Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
46s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
22/09/2022, 03:09 UTC
General
-
Target
998747802cabc9b3839f6375e1c5f326f00adfce86d043b38889cfa18f80f9b8.exe
-
Size
1.4MB
-
MD5
bd4fe4e8dba15484e7bcae70bf953abb
-
SHA1
ec6b9c3c1a65f7d7c6a7021cc8b854c8d0761e5a
-
SHA256
998747802cabc9b3839f6375e1c5f326f00adfce86d043b38889cfa18f80f9b8
-
SHA512
f24be8c22b3a92d6d7ddf10a6ed577d9ba755371400c245825ce18d99a9fc0786c79de67557c5f83ea37dac82ba2eb47d95a221ff1d5cd6400f461e4eeae5a31
-
SSDEEP
24576:EEsZg89x5NU+wnzihMeDfWmASWKBzTXBfxztO9gk8NaUeNbht1QxOH2lGwsTa:EEsJnEevhTHZOy3NgbhIGKGS
Score
10/10
Malware Config
Signatures
-
joker
Joker is an Android malware that targets billing and SMS fraud.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Modifies Internet Explorer settings 1 TTPs 14 IoCs
-
Modifies registry class 10 IoCs
-
Modifies system certificate store 2 TTPs 12 IoCs
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\998747802cabc9b3839f6375e1c5f326f00adfce86d043b38889cfa18f80f9b8.exe"C:\Users\Admin\AppData\Local\Temp\998747802cabc9b3839f6375e1c5f326f00adfce86d043b38889cfa18f80f9b8.exe"1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Modifies system certificate store
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x5601⤵
- Suspicious use of AdjustPrivilegeToken
Network
-
DNSwww.2dama.comRemote address:8.8.8.8:53Requestwww.2dama.comIN AResponsewww.2dama.comIN A147.255.233.71 -
GEThttp://www.2dama.com/menu/en/23.txtRemote address:147.255.233.71:80RequestGET /menu/en/23.txt HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: www.2dama.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://www.2dama.com/text/en/23.htmlRemote address:147.255.233.71:80RequestGET /text/en/23.html HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: www.2dama.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://www.2dama.com/common.jsRemote address:147.255.233.71:80RequestGET /common.js HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/menu/en/23.txt
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: www.2dama.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:07 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://www.2dama.com/tj.jsRemote address:147.255.233.71:80RequestGET /tj.js HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/menu/en/23.txt
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: www.2dama.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:07 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive
-
GEThttp://www.2dama.com/common.jsRemote address:147.255.233.71:80RequestGET /common.js HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/text/en/23.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: www.2dama.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:07 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://www.2dama.com/tj.jsRemote address:147.255.233.71:80RequestGET /tj.js HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/text/en/23.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: www.2dama.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:07 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive
-
DNShm.baidu.comRemote address:8.8.8.8:53Requesthm.baidu.comIN AResponsehm.baidu.comIN CNAMEhm.e.shifen.comhm.e.shifen.comIN A103.235.46.191
-
GEThttps://hm.baidu.com/hm.js?227bb1c9af9569e26f31438c88d79f27Remote address:103.235.46.191:443RequestGET /hm.js?227bb1c9af9569e26f31438c88d79f27 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/menu/en/23.txt
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 03:10:09 GMT
Etag: e5777b591149cd4e6bdbb98f5d7b1acc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=39C28E9535C9B99E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
-
GEThttps://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0&rnd=951703207&si=7b10e7eadaec4e3cadc100eb8cbb3196&v=1.2.97&lv=1&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8Remote address:103.235.46.191:443RequestGET /hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0&rnd=951703207&si=7b10e7eadaec4e3cadc100eb8cbb3196&v=1.2.97&lv=1&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/menu/en/23.txt
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=7531EA1E059609ED
ResponseHTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 22 Sep 2022 03:10:12 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
-
GEThttps://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0&rnd=951703207&si=7b10e7eadaec4e3cadc100eb8cbb3196&v=1.2.97&lv=1&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8Remote address:103.235.46.191:443RequestGET /hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0&rnd=951703207&si=7b10e7eadaec4e3cadc100eb8cbb3196&v=1.2.97&lv=1&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/text/en/23.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=7531EA1E059609ED
ResponseHTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 22 Sep 2022 03:10:12 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
-
GEThttps://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0&rnd=1612679865&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=1&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8Remote address:103.235.46.191:443RequestGET /hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0&rnd=1612679865&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=1&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/menu/en/23.txt
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=7531EA1E059609ED
ResponseHTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 22 Sep 2022 03:10:12 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
-
GEThttps://hm.baidu.com/hm.js?7b10e7eadaec4e3cadc100eb8cbb3196Remote address:103.235.46.191:443RequestGET /hm.js?7b10e7eadaec4e3cadc100eb8cbb3196 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/menu/en/23.txt
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 03:10:09 GMT
Etag: 958967508f9ad94d1cfc74822a0252b3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F5D7ECC3886D7CED; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
-
GEThttps://hm.baidu.com/hm.js?227bb1c9af9569e26f31438c88d79f27Remote address:103.235.46.191:443RequestGET /hm.js?227bb1c9af9569e26f31438c88d79f27 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/text/en/23.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 03:10:09 GMT
Etag: d4410f9ec15d8836e2be29569079bc99
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2A87C0819EBE521A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
-
GEThttps://hm.baidu.com/hm.js?7b10e7eadaec4e3cadc100eb8cbb3196Remote address:103.235.46.191:443RequestGET /hm.js?7b10e7eadaec4e3cadc100eb8cbb3196 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/text/en/23.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 03:10:10 GMT
Etag: d75e75b0874e3a5c4499abce2b56f6de
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7531EA1E059609ED; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
-
GEThttps://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0&rnd=1612679865&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=1&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8Remote address:103.235.46.191:443RequestGET /hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0&rnd=1612679865&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=1&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/text/en/23.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=7531EA1E059609ED
ResponseHTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 22 Sep 2022 03:10:12 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
-
GEThttps://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0<=1663823409&rnd=1980607529&si=7b10e7eadaec4e3cadc100eb8cbb3196&v=1.2.97&lv=2&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8Remote address:103.235.46.191:443RequestGET /hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0<=1663823409&rnd=1980607529&si=7b10e7eadaec4e3cadc100eb8cbb3196&v=1.2.97&lv=2&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/text/en/23.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=7531EA1E059609ED
ResponseHTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 22 Sep 2022 03:10:12 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
-
GEThttps://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0<=1663823410&rnd=417362007&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=2&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8Remote address:103.235.46.191:443RequestGET /hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0<=1663823410&rnd=417362007&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=2&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Accept: */*
Referer: http://www.2dama.com/menu/en/23.txt
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=7531EA1E059609ED
ResponseHTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 22 Sep 2022 03:10:12 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
-
DNSmitao01.barRemote address:8.8.8.8:53Requestmitao01.barIN AResponsemitao01.barIN A154.198.231.226
-
GEThttps://mitao01.bar:8443/Remote address:154.198.231.226:8443RequestGET / HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://www.2dama.com/menu/en/23.txt
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: mitao01.bar:8443
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
-
GEThttps://mitao01.bar:8443/Remote address:154.198.231.226:8443RequestGET / HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://www.2dama.com/text/en/23.html
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: mitao01.bar:8443
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
-
GEThttps://mitao01.bar:8443/template/kuli02/css/common.css?v=0429Remote address:154.198.231.226:8443RequestGET /template/kuli02/css/common.css?v=0429 HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: mitao01.bar:8443
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:10 GMT
Content-Type: text/css
Last-Modified: Fri, 29 Apr 2022 13:36:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626be9f8-1bce"
Expires: Thu, 22 Sep 2022 15:10:10 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
-
GEThttps://mitao01.bar:8443/template/kuli02/css/style.css?v=2Remote address:154.198.231.226:8443RequestGET /template/kuli02/css/style.css?v=2 HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: mitao01.bar:8443
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:11 GMT
Content-Type: text/css
Last-Modified: Wed, 12 Jan 2022 14:03:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61dedf9e-cb6a"
Expires: Thu, 22 Sep 2022 15:10:11 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
-
GEThttps://mitao01.bar:8443/template/kuli02/images/loading.svgRemote address:154.198.231.226:8443RequestGET /template/kuli02/images/loading.svg HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: mitao01.bar:8443
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:10:12 GMT
Content-Type: image/svg+xml
Content-Length: 506
Last-Modified: Thu, 06 Jan 2022 11:04:48 GMT
Connection: keep-alive
ETag: "61d6ccd0-1fa"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
-
DNSvecukb.comRemote address:8.8.8.8:53Requestvecukb.comIN AResponsevecukb.comIN CNAMEyd11_02-aq-01.cdn-ng.netyd11_02-aq-01.cdn-ng.netIN A45.61.212.170yd11_02-aq-01.cdn-ng.netIN A103.170.15.42yd11_02-aq-01.cdn-ng.netIN A103.170.15.57yd11_02-aq-01.cdn-ng.netIN A103.189.108.93yd11_02-aq-01.cdn-ng.netIN A45.61.212.132
-
DNScdn.staticfile.orgRemote address:8.8.8.8:53Requestcdn.staticfile.orgIN AResponsecdn.staticfile.orgIN CNAMEiduwdjf.qiniudns.comiduwdjf.qiniudns.comIN CNAMEoverseaweb3.china.line.qiniudns.comoverseaweb3.china.line.qiniudns.comIN CNAMEimportantglobalcdnweb.qiniu.com.w.cdngslb.comimportantglobalcdnweb.qiniu.com.w.cdngslb.comIN A47.246.48.206
-
DNSvgvjkw.comRemote address:8.8.8.8:53Requestvgvjkw.comIN AResponsevgvjkw.comIN CNAMEyd11_02-aq-01.cdn-ng.netyd11_02-aq-01.cdn-ng.netIN A45.61.212.170yd11_02-aq-01.cdn-ng.netIN A103.170.15.42yd11_02-aq-01.cdn-ng.netIN A103.170.15.57yd11_02-aq-01.cdn-ng.netIN A103.189.108.93yd11_02-aq-01.cdn-ng.netIN A45.61.212.132
-
DNSvesdsp.comRemote address:8.8.8.8:53Requestvesdsp.comIN AResponsevesdsp.comIN CNAMEyd11_02-aq-01.cdn-ng.netyd11_02-aq-01.cdn-ng.netIN A45.61.212.171yd11_02-aq-01.cdn-ng.netIN A103.170.15.41yd11_02-aq-01.cdn-ng.netIN A103.170.15.56yd11_02-aq-01.cdn-ng.netIN A103.189.108.94yd11_02-aq-01.cdn-ng.netIN A45.61.212.131
-
DNS539397377.comRemote address:8.8.8.8:53Request539397377.comIN AResponse539397377.comIN CNAMEzhenzhu-01.oss-cn-hongkong.aliyuncs.comzhenzhu-01.oss-cn-hongkong.aliyuncs.comIN A47.75.19.14
-
DNS65211351892.comRemote address:8.8.8.8:53Request65211351892.comIN AResponse65211351892.comIN CNAMEyd11_13-site-02.cdn-ng.netyd11_13-site-02.cdn-ng.netIN A45.61.212.227yd11_13-site-02.cdn-ng.netIN A103.170.15.97yd11_13-site-02.cdn-ng.netIN A103.170.15.101yd11_13-site-02.cdn-ng.netIN A103.170.15.107yd11_13-site-02.cdn-ng.netIN A103.170.15.112yd11_13-site-02.cdn-ng.netIN A45.61.212.50yd11_13-site-02.cdn-ng.netIN A45.61.212.54yd11_13-site-02.cdn-ng.netIN A45.61.212.58yd11_13-site-02.cdn-ng.netIN A45.61.212.117yd11_13-site-02.cdn-ng.netIN A45.61.212.122yd11_13-site-02.cdn-ng.netIN A45.61.212.128yd11_13-site-02.cdn-ng.netIN A45.61.212.217yd11_13-site-02.cdn-ng.netIN A45.61.212.223
-
DNS73652253191.comRemote address:8.8.8.8:53Request73652253191.comIN AResponse73652253191.comIN CNAMEyd11_13-site-02.cdn-ng.netyd11_13-site-02.cdn-ng.netIN A103.170.15.99yd11_13-site-02.cdn-ng.netIN A103.170.15.104yd11_13-site-02.cdn-ng.netIN A103.170.15.108yd11_13-site-02.cdn-ng.netIN A103.170.15.114yd11_13-site-02.cdn-ng.netIN A45.61.212.46yd11_13-site-02.cdn-ng.netIN A45.61.212.51yd11_13-site-02.cdn-ng.netIN A45.61.212.59yd11_13-site-02.cdn-ng.netIN A45.61.212.116yd11_13-site-02.cdn-ng.netIN A45.61.212.124yd11_13-site-02.cdn-ng.netIN A103.170.15.80yd11_13-site-02.cdn-ng.netIN A103.170.15.85yd11_13-site-02.cdn-ng.netIN A103.170.15.89yd11_13-site-02.cdn-ng.netIN A103.170.15.94
-
DNSkvexx.comRemote address:8.8.8.8:53Requestkvexx.comIN AResponsekvexx.comIN A64.32.13.142
-
DNSkvevv.comRemote address:8.8.8.8:53Requestkvevv.comIN AResponsekvevv.comIN A78.46.107.74
-
DNSkzeaa.comRemote address:8.8.8.8:53Requestkzeaa.comIN AResponsekzeaa.comIN A104.143.94.110
-
DNSkveww.comRemote address:8.8.8.8:53Requestkveww.comIN AResponsekveww.comIN A104.143.94.110
-
DNSkvezz.comRemote address:8.8.8.8:53Requestkvezz.comIN AResponsekvezz.comIN A45.154.215.92
-
DNSkzerr.comRemote address:8.8.8.8:53Requestkzerr.comIN AResponsekzerr.comIN A104.143.94.110
-
DNSkvemm.comRemote address:8.8.8.8:53Requestkvemm.comIN AResponsekvemm.comIN A45.154.214.206
-
DNSkveii.comRemote address:8.8.8.8:53Requestkveii.comIN AResponsekveii.comIN A104.143.94.110
-
DNSkzecc.comRemote address:8.8.8.8:53Requestkzecc.comIN AResponsekzecc.comIN A104.143.94.110
-
DNSde88deggtp89.comRemote address:8.8.8.8:53Requestde88deggtp89.comIN AResponsede88deggtp89.comIN CNAMEtp.miqiaksdlfkadsc.comtp.miqiaksdlfkadsc.comIN CNAMEgtm-cn-tl32r2nia0c.gtm-a2b4.comgtm-cn-tl32r2nia0c.gtm-a2b4.comIN A154.214.13.34gtm-cn-tl32r2nia0c.gtm-a2b4.comIN A154.214.13.35gtm-cn-tl32r2nia0c.gtm-a2b4.comIN A23.224.145.233gtm-cn-tl32r2nia0c.gtm-a2b4.comIN A23.224.145.234gtm-cn-tl32r2nia0c.gtm-a2b4.comIN A23.224.145.235
-
DNSdimg04.c-ctrip.comRemote address:8.8.8.8:53Requestdimg04.c-ctrip.comIN AResponsedimg04.c-ctrip.comIN CNAMEdimg04.c-ctrip.com.ctripgslb.comdimg04.c-ctrip.com.ctripgslb.comIN CNAMEc11978.edgekey.netc11978.edgekey.netIN CNAMEe11978.a.akamaiedge.nete11978.a.akamaiedge.netIN A104.74.225.127
-
DNSimg.byznc.xyzRemote address:8.8.8.8:53Requestimg.byznc.xyzIN AResponseimg.byznc.xyzIN CNAMEdns.imgapp.topdns.imgapp.topIN A3.36.126.81dns.imgapp.topIN A23.225.228.58dns.imgapp.topIN A23.225.228.34dns.imgapp.topIN A23.225.222.2dns.imgapp.topIN A23.225.222.18
-
DNSimg.x971.xyzRemote address:8.8.8.8:53Requestimg.x971.xyzIN AResponseimg.x971.xyzIN CNAMEdns.imgapp.topdns.imgapp.topIN A3.36.126.81dns.imgapp.topIN A23.225.222.2dns.imgapp.topIN A23.225.228.34dns.imgapp.topIN A23.225.222.18dns.imgapp.topIN A23.225.228.58
-
DNSuu99k.comRemote address:8.8.8.8:53Requestuu99k.comIN AResponseuu99k.comIN CNAMEtp.meimeialsdfkladslf.comtp.meimeialsdfkladslf.comIN CNAMEgtm-cn-tl32u3a9801.gtm-a2b4.comgtm-cn-tl32u3a9801.gtm-a2b4.comIN A23.224.145.194gtm-cn-tl32u3a9801.gtm-a2b4.comIN A23.224.145.195gtm-cn-tl32u3a9801.gtm-a2b4.comIN A23.224.145.196gtm-cn-tl32u3a9801.gtm-a2b4.comIN A23.224.145.197gtm-cn-tl32u3a9801.gtm-a2b4.comIN A23.224.145.198gtm-cn-tl32u3a9801.gtm-a2b4.comIN A23.224.145.199gtm-cn-tl32u3a9801.gtm-a2b4.comIN A23.225.89.147
-
DNSimg.777766.coRemote address:8.8.8.8:53Requestimg.777766.coIN AResponseimg.777766.coIN CNAMEdns.imgapp.topdns.imgapp.topIN A3.36.126.81dns.imgapp.topIN A23.225.228.34dns.imgapp.topIN A23.225.222.18dns.imgapp.topIN A23.225.228.58dns.imgapp.topIN A23.225.222.2
-
DNSp.qlogo.cnRemote address:8.8.8.8:53Requestp.qlogo.cnIN AResponsep.qlogo.cnIN CNAMEp.qpic.cnp.qpic.cnIN A43.129.255.47p.qpic.cnIN A43.154.254.32
-
DNStaiwtp1.comRemote address:8.8.8.8:53Requesttaiwtp1.comIN AResponsetaiwtp1.comIN A220.128.218.220
-
GEThttps://vesdsp.com/6cb226f219fa4e02b7b8e883e925bab1.gifRemote address:45.61.212.171:443RequestGET /6cb226f219fa4e02b7b8e883e925bab1.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: vesdsp.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=86400
ETag: "62c3008b-77cd5"
Server: nginx
Date: Wed, 21 Sep 2022 06:51:32 GMT
Content-Type: image/gif
Last-Modified: Mon, 04 Jul 2022 15:00:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us5-cdnb-11
Content-Length: 490709
-
GEThttps://vesdsp.com/7f825971f7e7450a890a68c6e6ee84b5.gifRemote address:45.61.212.171:443RequestGET /7f825971f7e7450a890a68c6e6ee84b5.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: vesdsp.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=86400
ETag: "63075b25-4422d"
Server: nginx
Date: Wed, 21 Sep 2022 06:51:32 GMT
Content-Type: image/gif
Last-Modified: Thu, 25 Aug 2022 11:21:09 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us5-cdnb-11
Content-Length: 279085
-
GEThttps://539397377.com/e437cf7382cd402480ea7f9f49ed810b.gifRemote address:47.75.19.14:443RequestGET /e437cf7382cd402480ea7f9f49ed810b.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: 539397377.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 160933
Connection: keep-alive
x-oss-request-id: 632BD215FC567C3630AE030E
Accept-Ranges: bytes
ETag: "555C1429E6BDD0B2DD0308ED1241D3A7"
Last-Modified: Mon, 19 Sep 2022 13:17:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15633581411753570161
x-oss-storage-class: Standard
Content-MD5: VVwUKea90LLdAwjtEkHTpw==
x-oss-server-time: 1
-
GEThttps://73652253191.com/24bf3588a89d41dbabe6c8b812da93b7.gifRemote address:103.170.15.99:443RequestGET /24bf3588a89d41dbabe6c8b812da93b7.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: 73652253191.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63185892-212a6"
Date: Mon, 19 Sep 2022 06:28:21 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 07 Sep 2022 08:38:42 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-29
Content-Length: 135846
-
GEThttps://kveww.com/c3fb53e0b25270e528971f49cc080eac.gifRemote address:104.143.94.110:443RequestGET /c3fb53e0b25270e528971f49cc080eac.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kveww.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://kvhqqq.top/c3fb53e0b25270e528971f49cc080eac.gif
Strict-Transport-Security: max-age=31536000
-
GEThttps://dimg04.c-ctrip.com/images/03964120009z0w8i44344.gifRemote address:104.74.225.127:443RequestGET /images/03964120009z0w8i44344.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: dimg04.c-ctrip.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 445879
Access-Control-Allow-Origin: *
Last-Modified: Tue, 12 May 2015 01:00:00 GMT
Cache-Control: max-age=15302641
Expires: Sat, 18 Mar 2023 05:54:12 GMT
Date: Thu, 22 Sep 2022 03:10:11 GMT
Connection: keep-alive
Timing-Allow-Origin: *
-
GEThttps://dimg04.c-ctrip.com/images/0395e120009z0vxy6FCFD.gifRemote address:104.74.225.127:443RequestGET /images/0395e120009z0vxy6FCFD.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: dimg04.c-ctrip.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 57042
Access-Control-Allow-Origin: *
Last-Modified: Tue, 12 May 2015 01:00:00 GMT
Cache-Control: max-age=15306586
Expires: Sat, 18 Mar 2023 06:59:58 GMT
Date: Thu, 22 Sep 2022 03:10:12 GMT
Connection: keep-alive
Timing-Allow-Origin: *
-
GEThttps://dimg04.c-ctrip.com/images/0395s120009rrkqgpCDF2.gifRemote address:104.74.225.127:443RequestGET /images/0395s120009rrkqgpCDF2.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: dimg04.c-ctrip.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 817338
Access-Control-Allow-Origin: *
Last-Modified: Tue, 12 May 2015 01:00:00 GMT
X-EdgeConnect-MidMile-RTT: 0
X-EdgeConnect-Origin-MEX-Latency: 56
Cache-Control: max-age=11690666
Expires: Sat, 04 Feb 2023 10:34:37 GMT
Date: Thu, 22 Sep 2022 03:10:11 GMT
Connection: keep-alive
Timing-Allow-Origin: *
-
GEThttps://kvezz.com/ff82ede81a5bf7b5ff047745ebd831ad.gifRemote address:45.154.215.92:443RequestGET /ff82ede81a5bf7b5ff047745ebd831ad.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kvezz.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://acoossu.top/ff82ede81a5bf7b5ff047745ebd831ad.gif
Strict-Transport-Security: max-age=31536000
-
GEThttps://img.byznc.xyz/images/632977e9f27402a44020f53a.gifRemote address:3.36.126.81:443RequestGET /images/632977e9f27402a44020f53a.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: img.byznc.xyz
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://p3.douyinpic.com/obj/tos-cn-i-dy/8abd050bc2a342279a76fb30d3677f28
Cache-Control: max-age=3600
-
GEThttps://uu99k.com/image/1ny-960x160.gifRemote address:23.224.145.194:443RequestGET /image/1ny-960x160.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: uu99k.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 171827
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 07:56:22 GMT
ETag: "63242c26-29f33"
Expires: Sat, 22 Oct 2022 01:29:22 GMT
Cache-Control: max-age=2592000
Server: cdn-ddos-cc
X-Cache-Status: HIT
Accept-Ranges: bytes
-
GEThttps://cdn.staticfile.org/jquery/1.12.4/jquery.min.jsRemote address:47.246.48.206:443RequestGET /jquery/1.12.4/jquery.min.js HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: cdn.staticfile.org
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=utf-8
Content-Length: 33987
Connection: keep-alive
Date: Wed, 21 Sep 2022 09:23:03 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "Flqdz772VaJmjni66-qo3G9B2Nq7.gz"
Vary: Accept-Encoding
X-Reqid: HJYAAAB0o93L1RYX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Content-Transfer-Encoding: binary
Last-Modified: Fri, 21 Oct 2016 08:51:50 GMT
Ali-Swift-Global-Savetime: 1663752184
Via: cache25.l2de2[0,0,304-0,H], cache17.l2de2[1,0], cache2.nl2[0,0,200-0,H], cache3.nl2[1,0]
Content-Encoding: gzip
Age: 64027
X-Cache: HIT TCP_MEM_HIT dirn:4:119210062
X-Swift-SaveTime: Wed, 21 Sep 2022 09:23:29 GMT
X-Swift-CacheTime: 86375
Timing-Allow-Origin: *
EagleId: 2ff6309716638162119558396e
-
GEThttps://cdn.staticfile.org/twitter-bootstrap/3.4.1/js/bootstrap.min.jsRemote address:47.246.48.206:443RequestGET /twitter-bootstrap/3.4.1/js/bootstrap.min.js HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: cdn.staticfile.org
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 10926
Connection: keep-alive
Date: Wed, 21 Sep 2022 05:47:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FrFv2CJr1r-wjlaPGx0KIdYCR877.gz"
Vary: Accept-Encoding
X-Reqid: GZIAAABkOBUPyhYX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="bootstrap.min.js"; filename*=utf-8''bootstrap.min.js
Content-Md5: LzS2MP/jC6L/K5Hj88MioQ==
Content-Transfer-Encoding: binary
Last-Modified: Mon, 18 Feb 2019 14:03:03 GMT
Ali-Swift-Global-Savetime: 1663739278
Via: cache16.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache2.nl2[0,0,200-0,H], cache8.nl2[1,0]
Content-Encoding: gzip
Age: 76933
X-Cache: HIT TCP_MEM_HIT dirn:4:18829860
X-Swift-SaveTime: Wed, 21 Sep 2022 06:06:06 GMT
X-Swift-CacheTime: 85312
Timing-Allow-Origin: *
EagleId: 2ff6309c16638162112426546e
-
GEThttps://cdn.staticfile.org/twitter-bootstrap/3.4.1/css/bootstrap.min.cssRemote address:47.246.48.206:443RequestGET /twitter-bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: cdn.staticfile.org
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 19704
Connection: keep-alive
Date: Wed, 21 Sep 2022 10:31:15 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FrCXL9zOgv1YPUwszD8uPfdAShnQ.gz"
Vary: Accept-Encoding
X-Reqid: WiYAAABUiXmE2RYX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="bootstrap.min.css"; filename*=utf-8''bootstrap.min.css
Content-Md5: f4lTfq9ga/9J9cwafCTbyg==
Content-Transfer-Encoding: binary
Last-Modified: Mon, 18 Feb 2019 13:57:36 GMT
Ali-Swift-Global-Savetime: 1663756275
Via: cache5.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache5.nl2[0,0,200-0,H], cache8.nl2[1,0]
Content-Encoding: gzip
Age: 59936
X-Cache: HIT TCP_MEM_HIT dirn:1:306621681
X-Swift-SaveTime: Wed, 21 Sep 2022 10:35:07 GMT
X-Swift-CacheTime: 86168
Timing-Allow-Origin: *
EagleId: 2ff6309c16638162112826603e
-
GEThttps://cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.jsRemote address:47.246.48.206:443RequestGET /jquery.lazyload/1.9.1/jquery.lazyload.min.js HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: cdn.staticfile.org
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 1308
Connection: keep-alive
Date: Wed, 21 Sep 2022 10:41:14 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Etag: "FjODGOkwSHsnkae89TrUYBYwzEHi.gz"
Vary: Accept-Encoding
X-Reqid: EqMAAAA9bAUQ2hYX
X-Svr: IO
X-Qiniu-Zone: 0
X-Log: X-Log
Accept-Ranges: bytes
Content-Disposition: inline; filename="jquery.lazyload.min.js"; filename*=utf-8''jquery.lazyload.min.js
Content-Transfer-Encoding: binary
Last-Modified: Tue, 16 Feb 2016 04:24:38 GMT
Ali-Swift-Global-Savetime: 1663756874
Via: cache11.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache7.nl2[0,0,200-0,H], cache8.nl2[1,0]
Content-Encoding: gzip
Age: 59337
X-Cache: HIT TCP_MEM_HIT dirn:11:411036182
X-Swift-SaveTime: Wed, 21 Sep 2022 10:42:35 GMT
X-Swift-CacheTime: 86319
Timing-Allow-Origin: *
EagleId: 2ff6309c16638162113296678e
-
GEThttps://img.777766.co/images/632977d4f27402a44020f539.gifRemote address:3.36.126.81:443RequestGET /images/632977d4f27402a44020f539.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: img.777766.co
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://p3.douyinpic.com/obj/tos-cn-i-dy/51b589937ada453b91044031866198c7
Cache-Control: max-age=3600
-
GEThttps://taiwtp1.com/img/960240.gifRemote address:220.128.218.220:443RequestGET /img/960240.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: taiwtp1.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:08:30 GMT
Content-Type: image/gif
Content-Length: 223879
Last-Modified: Wed, 09 Mar 2022 04:06:14 GMT
Connection: keep-alive
ETag: "622827b6-36a87"
Expires: Sat, 22 Oct 2022 03:08:30 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
-
GEThttps://taiwtp1.com/img/960160.gifRemote address:220.128.218.220:443RequestGET /img/960160.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: taiwtp1.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:08:30 GMT
Content-Type: image/gif
Content-Length: 165614
Last-Modified: Mon, 02 May 2022 05:20:34 GMT
Connection: keep-alive
ETag: "626f6a22-286ee"
Expires: Sat, 22 Oct 2022 03:08:30 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
-
GEThttps://taiwtp1.com/img/96080.gifRemote address:220.128.218.220:443RequestGET /img/96080.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: taiwtp1.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 03:08:32 GMT
Content-Type: image/gif
Content-Length: 73157
Last-Modified: Thu, 07 Apr 2022 05:41:32 GMT
Connection: keep-alive
ETag: "624e798c-11dc5"
Expires: Sat, 22 Oct 2022 03:08:32 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
-
GEThttps://img.x971.xyz/images/63132cf7bbb01ecd06956f56.gifRemote address:3.36.126.81:443RequestGET /images/63132cf7bbb01ecd06956f56.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: img.x971.xyz
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://p3.douyinpic.com/obj/tos-cn-i-dy/df4248dac970478aac5112f57ebef124
Cache-Control: max-age=3600
-
DNSocsp.digicert.cnRemote address:8.8.8.8:53Requestocsp.digicert.cnIN AResponseocsp.digicert.cnIN CNAMEocsp.digicert.cn.w.cdngslb.comocsp.digicert.cn.w.cdngslb.comIN A47.246.48.205
-
DNSocsp.digicert.cnRemote address:8.8.8.8:53Requestocsp.digicert.cnIN AResponseocsp.digicert.cnIN CNAMEocsp.digicert.cn.w.cdngslb.comocsp.digicert.cn.w.cdngslb.comIN A47.246.48.205
-
GEThttps://kveii.com/4b50139bc68ecdd683c6c407d7fc6920.gifRemote address:104.143.94.110:443RequestGET /4b50139bc68ecdd683c6c407d7fc6920.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kveii.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:15 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://kvhsss.top/4b50139bc68ecdd683c6c407d7fc6920.gif
Strict-Transport-Security: max-age=31536000
-
GEThttp://ocsp.digicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAsTYrbuap0%2Blokw8W4gfTk%3DRemote address:47.246.48.205:80RequestGET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAsTYrbuap0%2Blokw8W4gfTk%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.digicert.cn
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 02:11:58 GMT
Ali-Swift-Global-Savetime: 1663812718
Via: cache11.l2de2[0,0,200-0,H], cache17.l2de2[0,0], cache2.nl2[0,0,200-0,H], cache4.nl2[1,0]
Age: 3493
X-Cache: HIT TCP_MEM_HIT dirn:2:350539288
X-Swift-SaveTime: Thu, 22 Sep 2022 02:12:00 GMT
X-Swift-CacheTime: 3598
Timing-Allow-Origin: *
EagleId: 2ff6309816638162111235574e
-
GEThttp://ocsp.digicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRXf%2BqAIajMnZeiQcx27p1CzET2wQUJG%2BRP4mHhw4ywkAY38VM60%2FISTICEASK2xNtLoVooD9qOlZ3nwM%3DRemote address:47.246.48.205:80RequestGET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRXf%2BqAIajMnZeiQcx27p1CzET2wQUJG%2BRP4mHhw4ywkAY38VM60%2FISTICEASK2xNtLoVooD9qOlZ3nwM%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.digicert.cn
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 02:31:59 GMT
Ali-Swift-Global-Savetime: 1663813919
Via: cache16.l2de2[0,0,200-0,H], cache2.l2de2[0,0], cache5.nl2[0,0,200-0,H], cache4.nl2[1,0]
Age: 2292
X-Cache: HIT TCP_MEM_HIT dirn:11:357659724
X-Swift-SaveTime: Thu, 22 Sep 2022 02:32:20 GMT
X-Swift-CacheTime: 3579
Timing-Allow-Origin: *
EagleId: 2ff6309816638162111905698e
-
GEThttp://ocsp.digicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAsTYrbuap0%2Blokw8W4gfTk%3DRemote address:47.246.48.205:80RequestGET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAsTYrbuap0%2Blokw8W4gfTk%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.digicert.cn
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 02:11:58 GMT
Ali-Swift-Global-Savetime: 1663812718
Via: cache11.l2de2[0,0,200-0,H], cache17.l2de2[0,0], cache2.nl2[0,0,200-0,H], cache3.nl2[1,0]
Age: 3493
X-Cache: HIT TCP_MEM_HIT dirn:2:350539288
X-Swift-SaveTime: Thu, 22 Sep 2022 02:12:00 GMT
X-Swift-CacheTime: 3598
Timing-Allow-Origin: *
EagleId: 2ff6309716638162111257107e
-
GEThttps://kzerr.com/3e56d4c29903a2b84fe3f12871fd7ad2.gifRemote address:104.143.94.110:443RequestGET /3e56d4c29903a2b84fe3f12871fd7ad2.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kzerr.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://kvhooo.top/3e56d4c29903a2b84fe3f12871fd7ad2.gif
Strict-Transport-Security: max-age=31536000
-
GEThttps://kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gifRemote address:45.154.214.206:443RequestGET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kvemm.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gif
Strict-Transport-Security: max-age=31536000
-
GEThttps://kvemm.com/5c039bcb7f8e599fa493823f0fea5c2e.gifRemote address:45.154.214.206:443RequestGET /5c039bcb7f8e599fa493823f0fea5c2e.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kvemm.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://kvhiii.top/5c039bcb7f8e599fa493823f0fea5c2e.gif
Strict-Transport-Security: max-age=31536000
-
GEThttps://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.pngRemote address:43.129.255.47:443RequestGET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: p.qlogo.cn
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: NWSs
Date: Thu, 22 Sep 2022 03:10:12 GMT
Content-Type: image/gif
Content-Length: 893726
Connection: keep-alive
Vary: Accept,Origin
Last-Modified: Mon, 18 Jul 2022 16:38:38 GMT
Cache-Control: max-age=2592000
X-Delay: 63779 us
X-Info: real data
X-BCheck: 0_1
X-Cpt: filename=0
User-ReturnCode: 0
X-DataSrc: 2
X-ReqGue: 0
Size: 893726
chid: 0
fid: 0
X-NWS-LOG-UUID: ee435ff4-3856-47ae-94eb-42e08b5a8451
-
GEThttps://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.pngRemote address:43.129.255.47:443RequestGET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: p.qlogo.cn
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: NWSs
Date: Thu, 22 Sep 2022 03:10:19 GMT
Content-Type: image/gif
Content-Length: 893726
Connection: keep-alive
Vary: Accept,Origin
Last-Modified: Mon, 18 Jul 2022 16:38:38 GMT
Cache-Control: max-age=2592000
X-Delay: 457 us
X-Info: real data
X-BCheck: 0_1
X-Cpt: filename=0
User-ReturnCode: 0
X-DataSrc: 2
X-ReqGue: 0
Size: 893726
chid: 0
fid: 0
X-NWS-LOG-UUID: 5de09aaf-8dca-4559-84e2-a1ca028d1f53
-
GEThttps://kvevv.com/8baa999a8a1670103e06df33ee3c3699.gifRemote address:78.46.107.74:443RequestGET /8baa999a8a1670103e06df33ee3c3699.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kvevv.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://kvhxxx.top/8baa999a8a1670103e06df33ee3c3699.gif
Strict-Transport-Security: max-age=31536000
-
GEThttps://kvexx.com/03c3cb047014f05117117e4a924df90d.gifRemote address:64.32.13.142:443RequestGET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kvexx.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://kvhuuu.top/03c3cb047014f05117117e4a924df90d.gif
Strict-Transport-Security: max-age=31536000
-
GEThttps://kzecc.com/4b588735faa68eaee8d55085efdc1359.gifRemote address:104.143.94.110:443RequestGET /4b588735faa68eaee8d55085efdc1359.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kzecc.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://acooss.com/4b588735faa68eaee8d55085efdc1359.gif
Strict-Transport-Security: max-age=31536000
-
GEThttp://de88deggtp89.com/235tp/970x80.gifRemote address:154.214.13.34:80RequestGET /235tp/970x80.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: de88deggtp89.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:11 GMT
Content-Type: image/gif
Content-Length: 712925
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 13:02:51 GMT
ETag: "62a9d87b-ae0dd"
Expires: Wed, 19 Oct 2022 08:48:17 GMT
Cache-Control: max-age=2592000
Server: cdn-ddos-cc
X-Cache-Status: HIT
Accept-Ranges: bytes
-
GEThttp://de88deggtp89.com/79tp/200x200.gifRemote address:154.214.13.34:80RequestGET /79tp/200x200.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: de88deggtp89.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 578095
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 12:59:18 GMT
ETag: "62a9d7a6-8d22f"
Expires: Wed, 19 Oct 2022 09:00:06 GMT
Cache-Control: max-age=2592000
Server: cdn-ddos-cc
X-Cache-Status: HIT
Accept-Ranges: bytes
-
GEThttps://kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gifRemote address:104.143.94.110:443RequestGET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kzeaa.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://acoossz.top/52324facff4bd070699ce4cddb8e2c5d.gif
Strict-Transport-Security: max-age=31536000
-
GEThttp://de88deggtp89.com/79tp/960x80-2.gifRemote address:154.214.13.34:80RequestGET /79tp/960x80-2.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: de88deggtp89.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:11 GMT
Content-Type: image/gif
Content-Length: 420026
Connection: keep-alive
Last-Modified: Sat, 25 Jun 2022 12:21:27 GMT
ETag: "62b6fdc7-668ba"
Expires: Sat, 24 Sep 2022 08:22:40 GMT
Cache-Control: max-age=2592000
Server: cdn-ddos-cc
X-Cache-Status: HIT
Accept-Ranges: bytes
-
GEThttp://de88deggtp89.com/235tp/200x200.gifRemote address:154.214.13.34:80RequestGET /235tp/200x200.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: de88deggtp89.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:12 GMT
Content-Type: image/gif
Content-Length: 584184
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 13:02:36 GMT
ETag: "62a9d86c-8e9f8"
Expires: Wed, 19 Oct 2022 08:48:52 GMT
Cache-Control: max-age=2592000
Server: cdn-ddos-cc
X-Cache-Status: HIT
Accept-Ranges: bytes
-
GEThttps://vgvjkw.com/a189b7f5a0f84654a32025f1e8377967.gifRemote address:45.61.212.170:443RequestGET /a189b7f5a0f84654a32025f1e8377967.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: vgvjkw.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=86400
ETag: "632441a7-47c75"
Server: nginx
Date: Fri, 16 Sep 2022 10:24:10 GMT
Content-Type: image/gif
Last-Modified: Fri, 16 Sep 2022 09:28:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us5-cdnb-10
Content-Length: 294005
-
GEThttps://vgvjkw.com/a189b7f5a0f84654a32025f1e8377967.gifRemote address:45.61.212.170:443RequestGET /a189b7f5a0f84654a32025f1e8377967.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: vgvjkw.com
If-Modified-Since: Fri, 16 Sep 2022 09:28:07 GMT
If-None-Match: "632441a7-47c75"
Connection: Keep-Alive
ResponseHTTP/1.1 304 Not Modified
Server: nginx/1.20.1
Date: Thu, 22 Sep 2022 03:10:18 GMT
X-Cache: HIT from cloud-us5-cdnb-10
Cache-Control: max-age=86400
ETag: "632441a7-47c75"
Last-Modified: Fri, 16 Sep 2022 09:28:07 GMT
-
GEThttps://vecukb.com/095c2c70f1384c60bcd4604700459c73.gifRemote address:45.61.212.170:443RequestGET /095c2c70f1384c60bcd4604700459c73.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: vecukb.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=86400
ETag: "6305df89-3f95d"
Server: nginx
Date: Wed, 21 Sep 2022 21:35:23 GMT
Content-Type: image/gif
Last-Modified: Wed, 24 Aug 2022 08:21:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us5-cdnb-10
Content-Length: 260445
-
GEThttps://65211351892.com/1c53c49cd65d4bf099501655c40592c3.gifRemote address:45.61.212.227:443RequestGET /1c53c49cd65d4bf099501655c40592c3.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: 65211351892.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62ee25ff-afb81"
Date: Fri, 16 Sep 2022 07:54:32 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 06 Aug 2022 08:27:43 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-27
Content-Length: 719745
-
DNSapps.identrust.comRemote address:8.8.8.8:53Requestapps.identrust.comIN AResponseapps.identrust.comIN CNAMEidentrust.edgesuite.netidentrust.edgesuite.netIN CNAMEa1952.dscq.akamai.neta1952.dscq.akamai.netIN A96.16.53.134a1952.dscq.akamai.netIN A96.16.53.139
-
GEThttp://apps.identrust.com/roots/dstrootcax3.p7cRemote address:96.16.53.134:80RequestGET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com
ResponseHTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Mon, 20 Jun 2022 20:24:00 GMT
ETag: "37d-5e1e6e25c9800"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 04:10:11 GMT
Date: Thu, 22 Sep 2022 03:10:11 GMT
Connection: keep-alive
-
GEThttp://apps.identrust.com/roots/dstrootcax3.p7cRemote address:96.16.53.134:80RequestGET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com
ResponseHTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Mon, 20 Jun 2022 20:24:00 GMT
ETag: "37d-5e1e6e25c9800"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 04:10:11 GMT
Date: Thu, 22 Sep 2022 03:10:11 GMT
Connection: keep-alive
-
GEThttp://apps.identrust.com/roots/dstrootcax3.p7cRemote address:96.16.53.134:80RequestGET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com
ResponseHTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Mon, 20 Jun 2022 20:24:00 GMT
ETag: "37d-5e1e6e25c9800"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 04:10:11 GMT
Date: Thu, 22 Sep 2022 03:10:11 GMT
Connection: keep-alive
-
DNSyaoji666.oss-cn-hongkong.aliyuncs.comRemote address:8.8.8.8:53Requestyaoji666.oss-cn-hongkong.aliyuncs.comIN AResponseyaoji666.oss-cn-hongkong.aliyuncs.comIN A47.75.19.91
-
DNSu0081.comRemote address:8.8.8.8:53Requestu0081.comIN AResponseu0081.comIN CNAMEnpyb5v4t-u.funnull01.vipnpyb5v4t-u.funnull01.vipIN CNAME35rnbma7.n.funnull31.com35rnbma7.n.funnull31.comIN A20.247.82.4535rnbma7.n.funnull31.comIN A20.239.189.13135rnbma7.n.funnull31.comIN A20.239.190.9235rnbma7.n.funnull31.comIN A20.239.190.15035rnbma7.n.funnull31.comIN A20.239.191.2035rnbma7.n.funnull31.comIN A20.239.191.2235rnbma7.n.funnull31.comIN A20.239.191.2735rnbma7.n.funnull31.comIN A20.239.191.6735rnbma7.n.funnull31.comIN A20.239.191.83
-
DNS666999123.comRemote address:8.8.8.8:53Request666999123.comIN AResponse666999123.comIN A188.114.96.0666999123.comIN A188.114.97.0
-
DNSk68tkg.comRemote address:8.8.8.8:53Requestk68tkg.comIN AResponsek68tkg.comIN CNAMEyd11_02-aq-01.cdn-ng.netyd11_02-aq-01.cdn-ng.netIN A45.61.212.131yd11_02-aq-01.cdn-ng.netIN A45.61.212.171yd11_02-aq-01.cdn-ng.netIN A103.170.15.41yd11_02-aq-01.cdn-ng.netIN A103.170.15.56yd11_02-aq-01.cdn-ng.netIN A103.189.108.94
-
DNSu0069.comRemote address:8.8.8.8:53Requestu0069.comIN AResponseu0069.comIN CNAMEnpyb5v4t-u.funnull01.vipnpyb5v4t-u.funnull01.vipIN CNAME35rnbma7.n.funnull31.com35rnbma7.n.funnull31.comIN A20.239.191.6735rnbma7.n.funnull31.comIN A20.239.191.8335rnbma7.n.funnull31.comIN A20.247.82.4535rnbma7.n.funnull31.comIN A20.239.189.13135rnbma7.n.funnull31.comIN A20.239.190.9235rnbma7.n.funnull31.comIN A20.239.190.15035rnbma7.n.funnull31.comIN A20.239.191.2035rnbma7.n.funnull31.comIN A20.239.191.2235rnbma7.n.funnull31.comIN A20.239.191.27
-
DNSimg.777767.coRemote address:8.8.8.8:53Requestimg.777767.coIN AResponseimg.777767.coIN CNAMEdns.imgapp.topdns.imgapp.topIN A23.225.222.18dns.imgapp.topIN A3.36.126.81dns.imgapp.topIN A23.225.222.2dns.imgapp.topIN A23.225.228.34dns.imgapp.topIN A23.225.228.58
-
DNScdn.jsdelivr.netRemote address:8.8.8.8:53Requestcdn.jsdelivr.netIN AResponsecdn.jsdelivr.netIN CNAMEcdn.jsdelivr.net.cdn.cloudflare.netcdn.jsdelivr.net.cdn.cloudflare.netIN A104.16.87.20cdn.jsdelivr.net.cdn.cloudflare.netIN A104.16.88.20cdn.jsdelivr.net.cdn.cloudflare.netIN A104.16.85.20cdn.jsdelivr.net.cdn.cloudflare.netIN A104.16.86.20cdn.jsdelivr.net.cdn.cloudflare.netIN A104.16.89.20
-
GEThttps://k68tkg.com/72c3494fb7ac48f79d0f838453c5580b.gifRemote address:45.61.212.131:443RequestGET /72c3494fb7ac48f79d0f838453c5580b.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: k68tkg.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=86400
ETag: "622491e2-aaab"
Server: nginx
Date: Wed, 21 Sep 2022 03:43:20 GMT
Content-Type: image/gif
Last-Modified: Sun, 06 Mar 2022 10:50:10 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us4-cdnb-01
Content-Length: 43691
-
GEThttps://k68tkg.com/72c3494fb7ac48f79d0f838453c5580b.gifRemote address:45.61.212.131:443RequestGET /72c3494fb7ac48f79d0f838453c5580b.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: k68tkg.com
If-Modified-Since: Sun, 06 Mar 2022 10:50:10 GMT
If-None-Match: "622491e2-aaab"
Connection: Keep-Alive
ResponseHTTP/1.1 304 Not Modified
Server: nginx/1.20.1
Date: Thu, 22 Sep 2022 03:10:18 GMT
X-Cache: HIT from cloud-us4-cdnb-01
Cache-Control: max-age=86400
ETag: "622491e2-aaab"
Last-Modified: Sun, 06 Mar 2022 10:50:10 GMT
-
GEThttps://kvezz.com/d246feb7694ab58d49f44d67d0474a95.pngRemote address:45.154.215.92:443RequestGET /d246feb7694ab58d49f44d67d0474a95.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: kvezz.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://acoossu.top/d246feb7694ab58d49f44d67d0474a95.png
Strict-Transport-Security: max-age=31536000
-
GEThttps://666999123.com/tu/66x66.gifRemote address:188.114.96.0:443RequestGET /tu/66x66.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: 666999123.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Type: image/gif
Content-Length: 37400
Connection: keep-alive
last-modified: Thu, 25 Aug 2022 14:56:23 GMT
etag: "63078d97-9218"
expires: Fri, 30 Sep 2022 15:54:24 GMT
Cache-Control: max-age=2592000
strict-transport-security: max-age=31536000
CF-Cache-Status: HIT
Age: 1855015
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SYRhZNMH2gflE4ON%2Fa2DXHahSLolTUk2bw1C5W9VW9tyq9nPvvR9TICa8vQ94ZDQByAG27Xfeh5s1kA98QFra%2FqhMeonNMiKuQ8zw%2BiVrVjP%2BlhvnVjcPgCOe8xCke8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8ab59ffb8af-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
GEThttps://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X80.gifRemote address:47.75.19.91:443RequestGET /gg/960X80.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 133605
Connection: keep-alive
x-oss-request-id: 632BD215B3748434332AAC5F
Accept-Ranges: bytes
ETag: "55F93DFF8B8634E22E525341E9B6915B"
Last-Modified: Sat, 09 Jul 2022 12:37:08 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9850290323694397939
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: Vfk9/4uGNOIuUlNB6baRWw==
x-oss-server-time: 2
-
GEThttps://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/150x150.gifRemote address:47.75.19.91:443RequestGET /gg/150x150.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: AliyunOSS
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 101696
Connection: keep-alive
x-oss-request-id: 632BD2150E14E4353222D633
Accept-Ranges: bytes
ETag: "74409A753A6305214AB8C42A40752453"
Last-Modified: Sun, 18 Sep 2022 16:27:55 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16318896049132079620
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: dECadTpjBSFKuMQqQHUkUw==
x-oss-server-time: 2
-
GEThttps://u0081.com/d6dd3e0f4bcc4b34b111fd755416f918.pngRemote address:20.247.82.45:443RequestGET /d6dd3e0f4bcc4b34b111fd755416f918.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: u0081.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 09:27:37 GMT
ETag: W/"63244189-9dd9"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
-
DNS19719197.comRemote address:8.8.8.8:53Request19719197.comIN AResponse19719197.comIN CNAMEnpyb5v4t-u.funnull01.vipnpyb5v4t-u.funnull01.vipIN CNAME35rnbma7.n.funnull31.com35rnbma7.n.funnull31.comIN A20.239.190.15035rnbma7.n.funnull31.comIN A20.239.191.2035rnbma7.n.funnull31.comIN A20.239.191.2235rnbma7.n.funnull31.comIN A20.239.191.2735rnbma7.n.funnull31.comIN A20.239.191.6735rnbma7.n.funnull31.comIN A20.239.191.8335rnbma7.n.funnull31.comIN A20.247.82.4535rnbma7.n.funnull31.comIN A20.239.189.13135rnbma7.n.funnull31.comIN A20.239.190.92
-
GEThttps://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5e2ce2370ba8f37f477108bc3b29c28a1/0.pngRemote address:43.129.255.47:443RequestGET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5e2ce2370ba8f37f477108bc3b29c28a1/0.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: p.qlogo.cn
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: NWSs
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 159344
Connection: keep-alive
Vary: Accept,Origin
Last-Modified: Mon, 18 Jul 2022 16:59:46 GMT
Cache-Control: max-age=2592000
X-Delay: 200 us
X-Info: real data
X-BCheck: 0_1
X-Cpt: filename=0
User-ReturnCode: 0
X-DataSrc: 2
X-ReqGue: 0
Size: 159344
chid: 0
fid: 0
X-NWS-LOG-UUID: 871ff3c7-3069-4eb5-a502-5a7a6045b35a
-
GEThttps://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5c37320f7cbd0b708b860e89da03aa20a/0.pngRemote address:43.129.255.47:443RequestGET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5c37320f7cbd0b708b860e89da03aa20a/0.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: p.qlogo.cn
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: NWSs
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 128118
Connection: keep-alive
Vary: Accept,Origin
Last-Modified: Mon, 18 Jul 2022 17:11:45 GMT
Cache-Control: max-age=2592000
X-Delay: 79 us
X-Info: real data
X-BCheck: 0_1
X-Cpt: filename=0
User-ReturnCode: 0
X-DataSrc: 2
X-ReqGue: 0
Size: 128118
chid: 0
fid: 0
X-NWS-LOG-UUID: 31c08eb5-d1c6-4873-82f2-be9fb5ccc81f
-
GEThttps://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5e2ce2370ba8f37f477108bc3b29c28a1/0.pngRemote address:43.129.255.47:443RequestGET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5e2ce2370ba8f37f477108bc3b29c28a1/0.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: p.qlogo.cn
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: NWSs
Date: Thu, 22 Sep 2022 03:10:19 GMT
Content-Type: image/gif
Content-Length: 159344
Connection: keep-alive
Vary: Accept,Origin
Last-Modified: Mon, 18 Jul 2022 16:59:46 GMT
Cache-Control: max-age=2592000
X-Delay: 193 us
X-Info: real data
X-BCheck: 0_1
X-Cpt: filename=0
User-ReturnCode: 0
X-DataSrc: 2
X-ReqGue: 0
Size: 159344
chid: 0
fid: 0
X-NWS-LOG-UUID: 49c2f6f5-c0f9-4a67-86c5-8e46db9d2952
-
GEThttps://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5c37320f7cbd0b708b860e89da03aa20a/0.pngRemote address:43.129.255.47:443RequestGET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b5c37320f7cbd0b708b860e89da03aa20a/0.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: p.qlogo.cn
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: NWSs
Date: Thu, 22 Sep 2022 03:10:20 GMT
Content-Type: image/gif
Content-Length: 128118
Connection: keep-alive
Vary: Accept,Origin
Last-Modified: Mon, 18 Jul 2022 17:11:45 GMT
Cache-Control: max-age=2592000
X-Delay: 93 us
X-Info: real data
X-BCheck: 0_1
X-Cpt: filename=0
User-ReturnCode: 0
X-DataSrc: 2
X-ReqGue: 0
Size: 128118
chid: 0
fid: 0
X-NWS-LOG-UUID: 78edc3f3-eaf2-4708-a351-1afe4b42b022
-
DNSvjnhby.comRemote address:8.8.8.8:53Requestvjnhby.comIN AResponsevjnhby.comIN CNAMEyd11_02-aq-01.cdn-ng.netyd11_02-aq-01.cdn-ng.netIN A45.61.212.132yd11_02-aq-01.cdn-ng.netIN A45.61.212.170yd11_02-aq-01.cdn-ng.netIN A103.170.15.42yd11_02-aq-01.cdn-ng.netIN A103.170.15.57yd11_02-aq-01.cdn-ng.netIN A103.189.108.93
-
DNSn7565.comRemote address:8.8.8.8:53Requestn7565.comIN AResponsen7565.comIN CNAMEyd11_13-site-02.cdn-ng.netyd11_13-site-02.cdn-ng.netIN A103.170.15.88yd11_13-site-02.cdn-ng.netIN A103.170.15.92yd11_13-site-02.cdn-ng.netIN A103.170.15.97yd11_13-site-02.cdn-ng.netIN A103.170.15.104yd11_13-site-02.cdn-ng.netIN A103.170.15.107yd11_13-site-02.cdn-ng.netIN A103.170.15.113yd11_13-site-02.cdn-ng.netIN A45.61.212.128yd11_13-site-02.cdn-ng.netIN A45.61.212.217yd11_13-site-02.cdn-ng.netIN A45.61.212.223yd11_13-site-02.cdn-ng.netIN A45.61.212.227yd11_13-site-02.cdn-ng.netIN A103.170.15.72yd11_13-site-02.cdn-ng.netIN A103.170.15.77yd11_13-site-02.cdn-ng.netIN A103.170.15.82
-
GEThttps://u0069.com/938f9d7fb1cf422baaeee80bdacaf7d4.pngRemote address:20.239.191.67:443RequestGET /938f9d7fb1cf422baaeee80bdacaf7d4.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: u0069.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 May 2022 07:52:48 GMT
ETag: W/"62932650-7df1"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
-
DNSntvxbf7.comRemote address:8.8.8.8:53Requestntvxbf7.comIN AResponsentvxbf7.comIN CNAMEyd11_13-site-02.cdn-ng.netyd11_13-site-02.cdn-ng.netIN A45.61.212.122yd11_13-site-02.cdn-ng.netIN A45.61.212.128yd11_13-site-02.cdn-ng.netIN A103.170.15.82yd11_13-site-02.cdn-ng.netIN A103.170.15.88yd11_13-site-02.cdn-ng.netIN A103.170.15.92yd11_13-site-02.cdn-ng.netIN A103.170.15.97yd11_13-site-02.cdn-ng.netIN A103.170.15.101yd11_13-site-02.cdn-ng.netIN A103.170.15.107yd11_13-site-02.cdn-ng.netIN A103.170.15.112yd11_13-site-02.cdn-ng.netIN A45.61.212.50yd11_13-site-02.cdn-ng.netIN A45.61.212.54yd11_13-site-02.cdn-ng.netIN A45.61.212.58yd11_13-site-02.cdn-ng.netIN A45.61.212.117
-
DNS3338635.comRemote address:8.8.8.8:53Request3338635.comIN AResponse3338635.comIN CNAMEyd11_13-site-02.cdn-ng.netyd11_13-site-02.cdn-ng.netIN A103.170.15.72yd11_13-site-02.cdn-ng.netIN A103.170.15.76yd11_13-site-02.cdn-ng.netIN A103.170.15.81yd11_13-site-02.cdn-ng.netIN A103.170.15.111yd11_13-site-02.cdn-ng.netIN A45.61.212.49yd11_13-site-02.cdn-ng.netIN A45.61.212.55yd11_13-site-02.cdn-ng.netIN A45.61.212.57yd11_13-site-02.cdn-ng.netIN A45.61.212.120yd11_13-site-02.cdn-ng.netIN A45.61.212.121yd11_13-site-02.cdn-ng.netIN A45.61.212.126yd11_13-site-02.cdn-ng.netIN A45.61.212.216yd11_13-site-02.cdn-ng.netIN A45.61.212.221yd11_13-site-02.cdn-ng.netIN A45.61.212.226
-
GEThttps://img.777767.co/images/62f39459c96a987b91c6913a.gifRemote address:23.225.222.18:443RequestGET /images/62f39459c96a987b91c6913a.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: img.777767.co
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://p3.douyinpic.com/obj/tos-cn-i-dy/14bc743bc22d4094976d1de9ec1f34db
Cache-Control: max-age=3600
-
GEThttps://cdn.jsdelivr.net/gh/wanli8899/August@main/head/ny120x120.gifRemote address:104.16.87.20:443RequestGET /gh/wanli8899/August@main/head/ny120x120.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: cdn.jsdelivr.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 135665
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Timing-Allow-Origin: *
Cache-Control: public, max-age=604800, s-maxage=43200
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-JSD-Version: main
X-JSD-Version-Type: branch
ETag: W/"211f1-TvRBnIckH7QkilOaQRz8cSa+Oic"
X-Served-By: cache-fra19129-FRA, cache-cdg20752-CDG
X-Cache: HIT, MISS
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
CF-Cache-Status: HIT
Age: 31926
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtiuwqB3NmJoQao0gsJLrtSZ9V6OhxX4PRQ3ZHhYtt8rAJLV7Q4dNMhE9vQVr2MXcNZBtpJGKb5nD%2FDCwSOiI8pozsW4byMUyqYT0JGyQ5F0knMsJeY84elrSdjsbFyuqA8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e7d8a41eeab96f-AMS
-
GEThttps://cdn.jsdelivr.net/gh/kulinan22/img@main/foot/sael.jpgRemote address:104.16.87.20:443RequestGET /gh/kulinan22/img@main/foot/sael.jpg HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: cdn.jsdelivr.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/jpeg
Content-Length: 19460
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=604800, s-maxage=43200
Cf-Bgj: h2pri
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"4c04-GzDYknskQLt/F6N8sBaE6H8qvhI"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Cache: HIT, HIT
X-Content-Type-Options: nosniff
X-JSD-Version: main
X-JSD-Version-Type: branch
X-Served-By: cache-fra19175-FRA, cache-iad-kiad7000099-IAD
CF-Cache-Status: HIT
Age: 21991
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26sg0RXMriFwBUnVdig0P5wrdSQ4z2mHN8KDMWIjThxMatvJMH3qjSe75v5shaSQ76z6MyrMYxHCpuhcrFJT3TlLq3f5lw6AswjCoRWuqNLmT3Oxo1%2Fc1ee8xLbhN9kRe%2F4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e7d8a4cfafb96f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
DNSdl66d.comRemote address:8.8.8.8:53Requestdl66d.comIN AResponsedl66d.comIN A104.233.158.19
-
DNS89958716765.comRemote address:8.8.8.8:53Request89958716765.comIN AResponse89958716765.comIN CNAMEyd11_13-site-02.cdn-ng.netyd11_13-site-02.cdn-ng.netIN A103.170.15.101yd11_13-site-02.cdn-ng.netIN A103.170.15.107yd11_13-site-02.cdn-ng.netIN A103.170.15.112yd11_13-site-02.cdn-ng.netIN A45.61.212.50yd11_13-site-02.cdn-ng.netIN A45.61.212.54yd11_13-site-02.cdn-ng.netIN A45.61.212.58yd11_13-site-02.cdn-ng.netIN A45.61.212.117yd11_13-site-02.cdn-ng.netIN A45.61.212.122yd11_13-site-02.cdn-ng.netIN A45.61.212.128yd11_13-site-02.cdn-ng.netIN A45.61.212.217yd11_13-site-02.cdn-ng.netIN A45.61.212.223yd11_13-site-02.cdn-ng.netIN A45.61.212.227yd11_13-site-02.cdn-ng.netIN A103.170.15.97
-
GEThttps://cdn.jsdelivr.net/gh/kulinan22/img@main/foot/papatv.jpgRemote address:104.16.87.20:443RequestGET /gh/kulinan22/img@main/foot/papatv.jpg HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: cdn.jsdelivr.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/jpeg
Content-Length: 10482
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=604800, s-maxage=43200
Cf-Bgj: h2pri
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"28f2-q5MglcrqkDrj7o7TaEH092x08B4"
Fastly-Original-Body-Size: 10482
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Cache: HIT, HIT
X-Content-Type-Options: nosniff
X-JSD-Version: main
X-JSD-Version-Type: branch
X-Served-By: cache-fra19126-FRA, cache-itm18840-ITM
CF-Cache-Status: HIT
Age: 8287
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksor8pS5G6h9ytIHxfzUjKElRe4cqEAO%2BbazzVyqs%2F5k7yOAwEf3Xznc2T9KGyNVVHrT8de9zDBTJjXJElYYgjLyIdN6bOb4JSBZxaYszS6FbYZz%2BJhC96uHEEdKK4MFqLc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e7d8a45a90b84f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
DNSupffxs6.comRemote address:8.8.8.8:53Requestupffxs6.comIN AResponseupffxs6.comIN CNAMEyd11_13-site-02.cdn-ng.netyd11_13-site-02.cdn-ng.netIN A45.61.212.225yd11_13-site-02.cdn-ng.netIN A45.61.212.230yd11_13-site-02.cdn-ng.netIN A103.170.15.75yd11_13-site-02.cdn-ng.netIN A103.170.15.79yd11_13-site-02.cdn-ng.netIN A103.170.15.110yd11_13-site-02.cdn-ng.netIN A103.170.15.115yd11_13-site-02.cdn-ng.netIN A45.61.212.47yd11_13-site-02.cdn-ng.netIN A45.61.212.52yd11_13-site-02.cdn-ng.netIN A45.61.212.60yd11_13-site-02.cdn-ng.netIN A45.61.212.118yd11_13-site-02.cdn-ng.netIN A45.61.212.123yd11_13-site-02.cdn-ng.netIN A45.61.212.130yd11_13-site-02.cdn-ng.netIN A45.61.212.220
-
GEThttps://3338635.com/057f5074fa7547a9bebd8f858952cb44.gifRemote address:103.170.15.72:443RequestGET /057f5074fa7547a9bebd8f858952cb44.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: 3338635.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "61def641-a5a0"
Date: Tue, 20 Sep 2022 10:16:04 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 12 Jan 2022 15:39:45 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 42400
-
GEThttps://19719197.com/b2b7417f3bfa4af7965c969b198571f4.pngRemote address:20.239.190.150:443RequestGET /b2b7417f3bfa4af7965c969b198571f4.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: 19719197.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:17 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 02 Aug 2022 08:40:04 GMT
ETag: W/"62e8e2e4-11607"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
-
GEThttps://dl66d.com/150x150.gifRemote address:104.233.158.19:443RequestGET /150x150.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: dl66d.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:17 GMT
Content-Type: image/gif
Content-Length: 297341
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 07:52:46 GMT
ETag: "63199f4e-4897d"
Expires: Mon, 10 Oct 2022 14:34:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
-
GEThttps://upffxs6.com/debb54574b1142049171b39403c494a5.gifRemote address:45.61.212.225:443RequestGET /debb54574b1142049171b39403c494a5.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: upffxs6.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "627519f5-7f30"
Date: Wed, 14 Sep 2022 05:49:54 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 06 May 2022 12:52:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-25
Content-Length: 32560
-
GEThttps://upffxs6.com/debb54574b1142049171b39403c494a5.gifRemote address:45.61.212.225:443RequestGET /debb54574b1142049171b39403c494a5.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: upffxs6.com
If-Modified-Since: Fri, 06 May 2022 12:52:05 GMT
If-None-Match: "627519f5-7f30"
Connection: Keep-Alive
ResponseHTTP/1.1 304 Not Modified
Server: nginx/1.20.1
Date: Thu, 22 Sep 2022 03:10:18 GMT
X-Cache: HIT from cloud-us3-cdnb-25
Cache-Control: max-age=604800
ETag: "627519f5-7f30"
Last-Modified: Fri, 06 May 2022 12:52:05 GMT
-
GEThttps://vjnhby.com/301d74df402847feb1b6fb72d313ed60.pngRemote address:45.61.212.132:443RequestGET /301d74df402847feb1b6fb72d313ed60.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: vjnhby.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=86400
ETag: "62c30008-3cbc"
Server: nginx
Date: Sun, 18 Sep 2022 00:26:56 GMT
Content-Type: image/png
Last-Modified: Mon, 04 Jul 2022 14:58:16 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us4-cdnb-02
Content-Length: 15548
-
GEThttps://vjnhby.com/301d74df402847feb1b6fb72d313ed60.pngRemote address:45.61.212.132:443RequestGET /301d74df402847feb1b6fb72d313ed60.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: vjnhby.com
If-Modified-Since: Mon, 04 Jul 2022 14:58:16 GMT
If-None-Match: "62c30008-3cbc"
Connection: Keep-Alive
ResponseHTTP/1.1 304 Not Modified
Server: nginx/1.20.1
Date: Thu, 22 Sep 2022 03:10:17 GMT
X-Cache: HIT from cloud-us4-cdnb-02
Cache-Control: max-age=86400
ETag: "62c30008-3cbc"
Last-Modified: Mon, 04 Jul 2022 14:58:16 GMT
-
GEThttps://n7565.com/f2f94a0c499e4f06a72aa431d3176b8b.gifRemote address:103.170.15.88:443RequestGET /f2f94a0c499e4f06a72aa431d3176b8b.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: n7565.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62e0ff4a-748c"
Date: Sat, 17 Sep 2022 08:26:04 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 27 Jul 2022 09:03:06 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 29836
-
GEThttps://89958716765.com/1ed4347b2ea742798776f24b40b8f003.gifRemote address:103.170.15.101:443RequestGET /1ed4347b2ea742798776f24b40b8f003.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: 89958716765.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63185915-248df"
Date: Fri, 16 Sep 2022 02:53:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 07 Sep 2022 08:40:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Length: 149727
-
GEThttps://ntvxbf7.com/88d380ebd5e644d189ec573972a02f3b.gifRemote address:45.61.212.122:443RequestGET /88d380ebd5e644d189ec573972a02f3b.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: ntvxbf7.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6298c1ae-73a8"
Date: Thu, 15 Sep 2022 23:49:16 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 02 Jun 2022 13:57:02 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-22
Content-Length: 29608
-
DNSp3.douyinpic.comRemote address:8.8.8.8:53Requestp3.douyinpic.comIN AResponsep3.douyinpic.comIN CNAMEp3.douyinpic.com.w.cdngslb.comp3.douyinpic.com.w.cdngslb.comIN A47.246.48.231p3.douyinpic.com.w.cdngslb.comIN A47.246.48.226p3.douyinpic.com.w.cdngslb.comIN A47.246.48.224p3.douyinpic.com.w.cdngslb.comIN A47.246.48.225p3.douyinpic.com.w.cdngslb.comIN A47.246.48.227p3.douyinpic.com.w.cdngslb.comIN A47.246.48.229p3.douyinpic.com.w.cdngslb.comIN A47.246.48.228p3.douyinpic.com.w.cdngslb.comIN A47.246.48.230
-
GEThttps://p3.douyinpic.com/obj/tos-cn-i-dy/51b589937ada453b91044031866198c7Remote address:47.246.48.231:443RequestGET /obj/tos-cn-i-dy/51b589937ada453b91044031866198c7 HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: p3.douyinpic.com
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 812673
Connection: keep-alive
Date: Tue, 20 Sep 2022 08:38:31 GMT
Cache-Control: max-age=31536000
Imagex-Fmt: gif2gif
Last-Modified: Tue, 20 Sep 2022 08:20:48 GMT
Nw-Session-Id: 20220920162048010204024154379C9FFEjxsvz01dy
Nw-Session-Trace: 2022-09-20T16:20:48.196631793+08:00 45
X-Bdcdn-Cache-Status: TCP_HIT
X-Length: 812673
X-Powered-By: ImageX
X-Response-Date: Tue, 20 Sep 2022 16:20:48 GMT
X-Tt-Logid: 20220920162048010204024154379C9FFE
via: n150-056-012, cache14.l2de2[204,203,206-0,M], cache9.l2de2[204,0], cache9.l2de2[206,0], cache4.nl2[0,0,200-0,H], cache5.nl2[1,0]
x-request-ip: fdbd:dc02:22:54::97
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 154.61.71.50
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01b6e0ebab225637bebbc92d8de22a811e597cc565ffb66d23917a60ea40720cebebb078fc2e7052461253e1bca7cea1d3115e44368254fb2e3bcd30e7d45fdcc9850c901a1415836b9c315775ab0c8e228e02da287a32e11b3a6d4e8fe3257581
X-Response-LB: image
Ali-Swift-Global-Savetime: 1663663111
Age: 153103
X-Cache: HIT TCP_MEM_HIT dirn:1:144156721 mlen:0
X-Swift-SaveTime: Tue, 20 Sep 2022 08:38:31 GMT
X-Swift-CacheTime: 31536000
Timing-Allow-Origin: *, *
Access-Control-Allow-Origin: *
EagleId: 2ff6309916638162140107166e
-
GEThttps://p3.douyinpic.com/obj/tos-cn-i-dy/14bc743bc22d4094976d1de9ec1f34dbRemote address:47.246.48.231:443RequestGET /obj/tos-cn-i-dy/14bc743bc22d4094976d1de9ec1f34db HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: p3.douyinpic.com
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 276026
Connection: keep-alive
Date: Sat, 27 Aug 2022 13:54:48 GMT
Cache-Control: max-age=31536000
Imagex-Fmt: gif2gif
Last-Modified: Sat, 27 Aug 2022 13:25:20 GMT
Nw-Session-Id: 202208272125200101580290971B710FBBbkplw02dy
Nw-Session-Trace: 2022-08-27T21:25:20.263654856+08:00 28
X-Bdcdn-Cache-Status: TCP_HIT
X-Length: 276026
X-Powered-By: ImageX
X-Response-Date: Sat, 27 Aug 2022 21:25:20 GMT
X-Tt-Logid: 202208272125200101580290971B710FBB
via: n204-098-236, cache11.l2de2[0,2,206-0,H], cache17.l2de2[4,0], cache17.l2de2[4,0], cache8.nl2[0,0,200-0,H], cache5.nl2[3,0]
x-request-ip: fdbd:dc01:21:307::156
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 154.61.71.50
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 018fe403fa59635acd24edf675661073ba8ff8bdb557264d3d288464bf8c699307f50bfc2f41e2830e4f13083449ed30049ee82404b58744f70e7671ff0c3dbbbfafef85e5d8a8176f56435e596eee134b7dcc9e9028f9ec7ca88f8df72aab94f9
X-Response-LB: image
Ali-Swift-Global-Savetime: 1661608488
Age: 2207726
X-Cache: HIT TCP_MEM_HIT dirn:11:286719149
X-Swift-SaveTime: Tue, 13 Sep 2022 09:22:19 GMT
X-Swift-CacheTime: 30083549
Timing-Allow-Origin: *, *
Access-Control-Allow-Origin: *
EagleId: 2ff6309916638162144777945e
-
DNSacoossu.topRemote address:8.8.8.8:53Requestacoossu.topIN AResponseacoossu.topIN A172.67.151.21acoossu.topIN A104.21.33.223
-
DNSyinyongbao3.appRemote address:8.8.8.8:53Requestyinyongbao3.appIN AResponseyinyongbao3.appIN A72.52.179.174
-
DNSyinyongbao3.appRemote address:8.8.8.8:53Requestyinyongbao3.appIN A
-
DNSkvhxxx.topRemote address:8.8.8.8:53Requestkvhxxx.topIN AResponsekvhxxx.topIN A188.114.96.0kvhxxx.topIN A188.114.97.0
-
DNSacooss.comRemote address:8.8.8.8:53Requestacooss.comIN AResponseacooss.comIN A104.21.235.96acooss.comIN A104.21.235.95
-
DNSkvhooo.topRemote address:8.8.8.8:53Requestkvhooo.topIN AResponsekvhooo.topIN A172.67.139.162kvhooo.topIN A104.21.33.12
-
GEThttps://acoossu.top/ff82ede81a5bf7b5ff047745ebd831ad.gifRemote address:172.67.151.21:443RequestGET /ff82ede81a5bf7b5ff047745ebd831ad.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: acoossu.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 513789
Connection: keep-alive
Last-Modified: Mon, 02 May 2022 19:22:05 GMT
ETag: "62702f5d-7d6fd"
Expires: Sat, 15 Oct 2022 06:44:27 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 591946
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZL2KUVTleSPAq7AcDO48ekIPoEnEIezcihWU%2FvmCcfoSXvOHPn5wRmpa%2FSiACEFH0q17qBA7mLVuXXtuoB8W5h%2BgDrmxVpDwO47LT7mPmmLXUmhkapizlNNLzjn%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8a6fa8ab90f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
GEThttps://acoossu.top/d246feb7694ab58d49f44d67d0474a95.pngRemote address:172.67.151.21:443RequestGET /d246feb7694ab58d49f44d67d0474a95.png HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: acoossu.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/png
Content-Length: 31030
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 18:04:41 GMT
ETag: "61784339-7936"
Expires: Sat, 15 Oct 2022 03:51:14 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 602339
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaG8OZsKum2QePhDj3PPsJRcpeZtOGELJwaqCXRHpG%2BcEDAXbHwpoI1AnZqoiWQqak%2B7qHx1N2a8TyyDx5XGQt40kZo2qXqgrM3%2F8Vubm6MdLfQBq%2Ffa4ykH0wQrLg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8a8ec76b90f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
GEThttps://kvhxxx.top/8baa999a8a1670103e06df33ee3c3699.gifRemote address:188.114.96.0:443RequestGET /8baa999a8a1670103e06df33ee3c3699.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: kvhxxx.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 336917
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:33:34 GMT
ETag: "6321adfe-52415"
Expires: Fri, 21 Oct 2022 11:46:08 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 55445
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eK1sQWQBJq85gJaLX96Mhl3b%2FeUJ6SQbf0ob1wh4gkMmbOrQ%2B6MyJu59wEYNg6vJMgvH2zJSkyaxh6olL%2FIw74rezVcL%2FxAgOH3gVP42YXhKMFtrujLiKbLvs1hG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8a71deeb852-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
GEThttps://acooss.com/4b588735faa68eaee8d55085efdc1359.gifRemote address:104.21.235.96:443RequestGET /4b588735faa68eaee8d55085efdc1359.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: acooss.com
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Type: image/gif
Content-Length: 3044760
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 07:23:54 GMT
ETag: "6314528a-2e7598"
Expires: Thu, 20 Oct 2022 12:31:42 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 139112
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJpR4XCa9deQn5IXQnMrAc%2Be1MgiybTGkRvxfudEyop3w41uvvgTE%2Fh1e1EyHqx2nzdCig58xFOVLTkbu9rBVc0kW12BTjmH5oWzF2KI%2FXRZ%2F3URETmRNesRUHEO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8ad8ef6b968-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
GEThttps://kvhooo.top/3e56d4c29903a2b84fe3f12871fd7ad2.gifRemote address:172.67.139.162:443RequestGET /3e56d4c29903a2b84fe3f12871fd7ad2.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: kvhooo.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Type: image/gif
Content-Length: 1087821
Connection: keep-alive
Last-Modified: Wed, 25 May 2022 13:37:01 GMT
ETag: "628e30fd-10994d"
Expires: Fri, 21 Oct 2022 05:02:13 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 79681
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiRVjG9YB%2By5tMeQf8OYxV4nBRKGhyhV4h89x8B%2BR2sf7j4wdL0eLCC9MNal7y8Fp%2F0Rt8JDb5n8iIcMfl9lNnKg91av%2Br4B9shDgKdDsvpOnYLPiJy%2FXpJRnigE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8ab1fa8b8b2-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
DNSkvhqqq.topRemote address:8.8.8.8:53Requestkvhqqq.topIN AResponsekvhqqq.topIN A104.21.235.198kvhqqq.topIN A104.21.235.197
-
GEThttps://p3.douyinpic.com/obj/tos-cn-i-dy/df4248dac970478aac5112f57ebef124Remote address:47.246.48.231:443RequestGET /obj/tos-cn-i-dy/df4248dac970478aac5112f57ebef124 HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: p3.douyinpic.com
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 773271
Connection: keep-alive
Date: Mon, 05 Sep 2022 06:46:06 GMT
Cache-Control: max-age=31536000
Imagex-Fmt: gif2gif
Last-Modified: Mon, 05 Sep 2022 06:46:06 GMT
Nw-Session-Id: 202209051446060101751360741F38EBE6bfvvk03dy
Nw-Session-Trace: 2022-09-05T14:46:06.648697264+08:00 93
X-Bdcdn-Cache-Status: TCP_MISS
X-Length: 773271
X-Powered-By: ImageX
X-Response-Date: Mon, 05 Sep 2022 14:46:06 GMT
X-Tt-Logid: 202209051446060101751360741F38EBE6
via: n132-078-099, cache10.l2de2[0,0,206-0,H], cache17.l2de2[1,0], cache17.l2de2[1,0], cache7.nl2[0,0,200-0,H], cache7.nl2[1,0]
x-request-ip: fdbd:dc03:15:482::74
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 154.61.71.50
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010224ab15478f69169fa0043c454b9912f37711d8299878930d37c2d104321927f4121799ac28295a571a37a41a8f60aa6a973bbaa435d1972b8c0629cdd31b0f3fd8b6e7545917679c6f9abbe256f0507eda7c03ff62997a008467227ae3adbb
X-Response-LB: image
Ali-Swift-Global-Savetime: 1662360366
Age: 1455847
X-Cache: HIT TCP_MEM_HIT dirn:4:1767907386 mlen:0
X-Swift-SaveTime: Tue, 06 Sep 2022 13:30:00 GMT
X-Swift-CacheTime: 31425366
Timing-Allow-Origin: *, *
Access-Control-Allow-Origin: *
EagleId: 2ff6309b16638162139385621e
-
GEThttps://p3.douyinpic.com/obj/tos-cn-i-dy/8abd050bc2a342279a76fb30d3677f28Remote address:47.246.48.231:443RequestGET /obj/tos-cn-i-dy/8abd050bc2a342279a76fb30d3677f28 HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: p3.douyinpic.com
ResponseHTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 538811
Connection: keep-alive
Date: Tue, 20 Sep 2022 08:38:31 GMT
Cache-Control: max-age=31536000
Imagex-Fmt: gif2gif
Last-Modified: Tue, 20 Sep 2022 08:21:35 GMT
Nw-Session-Id: 20220920162135010175073134179D19972lfbw03dy
Nw-Session-Trace: 2022-09-20T16:21:35.952325605+08:00 31
X-Bdcdn-Cache-Status: TCP_HIT
X-Length: 538811
X-Powered-By: ImageX
X-Response-Date: Tue, 20 Sep 2022 16:21:35 GMT
X-Tt-Logid: 20220920162135010175073134179D1997
via: n132-078-110, cache4.l2de2[202,202,206-0,M], cache21.l2de2[203,0], cache21.l2de2[204,0], cache8.nl2[0,0,200-0,H], cache7.nl2[1,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 154.61.71.50
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01b6e0ebab225637bebbc92d8de22a811e951cf54c3a3e6c613202a01911d1eb426689ec87bf3e46f42c83aac842639793981fe0f7e44754602081aef7f54590d83e80ecb36ac804d4daa45ace18aca8a8470570f147316d6641b41757cfd04937
X-Response-LB: image
Ali-Swift-Global-Savetime: 1663663111
Age: 153103
X-Cache: HIT TCP_MEM_HIT dirn:5:55409080 mlen:0
X-Swift-SaveTime: Tue, 20 Sep 2022 08:38:31 GMT
X-Swift-CacheTime: 31536000
Timing-Allow-Origin: *, *
Access-Control-Allow-Origin: *
EagleId: 2ff6309b16638162143206171e
-
GEThttps://kvhqqq.top/c3fb53e0b25270e528971f49cc080eac.gifRemote address:104.21.235.198:443RequestGET /c3fb53e0b25270e528971f49cc080eac.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: kvhqqq.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Type: image/gif
Content-Length: 1083987
Connection: keep-alive
Last-Modified: Mon, 15 Aug 2022 06:11:06 GMT
ETag: "62f9e37a-108a53"
Expires: Wed, 19 Oct 2022 12:38:32 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 225101
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1P22%2B3X7QVggNuCzknEPqMMVM34BzOfDBJ1S4pd%2B%2Ftmzy7mXkMizF%2B01lf4PCO45jNLI0s9dWdmMuyhoWn5fPmdXQqPIiI1dPQc4pxkl2fs1QzGCp5A%2F0iRKaavL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8a949dcb76d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
DNSx2.c.lencr.orgRemote address:8.8.8.8:53Requestx2.c.lencr.orgIN AResponsex2.c.lencr.orgIN CNAMEcrl.root-x1.letsencrypt.org.edgekey.netcrl.root-x1.letsencrypt.org.edgekey.netIN CNAMEe8652.dscx.akamaiedge.nete8652.dscx.akamaiedge.netIN A23.2.164.159
-
DNSacoossz.topRemote address:8.8.8.8:53Requestacoossz.topIN AResponseacoossz.topIN A104.21.235.54acoossz.topIN A104.21.235.53
-
DNSx2.c.lencr.orgRemote address:8.8.8.8:53Requestx2.c.lencr.orgIN AResponsex2.c.lencr.orgIN CNAMEcrl.root-x1.letsencrypt.org.edgekey.netcrl.root-x1.letsencrypt.org.edgekey.netIN CNAMEe8652.dscx.akamaiedge.nete8652.dscx.akamaiedge.netIN A23.2.164.159
-
DNSx2.c.lencr.orgRemote address:8.8.8.8:53Requestx2.c.lencr.orgIN AResponsex2.c.lencr.orgIN CNAMEcrl.root-x1.letsencrypt.org.edgekey.netcrl.root-x1.letsencrypt.org.edgekey.netIN CNAMEe8652.dscx.akamaiedge.nete8652.dscx.akamaiedge.netIN A23.2.164.159
-
GEThttp://x2.c.lencr.org/Remote address:23.2.164.159:80RequestGET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x2.c.lencr.org
ResponseHTTP/1.1 200 OK
Server: nginx
Content-Type: application/pkix-crl
Last-Modified: Mon, 13 Jun 2022 17:00:00 GMT
ETag: "62a76d10-12c"
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 04:10:13 GMT
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Length: 300
Connection: keep-alive
-
GEThttps://acoossz.top/52324facff4bd070699ce4cddb8e2c5d.gifRemote address:104.21.235.54:443RequestGET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: acoossz.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Type: image/gif
Content-Length: 1298074
Connection: keep-alive
Last-Modified: Wed, 25 May 2022 13:49:49 GMT
ETag: "628e33fd-13ce9a"
Expires: Thu, 20 Oct 2022 10:47:17 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 145377
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yM9oKZsniiPeEBhk1Xi98hEHngNl7IA5zHZSuBhnPvSIyJfELP%2FC1WqBvx62yf6mqxa9n4kRG9ztKWjRY3UPH9ag6WMXVbN6HsC%2Fwj5fuhXP0VVjr6qHUpn2w1nyBA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8aa1eb541da-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
GEThttp://x2.c.lencr.org/Remote address:23.2.164.159:80RequestGET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x2.c.lencr.org
ResponseHTTP/1.1 200 OK
Server: nginx
Content-Type: application/pkix-crl
Last-Modified: Mon, 13 Jun 2022 17:00:00 GMT
ETag: "62a76d10-12c"
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 04:10:13 GMT
Date: Thu, 22 Sep 2022 03:10:13 GMT
Content-Length: 300
Connection: keep-alive
-
GEThttp://x2.c.lencr.org/Remote address:23.2.164.159:80RequestGET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x2.c.lencr.org
ResponseHTTP/1.1 200 OK
Server: nginx
Content-Type: application/pkix-crl
Last-Modified: Mon, 13 Jun 2022 17:00:00 GMT
ETag: "62a76d10-12c"
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 04:10:14 GMT
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Length: 300
Connection: keep-alive
-
DNSkvhuuu.topRemote address:8.8.8.8:53Requestkvhuuu.topIN AResponsekvhuuu.topIN A188.114.97.0kvhuuu.topIN A188.114.96.0
-
DNSe1.o.lencr.orgRemote address:8.8.8.8:53Requeste1.o.lencr.orgIN AResponsee1.o.lencr.orgIN CNAMEo.lencr.edgesuite.neto.lencr.edgesuite.netIN CNAMEa1887.dscq.akamai.neta1887.dscq.akamai.netIN A96.16.53.142a1887.dscq.akamai.netIN A96.16.53.165
-
DNSe1.o.lencr.orgRemote address:8.8.8.8:53Requeste1.o.lencr.orgIN AResponsee1.o.lencr.orgIN CNAMEo.lencr.edgesuite.neto.lencr.edgesuite.netIN CNAMEa1887.dscq.akamai.neta1887.dscq.akamai.netIN A96.16.53.142a1887.dscq.akamai.netIN A96.16.53.165
-
GEThttps://kvhuuu.top/03c3cb047014f05117117e4a924df90d.gifRemote address:188.114.97.0:443RequestGET /03c3cb047014f05117117e4a924df90d.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: kvhuuu.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Type: image/gif
Content-Length: 310102
Connection: keep-alive
Last-Modified: Wed, 13 Jul 2022 15:28:42 GMT
ETag: "62cee4aa-4bb56"
Expires: Tue, 11 Oct 2022 16:38:59 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 901875
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xOehVSBx38DKuIi2KthRwHeDV48OL%2B2gmbAX7ALYWVftsCHVZ4KxPFVbaN9GDr3DK1e8H0bm0gEMa6Gj7N1E53tC0wokcMziFmB%2FmCO447uaaxOVJt3OlsAqpVb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8ac9addb8cc-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
GEThttp://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgN0w2mqSWwzzinTjZJF3Gl7Dg%3D%3DRemote address:96.16.53.142:80RequestGET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgN0w2mqSWwzzinTjZJF3Gl7Dg%3D%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: e1.o.lencr.org
ResponseHTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C349F246E0ED306768F9282B409D7CED21DAA6BE918CAF6231FD7C1F750C1B21"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19067
Expires: Thu, 22 Sep 2022 08:28:01 GMT
Date: Thu, 22 Sep 2022 03:10:14 GMT
Connection: keep-alive
-
GEThttp://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgSymImgt%2BrHf3jCMuTg7LDENw%3D%3DRemote address:96.16.53.142:80RequestGET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgSymImgt%2BrHf3jCMuTg7LDENw%3D%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: e1.o.lencr.org
ResponseHTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3A373EEE839865F6716F9F76347562C0882DB08F27B4895E3C1CCCA66FE0FAD9"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20155
Expires: Thu, 22 Sep 2022 08:46:09 GMT
Date: Thu, 22 Sep 2022 03:10:14 GMT
Connection: keep-alive
-
GEThttp://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgQNOhw2I4Pe2lDCfquQHhqVkg%3D%3DRemote address:96.16.53.142:80RequestGET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgQNOhw2I4Pe2lDCfquQHhqVkg%3D%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: e1.o.lencr.org
ResponseHTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5928F0AAC63A7592C7938F258CF4A8C8C0BC853F4F7513A3A0529279C6679593"
Last-Modified: Wed, 21 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6135
Expires: Thu, 22 Sep 2022 04:52:29 GMT
Date: Thu, 22 Sep 2022 03:10:14 GMT
Connection: keep-alive
-
DNSkvhiii.topRemote address:8.8.8.8:53Requestkvhiii.topIN AResponsekvhiii.topIN A104.21.234.202kvhiii.topIN A104.21.234.203
-
GEThttps://kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gifRemote address:104.21.234.202:443RequestGET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: kvhiii.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Type: image/gif
Content-Length: 902313
Connection: keep-alive
Last-Modified: Sat, 12 Mar 2022 15:17:28 GMT
ETag: "622cb988-dc4a9"
Expires: Thu, 20 Oct 2022 07:26:15 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 157439
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiN2PzzgfCF7pIumG0fx0sbF%2FHHWtOV3tdXqRG2Z6K4Zt9MbiE3mbW0FgPUBriCH40XjtOUbYa3vPbXyjOzGTZNBDKaMDKu9P9dLIo922BrVowCCIi57M1%2F01JEC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8ae0f660c11-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
GEThttps://kvhiii.top/5c039bcb7f8e599fa493823f0fea5c2e.gifRemote address:104.21.234.202:443RequestGET /5c039bcb7f8e599fa493823f0fea5c2e.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: kvhiii.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:14 GMT
Content-Type: image/gif
Content-Length: 1991234
Connection: keep-alive
Last-Modified: Sun, 26 Jun 2022 12:05:53 GMT
ETag: "62b84ba1-1e6242"
Expires: Tue, 18 Oct 2022 20:51:25 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 281929
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQZoLDXDVLuvwgtdZRULW0ca%2F9hQnptB3c08VJmYpdncmGWYxdpsMJXhBoAHgi3i%2FWTksMqQ41Cr99lQwTaHSahIPSkapHEyZlxcTl4uqmesB8G3kcS90l8OKXeh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8ae5ad2b83d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
DNSkvhsss.topRemote address:8.8.8.8:53Requestkvhsss.topIN AResponsekvhsss.topIN A188.114.96.0kvhsss.topIN A188.114.97.0
-
GEThttps://kvhsss.top/4b50139bc68ecdd683c6c407d7fc6920.gifRemote address:188.114.96.0:443RequestGET /4b50139bc68ecdd683c6c407d7fc6920.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Connection: Keep-Alive
Host: kvhsss.top
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:16 GMT
Content-Type: image/gif
Content-Length: 826703
Connection: keep-alive
Last-Modified: Wed, 23 Mar 2022 06:50:11 GMT
ETag: "623ac323-c9d4f"
Expires: Fri, 21 Oct 2022 11:35:17 GMT
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 56099
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTRnRYoeZ9%2FkkDYaEtEVenSbP3Bu9SHHrLuaAJaFc269PoWm9ARDV5pd%2FtjWdhKMM273qsW3o7jiADailPox9TajO%2BV2C65sXK9evRv5S2LAXbjnK4enpdotuoiq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e7d8b75ae9b736-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
-
GEThttps://dl66d.com/150x150.gifRemote address:104.233.158.19:443RequestGET /150x150.gif HTTP/1.1
Accept: */*
Referer: https://mitao01.bar:8443/
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: dl66d.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 03:10:20 GMT
Content-Type: image/gif
Content-Length: 297341
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 07:52:46 GMT
ETag: "63199f4e-4897d"
Expires: Mon, 10 Oct 2022 14:34:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
-
147.255.233.71:80http://www.2dama.com/tj.jshttp
HTTP Request
GET http://www.2dama.com/menu/en/23.txtHTTP Response
200HTTP Request
GET http://www.2dama.com/text/en/23.htmlHTTP Response
200HTTP Request
GET http://www.2dama.com/common.jsHTTP Response
200HTTP Request
GET http://www.2dama.com/tj.jsHTTP Response
200HTTP Request
GET http://www.2dama.com/common.jsHTTP Response
200HTTP Request
GET http://www.2dama.com/tj.jsHTTP Response
200 -
147.255.233.71:80www.2dama.com
-
103.235.46.191:443https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0&rnd=1612679865&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=1&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8tls, http
HTTP Request
GET https://hm.baidu.com/hm.js?227bb1c9af9569e26f31438c88d79f27HTTP Response
200HTTP Request
GET https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0&rnd=951703207&si=7b10e7eadaec4e3cadc100eb8cbb3196&v=1.2.97&lv=1&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8HTTP Response
200HTTP Request
GET https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0&rnd=951703207&si=7b10e7eadaec4e3cadc100eb8cbb3196&v=1.2.97&lv=1&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8HTTP Response
200HTTP Request
GET https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0&rnd=1612679865&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=1&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8HTTP Response
200 -
103.235.46.191:443https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0<=1663823410&rnd=417362007&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=2&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8tls, http
HTTP Request
GET https://hm.baidu.com/hm.js?7b10e7eadaec4e3cadc100eb8cbb3196HTTP Response
200HTTP Request
GET https://hm.baidu.com/hm.js?227bb1c9af9569e26f31438c88d79f27HTTP Response
200HTTP Request
GET https://hm.baidu.com/hm.js?7b10e7eadaec4e3cadc100eb8cbb3196HTTP Response
200HTTP Request
GET https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0&rnd=1612679865&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=1&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8HTTP Response
200HTTP Request
GET https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=22&et=0&ja=1&ln=en-us&lo=0<=1663823409&rnd=1980607529&si=7b10e7eadaec4e3cadc100eb8cbb3196&v=1.2.97&lv=2&sn=20830&r=0&ww=1024&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Ftext%2Fen%2F23.html&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8HTTP Response
200HTTP Request
GET https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1280x720&vl=1&et=0&ja=1&ln=en-us&lo=0<=1663823410&rnd=417362007&si=227bb1c9af9569e26f31438c88d79f27&v=1.2.97&lv=2&sn=20830&r=0&ww=1&ct=!!&u=http%3A%2F%2Fwww.2dama.com%2Fmenu%2Fen%2F23.txt&tt=%E5%AE%81%E5%9B%BD%E9%9C%96%E5%A2%92%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8HTTP Response
200 -
154.198.231.226:8443https://mitao01.bar:8443/tls, http
HTTP Request
GET https://mitao01.bar:8443/HTTP Response
200 -
154.198.231.226:8443https://mitao01.bar:8443/template/kuli02/images/loading.svgtls, http
HTTP Request
GET https://mitao01.bar:8443/HTTP Response
200HTTP Request
GET https://mitao01.bar:8443/template/kuli02/css/common.css?v=0429HTTP Response
200HTTP Request
GET https://mitao01.bar:8443/template/kuli02/css/style.css?v=2HTTP Response
200HTTP Request
GET https://mitao01.bar:8443/template/kuli02/images/loading.svgHTTP Response
200 -
45.61.212.171:443https://vesdsp.com/6cb226f219fa4e02b7b8e883e925bab1.giftls, http
HTTP Request
GET https://vesdsp.com/6cb226f219fa4e02b7b8e883e925bab1.gifHTTP Response
200 -
45.61.212.171:443https://vesdsp.com/7f825971f7e7450a890a68c6e6ee84b5.giftls, http
HTTP Request
GET https://vesdsp.com/7f825971f7e7450a890a68c6e6ee84b5.gifHTTP Response
200 -
47.75.19.14:443https://539397377.com/e437cf7382cd402480ea7f9f49ed810b.giftls, http
HTTP Request
GET https://539397377.com/e437cf7382cd402480ea7f9f49ed810b.gifHTTP Response
200 -
103.170.15.99:443https://73652253191.com/24bf3588a89d41dbabe6c8b812da93b7.giftls, http
HTTP Request
GET https://73652253191.com/24bf3588a89d41dbabe6c8b812da93b7.gifHTTP Response
200 -
104.143.94.110:443https://kveww.com/c3fb53e0b25270e528971f49cc080eac.giftls, http
HTTP Request
GET https://kveww.com/c3fb53e0b25270e528971f49cc080eac.gifHTTP Response
301 -
104.74.225.127:443https://dimg04.c-ctrip.com/images/0395e120009z0vxy6FCFD.giftls, http
HTTP Request
GET https://dimg04.c-ctrip.com/images/03964120009z0w8i44344.gifHTTP Response
200HTTP Request
GET https://dimg04.c-ctrip.com/images/0395e120009z0vxy6FCFD.gifHTTP Response
200 -
104.74.225.127:443https://dimg04.c-ctrip.com/images/0395s120009rrkqgpCDF2.giftls, http
HTTP Request
GET https://dimg04.c-ctrip.com/images/0395s120009rrkqgpCDF2.gifHTTP Response
200 -
45.154.215.92:443https://kvezz.com/ff82ede81a5bf7b5ff047745ebd831ad.giftls, http
HTTP Request
GET https://kvezz.com/ff82ede81a5bf7b5ff047745ebd831ad.gifHTTP Response
301 -
3.36.126.81:443https://img.byznc.xyz/images/632977e9f27402a44020f53a.giftls, http
HTTP Request
GET https://img.byznc.xyz/images/632977e9f27402a44020f53a.gifHTTP Response
302 -
23.224.145.194:443https://uu99k.com/image/1ny-960x160.giftls, http
HTTP Request
GET https://uu99k.com/image/1ny-960x160.gifHTTP Response
200 -
47.246.48.206:443https://cdn.staticfile.org/jquery/1.12.4/jquery.min.jstls, http
HTTP Request
GET https://cdn.staticfile.org/jquery/1.12.4/jquery.min.jsHTTP Response
200 -
47.246.48.206:443https://cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.jstls, http
HTTP Request
GET https://cdn.staticfile.org/twitter-bootstrap/3.4.1/js/bootstrap.min.jsHTTP Response
200HTTP Request
GET https://cdn.staticfile.org/twitter-bootstrap/3.4.1/css/bootstrap.min.cssHTTP Response
200HTTP Request
GET https://cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.jsHTTP Response
200 -
3.36.126.81:443https://img.777766.co/images/632977d4f27402a44020f539.giftls, http
HTTP Request
GET https://img.777766.co/images/632977d4f27402a44020f539.gifHTTP Response
302 -
220.128.218.220:443https://taiwtp1.com/img/960240.giftls, http
HTTP Request
GET https://taiwtp1.com/img/960240.gifHTTP Response
200 -
220.128.218.220:443https://taiwtp1.com/img/96080.giftls, http
HTTP Request
GET https://taiwtp1.com/img/960160.gifHTTP Response
200HTTP Request
GET https://taiwtp1.com/img/96080.gifHTTP Response
200 -
3.36.126.81:443https://img.x971.xyz/images/63132cf7bbb01ecd06956f56.giftls, http
HTTP Request
GET https://img.x971.xyz/images/63132cf7bbb01ecd06956f56.gifHTTP Response
302 -
104.143.94.110:443https://kveii.com/4b50139bc68ecdd683c6c407d7fc6920.giftls, http
HTTP Request
GET https://kveii.com/4b50139bc68ecdd683c6c407d7fc6920.gifHTTP Response
301 -
47.246.48.205:80http://ocsp.digicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRXf%2BqAIajMnZeiQcx27p1CzET2wQUJG%2BRP4mHhw4ywkAY38VM60%2FISTICEASK2xNtLoVooD9qOlZ3nwM%3Dhttp
HTTP Request
GET http://ocsp.digicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAsTYrbuap0%2Blokw8W4gfTk%3DHTTP Response
200HTTP Request
GET http://ocsp.digicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRXf%2BqAIajMnZeiQcx27p1CzET2wQUJG%2BRP4mHhw4ywkAY38VM60%2FISTICEASK2xNtLoVooD9qOlZ3nwM%3DHTTP Response
200 -
47.246.48.205:80http://ocsp.digicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAsTYrbuap0%2Blokw8W4gfTk%3Dhttp
HTTP Request
GET http://ocsp.digicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAsTYrbuap0%2Blokw8W4gfTk%3DHTTP Response
200 -
104.143.94.110:443https://kzerr.com/3e56d4c29903a2b84fe3f12871fd7ad2.giftls, http
HTTP Request
GET https://kzerr.com/3e56d4c29903a2b84fe3f12871fd7ad2.gifHTTP Response
301 -
45.154.214.206:443https://kvemm.com/ec9fcd758df74f805f29f72e8545d13b.giftls, http
HTTP Request
GET https://kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gifHTTP Response
301 -
45.154.214.206:443https://kvemm.com/5c039bcb7f8e599fa493823f0fea5c2e.giftls, http
HTTP Request
GET https://kvemm.com/5c039bcb7f8e599fa493823f0fea5c2e.gifHTTP Response
301 -
43.129.255.47:443https://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.pngtls, http
HTTP Request
GET https://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.pngHTTP Response
200HTTP Request
GET https://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5472e67239ef16675ea414c591d4c7caa/0.pngHTTP Response
200 -
78.46.107.74:443https://kvevv.com/8baa999a8a1670103e06df33ee3c3699.giftls, http
HTTP Request
GET https://kvevv.com/8baa999a8a1670103e06df33ee3c3699.gifHTTP Response
301 -
64.32.13.142:443https://kvexx.com/03c3cb047014f05117117e4a924df90d.giftls, http
HTTP Request
GET https://kvexx.com/03c3cb047014f05117117e4a924df90d.gifHTTP Response
301 -
104.143.94.110:443https://kzecc.com/4b588735faa68eaee8d55085efdc1359.giftls, http
HTTP Request
GET https://kzecc.com/4b588735faa68eaee8d55085efdc1359.gifHTTP Response
301 -
154.214.13.34:80http://de88deggtp89.com/79tp/200x200.gifhttp
HTTP Request
GET http://de88deggtp89.com/235tp/970x80.gifHTTP Response
200HTTP Request
GET http://de88deggtp89.com/79tp/200x200.gifHTTP Response
200 -
104.143.94.110:443https://kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.giftls, http
HTTP Request
GET https://kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gifHTTP Response
301 -
154.214.13.34:80http://de88deggtp89.com/235tp/200x200.gifhttp
HTTP Request
GET http://de88deggtp89.com/79tp/960x80-2.gifHTTP Response
200HTTP Request
GET http://de88deggtp89.com/235tp/200x200.gifHTTP Response
200 -
45.61.212.170:443https://vgvjkw.com/a189b7f5a0f84654a32025f1e8377967.giftls, http
HTTP Request
GET https://vgvjkw.com/a189b7f5a0f84654a32025f1e8377967.gifHTTP Response
200HTTP Request
GET https://vgvjkw.com/a189b7f5a0f84654a32025f1e8377967.gifHTTP Response
304 -
45.61.212.170:443https://vecukb.com/095c2c70f1384c60bcd4604700459c73.giftls, http
HTTP Request
GET https://vecukb.com/095c2c70f1384c60bcd4604700459c73.gifHTTP Response
200 -
45.61.212.227:443https://65211351892.com/1c53c49cd65d4bf099501655c40592c3.giftls, http
HTTP Request
GET https://65211351892.com/1c53c49cd65d4bf099501655c40592c3.gifHTTP Response
200 -
96.16.53.134:80http://apps.identrust.com/roots/dstrootcax3.p7chttp
HTTP Request
GET http://apps.identrust.com/roots/dstrootcax3.p7cHTTP Response
200 -
96.16.53.134:80http://apps.identrust.com/roots/dstrootcax3.p7chttp
HTTP Request
GET http://apps.identrust.com/roots/dstrootcax3.p7cHTTP Response
200 -
96.16.53.134:80http://apps.identrust.com/roots/dstrootcax3.p7chttp
HTTP Request
GET http://apps.identrust.com/roots/dstrootcax3.p7cHTTP Response
200 -
45.61.212.131:443https://k68tkg.com/72c3494fb7ac48f79d0f838453c5580b.giftls, http
HTTP Request
GET https://k68tkg.com/72c3494fb7ac48f79d0f838453c5580b.gifHTTP Response
200HTTP Request
GET https://k68tkg.com/72c3494fb7ac48f79d0f838453c5580b.gifHTTP Response
304 -
45.154.215.92:443https://kvezz.com/d246feb7694ab58d49f44d67d0474a95.pngtls, http
HTTP Request
GET https://kvezz.com/d246feb7694ab58d49f44d67d0474a95.pngHTTP Response
301 -
188.114.96.0:443https://666999123.com/tu/66x66.giftls, http
HTTP Request
GET https://666999123.com/tu/66x66.gifHTTP Response
200 -
47.75.19.91:443https://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X80.giftls, http
HTTP Request
GET https://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X80.gifHTTP Response
200 -
47.75.19.91:443https://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/150x150.giftls, http
HTTP Request
GET https://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/150x150.gifHTTP Response
200 -
20.247.82.45:443https://u0081.com/d6dd3e0f4bcc4b34b111fd755416f918.pngtls, http
HTTP Request
GET https://u0081.com/d6dd3e0f4bcc4b34b111fd755416f918.pngHTTP Response
200 -
43.129.255.47:443https://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5c37320f7cbd0b708b860e89da03aa20a/0.pngtls, http
HTTP Request
GET https://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5e2ce2370ba8f37f477108bc3b29c28a1/0.pngHTTP Response
200HTTP Request
GET https://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5c37320f7cbd0b708b860e89da03aa20a/0.pngHTTP Response
200HTTP Request
GET https://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5e2ce2370ba8f37f477108bc3b29c28a1/0.pngHTTP Response
200HTTP Request
GET https://p.qlogo.cn/hy_personal/3e28f14aa051684245c4e0cfebfbd4b5c37320f7cbd0b708b860e89da03aa20a/0.pngHTTP Response
200 -
20.239.191.67:443https://u0069.com/938f9d7fb1cf422baaeee80bdacaf7d4.pngtls, http
HTTP Request
GET https://u0069.com/938f9d7fb1cf422baaeee80bdacaf7d4.pngHTTP Response
200 -
23.225.222.18:443https://img.777767.co/images/62f39459c96a987b91c6913a.giftls, http
HTTP Request
GET https://img.777767.co/images/62f39459c96a987b91c6913a.gifHTTP Response
302 -
104.16.87.20:443https://cdn.jsdelivr.net/gh/kulinan22/img@main/foot/sael.jpgtls, http
HTTP Request
GET https://cdn.jsdelivr.net/gh/wanli8899/August@main/head/ny120x120.gifHTTP Response
200HTTP Request
GET https://cdn.jsdelivr.net/gh/kulinan22/img@main/foot/sael.jpgHTTP Response
200 -
104.16.87.20:443https://cdn.jsdelivr.net/gh/kulinan22/img@main/foot/papatv.jpgtls, http
HTTP Request
GET https://cdn.jsdelivr.net/gh/kulinan22/img@main/foot/papatv.jpgHTTP Response
200 -
103.170.15.72:443https://3338635.com/057f5074fa7547a9bebd8f858952cb44.giftls, http
HTTP Request
GET https://3338635.com/057f5074fa7547a9bebd8f858952cb44.gifHTTP Response
200 -
20.239.190.150:443https://19719197.com/b2b7417f3bfa4af7965c969b198571f4.pngtls, http
HTTP Request
GET https://19719197.com/b2b7417f3bfa4af7965c969b198571f4.pngHTTP Response
200 -
104.233.158.19:443https://dl66d.com/150x150.giftls, http
HTTP Request
GET https://dl66d.com/150x150.gifHTTP Response
200 -
45.61.212.225:443https://upffxs6.com/debb54574b1142049171b39403c494a5.giftls, http
HTTP Request
GET https://upffxs6.com/debb54574b1142049171b39403c494a5.gifHTTP Response
200HTTP Request
GET https://upffxs6.com/debb54574b1142049171b39403c494a5.gifHTTP Response
304 -
45.61.212.132:443https://vjnhby.com/301d74df402847feb1b6fb72d313ed60.pngtls, http
HTTP Request
GET https://vjnhby.com/301d74df402847feb1b6fb72d313ed60.pngHTTP Response
200HTTP Request
GET https://vjnhby.com/301d74df402847feb1b6fb72d313ed60.pngHTTP Response
304 -
103.170.15.88:443https://n7565.com/f2f94a0c499e4f06a72aa431d3176b8b.giftls, http
HTTP Request
GET https://n7565.com/f2f94a0c499e4f06a72aa431d3176b8b.gifHTTP Response
200 -
103.170.15.101:443https://89958716765.com/1ed4347b2ea742798776f24b40b8f003.giftls, http
HTTP Request
GET https://89958716765.com/1ed4347b2ea742798776f24b40b8f003.gifHTTP Response
200 -
45.61.212.122:443https://ntvxbf7.com/88d380ebd5e644d189ec573972a02f3b.giftls, http
HTTP Request
GET https://ntvxbf7.com/88d380ebd5e644d189ec573972a02f3b.gifHTTP Response
200 -
47.246.48.231:443https://p3.douyinpic.com/obj/tos-cn-i-dy/14bc743bc22d4094976d1de9ec1f34dbtls, http
HTTP Request
GET https://p3.douyinpic.com/obj/tos-cn-i-dy/51b589937ada453b91044031866198c7HTTP Response
200HTTP Request
GET https://p3.douyinpic.com/obj/tos-cn-i-dy/14bc743bc22d4094976d1de9ec1f34dbHTTP Response
200 -
172.67.151.21:443https://acoossu.top/d246feb7694ab58d49f44d67d0474a95.pngtls, http
HTTP Request
GET https://acoossu.top/ff82ede81a5bf7b5ff047745ebd831ad.gifHTTP Response
200HTTP Request
GET https://acoossu.top/d246feb7694ab58d49f44d67d0474a95.pngHTTP Response
200 -
188.114.96.0:443https://kvhxxx.top/8baa999a8a1670103e06df33ee3c3699.giftls, http
HTTP Request
GET https://kvhxxx.top/8baa999a8a1670103e06df33ee3c3699.gifHTTP Response
200 -
104.21.235.96:443https://acooss.com/4b588735faa68eaee8d55085efdc1359.giftls, http
HTTP Request
GET https://acooss.com/4b588735faa68eaee8d55085efdc1359.gifHTTP Response
200 -
172.67.139.162:443https://kvhooo.top/3e56d4c29903a2b84fe3f12871fd7ad2.giftls, http
HTTP Request
GET https://kvhooo.top/3e56d4c29903a2b84fe3f12871fd7ad2.gifHTTP Response
200 -
47.246.48.231:443https://p3.douyinpic.com/obj/tos-cn-i-dy/8abd050bc2a342279a76fb30d3677f28tls, http
HTTP Request
GET https://p3.douyinpic.com/obj/tos-cn-i-dy/df4248dac970478aac5112f57ebef124HTTP Response
200HTTP Request
GET https://p3.douyinpic.com/obj/tos-cn-i-dy/8abd050bc2a342279a76fb30d3677f28HTTP Response
200 -
104.21.235.198:443https://kvhqqq.top/c3fb53e0b25270e528971f49cc080eac.giftls, http
HTTP Request
GET https://kvhqqq.top/c3fb53e0b25270e528971f49cc080eac.gifHTTP Response
200 -
23.2.164.159:80http://x2.c.lencr.org/http
HTTP Request
GET http://x2.c.lencr.org/HTTP Response
200 -
104.21.235.54:443https://acoossz.top/52324facff4bd070699ce4cddb8e2c5d.giftls, http
HTTP Request
GET https://acoossz.top/52324facff4bd070699ce4cddb8e2c5d.gifHTTP Response
200 -
23.2.164.159:80http://x2.c.lencr.org/http
HTTP Request
GET http://x2.c.lencr.org/HTTP Response
200 -
23.2.164.159:80http://x2.c.lencr.org/http
HTTP Request
GET http://x2.c.lencr.org/HTTP Response
200 -
188.114.97.0:443https://kvhuuu.top/03c3cb047014f05117117e4a924df90d.giftls, http
HTTP Request
GET https://kvhuuu.top/03c3cb047014f05117117e4a924df90d.gifHTTP Response
200 -
96.16.53.142:80http://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgSymImgt%2BrHf3jCMuTg7LDENw%3D%3Dhttp
HTTP Request
GET http://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgN0w2mqSWwzzinTjZJF3Gl7Dg%3D%3DHTTP Response
200HTTP Request
GET http://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgSymImgt%2BrHf3jCMuTg7LDENw%3D%3DHTTP Response
200 -
96.16.53.142:80http://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgQNOhw2I4Pe2lDCfquQHhqVkg%3D%3Dhttp
HTTP Request
GET http://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgQNOhw2I4Pe2lDCfquQHhqVkg%3D%3DHTTP Response
200 -
104.21.234.202:443https://kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.giftls, http
HTTP Request
GET https://kvhiii.top/ec9fcd758df74f805f29f72e8545d13b.gifHTTP Response
200 -
104.21.234.202:443https://kvhiii.top/5c039bcb7f8e599fa493823f0fea5c2e.giftls, http
HTTP Request
GET https://kvhiii.top/5c039bcb7f8e599fa493823f0fea5c2e.gifHTTP Response
200 -
72.52.179.174:443yinyongbao3.app
-
188.114.96.0:443https://kvhsss.top/4b50139bc68ecdd683c6c407d7fc6920.giftls, http
HTTP Request
GET https://kvhsss.top/4b50139bc68ecdd683c6c407d7fc6920.gifHTTP Response
200 -
104.233.158.19:443https://dl66d.com/150x150.giftls, http
HTTP Request
GET https://dl66d.com/150x150.gifHTTP Response
200
-
8.8.8.8:53www.2dama.comdns
DNS Request
www.2dama.com
DNS Response
147.255.233.71
-
8.8.8.8:53hm.baidu.comdns
DNS Request
hm.baidu.com
DNS Response
103.235.46.191
-
8.8.8.8:53mitao01.bardns
DNS Request
mitao01.bar
DNS Response
154.198.231.226
-
8.8.8.8:53vecukb.comdns
DNS Request
vecukb.com
DNS Response
45.61.212.170103.170.15.42103.170.15.57103.189.108.9345.61.212.132
-
8.8.8.8:53cdn.staticfile.orgdns
DNS Request
cdn.staticfile.org
DNS Response
47.246.48.206
-
8.8.8.8:53vgvjkw.comdns
DNS Request
vgvjkw.com
DNS Response
45.61.212.170103.170.15.42103.170.15.57103.189.108.9345.61.212.132
-
8.8.8.8:53vesdsp.comdns
DNS Request
vesdsp.com
DNS Response
45.61.212.171103.170.15.41103.170.15.56103.189.108.9445.61.212.131
-
8.8.8.8:53539397377.comdns
DNS Request
539397377.com
DNS Response
47.75.19.14
-
8.8.8.8:5365211351892.comdns
DNS Request
65211351892.com
DNS Response
45.61.212.227103.170.15.97103.170.15.101103.170.15.107103.170.15.11245.61.212.5045.61.212.5445.61.212.5845.61.212.11745.61.212.12245.61.212.12845.61.212.21745.61.212.223
-
8.8.8.8:5373652253191.comdns
DNS Request
73652253191.com
DNS Response
103.170.15.99103.170.15.104103.170.15.108103.170.15.11445.61.212.4645.61.212.5145.61.212.5945.61.212.11645.61.212.124103.170.15.80103.170.15.85103.170.15.89103.170.15.94
-
8.8.8.8:53kvexx.comdns
DNS Request
kvexx.com
DNS Response
64.32.13.142
-
8.8.8.8:53kvevv.comdns
DNS Request
kvevv.com
DNS Response
78.46.107.74
-
8.8.8.8:53kzeaa.comdns
DNS Request
kzeaa.com
DNS Response
104.143.94.110
-
8.8.8.8:53kveww.comdns
DNS Request
kveww.com
DNS Response
104.143.94.110
-
8.8.8.8:53kvezz.comdns
DNS Request
kvezz.com
DNS Response
45.154.215.92
-
8.8.8.8:53kzerr.comdns
DNS Request
kzerr.com
DNS Response
104.143.94.110
-
8.8.8.8:53kvemm.comdns
DNS Request
kvemm.com
DNS Response
45.154.214.206
-
8.8.8.8:53kveii.comdns
DNS Request
kveii.com
DNS Response
104.143.94.110
-
8.8.8.8:53kzecc.comdns
DNS Request
kzecc.com
DNS Response
104.143.94.110
-
8.8.8.8:53de88deggtp89.comdns
DNS Request
de88deggtp89.com
DNS Response
154.214.13.34154.214.13.3523.224.145.23323.224.145.23423.224.145.235
-
8.8.8.8:53dimg04.c-ctrip.comdns
DNS Request
dimg04.c-ctrip.com
DNS Response
104.74.225.127
-
8.8.8.8:53img.byznc.xyzdns
DNS Request
img.byznc.xyz
DNS Response
3.36.126.8123.225.228.5823.225.228.3423.225.222.223.225.222.18
-
8.8.8.8:53img.x971.xyzdns
DNS Request
img.x971.xyz
DNS Response
3.36.126.8123.225.222.223.225.228.3423.225.222.1823.225.228.58
-
8.8.8.8:53uu99k.comdns
DNS Request
uu99k.com
DNS Response
23.224.145.19423.224.145.19523.224.145.19623.224.145.19723.224.145.19823.224.145.19923.225.89.147
-
8.8.8.8:53img.777766.codns
DNS Request
img.777766.co
DNS Response
3.36.126.8123.225.228.3423.225.222.1823.225.228.5823.225.222.2
-
8.8.8.8:53p.qlogo.cndns
DNS Request
p.qlogo.cn
DNS Response
43.129.255.4743.154.254.32
-
8.8.8.8:53taiwtp1.comdns
DNS Request
taiwtp1.com
DNS Response
220.128.218.220
-
8.8.8.8:53ocsp.digicert.cndns
DNS Request
ocsp.digicert.cn
DNS Response
47.246.48.205
-
8.8.8.8:53ocsp.digicert.cndns
DNS Request
ocsp.digicert.cn
DNS Response
47.246.48.205
-
8.8.8.8:53apps.identrust.comdns
DNS Request
apps.identrust.com
DNS Response
96.16.53.13496.16.53.139
-
8.8.8.8:53yaoji666.oss-cn-hongkong.aliyuncs.comdns
DNS Request
yaoji666.oss-cn-hongkong.aliyuncs.com
DNS Response
47.75.19.91
-
8.8.8.8:53u0081.comdns
DNS Request
u0081.com
DNS Response
20.247.82.4520.239.189.13120.239.190.9220.239.190.15020.239.191.2020.239.191.2220.239.191.2720.239.191.6720.239.191.83
-
8.8.8.8:53666999123.comdns
DNS Request
666999123.com
DNS Response
188.114.96.0188.114.97.0
-
8.8.8.8:53k68tkg.comdns
DNS Request
k68tkg.com
DNS Response
45.61.212.13145.61.212.171103.170.15.41103.170.15.56103.189.108.94
-
8.8.8.8:53u0069.comdns
DNS Request
u0069.com
DNS Response
20.239.191.6720.239.191.8320.247.82.4520.239.189.13120.239.190.9220.239.190.15020.239.191.2020.239.191.2220.239.191.27
-
8.8.8.8:53img.777767.codns
DNS Request
img.777767.co
DNS Response
23.225.222.183.36.126.8123.225.222.223.225.228.3423.225.228.58
-
8.8.8.8:53cdn.jsdelivr.netdns
DNS Request
cdn.jsdelivr.net
DNS Response
104.16.87.20104.16.88.20104.16.85.20104.16.86.20104.16.89.20
-
8.8.8.8:5319719197.comdns
DNS Request
19719197.com
DNS Response
20.239.190.15020.239.191.2020.239.191.2220.239.191.2720.239.191.6720.239.191.8320.247.82.4520.239.189.13120.239.190.92
-
8.8.8.8:53vjnhby.comdns
DNS Request
vjnhby.com
DNS Response
45.61.212.13245.61.212.170103.170.15.42103.170.15.57103.189.108.93
-
8.8.8.8:53n7565.comdns
DNS Request
n7565.com
DNS Response
103.170.15.88103.170.15.92103.170.15.97103.170.15.104103.170.15.107103.170.15.11345.61.212.12845.61.212.21745.61.212.22345.61.212.227103.170.15.72103.170.15.77103.170.15.82
-
8.8.8.8:53ntvxbf7.comdns
DNS Request
ntvxbf7.com
DNS Response
45.61.212.12245.61.212.128103.170.15.82103.170.15.88103.170.15.92103.170.15.97103.170.15.101103.170.15.107103.170.15.11245.61.212.5045.61.212.5445.61.212.5845.61.212.117
-
8.8.8.8:533338635.comdns
DNS Request
3338635.com
DNS Response
103.170.15.72103.170.15.76103.170.15.81103.170.15.11145.61.212.4945.61.212.5545.61.212.5745.61.212.12045.61.212.12145.61.212.12645.61.212.21645.61.212.22145.61.212.226
-
8.8.8.8:53dl66d.comdns
DNS Request
dl66d.com
DNS Response
104.233.158.19
-
8.8.8.8:5389958716765.comdns
DNS Request
89958716765.com
DNS Response
103.170.15.101103.170.15.107103.170.15.11245.61.212.5045.61.212.5445.61.212.5845.61.212.11745.61.212.12245.61.212.12845.61.212.21745.61.212.22345.61.212.227103.170.15.97
-
8.8.8.8:53upffxs6.comdns
DNS Request
upffxs6.com
DNS Response
45.61.212.22545.61.212.230103.170.15.75103.170.15.79103.170.15.110103.170.15.11545.61.212.4745.61.212.5245.61.212.6045.61.212.11845.61.212.12345.61.212.13045.61.212.220
-
8.8.8.8:53p3.douyinpic.comdns
DNS Request
p3.douyinpic.com
DNS Response
47.246.48.23147.246.48.22647.246.48.22447.246.48.22547.246.48.22747.246.48.22947.246.48.22847.246.48.230
-
8.8.8.8:53acoossu.topdns
DNS Request
acoossu.top
DNS Response
172.67.151.21104.21.33.223
-
8.8.8.8:53yinyongbao3.appdns
DNS Request
yinyongbao3.app
DNS Request
yinyongbao3.app
DNS Response
72.52.179.174
-
8.8.8.8:53kvhxxx.topdns
DNS Request
kvhxxx.top
DNS Response
188.114.96.0188.114.97.0
-
8.8.8.8:53acooss.comdns
DNS Request
acooss.com
DNS Response
104.21.235.96104.21.235.95
-
8.8.8.8:53kvhooo.topdns
DNS Request
kvhooo.top
DNS Response
172.67.139.162104.21.33.12
-
8.8.8.8:53kvhqqq.topdns
DNS Request
kvhqqq.top
DNS Response
104.21.235.198104.21.235.197
-
8.8.8.8:53x2.c.lencr.orgdns
DNS Request
x2.c.lencr.org
DNS Response
23.2.164.159
-
8.8.8.8:53acoossz.topdns
DNS Request
acoossz.top
DNS Response
104.21.235.54104.21.235.53
-
8.8.8.8:53x2.c.lencr.orgdns
DNS Request
x2.c.lencr.org
DNS Response
23.2.164.159
-
8.8.8.8:53x2.c.lencr.orgdns
DNS Request
x2.c.lencr.org
DNS Response
23.2.164.159
-
8.8.8.8:53kvhuuu.topdns
DNS Request
kvhuuu.top
DNS Response
188.114.97.0188.114.96.0
-
8.8.8.8:53e1.o.lencr.orgdns
DNS Request
e1.o.lencr.org
DNS Response
96.16.53.14296.16.53.165
-
8.8.8.8:53e1.o.lencr.orgdns
DNS Request
e1.o.lencr.org
DNS Response
96.16.53.14296.16.53.165
-
8.8.8.8:53kvhiii.topdns
DNS Request
kvhiii.top
DNS Response
104.21.234.202104.21.234.203
-
8.8.8.8:53kvhsss.topdns
DNS Request
kvhsss.top
DNS Response
188.114.96.0188.114.97.0
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB