hzfysb.com/pgcpwdlpgcpwzmypgcpwzaqm/178.html
161.123.128.97301 Moved Permanently 0 B URL HTTP/1.1 hzfysb.com/pgcpwdlpgcpwzmypgcpwzaqm/178.html
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pgcpwdlpgcpwzmypgcpwzaqm/178.html HTTP/1.1
Host: hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 05 Jan 2023 03:06:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.hzfysb.com/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12458
Expires: Thu, 05 Jan 2023 06:36:51 GMT
Date: Thu, 05 Jan 2023 03:09:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Thu, 05 Jan 2023 04:56:15 GMT
Date: Thu, 05 Jan 2023 03:09:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 02:47:48 GMT
content-type: application/json
age: 1285
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 225d42543c0190cdb3686bf236533f4f
13a0940800fce078487372b6b3ca614dd1ab6c31
766bbe15eb1642ac39e9b71669fbb44252471c8de5adb555cd1a76db44fbe7bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "766BBE15EB1642AC39E9B71669FBB44252471C8DE5ADB555CD1A76DB44FBE7BC"
Last-Modified: Mon, 02 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9064
Expires: Thu, 05 Jan 2023 05:40:17 GMT
Date: Thu, 05 Jan 2023 03:09:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: J0CbbmrT4RoBNWl/pqpferv2x08A7mPWtqogVX99nUNE+OKzquByevI04sn1mKP/1ZyURcGKCMg=
x-amz-request-id: G8RWXS07W95P65DJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 02:59:22 GMT
age: 591
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 02:25:03 GMT
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 2651
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3914
Cache-Control: max-age=111771
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 03:09:14 GMT
Etag: "63b541ab-1d7"
Expires: Fri, 06 Jan 2023 10:12:05 GMT
Last-Modified: Wed, 04 Jan 2023 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.hzfysb.com/
161.123.128.97200 OK 64 kB IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1448), with CRLF, LF line terminators
Hash 6ed67e75b09b9f7b9ff0aab7a1208887
a9511a2af90555214559a43dd14346023406c57f
6898d8cab5145240cf60ba90e04aab0339da56e36818858c266e5654e297b13e
GET / HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: text/html
Content-Length: 63971
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
www.hzfysb.com/Aubav/css/av.css
161.123.128.97200 OK 9.7 kB URL HTTP/1.1 www.hzfysb.com/Aubav/css/av.css
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type assembler source text\012- assembler source, Unicode text, UTF-8 text, with very long lines (395), with CRLF line terminators
Hash 9aa1d4503a3b824f5f990c9ef2ef7a2d
66c41c4d2ed89c6bedc5f7a6f0f8c5f144bbc38a
7e92a7bab986e929d70579332d4157d69734e4551e1d787e0688ea083a606862
GET /Aubav/css/av.css HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: text/css
Last-Modified: Fri, 29 Apr 2022 21:45:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626c5c90-9375"
Expires: Thu, 05 Jan 2023 15:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/Aubav/css/style.css
161.123.128.97200 OK 4.6 kB URL HTTP/1.1 www.hzfysb.com/Aubav/css/style.css
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 5c68cf16b14c9ec0de895c86d31822b7
138c0929c34370d55e8c4a81b0e605ebc163513f
58a3529899bb8ff0e3be5faae972fa479536ceea4b061008dc0fe6316d0074ce
GET /Aubav/css/style.css HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: text/css
Last-Modified: Fri, 29 Apr 2022 19:28:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626c3c6e-4158"
Expires: Thu, 05 Jan 2023 15:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
push.services.mozilla.com/
52.38.198.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.198.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pIsRwSmi0xoknjFGC03Phg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uNPiLyPbINebzmneMQ8LaCNlC4U=
www.hzfysb.com/Aubav/js/common.js
161.123.128.97200 OK 5.2 kB URL HTTP/1.1 www.hzfysb.com/Aubav/js/common.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 72ec7ebe20f22c9d1ddb00253b4ea77b
50f6492a5357995a97d6233be839b07975b94118
6d8ec6d3b73b55dd0564e25c66d12b2b5a3567327b7baa9deba37de2fa61a9b0
GET /Aubav/js/common.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 29 Apr 2022 16:32:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626c1314-39ca"
Expires: Thu, 05 Jan 2023 15:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/Aubav/js/jquery.lazyload.js
161.123.128.97200 OK 744 B URL HTTP/1.1 www.hzfysb.com/Aubav/js/jquery.lazyload.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type ASCII text, with very long lines (2230)
Hash 6348619cde36c75bca818e8ac92837ac
f7fe9d84289deda6cd3e182ba5e744c8bc442c4f
c02b12be56711ac7752e9f4842b0b1bd3689fe5f357ed2eca198d8f5c0715d9e
GET /Aubav/js/jquery.lazyload.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 29 Apr 2022 16:32:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626c1316-8b8"
Expires: Thu, 05 Jan 2023 15:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/Aubav/js/tj.js
161.123.128.97200 OK 524 B URL HTTP/1.1 www.hzfysb.com/Aubav/js/tj.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type ASCII text, with CRLF line terminators
Hash 9dad56c825c185e60a86f5fd6c5bc6f2
62dd20c99599f5832bb020ba2126c16c3e8e6a18
28a476ccd9d309b83c7400ab4123d5077ef0b0eccd8f711c9c5c57bc0fee3d85
GET /Aubav/js/tj.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: application/javascript
Content-Length: 524
Last-Modified: Sat, 13 Aug 2022 21:00:30 GMT
Connection: keep-alive
ETag: "62f810ee-20c"
Expires: Thu, 05 Jan 2023 15:06:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.hzfysb.com/Aubav/js/lmsp.js
161.123.128.97200 OK 2.8 kB URL HTTP/1.1 www.hzfysb.com/Aubav/js/lmsp.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type ASCII text, with very long lines (6150), with CRLF line terminators
Hash 0b208e1b91c0485eaf7d68ff0de25a5b
cb4c59df7129e825150a4ee5f281edd099fe434c
009ba838c071783b2ae659b1a71841683280d4e5307614ea3cecaa3d4fd4571e
GET /Aubav/js/lmsp.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Nov 2022 12:45:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637f674d-1808"
Expires: Thu, 05 Jan 2023 15:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/Aubav/css/bootstrap.css
161.123.128.97200 OK 35 kB URL HTTP/1.1 www.hzfysb.com/Aubav/css/bootstrap.css
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 38f827c6d876d5d93c6f138c8bfa8e88
72c00a68076682788f70b28a7995cae244f5a50f
8807581865052432ca7ac0ba9fb9c0db8be25accddef1d2a8953e4c355e4ec4e
GET /Aubav/css/bootstrap.css HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: text/css
Last-Modified: Fri, 29 Apr 2022 21:45:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626c5c90-303c9"
Expires: Thu, 05 Jan 2023 15:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/Aubav/js/jquery.min.js
161.123.128.97200 OK 34 kB URL HTTP/1.1 www.hzfysb.com/Aubav/js/jquery.min.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type ASCII text, with very long lines (32065)
Hash cfeda4a5c603d05deb8bdb48a4f17c45
8184cdfa879fb88526cae17abdfa36e327c819c0
3791a5f1555bea2a3d55195f88710772037d61e9db2195f048650ee238db11b2
GET /Aubav/js/jquery.min.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 29 Apr 2022 16:32:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626c1316-14e4a"
Expires: Thu, 05 Jan 2023 15:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/Aubav/js/pcss.js
161.123.128.97200 OK 484 B URL HTTP/1.1 www.hzfysb.com/Aubav/js/pcss.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 1d783e7710b28ddd157e055a2d86c653
fa35b9599b08b8aa28408df27152fb65fa3ebf00
a759985979c5ce507679cdd700e5dd2dd16309fb79ec79e69b8525e55b1e6201
GET /Aubav/js/pcss.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:03 GMT
Content-Type: application/javascript
Content-Length: 484
Last-Modified: Tue, 26 Jul 2022 13:55:00 GMT
Connection: keep-alive
ETag: "62dff234-1e4"
Expires: Thu, 05 Jan 2023 15:06:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.hzfysb.com/Aubav/js/pcdh.js
161.123.128.97200 OK 710 B URL HTTP/1.1 www.hzfysb.com/Aubav/js/pcdh.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 63707e20e8e398f372f25fb00e6ab09d
e8b9b44883bf3b0b727db4cb7a2eab618dcdf81c
e58aef81ac422740d4bcedc5d702113a715eeb1a19f74a877b85ce989b4bae4b
GET /Aubav/js/pcdh.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:04 GMT
Content-Type: application/javascript
Last-Modified: Tue, 26 Jul 2022 13:55:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62dff234-15fa"
Expires: Thu, 05 Jan 2023 15:06:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/Aubav/js/webdh.js
161.123.128.97200 OK 707 B URL HTTP/1.1 www.hzfysb.com/Aubav/js/webdh.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7395211d59a6867c51bb6f21decf9276
309ce384b74608ffdaf4472e2246e004936e1dc1
e4b20c5822dbdcbf9b7842fedc49bb72de2a12d3589c4f03236bae78f4c21ac8
GET /Aubav/js/webdh.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:04 GMT
Content-Type: application/javascript
Last-Modified: Tue, 26 Jul 2022 13:55:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62dff234-1541"
Expires: Thu, 05 Jan 2023 15:06:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/Aubav/js/webss.js
161.123.128.97200 OK 505 B URL HTTP/1.1 www.hzfysb.com/Aubav/js/webss.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 1272cd64ea29a797207062e7eefcbad1
ed840b8f1715b5ef1cf2921d90cb81993a00a424
ad8ee6749b9445918abcb82404d24432dd2d55e6fd6ada33cd01974d3b4499eb
GET /Aubav/js/webss.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:04 GMT
Content-Type: application/javascript
Content-Length: 505
Last-Modified: Tue, 26 Jul 2022 13:55:00 GMT
Connection: keep-alive
ETag: "62dff234-1f9"
Expires: Thu, 05 Jan 2023 15:06:04 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.hzfysb.com/0mbjs/2800av.js
161.123.128.97200 OK 6.2 kB URL HTTP/1.1 www.hzfysb.com/0mbjs/2800av.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (549), with CRLF line terminators
Hash 7205148f44e809368b98a8189e61c687
83d3ba5179754c11517e89c0346b690fdb0d98fb
4b4d375d9a594fd5fefe7049434f79ecf910242dcdcaeee2488e03f2f5acf697
GET /0mbjs/2800av.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:04 GMT
Content-Type: application/javascript
Last-Modified: Sun, 01 Jan 2023 15:54:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b1accf-8f52"
Expires: Thu, 05 Jan 2023 15:06:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/0mbjs/dl.js
161.123.128.97200 OK 90 B URL HTTP/1.1 www.hzfysb.com/0mbjs/dl.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type HTML document, ASCII text, with no line terminators
Hash ecac61333dcb460c68324877e9a86ae9
1dcb6c4aee2bf4cdd4e3938ff5f190723cab790b
2a2ed1c68a3c81930ac9af4276d4dacd9800280874d3010627907d0682d1b204
GET /0mbjs/dl.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:04 GMT
Content-Type: application/javascript
Content-Length: 90
Last-Modified: Sun, 11 Dec 2022 14:50:13 GMT
Connection: keep-alive
ETag: "6395ee25-5a"
Expires: Thu, 05 Jan 2023 15:06:04 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.hzfysb.com/Aubav/js/ggshipin.js
161.123.128.97200 OK 529 B URL HTTP/1.1 www.hzfysb.com/Aubav/js/ggshipin.js
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 345584e8944b12ef891cf3c75a75f473
017d21ee74fee59ebaa1c9fa26f8d92b3de8cdc6
6cff6e9b586f20a04fdfece8ee7f57eb21d18fd226b257a08f305a44037894ec
GET /Aubav/js/ggshipin.js HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:04 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 16:28:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635ff790-614"
Expires: Thu, 05 Jan 2023 15:06:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.hzfysb.com/0mbjs/dbwz.php
161.123.128.97200 OK 64 kB URL HTTP/1.1 www.hzfysb.com/0mbjs/dbwz.php
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1836), with CRLF, LF line terminators
Hash 115ab9dae1182285a56d0c9badd963c3
ab5048ac36d8882d4d31970529bf3ab13e17ecfa
64615838f337e2e32b70bfb2a8a7137aca190e1ea496bcaa1292695e22bc0f93
GET /0mbjs/dbwz.php HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:04 GMT
Content-Type: text/html
Content-Length: 63636
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
www.hzfysb.com/Aubav/picture/logo.gif
161.123.128.97200 OK 16 kB URL HTTP/1.1 www.hzfysb.com/Aubav/picture/logo.gif
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type GIF image data, version 89a, 150 x 60\012- data
Hash 4c1ee860cc3b76b014525213f9fbbcf1
4e093671edb2bd50abffc24ea12c1d5eb928b145
3f70fd997bc09eecf93d3fe3c188ab22b6350347949502ecb6805927485f343e
GET /Aubav/picture/logo.gif HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:04 GMT
Content-Type: image/gif
Content-Length: 16171
Last-Modified: Fri, 29 Apr 2022 16:32:24 GMT
Connection: keep-alive
ETag: "626c1318-3f2b"
Expires: Sat, 04 Feb 2023 03:06:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.hzfysb.com/Aubav/images/ico.png
161.123.128.97200 OK 52 kB URL HTTP/1.1 www.hzfysb.com/Aubav/images/ico.png
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type PNG image data, 300 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 98e170b7ae2eded24e7a026bd15634b6
79a755a2eb673d3191efa838ae6ab419fd2e0d2b
30484f19a493b0baffc4ce458cea316528936eac24fca39a275755d8f924f1ef
GET /Aubav/images/ico.png HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/Aubav/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:04 GMT
Content-Type: image/png
Content-Length: 52488
Last-Modified: Fri, 29 Apr 2022 16:32:24 GMT
Connection: keep-alive
ETag: "626c1318-cd08"
Expires: Sat, 04 Feb 2023 03:06:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 72cc89f9ec9d515f905cc45f429311f1
ce01f4b3ad4afb1ba32ed46971ca5e7d4523759d
003beca7b51bf91c7321e6e7e3936e49928c72892765b3f6128b94b1f2bc229c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "003BECA7B51BF91C7321E6E7E3936E49928C72892765B3F6128B94B1F2BC229C"
Last-Modified: Tue, 03 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21185
Expires: Thu, 05 Jan 2023 09:02:20 GMT
Date: Thu, 05 Jan 2023 03:09:15 GMT
Connection: keep-alive
kvexx.com/03c3cb047014f05117117e4a924df90d.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/03c3cb047014f05117117e4a924df90d.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 05 Jan 2023 03:09:15 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6fcf461b02f418e4650f5b85e6477616
b4eeeea450e48e3c629218b8083997dad003c9e7
4e5b9b90ddc5f1965230997d4695aff089aff41725acba4b8eb5072eb5774fea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E5B9B90DDC5F1965230997D4695AFF089AFF41725ACBA4B8EB5072EB5774FEA"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19823
Expires: Thu, 05 Jan 2023 08:39:39 GMT
Date: Thu, 05 Jan 2023 03:09:16 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 4a405206d87d23e189dabdf9fe80f687
6568684b9993861f7a1c8c96cce5403a8cbbcfcf
e5e54a2ad02fa4a679c140309afe33e3e03f1b31c08cacc3efdda04618bc1149
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 00:52:12 GMT
ETag: "6568684b9993861f7a1c8c96cce5403a8cbbcfcf"
Last-Modified: Thu, 05 Jan 2023 00:52:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3237
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a27a5fb4fa-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 4a405206d87d23e189dabdf9fe80f687
6568684b9993861f7a1c8c96cce5403a8cbbcfcf
e5e54a2ad02fa4a679c140309afe33e3e03f1b31c08cacc3efdda04618bc1149
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 00:52:12 GMT
ETag: "6568684b9993861f7a1c8c96cce5403a8cbbcfcf"
Last-Modified: Thu, 05 Jan 2023 00:52:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3237
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a27d43b4ed-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 4a405206d87d23e189dabdf9fe80f687
6568684b9993861f7a1c8c96cce5403a8cbbcfcf
e5e54a2ad02fa4a679c140309afe33e3e03f1b31c08cacc3efdda04618bc1149
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 00:52:12 GMT
ETag: "6568684b9993861f7a1c8c96cce5403a8cbbcfcf"
Last-Modified: Thu, 05 Jan 2023 00:52:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3237
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a27b38b51e-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash cab76f07d50e443ecc7760d84fb57057
150c870e3c8d6496cddfef5a2d8d3ab259f5f13d
81bfdeff970b5a1d058d54f827afac9c88410bd1f65f40c506ff57cfea1e50de
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 08 Jan 2023 23:57:33 GMT
ETag: "150c870e3c8d6496cddfef5a2d8d3ab259f5f13d"
Last-Modified: Wed, 04 Jan 2023 23:57:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1816
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a2fba2b51b-OSL
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 37fab754fdc334d0f8c164551a00729c
5bae9cc8480d309672c9392491ab2ccffd485269
da41a327170f8c5fee1dd4f6b730e790310d2b826769d5ee77796f2eda458069
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "DA41A327170F8C5FEE1DD4F6B730E790310D2B826769D5EE77796F2EDA458069"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6021
Expires: Thu, 05 Jan 2023 04:49:37 GMT
Date: Thu, 05 Jan 2023 03:09:16 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash cab76f07d50e443ecc7760d84fb57057
150c870e3c8d6496cddfef5a2d8d3ab259f5f13d
81bfdeff970b5a1d058d54f827afac9c88410bd1f65f40c506ff57cfea1e50de
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 08 Jan 2023 23:57:33 GMT
ETag: "150c870e3c8d6496cddfef5a2d8d3ab259f5f13d"
Last-Modified: Wed, 04 Jan 2023 23:57:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1816
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a30ba4b51b-OSL
files.imgopen.vip/uploads/2022/11/16/6374d5a38969f.gif
188.114.96.1200 OK 870 kB URL HTTP/2 files.imgopen.vip/uploads/2022/11/16/6374d5a38969f.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 870 kB (870423 bytes)
Hash f5e1fc19ff5a3f0971945bbfb6dbfdf8
473e7af31a86cb55c5a2b940b12bb1433358017b
d1f8ffbb0b0e83edc00004a961e8bca403c9dd2f4a889b8cf82dea0650aa3673
GET /uploads/2022/11/16/6374d5a38969f.gif HTTP/1.1
Host: files.imgopen.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 03:09:16 GMT
content-type: image/gif
content-length: 870423
cache-control: max-age=14400
cf-cache-status: HIT
age: 3957
last-modified: Thu, 05 Jan 2023 02:03:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2QDmTPLlpHpM1%2F6NbqiwQ8HZC0m8oqBs5yeHxATWUqFDJN8W1SVvv%2FXfE0eCERynnETwmDzw7MjNTwShgdVxPLMU3Zv5%2FfsTWxe6eP8nXyc4oIY39e0km%2B5jGunWBqqbU5SzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784903a31a7fb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash c9595e24ddc58f72dddb5571b8fc7bb0
e69cef469d0de76319308991e0946c650eb1982a
db774f85d452d5d81145d4b5c7c09aba7ba72e56c9a92d391a260175d8f0dd31
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 08 Jan 2023 23:18:21 GMT
ETag: "e69cef469d0de76319308991e0946c650eb1982a"
Last-Modified: Wed, 04 Jan 2023 23:18:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1322
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a38bcdb51b-OSL
img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
47.246.44.252200 OK 9.2 kB URL HTTP/2 img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
IP 47.246.44.252:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg HTTP/1.1
Host: img.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 9166
date: Tue, 10 May 2022 07:04:29 GMT
last-modified: Fri, 13 Aug 2021 10:28:00 GMT
picasso-ret-code: SUCCESS
request-time: 0.160
expires: Wed, 10 May 2023 07:04:29 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1652166269
via: cache31.l2ot7-1[0,0,200-0,H], cache5.l2ot7-1[1,0], cache1.se1[0,0,200-0,H], cache7.se1[2,0]
access-control-allow-origin: *
age: 20721887
x-cache: HIT TCP_MEM_HIT dirn:11:245941157
x-swift-savetime: Wed, 31 Aug 2022 14:41:30 GMT
x-swift-cachetime: 21745379
s-rt: 2
timing-allow-origin: *
eagleid: 2ff62c9b16728881567206826e
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 14da7fbda83438d9da068354abaced41
6eea8c000c4dc7347cc4d31672a2b865f4111bb1
8342e759662d29dec131f80353d9c6483683bfdd77786074bdb576a7ac10f039
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 10:45:41 GMT
Expires: Tue, 10 Jan 2023 10:45:40 GMT
Etag: "6eea8c000c4dc7347cc4d31672a2b865f4111bb1"
Cache-Control: max-age=458783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784903a26936b50b-OSL
xinchacha2dv.ocsp-certum.com/
95.101.10.107200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 5c5123dd2fd2771129cd386471490ff5
353172f27a9252e99e32ced7cb0ff1b8d952cf02
a7361c9885c8788c6e43a8b36f12269ef67e4cca581d5e5ac22c75f69fe57be6
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=456
Date: Thu, 05 Jan 2023 03:09:16 GMT
Connection: keep-alive
X-N: S
xinchacha2dv.ocsp-certum.com/
95.101.10.107200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash 5c5123dd2fd2771129cd386471490ff5
353172f27a9252e99e32ced7cb0ff1b8d952cf02
a7361c9885c8788c6e43a8b36f12269ef67e4cca581d5e5ac22c75f69fe57be6
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=456
Date: Thu, 05 Jan 2023 03:09:16 GMT
Connection: keep-alive
X-N: S
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12581
Expires: Thu, 05 Jan 2023 06:38:57 GMT
Date: Thu, 05 Jan 2023 03:09:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12581
Expires: Thu, 05 Jan 2023 06:38:57 GMT
Date: Thu, 05 Jan 2023 03:09:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e008157-006e-4fc4-a009-988efdb9c19f.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e008157-006e-4fc4-a009-988efdb9c19f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8be0ecd7647e0d987924b87ff341aaf0
44b7669ac425df3a3212b8c44bb49c8341422057
e4baa8a7c3ac7e057edc5ead61473f8d1eca9c4942fc7d674e57cf79fd9d5711
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e008157-006e-4fc4-a009-988efdb9c19f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: 699d42b6-4512-4db8-a4e3-9635a37054af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eMnz-FZPoAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4ece6-266bef8e32f275ea38badc4b;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 03:05:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FNTY4iKuxoXzbTn4CzBfTUAnMLx4q9A0C3L1U3gczUuaABpnBabnVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 03:26:25 GMT
etag: "44b7669ac425df3a3212b8c44bb49c8341422057"
content-type: image/jpeg
age: 85371
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cecd6a1a228ac55f193a180229d3a33
9e5fd5a101828d5491305deb539dc5836c5b3065
7bbd9e261625c2d2a700a817c2f10b779c8463baacda02f9f34161c08487ca31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8721
x-amzn-requestid: 8e0c9bb9-d00e-47dc-8847-7e94edf1fae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eAA8tEPwIAMF6sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afe1ea-32a8c3572fabb11d35d0ca8c;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:16:58 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: wL4yI6X5FFE7MTEuxkfmgR8OGTxhca6zQBPxJXjiRSAmzYGefL_ZYw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:31:52 GMT
age: 70644
etag: "9e5fd5a101828d5491305deb539dc5836c5b3065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 008614d302ad57bc6502ad5e07652378
968bc262d2939ec6f0dce9d852682c0aaf86d3d7
5eab9a2591f0f9761ba3b90a5a191b79b6326cccb1ee6b586b00dfc1517c8db6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4248
x-amzn-requestid: 17ccfd69-0d12-42ac-b111-059a68735e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCutmF7mIAMFW2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0f7f0-5e1653641a0303815656a578;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 03:03:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nR6vOzio5JonZZq2SZTwpYBaOUlL9Dw5ntz93jS__r16JEGVqc8Xhw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 06:06:12 GMT
age: 75784
etag: "968bc262d2939ec6f0dce9d852682c0aaf86d3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f22f65ce84ef540224278e198edbe5dd
e64e4d49a0a630036019dbb06a8e5a526323975f
ad334d8c521c61a83836cecc0c2b2e19381d361c75a8f79a2c00536fdad5f4df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7329
x-amzn-requestid: 0ffe55a3-cf07-43cd-b4df-4187d2e2686a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVzQFCVIAMFtww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39ce1-1ddb337722ed75aa22e9637a;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:11:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3vR1Lk9_7Cde_rqOrhIxG9afQbr6agHxi2_3lBuSEWmXQAlnW5qokA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 03:36:23 GMT
age: 84773
etag: "e64e4d49a0a630036019dbb06a8e5a526323975f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c820340d5ed98c9573754e3a749bf40c
09d31b45d4cc16c4d321e616e5445d9ba921a1ba
2a69c58358ae763ddef6603f783d7d25c465ff4d3777e6bd540c1b673381813a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8307
x-amzn-requestid: 008b9a75-d739-4c2b-97ee-125dab1961a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eH6EJF0uIAMFd8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b30a1a-3f738a875090ce970fba51f5;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 16:45:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -2r9e3QyrKCQGQVFWS-XL71lb7b3DyO1Svt4tTWZlh6Cnzoo2rnaFg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 02:24:43 GMT
age: 2673
etag: "09d31b45d4cc16c4d321e616e5445d9ba921a1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash c71713ea5f9cf00554575f99be5c98df
d82e068f3cb5daecc3af31296e698f4d720f0a2d
a58e7d80271dfa902e85a4cc232515df56c2e59828cc761ea5669b7bac31bd31
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 08 Jan 2023 23:32:45 GMT
ETag: "d82e068f3cb5daecc3af31296e698f4d720f0a2d"
Last-Modified: Wed, 04 Jan 2023 23:32:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1481
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a42bf6b51b-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cf33ce3c68b01f0c8f73549306ccfbc
621283dc19de9d911c21e75236b7218fd0096909
f5127032147e1659d3c9ad662b54a857c57020bb8daa4fd9974909b91224cdb8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5872
x-amzn-requestid: f0588feb-4ca9-432e-bc7c-ab307d8cc6ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d__SgGluIAMFq_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afdf43-6e144cc95664318821e4830e;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:05:39 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 875SOR1X-4quWSEJiR5x9l9rpVI3JD-oaousZQFF4SnwwM4nXigvqQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:54:01 GMT
age: 69315
etag: "621283dc19de9d911c21e75236b7218fd0096909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2741828acf074a99539807cd53a242cd
18e31684f7b8ece788536d2a89ae2a38fa535a2e
68f40215262806c62e8c1d552812c5574a257e05bc068c0db4ca4d872de286cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68F40215262806C62E8C1D552812C5574A257E05BC068C0DB4CA4D872DE286CD"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2192
Expires: Thu, 05 Jan 2023 03:45:48 GMT
Date: Thu, 05 Jan 2023 03:09:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9c836f586349b3a3967a90cee6e3c939
1abc258819e8a0e1171be99169658c89ed2c2115
eea17fc43e8dd89f6c487fbe6e0f1ef1a012a6e493515724be51512195324b1c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=147481
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 03:09:16 GMT
Etag: "63b5dc75-117"
Expires: Fri, 06 Jan 2023 20:07:17 GMT
Last-Modified: Wed, 04 Jan 2023 20:07:17 GMT
Server: nginx
Content-Length: 279
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash d98dcd92e26b327cf8a8bde371841777
841e5c9ca3a129075f369bfb15f22f8fc178b1a7
2f358feca0386f42930403d8691e448700b16215cd5631f0a947c42360b436a6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 04 Jan 2023 08:36:09 GMT
Expires: Thu, 05 Jan 2023 08:36:09 GMT
ETag: "841e5c9ca3a129075f369bfb15f22f8fc178b1a7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash d98dcd92e26b327cf8a8bde371841777
841e5c9ca3a129075f369bfb15f22f8fc178b1a7
2f358feca0386f42930403d8691e448700b16215cd5631f0a947c42360b436a6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 04 Jan 2023 08:36:09 GMT
Expires: Thu, 05 Jan 2023 08:36:09 GMT
ETag: "841e5c9ca3a129075f369bfb15f22f8fc178b1a7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 37fab754fdc334d0f8c164551a00729c
5bae9cc8480d309672c9392491ab2ccffd485269
da41a327170f8c5fee1dd4f6b730e790310d2b826769d5ee77796f2eda458069
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "DA41A327170F8C5FEE1DD4F6B730E790310D2B826769D5EE77796F2EDA458069"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6021
Expires: Thu, 05 Jan 2023 04:49:37 GMT
Date: Thu, 05 Jan 2023 03:09:16 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 2121b3a94fd931db09f26cf098de19cb
567cc0f937db4ff1d11350e8821345718cda9f5e
d85d56ce32cd72298da097bddc4db17b3b80c8aef34522b528f40cdb220a6c0f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 01:20:09 GMT
ETag: "567cc0f937db4ff1d11350e8821345718cda9f5e"
Last-Modified: Thu, 05 Jan 2023 01:20:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2313
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a4cb4fb4fa-OSL
dg.mzxvib.com/sc/2371?n=pxujphjw
154.23.151.91200 OK 10 kB URL HTTP/1.1 dg.mzxvib.com/sc/2371?n=pxujphjw
IP 154.23.151.91:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type ASCII text, with very long lines (10449), with no line terminators
Hash c979a04fe2bb5dfdf562180751c6adbe
7b6c10cb2c93c407abae400caab44e326406496c
be60d75beafeb73b11388f87bb4b9f68bb4645b79649478e105e60d95c350aa4
GET /sc/2371?n=pxujphjw HTTP/1.1
Host: dg.mzxvib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Pragma: max-age=1800
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 2121b3a94fd931db09f26cf098de19cb
567cc0f937db4ff1d11350e8821345718cda9f5e
d85d56ce32cd72298da097bddc4db17b3b80c8aef34522b528f40cdb220a6c0f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 01:20:09 GMT
ETag: "567cc0f937db4ff1d11350e8821345718cda9f5e"
Last-Modified: Thu, 05 Jan 2023 01:20:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2313
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a4ce2cb4ed-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 2121b3a94fd931db09f26cf098de19cb
567cc0f937db4ff1d11350e8821345718cda9f5e
d85d56ce32cd72298da097bddc4db17b3b80c8aef34522b528f40cdb220a6c0f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 01:20:09 GMT
ETag: "567cc0f937db4ff1d11350e8821345718cda9f5e"
Last-Modified: Thu, 05 Jan 2023 01:20:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2313
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784903a4cbf1b51e-OSL
kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
104.21.234.152200 OK 310 kB URL HTTP/2 kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
IP 104.21.234.152:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 310 kB (310102 bytes)
Hash aaaee07863e1fab7724d3b6698c0b4b3
1f75ba89585a8844a2c1e41625f88bae649be17d
41ac392c3cca5e4434c0f80595838a48338c94f8a9c691d4141c7ecb68acb24e
GET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.hzfysb.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 03:09:16 GMT
content-type: image/gif
content-length: 310102
last-modified: Wed, 13 Jul 2022 15:28:42 GMT
etag: "62cee4aa-4bb56"
expires: Sat, 28 Jan 2023 06:22:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 593223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfMtAffOtsWQPhUcdXugzcBrX%2FLSratogZd7c2OK1%2BSZkxGFtQU%2BSswxH8hanz%2F4bgYNjrg9ZweoZFntnlVjketeEldPXzxRDK2o%2Bfoy1NUPB0qBrYgWq7nmhuhu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784903a4abe3dc39-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9c836f586349b3a3967a90cee6e3c939
1abc258819e8a0e1171be99169658c89ed2c2115
eea17fc43e8dd89f6c487fbe6e0f1ef1a012a6e493515724be51512195324b1c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=147481
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 03:09:17 GMT
Etag: "63b5dc75-117"
Expires: Fri, 06 Jan 2023 20:07:18 GMT
Last-Modified: Wed, 04 Jan 2023 20:07:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
hm.baidu.com/hm.js?09a7bce3abe22a73ac44e44f7c6232ce
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09a7bce3abe22a73ac44e44f7c6232ce
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 83f01b49a50cf51b87ce46c460751e65
0096abb27e61bf09f5c9ee2ff129c63d95ea056b
fa6f31637124b025f3917fd42ac1f38e43311d0177730c1df02f699ae35b6f0e
GET /hm.js?09a7bce3abe22a73ac44e44f7c6232ce HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 03:09:16 GMT
Etag: e2739c8875d7512e7b2badaa7e5a5943
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1F9628BB5768D012; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?8de83389fd2f7c7dccbb80501aa45448
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8de83389fd2f7c7dccbb80501aa45448
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 13af3c1cbb75127d5e576b220ed1dad2
0bb595b4212125048237ae397c26b1a323380bf4
5368e25d8f8f71a5b4ac8a186b5f3f6c3ae9f72e86d951963174d212b467ed2e
GET /hm.js?8de83389fd2f7c7dccbb80501aa45448 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 03:09:16 GMT
Etag: 43d1565dcfadc591ecade70da321181a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7938A4E55CB96803; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d12a67ea1bb5710fdec7e2811cbd950f
7e233d837c8ec4442f8ceb159ab24b954e0df665
9a4bb6166348a7eccc2ed8b366a367175be80e29a77114f73983ea989630b5a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A4BB6166348A7ECCC2ED8B366A367175BE80E29A77114F73983EA989630B5A8"
Last-Modified: Tue, 03 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17887
Expires: Thu, 05 Jan 2023 08:07:24 GMT
Date: Thu, 05 Jan 2023 03:09:17 GMT
Connection: keep-alive
ocsp.sectigochina.com/
172.64.154.39200 OK 600 B IP 172.64.154.39:0
Hash b5162236e7026d5307914e08a82991d2
41dcb6e8b699a6eaa64924afe4c3bb6bb3fc57b9
fe086b5ac5ebfd34aeb947308b3dfe61623a92ab0857a484be44f5b4897c1742
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 14:28:40 GMT
Expires: Wed, 11 Jan 2023 14:28:39 GMT
Etag: "41dcb6e8b699a6eaa64924afe4c3bb6bb3fc57b9"
Cache-Control: max-age=558561,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784903a4cdf9fab4-OSL
ocsp.sectigochina.com/
172.64.154.39200 OK 599 B IP 172.64.154.39:0
Hash 7bca0e63661f6ca98cbe33444d56e5eb
16f0128d377d9f84278f4a06fb4448e5b9b72aa4
4d1e6c906e2cf785f00b25f534722b2265e18e4fa8ddd7efd845b10e67d9ddc1
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 18:59:57 GMT
Expires: Tue, 10 Jan 2023 18:59:56 GMT
Etag: "16f0128d377d9f84278f4a06fb4448e5b9b72aa4"
Cache-Control: max-age=488438,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784903a4c9980b06-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b0b15b3e172b8bdbddbb07ca92b8721f
819678937f962bcf1b8202d05aa957f42bb7193c
212fc5f84d3f252631f3e68045eb41deed763432849ea628631359a223a06d34
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 11:33:07 GMT
Expires: Wed, 11 Jan 2023 11:33:06 GMT
Etag: "819678937f962bcf1b8202d05aa957f42bb7193c"
Cache-Control: max-age=548028,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784903a51fe5b524-OSL
ocsp.buypass.com/
95.101.11.123200 OK 1.7 kB IP 95.101.11.123:0
ASN #20940 Akamai International B.V.
Hash 309cd32499901e66bedf0400fd06c634
c1eddb48f90f873d030a42f39eec8d3496b90ccb
02dad2a03c0548b44612152802bc7f8405a3fb7872ec64a36658a0b0021fbe1d
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 476b7a54-114c-4461-81cd-302a0d386158
Content-Length: 1701
Date: Thu, 05 Jan 2023 03:09:17 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d2fb45eb9e8c21016940ae0b3d5c8acf
a8a8fb13b93d4086395ff036f8e8b1cc93514dc5
c37356b871229b7f4dfbc494fc35341bb056934168b31e0b00f8b2f089e75112
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 15:26:08 GMT
Expires: Mon, 09 Jan 2023 15:26:07 GMT
Etag: "a8a8fb13b93d4086395ff036f8e8b1cc93514dc5"
Cache-Control: max-age=389209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784903a6582bb4eb-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ea3c1c7c709fba644eae037e2f092146
6b809e009047e0e7f6c902a5a32b0b331627ed02
e38af68117d0ba272b6760113d28304f48e6b71e63448a219b090e71b50a94a2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 01:54:30 GMT
Expires: Mon, 09 Jan 2023 01:54:29 GMT
Etag: "6b809e009047e0e7f6c902a5a32b0b331627ed02"
Cache-Control: max-age=340511,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784903a57856fac4-OSL
8499583.com/8499/mi/960x60.gif
23.225.237.35200 OK 291 kB URL HTTP/2 8499583.com/8499/mi/960x60.gif
IP 23.225.237.35:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 291 kB (290572 bytes)
Hash 57aeaeed8e55b2a1e23b348d9d73f9d5
381bc182c18210ba33ebe13cbf8f20f297d33c16
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
GET /8499/mi/960x60.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 03:09:16 GMT
content-type: image/gif
content-length: 290572
last-modified: Sat, 24 Dec 2022 13:22:07 GMT
etag: "46f0c-5f092c9ee847e"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
kg.ijtomh.com/sc/1510?n=htfttuim
154.23.151.41200 OK 11 kB URL HTTP/1.1 kg.ijtomh.com/sc/1510?n=htfttuim
IP 154.23.151.41:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type ASCII text, with very long lines (10551), with no line terminators
Hash 68b9b3355b74335195a598e37e0c55f1
1e557c6fc706b5910da955406a51615a636ddde1
7518ee1dfc7b19c17dc7b90db8de3bce50d134bb703f76ad45c552779fd30d03
GET /sc/1510?n=htfttuim HTTP/1.1
Host: kg.ijtomh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Pragma: max-age=1800
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
13.227.254.101200 OK 400 kB URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 13.227.254.101:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 07:21:53 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 900a893b03bf29fa958d4587d585157e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: M7a1PlNcgN8WGClEogr-mpueyxU3n3fJkwr1br4EhPaHfwNS1zCmwQ==
age: 71244
X-Firefox-Spdy: h2
s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
172.67.69.40200 OK 9.2 kB URL HTTP/2 s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
IP 172.67.69.40:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /2022/05/21/zAxwCKkLnFjlaQ8.jpg HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 03:09:17 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Sat, 21 May 2022 11:42:12 GMT
etag: "6288d014-23ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B02lRhJXYqOvbWqgHeulyfeUClyZ3fmDJe1uDcMcGRCKutpeZ3wadzwXrYh3NZM7EUpvGAmzkJNjiACfAKg9FT182avFWPynfPZASDQbSkhQJw49b6by8U4EOHFY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784903a38d98b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1827384480&si=8de83389fd2f7c7dccbb80501aa45448&v=1.3.0&lv=1&sn=41737&r=0&ww=1280&u=http%3A%2F%2Fwww.hzfysb.com%2F&tt=%E5%9B%BD%E4%BA%A7%E9%BA%BB%E8%B1%86%E4%B8%80%E7%B2%BE%E5%93%81%E4%B8%80AV%E4%B8%80%E5%85%8D%E8%B4%B9%2C%E4%B8%B0%E6%BB%A1%E4%BA%BA%E5%A6%BB%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E8%A7%86%E9%A2%9153%2C%E4%B9%B1%E8%82%89%E5%90%88%E9%9B%86%E4%B9%B1500%E7%AF%87%E5%B0%8F%E8%AF%B4%E4%B8%B9%E4%B8%B9%2CCHINESE%E5%9B%BD%E4%BA%A7%E6%88%90%E4%BA%BAAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1827384480&si=8de83389fd2f7c7dccbb80501aa45448&v=1.3.0&lv=1&sn=41737&r=0&ww=1280&u=http%3A%2F%2Fwww.hzfysb.com%2F&tt=%E5%9B%BD%E4%BA%A7%E9%BA%BB%E8%B1%86%E4%B8%80%E7%B2%BE%E5%93%81%E4%B8%80AV%E4%B8%80%E5%85%8D%E8%B4%B9%2C%E4%B8%B0%E6%BB%A1%E4%BA%BA%E5%A6%BB%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E8%A7%86%E9%A2%9153%2C%E4%B9%B1%E8%82%89%E5%90%88%E9%9B%86%E4%B9%B1500%E7%AF%87%E5%B0%8F%E8%AF%B4%E4%B8%B9%E4%B8%B9%2CCHINESE%E5%9B%BD%E4%BA%A7%E6%88%90%E4%BA%BAAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1827384480&si=8de83389fd2f7c7dccbb80501aa45448&v=1.3.0&lv=1&sn=41737&r=0&ww=1280&u=http%3A%2F%2Fwww.hzfysb.com%2F&tt=%E5%9B%BD%E4%BA%A7%E9%BA%BB%E8%B1%86%E4%B8%80%E7%B2%BE%E5%93%81%E4%B8%80AV%E4%B8%80%E5%85%8D%E8%B4%B9%2C%E4%B8%B0%E6%BB%A1%E4%BA%BA%E5%A6%BB%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E8%A7%86%E9%A2%9153%2C%E4%B9%B1%E8%82%89%E5%90%88%E9%9B%86%E4%B9%B1500%E7%AF%87%E5%B0%8F%E8%AF%B4%E4%B8%B9%E4%B8%B9%2CCHINESE%E5%9B%BD%E4%BA%A7%E6%88%90%E4%BA%BAAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 03:09:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C165062AA0086EA0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1822639405&si=09a7bce3abe22a73ac44e44f7c6232ce&v=1.3.0&lv=1&sn=41737&r=0&ww=1280&u=http%3A%2F%2Fwww.hzfysb.com%2F&tt=%E5%9B%BD%E4%BA%A7%E9%BA%BB%E8%B1%86%E4%B8%80%E7%B2%BE%E5%93%81%E4%B8%80AV%E4%B8%80%E5%85%8D%E8%B4%B9%2C%E4%B8%B0%E6%BB%A1%E4%BA%BA%E5%A6%BB%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E8%A7%86%E9%A2%9153%2C%E4%B9%B1%E8%82%89%E5%90%88%E9%9B%86%E4%B9%B1500%E7%AF%87%E5%B0%8F%E8%AF%B4%E4%B8%B9%E4%B8%B9%2CCHINESE%E5%9B%BD%E4%BA%A7%E6%88%90%E4%BA%BAAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1822639405&si=09a7bce3abe22a73ac44e44f7c6232ce&v=1.3.0&lv=1&sn=41737&r=0&ww=1280&u=http%3A%2F%2Fwww.hzfysb.com%2F&tt=%E5%9B%BD%E4%BA%A7%E9%BA%BB%E8%B1%86%E4%B8%80%E7%B2%BE%E5%93%81%E4%B8%80AV%E4%B8%80%E5%85%8D%E8%B4%B9%2C%E4%B8%B0%E6%BB%A1%E4%BA%BA%E5%A6%BB%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E8%A7%86%E9%A2%9153%2C%E4%B9%B1%E8%82%89%E5%90%88%E9%9B%86%E4%B9%B1500%E7%AF%87%E5%B0%8F%E8%AF%B4%E4%B8%B9%E4%B8%B9%2CCHINESE%E5%9B%BD%E4%BA%A7%E6%88%90%E4%BA%BAAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1822639405&si=09a7bce3abe22a73ac44e44f7c6232ce&v=1.3.0&lv=1&sn=41737&r=0&ww=1280&u=http%3A%2F%2Fwww.hzfysb.com%2F&tt=%E5%9B%BD%E4%BA%A7%E9%BA%BB%E8%B1%86%E4%B8%80%E7%B2%BE%E5%93%81%E4%B8%80AV%E4%B8%80%E5%85%8D%E8%B4%B9%2C%E4%B8%B0%E6%BB%A1%E4%BA%BA%E5%A6%BB%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B8%89%E5%8C%BA%E8%A7%86%E9%A2%9153%2C%E4%B9%B1%E8%82%89%E5%90%88%E9%9B%86%E4%B9%B1500%E7%AF%87%E5%B0%8F%E8%AF%B4%E4%B8%B9%E4%B8%B9%2CCHINESE%E5%9B%BD%E4%BA%A7%E6%88%90%E4%BA%BAAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 03:09:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=24D1615E1CA304B0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kzeoo.com/0e243abb7057b68d7362544cbbe032ba.gif
172.83.155.45200 OK 270 kB URL HTTP/2 kzeoo.com/0e243abb7057b68d7362544cbbe032ba.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 270 kB (270145 bytes)
Hash 2e0432b5ead77702ac433d71c5caeeb4
91f7f7320673eb770bd2b82c82d898fa6ed5de97
63ccf288b83f2c2d1995165c5f15cf3980c947cff737800d8119cdad406d3c7a
GET /0e243abb7057b68d7362544cbbe032ba.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:16 GMT
content-type: image/gif
content-length: 270145
last-modified: Wed, 26 Oct 2022 13:37:18 GMT
etag: "6359380e-41f41"
expires: Thu, 05 Jan 2023 15:09:16 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1674580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuntaulNVEabBrW9f8TPLL0p8XXDDlNeja3Nf1FAVkw5okTIZoThOi8%2FoZ0P%2Bs3fn8psGT1L%2FpT5dWm13tjJuyWJsGCDny42MVplHiozzzh%2BuG8j6yTvlsqc5s2x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f35583084bc561-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
kzeoo.com/145498385d51f6114f01924b07a536b5.gif
172.83.155.45200 OK 419 kB URL HTTP/2 kzeoo.com/145498385d51f6114f01924b07a536b5.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 1000 x 70\012- data
Size 419 kB (419407 bytes)
Hash 1ad3a6e666c8887f86803257e9cd8e60
e2de9f10e84ac7bed0888a6c413f828cd821e363
d7ea8e56a04ae30d7b34c85f2251d385895e999f5f03ecfb03a9a98b4c6f3c92
GET /145498385d51f6114f01924b07a536b5.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:16 GMT
content-type: image/gif
content-length: 419407
last-modified: Tue, 16 Aug 2022 11:20:14 GMT
etag: "62fb7d6e-6664f"
expires: Thu, 05 Jan 2023 15:09:16 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYILmuL8KdrmfnENbto9UmMyBaBkyE53DvWIrs1odwLQhNxIsDDqP8Cyw7ji4%2Fd%2FPVfPdEGyI6b7eyrB2d4iIVHShY0M%2Fbjc%2FC58HgofjewBNhG7si9k3bJwa1f6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f1db98bb3c2766-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
3p8801.co/yy-960x60.gif
107.148.202.17200 OK 37 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644
GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:16 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Sat, 04 Feb 2023 03:09:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/images/2022-12/fe8be621-0064-4f6b-a049-12a9383fb388.gif
218.12.76.169200 OK 118 kB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/fe8be621-0064-4f6b-a049-12a9383fb388.gif
IP 218.12.76.169:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 118 kB (118121 bytes)
Hash caaa592fad00ee9d8db810c6fdf0741d
90c218822bb4e8237f8d7ba5ddf73e63ce80fd13
d8307cc1c162ce82416d8dcc966b31fbe2e6834c0e7eaecf021a98baf1a16083
GET /bbs/topic/images/2022-12/fe8be621-0064-4f6b-a049-12a9383fb388.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: image/gif
Content-Length: 118121
Connection: keep-alive
Server: openresty
Age: 1285389
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "caaa592fad00ee9d8db810c6fdf0741d"
Last-Modified: Wed, 21 Dec 2022 06:06:06 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HEshijiazhuang-AREACUCC1-CACHE29[5],CHN-HEshijiazhuang-AREACUCC1-CACHE45[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE84[273],CHN-TJ-GLOBAL1-CACHE7[267,TCP_MISS,270]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTyHQVjTG8D2o6c582FA8t4+ZByaQ0HW
x-amz-request-id: 00000185334A066E90100F774C8E3CB5
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.39200 OK 864 kB URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.39:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 15:30:45 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 265469026e8f406d053e31b75a003ea2.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: SA9oW0Ae2N7wvPSu5LkHY8pZgHO6P-5Lj8pZdcHnpYuJRvujbQZZSQ==
age: 41912
X-Firefox-Spdy: h2
kveww.com/99462c01e85acc1311bebac224df6cce.gif
13.227.254.95200 OK 845 kB URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP 13.227.254.95:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 845326
last-modified: Thu, 15 Dec 2022 01:49:18 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 07:02:03 GMT
etag: "c3e13dfb200737af2e68b42c07f28465"
x-cache: Hit from cloudfront
via: 1.1 003b6042285e886f3f4d6afd190f633c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: cm9pfqkXQBpC8otxbrYYoCJf-nevO9Avdb2Ijgy_X38lVwYrRK1xZA==
age: 74056
X-Firefox-Spdy: h2
3p8801.co/11-960x60.gif
107.148.202.17200 OK 242 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 242 kB (242091 bytes)
Hash b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:16 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Sat, 04 Feb 2023 03:09:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvegg.com/241ffcf0a5007067dad148a90c317e01.gif
172.83.155.45200 OK 153 kB URL HTTP/2 kvegg.com/241ffcf0a5007067dad148a90c317e01.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 153 kB (152944 bytes)
Hash e123b1db93fe85cdb6fac876a0c8e7e0
a53eefc6b115c80c1a86df90893831449c1b1468
ec066be9d1a0688679676cb0d8c3f307dc358085473c4b3cf1b263db64fa4e2a
GET /241ffcf0a5007067dad148a90c317e01.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:17 GMT
content-type: image/gif
content-length: 152944
last-modified: Tue, 06 Dec 2022 08:43:58 GMT
etag: "638f00ce-25570"
expires: Thu, 05 Jan 2023 15:09:17 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 624282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQO9ZfZ3twPCIHxY7YQkJxikv6Gtt5O43RlmGYxAsMbDxTTOzL1T0hnSsDcm7Ru9rt%2BJR6ktSwsCZLGfVlEq%2Bz6iY30B5p6CM9fXL1AD5%2Bg%2F670KfIbyYiEBlZ1H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f1c295ad2bebcb-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/images/2022-12/78fb8314-2121-440b-b224-da2aef721f77.gif
218.12.76.169200 OK 195 kB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/78fb8314-2121-440b-b224-da2aef721f77.gif
IP 218.12.76.169:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 60\012- data
Size 195 kB (194870 bytes)
Hash 22faef78f01685ac43b1a6d938f7746e
130cbb0e87cb3a603327185e93bb1ba59f89da5b
0b157b36d5e5cb70aac48ba37be2052f1e49e137a7a19d48e86a6209c31b221c
GET /bbs/topic/images/2022-12/78fb8314-2121-440b-b224-da2aef721f77.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: image/gif
Content-Length: 194870
Connection: keep-alive
Server: openresty
Age: 1282917
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "22faef78f01685ac43b1a6d938f7746e"
Last-Modified: Wed, 21 Dec 2022 06:43:26 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HEshijiazhuang-AREACUCC1-CACHE28[2],CHN-HEshijiazhuang-AREACUCC1-CACHE26[0,TCP_HIT,2],CHN-TJ-GLOBAL1-CACHE32[27],CHN-TJ-GLOBAL1-CACHE3[0,TCP_HIT,25]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCShINWKU7aRM+gu4MP/5zj9+sQW2IMbc
x-amz-request-id: 00000185336C329E940F9040F91618A8
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
13.227.254.94200 OK 507 kB URL HTTP/1.1 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 13.227.254.94:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 507 kB (506851 bytes)
Hash 720e80d2a7ff4cf1bbf0b1608c2f35de
bf0a987ac8d4c7728171fe41e5c45b61b45a2f73
e177aeb64efe8103f8af0afc0a768394d970bbe60edcf103a083d56b915c18b1
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 506851
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:08:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 04 Jan 2023 12:30:03 GMT
ETag: "720e80d2a7ff4cf1bbf0b1608c2f35de"
X-Cache: Hit from cloudfront
Via: 1.1 c2e4ac979e01c116ae8349b7d6d1489a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-C3
X-Amz-Cf-Id: i81d9tzpLcnc1O8voro7OK-Ev7PGHJPjApgTVG5jrwyIQvlLnEJFQQ==
Age: 52755
3p8801.co/xx/960x60.gif
107.148.202.17200 OK 582 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 582 kB (582523 bytes)
Hash cad4eee9d07382a2f695b53aae0c2089
66ad44b09567bbbebffa772d2b416cb9f5b2bafb
e3af64bc06d2e37e60ab6ad902668894b1484cf356e7cab9742fee72899c3124
GET /xx/960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:16 GMT
content-type: image/gif
content-length: 582523
last-modified: Wed, 21 Dec 2022 15:24:38 GMT
etag: "63a32536-8e37b"
expires: Sat, 04 Feb 2023 03:09:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
tpkj3333.com/img/k80m/obGVgwik5.gif
66.203.150.232200 OK 94 kB URL HTTP/1.1 tpkj3333.com/img/k80m/obGVgwik5.gif
IP 66.203.150.232:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 80\012- data
Hash db6cbc295f77db52b525875384867503
e693f8a3cad89acf39afc42ef20db1e347b8ea66
a90792768722fc64366ca017ec210b53cae229393c9a9209d18f8d322a7dc727
GET /img/k80m/obGVgwik5.gif HTTP/1.1
Host: tpkj3333.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"321131-1671636520000"
Last-Modified: Wed, 21 Dec 2022 15:28:40 GMT
Expires: Fri, 20 Jan 2023 03:09:17 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
tpkj3333.com/img/k80m/oUf91buXn.gif
66.203.150.232200 OK 116 kB URL HTTP/1.1 tpkj3333.com/img/k80m/oUf91buXn.gif
IP 66.203.150.232:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 116 kB (116350 bytes)
Hash c129990f47a9d062fc459968f33f8a24
298013c1f10015e362c9210de695487d65021df6
2911908116b74363a5887ee3d260fbb8cd6f26d7bc549121e084a2ac17dbd578
GET /img/k80m/oUf91buXn.gif HTTP/1.1
Host: tpkj3333.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"252732-1671358111000"
Last-Modified: Sun, 18 Dec 2022 10:08:31 GMT
Expires: Fri, 20 Jan 2023 03:09:17 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
120.77.166.72200 OK 394 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/js960x80%20.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 394 kB (394237 bytes)
Hash 03123a07739f511b3306d13415cd72b1
6dbf38767657a15b922e4d153f46fe4829e012cb
72b3fa6461c39eace9c154e56b66b437457ecde50ae7c615cd923e442d058cdd
GET /js960x80%20.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: image/gif
Content-Length: 394237
Connection: keep-alive
x-oss-request-id: 63B63F5CB4DCFB34310D9E7B
Accept-Ranges: bytes
ETag: "03123A07739F511B3306D13415CD72B1"
Last-Modified: Tue, 20 Dec 2022 14:44:22 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13376170837400656090
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: AxI6B3OfURszBtE0Fc1ysQ==
x-oss-server-time: 1
n0544.com/64f95d0cba8c44bfb14c1c4821d20a5e.gif
20.222.36.106200 OK 72 kB URL HTTP/1.1 n0544.com/64f95d0cba8c44bfb14c1c4821d20a5e.gif
IP 20.222.36.106:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Hash bbb56efbde6dbc5daf61d3394eb0fd9d
103c1a217e500ea80e006ee8f559b280bc2de81a
f833540a2bbd9579b054246bf3df4c0c1eee9efc54d35838850ef70030f3ae7f
GET /64f95d0cba8c44bfb14c1c4821d20a5e.gif HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 18 Dec 2022 12:37:37 GMT
ETag: W/"639f0991-3ef12"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f24284ddb7d4c44d89df765c4fc3380b
bb39d58bfbae2bac1e82045d7f01718d6029c227
14e5b39e10c97d9f53033a5697c36bbc69fbb648d99d520a6972e19b6908de48
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 04:58:13 GMT
Expires: Mon, 09 Jan 2023 04:58:12 GMT
Etag: "bb39d58bfbae2bac1e82045d7f01718d6029c227"
Cache-Control: max-age=351534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784903aa79c3b524-OSL
383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
120.77.166.54200 OK 299 kB URL HTTP/1.1 383guanggao.oss-cn-shenzhen.aliyuncs.com/960x60.gif
IP 120.77.166.54:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 299 kB (299398 bytes)
Hash f4b7967855549e81f65598b93a43d9db
6ab53e8a9af687c1dddad236af323080a04499cf
2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
GET /960x60.gif HTTP/1.1
Host: 383guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 05 Jan 2023 03:09:16 GMT
Content-Type: image/gif
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 63B63F5C90531234311A3E77
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Thu, 08 Dec 2022 07:20:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 2
66669aaa.com/4617ff994d8d423fb3a2f6d3ed9d19dc.gif
45.61.212.221200 OK 801 kB URL HTTP/1.1 66669aaa.com/4617ff994d8d423fb3a2f6d3ed9d19dc.gif
IP 45.61.212.221:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 801 kB (800611 bytes)
Hash 15bb7ae15496a1d7057ce86a12b75a16
adc3d4e1487bfffb7ed0ae14836f35cba4cc19e5
5af9cc1f186caeb929ecfa0a3a07e6b4e200de5feba556c6412cc31d2d981325
GET /4617ff994d8d423fb3a2f6d3ed9d19dc.gif HTTP/1.1
Host: 66669aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63831da1-c3763"
Date: Tue, 27 Dec 2022 02:19:08 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 27 Nov 2022 08:19:45 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-21
Content-Length: 800611
3718896ccc.com/f8683871eb6b40188989a1af325578d1.gif
45.61.212.49200 OK 910 kB URL HTTP/1.1 3718896ccc.com/f8683871eb6b40188989a1af325578d1.gif
IP 45.61.212.49:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 910 kB (910251 bytes)
Hash 7765dd886b3a8252706ac71a319898bc
bb1d99a7feeaae8a744e8bca7c4ead0d6da0a492
5b8c556af017878ef03cb2ad0a809ffcc3d8aaaf601361a22d990c0efa6fa6d1
GET /f8683871eb6b40188989a1af325578d1.gif HTTP/1.1
Host: 3718896ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63ab0322-de3ab"
Date: Wed, 28 Dec 2022 10:18:42 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 27 Dec 2022 14:37:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-19
Content-Length: 910251
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 39b32863635bc37a5983d40c6e974e87
b995c4e79b26f664826c695255262d687807389c
aaba30833d9844db1200cd46be898d55d5170e0375b134294a62d6bc91beff50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AABA30833D9844DB1200CD46BE898D55D5170E0375B134294A62D6BC91BEFF50"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 05 Jan 2023 09:09:18 GMT
Date: Thu, 05 Jan 2023 03:09:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3be87ee598922fd5ee24d67a69d15103
9baef3b53413ea1f5cd1af0d229e91e2cccd7601
fa98dfcce4cfabc082159f76967565e589fbbc574466cb8b5ee3d19913ad676f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA98DFCCE4CFABC082159F76967565E589FBBC574466CB8B5EE3D19913AD676F"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 05 Jan 2023 09:09:18 GMT
Date: Thu, 05 Jan 2023 03:09:18 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 783c738a4bcce7669089fed33633ef6b
5e84471d08f4ed5765d77e177b4e433bf95114b0
f02c47673ae0315137a5d8e6f16c49aadb98fbe6732560d853058d6b575b2c4b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 03:09:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 19:23:01 GMT
Expires: Tue, 10 Jan 2023 19:23:00 GMT
Etag: "5e84471d08f4ed5765d77e177b4e433bf95114b0"
Cache-Control: max-age=489821,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784903ad0aa7b524-OSL
kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/900X60.gif
47.75.19.247200 OK 254 kB URL HTTP/1.1 kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/900X60.gif
IP 47.75.19.247:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 254 kB (253519 bytes)
Hash f744e995971941b6a95fcd2636f5a545
ac9c1230e04eab9e31512d2afe440fe5f0367dc5
59b1a138fa72df587e61916179965cbd819f91aec53ce6ab606949a7e06b3063
GET /900X60.gif HTTP/1.1
Host: kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: image/gif
Content-Length: 253519
Connection: keep-alive
x-oss-request-id: 63B63F5DFC567C3038DAFF04
Accept-Ranges: bytes
ETag: "F744E995971941B6A95FCD2636F5A545"
Last-Modified: Tue, 29 Nov 2022 08:26:20 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17987192695826819902
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: 90TplZcZQbapX80mNvWlRQ==
x-oss-server-time: 1
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaQhBZDBbzmUjzOujmHe0Lkhnw9WASia6AaU/0
43.154.254.32200 OK 206 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaQhBZDBbzmUjzOujmHe0Lkhnw9WASia6AaU/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 206 kB (205622 bytes)
Hash 8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaQhBZDBbzmUjzOujmHe0Lkhnw9WASia6AaU/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 05 Jan 2023 03:09:17 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Mon, 19 Dec 2022 10:10:38 GMT
cache-control: max-age=2592000
x-delay: 35152 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: 0359236c-57ab-45d6-9dbd-c815b3be661f
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
121.226.246.3200 OK 1.2 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:17 GMT
content-type: image/gif
content-length: 1197751
cache-control: max-age=15552000
expires: Mon, 03 Jul 2023 04:31:01 GMT
last-modified: Fri, 25 Nov 2022 14:36:03 GMT
age: 81497
via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-21 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672806660857-0-0-15-162-162;200;200-1672832123204-0-0-0-9-9;200-1672888157053-0-0-0-0-0
X-Firefox-Spdy: h2
sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
120.77.166.119200 OK 358 kB URL HTTP/1.1 sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
IP 120.77.166.119:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 358 kB (358453 bytes)
Hash fbe8eda2c80f71625d830bafb2cf87fc
296cea7401aac7d4faeda622aeed52b03a04496b
99e301814a6233e474d48a6582e8c698bac3b5928c1e1599acd16a79e470e4c9
GET /tycsz.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: image/gif
Content-Length: 358453
Connection: keep-alive
x-oss-request-id: 63B63F5D0E28CD3336D0E579
Accept-Ranges: bytes
ETag: "FBE8EDA2C80F71625D830BAFB2CF87FC"
Last-Modified: Tue, 03 Jan 2023 09:52:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10395581069867214490
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ++jtosgPcWJdgwuvss+H/A==
x-oss-server-time: 1
99888aaa.com/d0c3df560e4847879d650ed654c41c36.gif
45.61.212.216200 OK 202 kB URL HTTP/1.1 99888aaa.com/d0c3df560e4847879d650ed654c41c36.gif
IP 45.61.212.216:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 202 kB (202119 bytes)
Hash 99973a5086ec9ecad6079e54ba989005
eb73602a0dee641759a7ba5849d4e81462f55ff6
e1323eee354085d9a0d259948945ffe484371a118941e98a99a2cfbf54e93e41
Analyzer Verdict Alert quad9 Sinkholed
GET /d0c3df560e4847879d650ed654c41c36.gif HTTP/1.1
Host: 99888aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63749007-31587"
Date: Sun, 01 Jan 2023 10:23:54 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 16 Nov 2022 07:23:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-16
Content-Length: 202119
kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
121.226.246.3200 OK 1.4 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.4 MB (1411145 bytes)
Hash 3e2a08c45f216f23995e08dc45ed0e86
c9390027ee4885cb509d8b2ad37d6daa9698631e
ffdceb96ee4670386b85d0e2389496569d7e5e9f16844c2f26e9656482a8f12f
GET /ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:17 GMT
content-type: image/gif
content-length: 1411145
cache-control: max-age=15552000
expires: Sun, 02 Jul 2023 11:46:08 GMT
last-modified: Sat, 26 Nov 2022 04:47:42 GMT
age: 141790
via: http/1.1 ORI-CLOUD-HUZ-MIX-15 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-21 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672746368071-0-0-1-160-160;200;200-1672821953328-0-0-0-12-12;200-1672888157075-0-0-0-0-0
X-Firefox-Spdy: h2
static.qwahk.com/960x60.gif
210.65.162.54200 OK 477 kB URL HTTP/1.1 static.qwahk.com/960x60.gif
IP 210.65.162.54:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Size 477 kB (477289 bytes)
Hash 760cc21f91ee02e848650627ffa47ae2
22df8e62d12977ffd032aba17e5fd7632032633f
2b36a60cb734e5ebcaa9ad4d93f914157e563da89c4e08231bd02b72678875bd
GET /960x60.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 477289
Content-Type: image/gif;charset=UTF-8
Date: Tue, 20 Dec 2022 17:35:44 GMT
ETag: "1672887130"
Last-Modified: Thu, 05 Jan 2023 02:52:10 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PStwtbTPE1ci72:19 (W)
X-Cache: HIT, server, memory
X-Px: ms PStwtbTPE1ci72TPE(origin)
X-Reqid: 201921416722818020221221013544VJ1nZf7ssampled
X-Ws-Request-Id: 63a1f270_PStwtbTPE1rg71_20295-16018
kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
121.226.246.3200 OK 894 kB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 03:09:17 GMT
content-type: image/gif
content-length: 893726
cache-control: max-age=15552000
expires: Sat, 01 Jul 2023 05:18:45 GMT
last-modified: Fri, 25 Nov 2022 14:40:05 GMT
age: 251432
via: http/1.1 ORI-CLOUD-HUZ-MIX-29 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-21 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672636725453-0-0-19-124-124;200;200-1672719853266-0-0-0-5-5;200-1672888157080-0-0-0-0-0
X-Firefox-Spdy: h2
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.55200 OK 409 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.55:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 409 kB (408644 bytes)
Hash bcfbb4b0078b03be1636d20ac5102ff1
e18886f1cbf23adf9188bc82aa0961afe6e91f11
d3b834351a460b41f249d0b69b008860b7ecbe6f2c916bf30778826239e5f7b5
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 05 Jan 2023 03:09:17 GMT
Content-Type: image/gif
Content-Length: 408644
Connection: keep-alive
x-oss-request-id: 63B63F5D7E084E3035F8E8F2
Accept-Ranges: bytes
ETag: "BCFBB4B0078B03BE1636D20AC5102FF1"
Last-Modified: Fri, 30 Dec 2022 05:27:28 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9529281951725548429
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDC4P.FqxgiIDdlNzBlMDIzMGE1ZDQwZmY5YTBiNTkxM2I2MDQwOWZk
Content-MD5: vPu0sAeLA74WNtIKxRAv8Q==
x-oss-server-time: 1
99996aaa.com/81cdc68fe3b84505912d0f9cf73c9040.gif
45.61.212.55200 OK 579 kB URL HTTP/1.1 99996aaa.com/81cdc68fe3b84505912d0f9cf73c9040.gif
IP 45.61.212.55:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 579 kB (579018 bytes)
Hash 54c2a3fb838c8e711bbe07220637d637
77e33ed77eb68c23320c059105fb2c900141301e
fc832269e62682138155c4f5e7f34f36512d1bfe69482fbc4a2cc3d27251c8e1
Analyzer Verdict Alert quad9 Sinkholed
GET /81cdc68fe3b84505912d0f9cf73c9040.gif HTTP/1.1
Host: 99996aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hzfysb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63552964-8d5ca"
Date: Mon, 02 Jan 2023 03:51:58 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 23 Oct 2022 11:45:40 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-25
Content-Length: 579018
www.hzfysb.com/favicon.ico
161.123.128.97200 OK 4.3 kB URL HTTP/1.1 www.hzfysb.com/favicon.ico
IP 161.123.128.97:0
ASN #210654 Des Capital B.V.
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 102ce22591115511164b75f77ee51977
78a0e235b2f197eb7ed3ff662a4aea4e397d7982
5dcc7ee4985765dc7f7e80c9e24e3497ef571180e0cf05d1475d060d80bfdeb9
GET /favicon.ico HTTP/1.1
Host: www.hzfysb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hzfysb.com/
Cookie: Hm_lvt_09a7bce3abe22a73ac44e44f7c6232ce=1672888147; Hm_lpvt_09a7bce3abe22a73ac44e44f7c6232ce=1672888147; Hm_lvt_8de83389fd2f7c7dccbb80501aa45448=1672888147; Hm_lpvt_8de83389fd2f7c7dccbb80501aa45448=1672888147
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 03:06:11 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Thu, 29 Sep 2022 16:54:11 GMT
Connection: keep-alive
ETag: "6335cdb3-10be"
Accept-Ranges: bytes