuJF7wAroAsrXCC5nbzb2Irz-ljGt61U93qBrIJja9MAWgOC0bjdbjoYdXP6jU8zdDPMpRF8P6Ew3aHYTn_GY-GhjiyKU8L068naJwSVDNQqa0pPv54Qh2oMN_o8vrDMiw7tsOYBHGnTL62TN1tG9KWpz_1C-1XqvCxM37y9aSg8KPFa9sE6Vopk8HoHsqTuz8wr7_I1FY0v8B5SBbgCk8dKvm-MNRB9RgS7KAGNajUddic5P9IhlCIrLcWmUXLFCtDsSIrLZn1AF0f4EFlqVNiQ5tWx3QbJg9KnVCHvhJHAeRFt2AT5GBeNMgGdRKCKWZk5Ihm8HxxIhTq3tfk9Q5bksTvJmj7cJhNKYjj3mjhkdWjA27pExppC-MHDAarDJpk8xaNUMdaEB6wwTJtAfOt7fkVjIjuNUNMhQ2Dieda5ktQ8tbadczBExHITtRsdURBYANVICoA9BHN2Q7tGhHUWTqP5PR7lS_u5xL_AuBKmrjqrFA0-pWVCDTL8ODYiXeFqUMQQHZd__I-CdSqpIHjEk2Bpnd-6Ns_ncT8qj0qjZKn80N-BN0Ud__h_m0XOw2eB2b_AW9VGQDOhvkAxm0TCHM2gZTs&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F374%2F374539%2Fconversions%2FuaDvnmZE-minify.jpg&skin_id=29&vertical_id=0&real_bid=0.03534&pr=av.jc-jk.cyou&user_keywords=&auc_type=1&aid=127&ext_cid=107155&device_theme=light&keywords=&format=utilityBottomAlarm-slide-b_r-body&cpa=07c8fd13-362c-4460-afac-73dc0211e27d HTTP/1.1
Host: e1de143963.cc3f3eedbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Mon, 26 Sep 2022 23:30:19 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://pn.bquildna43.site/in/tip_shows/?katds_ep=r2IlM4tf7UW9ytlAaMYQKZNwpL8aMTQiWno1IOIS_zZi76j-CnenXL5CvcjW8yNerJMShm9D_prNHJ1oUMBfBR3QTwYo8VtDYTbtvGXHXgjKmgcfjLgqa-5RoMHRlzbfLTOxm3kIhZC2xH91-jSGixlGqgbCe_gjhbCov1LH77qlnV4VE3R40u11l5Wpknm3SWYuqLG1-K1CXhoToy0WsB58Di4zY1Iki-mcfgYo5UUL4arxKiJAwpR9W7d03WTYVfbBa7z4mOLFX-oRPPyCjZkbjdjNxlafIypcY_MzlfC0MOVuvMIQmCG_hQlnYUEhBrX0NBbxB1BXdtxkQWDVxmBLEhVE9mzR0ahhfCCZ-YqogZHexTs0a0_jtxXyM_vo1AiDToWHUoTJUM7yrzWBUa_4RaYgx-ontnLo_M7GrGP9B3Gdqv1E80exlVC_M5mi2uGMITsGccN13FojmEk1dmhyzha5mkoI5dVPGnQP4rCubjllzK1sGJk2xLuuzQk1B66RnBFbsZvAOBWqL8qyuQuV1wcv_Af5KnfglLGa1rPsSXEzTUQNkV0UXTTc7M-zKrR7Yr3eh3ivRyaw_p3AT-7KzNlbHsnvxhAhyG4o5hf81BY4lwfVnSx2J--jSkk-SmS9yJ9M3T23CJTzCbSxakBQE9YScibBUBoGpIAXfP2BTuaaw9lQj-T5sWP7XGTDeBvcvUMx-6buAsbxiPLohrJBy7LewIk134bug4wJOpSIDiGrWF89ps5hY5sZCSwBzej2tJ5JZm0emseWZUMHrifp2w2TRSNAMo_w3gNZIAx72KrBaWC6Ewh9zyp2I5YoCceGywQjdfrdarOTquRSZLMKZj2G00eCRR_kmiasNAR8Uu-3QNqw841Uy5Ut7xyinHW6KqG43_kXNNC3avh-WWzxsp0XzKnis1wvVO19IsTdPdCMG6H8bWIJlY-xg-wFk8rci0CUmBpSVRcC94dVmAU6UvWzE0q_7GwY-Kc9dcKJmL0K8bqPSo806Bes5nluiLnmOg7i9Vl1ktgVb96Eq8xeC7gyIQogkkEynKDjh3c4EYP_uBiORglAnUzge4zDiBsUejXgWxrTjnSSgJuQ-13ERIUQMWERLLGbypDuI0K7Eb_AL2372VZjdaKP6pORI17aXVGFwxLnhcIatiW7GPo2K98xfdI6T2NkW8l21AN_V4y_p9Wv7zE&sp=${SECOND_PRICE}
X-Firefox-Spdy: h2
pn.bquildna43.site/in/tip_shows/?katds_ep=r2IlM4tf7UW9ytlAaMYQKZNwpL8aMTQiWno1IOIS_zZi76j-CnenXL5CvcjW8yNerJMShm9D_prNHJ1oUMBfBR3QTwYo8VtDYTbtvGXHXgjKmgcfjLgqa-5RoMHRlzbfLTOxm3kIhZC2xH91-jSGixlGqgbCe_gjhbCov1LH77qlnV4VE3R40u11l5Wpknm3SWYuqLG1-K1CXhoToy0WsB58Di4zY1Iki-mcfgYo5UUL4arxKiJAwpR9W7d03WTYVfbBa7z4mOLFX-oRPPyCjZkbjdjNxlafIypcY_MzlfC0MOVuvMIQmCG_hQlnYUEhBrX0NBbxB1BXdtxkQWDVxmBLEhVE9mzR0ahhfCCZ-YqogZHexTs0a0_jtxXyM_vo1AiDToWHUoTJUM7yrzWBUa_4RaYgx-ontnLo_M7GrGP9B3Gdqv1E80exlVC_M5mi2uGMITsGccN13FojmEk1dmhyzha5mkoI5dVPGnQP4rCubjllzK1sGJk2xLuuzQk1B66RnBFbsZvAOBWqL8qyuQuV1wcv_Af5KnfglLGa1rPsSXEzTUQNkV0UXTTc7M-zKrR7Yr3eh3ivRyaw_p3AT-7KzNlbHsnvxhAhyG4o5hf81BY4lwfVnSx2J--jSkk-SmS9yJ9M3T23CJTzCbSxakBQE9YScibBUBoGpIAXfP2BTuaaw9lQj-T5sWP7XGTDeBvcvUMx-6buAsbxiPLohrJBy7LewIk134bug4wJOpSIDiGrWF89ps5hY5sZCSwBzej2tJ5JZm0emseWZUMHrifp2w2TRSNAMo_w3gNZIAx72KrBaWC6Ewh9zyp2I5YoCceGywQjdfrdarOTquRSZLMKZj2G00eCRR_kmiasNAR8Uu-3QNqw841Uy5Ut7xyinHW6KqG43_kXNNC3avh-WWzxsp0XzKnis1wvVO19IsTdPdCMG6H8bWIJlY-xg-wFk8rci0CUmBpSVRcC94dVmAU6UvWzE0q_7GwY-Kc9dcKJmL0K8bqPSo806Bes5nluiLnmOg7i9Vl1ktgVb96Eq8xeC7gyIQogkkEynKDjh3c4EYP_uBiORglAnUzge4zDiBsUejXgWxrTjnSSgJuQ-13ERIUQMWERLLGbypDuI0K7Eb_AL2372VZjdaKP6pORI17aXVGFwxLnhcIatiW7GPo2K98xfdI6T2NkW8l21AN_V4y_p9Wv7zE&sp=${SECOND_PRICE}
104.21.84.94302 Found 0 B URL HTTP/2 pn.bquildna43.site/in/tip_shows/?katds_ep=r2IlM4tf7UW9ytlAaMYQKZNwpL8aMTQiWno1IOIS_zZi76j-CnenXL5CvcjW8yNerJMShm9D_prNHJ1oUMBfBR3QTwYo8VtDYTbtvGXHXgjKmgcfjLgqa-5RoMHRlzbfLTOxm3kIhZC2xH91-jSGixlGqgbCe_gjhbCov1LH77qlnV4VE3R40u11l5Wpknm3SWYuqLG1-K1CXhoToy0WsB58Di4zY1Iki-mcfgYo5UUL4arxKiJAwpR9W7d03WTYVfbBa7z4mOLFX-oRPPyCjZkbjdjNxlafIypcY_MzlfC0MOVuvMIQmCG_hQlnYUEhBrX0NBbxB1BXdtxkQWDVxmBLEhVE9mzR0ahhfCCZ-YqogZHexTs0a0_jtxXyM_vo1AiDToWHUoTJUM7yrzWBUa_4RaYgx-ontnLo_M7GrGP9B3Gdqv1E80exlVC_M5mi2uGMITsGccN13FojmEk1dmhyzha5mkoI5dVPGnQP4rCubjllzK1sGJk2xLuuzQk1B66RnBFbsZvAOBWqL8qyuQuV1wcv_Af5KnfglLGa1rPsSXEzTUQNkV0UXTTc7M-zKrR7Yr3eh3ivRyaw_p3AT-7KzNlbHsnvxhAhyG4o5hf81BY4lwfVnSx2J--jSkk-SmS9yJ9M3T23CJTzCbSxakBQE9YScibBUBoGpIAXfP2BTuaaw9lQj-T5sWP7XGTDeBvcvUMx-6buAsbxiPLohrJBy7LewIk134bug4wJOpSIDiGrWF89ps5hY5sZCSwBzej2tJ5JZm0emseWZUMHrifp2w2TRSNAMo_w3gNZIAx72KrBaWC6Ewh9zyp2I5YoCceGywQjdfrdarOTquRSZLMKZj2G00eCRR_kmiasNAR8Uu-3QNqw841Uy5Ut7xyinHW6KqG43_kXNNC3avh-WWzxsp0XzKnis1wvVO19IsTdPdCMG6H8bWIJlY-xg-wFk8rci0CUmBpSVRcC94dVmAU6UvWzE0q_7GwY-Kc9dcKJmL0K8bqPSo806Bes5nluiLnmOg7i9Vl1ktgVb96Eq8xeC7gyIQogkkEynKDjh3c4EYP_uBiORglAnUzge4zDiBsUejXgWxrTjnSSgJuQ-13ERIUQMWERLLGbypDuI0K7Eb_AL2372VZjdaKP6pORI17aXVGFwxLnhcIatiW7GPo2K98xfdI6T2NkW8l21AN_V4y_p9Wv7zE&sp=${SECOND_PRICE}
IP 104.21.84.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=r2IlM4tf7UW9ytlAaMYQKZNwpL8aMTQiWno1IOIS_zZi76j-CnenXL5CvcjW8yNerJMShm9D_prNHJ1oUMBfBR3QTwYo8VtDYTbtvGXHXgjKmgcfjLgqa-5RoMHRlzbfLTOxm3kIhZC2xH91-jSGixlGqgbCe_gjhbCov1LH77qlnV4VE3R40u11l5Wpknm3SWYuqLG1-K1CXhoToy0WsB58Di4zY1Iki-mcfgYo5UUL4arxKiJAwpR9W7d03WTYVfbBa7z4mOLFX-oRPPyCjZkbjdjNxlafIypcY_MzlfC0MOVuvMIQmCG_hQlnYUEhBrX0NBbxB1BXdtxkQWDVxmBLEhVE9mzR0ahhfCCZ-YqogZHexTs0a0_jtxXyM_vo1AiDToWHUoTJUM7yrzWBUa_4RaYgx-ontnLo_M7GrGP9B3Gdqv1E80exlVC_M5mi2uGMITsGccN13FojmEk1dmhyzha5mkoI5dVPGnQP4rCubjllzK1sGJk2xLuuzQk1B66RnBFbsZvAOBWqL8qyuQuV1wcv_Af5KnfglLGa1rPsSXEzTUQNkV0UXTTc7M-zKrR7Yr3eh3ivRyaw_p3AT-7KzNlbHsnvxhAhyG4o5hf81BY4lwfVnSx2J--jSkk-SmS9yJ9M3T23CJTzCbSxakBQE9YScibBUBoGpIAXfP2BTuaaw9lQj-T5sWP7XGTDeBvcvUMx-6buAsbxiPLohrJBy7LewIk134bug4wJOpSIDiGrWF89ps5hY5sZCSwBzej2tJ5JZm0emseWZUMHrifp2w2TRSNAMo_w3gNZIAx72KrBaWC6Ewh9zyp2I5YoCceGywQjdfrdarOTquRSZLMKZj2G00eCRR_kmiasNAR8Uu-3QNqw841Uy5Ut7xyinHW6KqG43_kXNNC3avh-WWzxsp0XzKnis1wvVO19IsTdPdCMG6H8bWIJlY-xg-wFk8rci0CUmBpSVRcC94dVmAU6UvWzE0q_7GwY-Kc9dcKJmL0K8bqPSo806Bes5nluiLnmOg7i9Vl1ktgVb96Eq8xeC7gyIQogkkEynKDjh3c4EYP_uBiORglAnUzge4zDiBsUejXgWxrTjnSSgJuQ-13ERIUQMWERLLGbypDuI0K7Eb_AL2372VZjdaKP6pORI17aXVGFwxLnhcIatiW7GPo2K98xfdI6T2NkW8l21AN_V4y_p9Wv7zE&sp=${SECOND_PRICE} HTTP/1.1
Host: pn.bquildna43.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cn.jpg4.pw/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 26 Sep 2022 23:30:19 GMT
content-type: application/json
content-length: 0
location: https://12112336.pix-cdn.org/m/p/0/374/374538/conversions/6OTjphwd-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 2357.0=1; expires=Tue, 27 Sep 2022 23:30:20 GMT; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7phODvVt3Ioj7k%2BwIagRd7stEAe0rRmC6uxopKk90Cnn38TdesHiAKej4io0CKQcfvyB9BvriODEOEk5MlZVSFPkOg31ye2gZ9OzLp3lhtnkGGuzcYL3i19585phLBbkPRAmt1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750fc96a4ea5b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
88.198.136.234200 OK 790 B URL HTTP/2 static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
IP 88.198.136.234:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65156a660e465299370ebd90d84aa461
12ff60b17f579a77e42a8be7b6b1892fc71be33d
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
GET /creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 26 Sep 2022 23:30:19 GMT
content-type: image/webp
content-length: 790
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
etag: "5fbd16bb-316"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcf7dbc56cfda047f1f23e341ad9fe69
1b1b322a1f1678b7a85dc673b4fbd653b2162f5f
3450f0c8bec7748d139abb695b5fbd6797fb37b1867ea7b8aba5ac40306ce6eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3450F0C8BEC7748D139ABB695B5FBD6797FB37B1867EA7B8ABA5AC40306CE6EB"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8194
Expires: Tue, 27 Sep 2022 01:46:54 GMT
Date: Mon, 26 Sep 2022 23:30:20 GMT
Connection: keep-alive
12112336.pix-cdn.org/m/p/0/374/374538/conversions/6OTjphwd-minify.jpg
45.133.44.25200 OK 2.9 kB URL HTTP/2 12112336.pix-cdn.org/m/p/0/374/374538/conversions/6OTjphwd-minify.jpg
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3\012- data
Hash 66098442dc8934e8c6f5351e39d40e71
6bdebd9a664636433febe19afd7a5b37bff07126
b264aead392358ee4523a21bdd6726c1ec24c6ff849dbdf07dfd15bc6dedff4e
GET /m/p/0/374/374538/conversions/6OTjphwd-minify.jpg HTTP/1.1
Host: 12112336.pix-cdn.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cn.jpg4.pw/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:20 GMT
content-type: image/jpeg
content-length: 2921
server: nginx/1.12.2
last-modified: Sat, 30 Jul 2022 08:17:53 GMT
etag: "62e4e931-b69"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fef761d01d.c97d6e3cf8.com/cb831d9faa47c6d98edb3a3e7826557e.js
45.133.44.24200 OK 0 B URL HTTP/2 fef761d01d.c97d6e3cf8.com/cb831d9faa47c6d98edb3a3e7826557e.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /cb831d9faa47c6d98edb3a3e7826557e.js HTTP/1.1
Host: fef761d01d.c97d6e3cf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 13 Sep 2022 12:49:57 GMT
etag: W/"63207c75-d220"
content-encoding: gzip
expires: Mon, 26 Sep 2022 23:35:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
fef761d01d.c97d6e3cf8.com/2c6ab0196e7260f46ab88c6588b72658.js
45.133.44.24200 OK 0 B URL HTTP/2 fef761d01d.c97d6e3cf8.com/2c6ab0196e7260f46ab88c6588b72658.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /2c6ab0196e7260f46ab88c6588b72658.js HTTP/1.1
Host: fef761d01d.c97d6e3cf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cn.jpg4.pw
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:17 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 23 Sep 2022 12:39:30 GMT
etag: W/"632da902-15a62"
content-encoding: gzip
expires: Mon, 26 Sep 2022 23:35:17 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
fef761d01d.c97d6e3cf8.com/2c6ab0196e7260f46ab88c6588b72658.js
45.133.44.25200 OK 0 B URL HTTP/2 fef761d01d.c97d6e3cf8.com/2c6ab0196e7260f46ab88c6588b72658.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /2c6ab0196e7260f46ab88c6588b72658.js HTTP/1.1
Host: fef761d01d.c97d6e3cf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://av.jc-jk.cyou
Connection: keep-alive
Referer: http://av.jc-jk.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:16 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 23 Sep 2022 12:39:30 GMT
etag: W/"632da902-15a62"
content-encoding: gzip
expires: Mon, 26 Sep 2022 23:35:16 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.gazo.space/index.php?js=jpg4&aaa2
104.21.235.170200 OK 0 B URL HTTP/2 js.gazo.space/index.php?js=jpg4&aaa2
IP 104.21.235.170:0
GET /index.php?js=jpg4&aaa2 HTTP/1.1
Host: js.gazo.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:17 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsgazospacmh--GB-rm2400cb003781024ac47b2a/index.php?js=jpg4&aaa2
55nloadrate: 0.6146875
cache-control: public, max-age=7200, s-max-age=1800
vary: Accept-Encoding
cf-cache-status: HIT
age: 1585
last-modified: Mon, 26 Sep 2022 23:03:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcaR3R45424BsYzTXQlYNFAV2GTuXn%2BWPVw9BIAzaPgftPh36jF9yQlmMf6Fcr6wPUQAvk9u6zM50cy8CKw3u3C09%2FeJn3y%2BhlISMILxJEsHQWBa1V%2Fdeg6V96qxJLBC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750fc9589df1dd76-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fcn.jpg4.pw%2Findex.php%3Foldhot%3Dall&page-ref=http%3A%2F%2Fav.jc-jk.cyou%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hhx5mg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1611327315824%3Ahid%3A1039906223%3Az%3A0%3Ai%3A20220926233015%3Aet%3A1664235016%3Ac%3A1%3Arn%3A825925135%3Arqn%3A1%3Au%3A1664235016456554814%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A60%2C147%2C147%2C1%2C%2C0%2C%2C585%2C%2C%2C%2C%2C%3Ans%3A1664235014615%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664235016%3At%3A%E9%81%8E%E5%8E%BB%E3%81%AE%E4%BA%BA%E6%B0%97%E3%82%AD%E3%83%BC%E3%83%AF%E3%83%BC%E3%83%89%E5%80%89%E5%BA%AB%20Daily%20hot%20search%20phrases%EF%BC%88%E5%BD%93%E6%97%A5%E4%BA%BA%E6%B0%97%E9%A0%86%EF%BC%89&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fcn.jpg4.pw%2Findex.php%3Foldhot%3Dall&page-ref=http%3A%2F%2Fav.jc-jk.cyou%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hhx5mg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1611327315824%3Ahid%3A1039906223%3Az%3A0%3Ai%3A20220926233015%3Aet%3A1664235016%3Ac%3A1%3Arn%3A825925135%3Arqn%3A1%3Au%3A1664235016456554814%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A60%2C147%2C147%2C1%2C%2C0%2C%2C585%2C%2C%2C%2C%2C%3Ans%3A1664235014615%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664235016%3At%3A%E9%81%8E%E5%8E%BB%E3%81%AE%E4%BA%BA%E6%B0%97%E3%82%AD%E3%83%BC%E3%83%AF%E3%83%BC%E3%83%89%E5%80%89%E5%BA%AB%20Daily%20hot%20search%20phrases%EF%BC%88%E5%BD%93%E6%97%A5%E4%BA%BA%E6%B0%97%E9%A0%86%EF%BC%89&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
GET /watch/48140495?wmode=7&page-url=http%3A%2F%2Fcn.jpg4.pw%2Findex.php%3Foldhot%3Dall&page-ref=http%3A%2F%2Fav.jc-jk.cyou%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hhx5mg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1611327315824%3Ahid%3A1039906223%3Az%3A0%3Ai%3A20220926233015%3Aet%3A1664235016%3Ac%3A1%3Arn%3A825925135%3Arqn%3A1%3Au%3A1664235016456554814%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A60%2C147%2C147%2C1%2C%2C0%2C%2C585%2C%2C%2C%2C%2C%3Ans%3A1664235014615%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664235016%3At%3A%E9%81%8E%E5%8E%BB%E3%81%AE%E4%BA%BA%E6%B0%97%E3%82%AD%E3%83%BC%E3%83%AF%E3%83%BC%E3%83%89%E5%80%89%E5%BA%AB%20Daily%20hot%20search%20phrases%EF%BC%88%E5%BD%93%E6%97%A5%E4%BA%BA%E6%B0%97%E9%A0%86%EF%BC%89&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cn.jpg4.pw
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fcn.jpg4.pw%2Findex.php%3Foldhot%3Dall&page-ref=http%3A%2F%2Fav.jc-jk.cyou%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hhx5mg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1611327315824%3Ahid%3A1039906223%3Az%3A0%3Ai%3A20220926233015%3Aet%3A1664235016%3Ac%3A1%3Arn%3A825925135%3Arqn%3A1%3Au%3A1664235016456554814%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A60%2C147%2C147%2C1%2C%2C0%2C%2C585%2C%2C%2C%2C%2C%3Ans%3A1664235014615%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664235016%3At%3A%E9%81%8E%E5%8E%BB%E3%81%AE%E4%BA%BA%E6%B0%97%E3%82%AD%E3%83%BC%E3%83%AF%E3%83%BC%E3%83%89%E5%80%89%E5%BA%AB%20Daily%20hot%20search%20phrases%EF%BC%88%E5%BD%93%E6%97%A5%E4%BA%BA%E6%B0%97%E9%A0%86%EF%BC%89&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Mon, 26 Sep 2022 23:30:17 GMT
access-control-allow-origin: http://cn.jpg4.pw
set-cookie: yandexuid=6748574951664235017; Expires=Tue, 26-Sep-2023 23:30:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6748574951664235017; Expires=Tue, 26-Sep-2023 23:30:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1336344021664235017; Path=/; SameSite=None; Secure
i=wDwkCOCh2Q5W3fS09O+SKmsdy8XKSJcgjIb+1MHcUysSKWXT08aplof5IHDGtvKG2la/scgoHuq95/0eFwWZaVqSysE=; Expires=Thu, 23-Sep-2032 23:30:01 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695771017.yrts.1664235017#1695771017.yrtsi.1664235017; Expires=Tue, 26-Sep-2023 23:30:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 26-Sep-2022 23:30:17 GMT
last-modified: Mon, 26-Sep-2022 23:30:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fef761d01d.c97d6e3cf8.com/3c834940101ddef3a6116126b423b607.js
45.133.44.24200 OK 0 B URL HTTP/2 fef761d01d.c97d6e3cf8.com/3c834940101ddef3a6116126b423b607.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /3c834940101ddef3a6116126b423b607.js HTTP/1.1
Host: fef761d01d.c97d6e3cf8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cn.jpg4.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 23:30:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 12 Sep 2022 14:09:08 GMT
etag: W/"631f3d84-4185c"
content-encoding: gzip
expires: Mon, 26 Sep 2022 23:35:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2