Overview

URLwww.8dlk.com/
IP 107.179.123.85 (United States)
ASN#46573 LAYER-HOST
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-07 15:29:10 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (26)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.8dlk.com (3) 0 No data No data 107.179.123.85 Unknown ranking
www.bbniw.xyz (2) 0 2022-06-06 07:40:58 UTC 2022-12-07 00:43:13 UTC 156.251.184.242 Unknown ranking
shavar.services.mozilla.com (1) 3602 2015-09-18 05:16:29 UTC 2022-12-06 17:32:37 UTC 34.215.6.110
ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-12-06 17:12:20 UTC 104.18.20.226
ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-12-06 17:15:03 UTC 104.18.20.226
kvevv.com (1) 0 2022-05-01 01:44:50 UTC 2022-12-06 18:44:44 UTC 18.155.68.40 Unknown ranking
getpocket.cdn.mozilla.net (1) 1369 2017-08-31 07:41:15 UTC 2022-12-06 22:39:12 UTC 34.120.5.221
content-signature-2.cdn.mozilla.net (3) 1152 2020-11-03 12:26:46 UTC 2022-12-06 17:17:39 UTC 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-06 17:13:17 UTC 34.117.237.239
www.hyt007.top (12) 0 2022-12-06 22:12:03 UTC 2022-12-07 08:18:20 UTC 154.214.13.21 Unknown ranking
8499225.com (1) 0 2022-10-25 06:24:12 UTC 2022-12-06 22:12:04 UTC 172.247.109.206 Unknown ranking
n0499.com (1) 0 2021-02-01 01:45:28 UTC 2022-12-06 22:06:55 UTC 20.222.165.74 Unknown ranking
detectportal.firefox.com (2) 1601 2017-01-30 00:03:31 UTC 2022-12-06 17:15:04 UTC 34.107.221.82
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-12-06 21:45:35 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-06 17:19:43 UTC 54.148.69.31
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-06 17:31:54 UTC 34.120.237.76
kvmaa.com (2) 0 2015-11-06 04:44:54 UTC 2022-12-06 19:04:36 UTC 137.175.13.78 Unknown ranking
nvhbbb.top (2) 0 2022-04-10 08:43:59 UTC 2022-12-06 20:23:29 UTC 172.67.170.188 Unknown ranking
ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-12-06 21:32:26 UTC 104.18.32.68
kzett.com (1) 0 2022-10-22 16:47:46 UTC 2022-12-06 22:12:04 UTC 18.155.68.129 Unknown ranking
p.qlogo.cn (1) 48578 2014-01-15 11:11:45 UTC 2022-12-06 05:28:17 UTC 43.129.255.47
d.wyqaafplm.live (1) 0 2022-11-18 22:59:58 UTC 2022-12-07 00:13:45 UTC 23.224.30.107 Unknown ranking
r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-12-06 17:12:17 UTC 23.36.77.32
firefox.settings.services.mozilla.com (11) 867 2020-05-25 20:06:39 UTC 2022-12-06 17:12:34 UTC 35.241.9.150
zerossl.ocsp.sectigo.com (1) 4049 2020-05-09 19:05:29 UTC 2022-12-06 17:13:11 UTC 104.18.32.68
u1011.com (1) 0 2021-02-01 01:45:41 UTC 2022-12-07 00:43:15 UTC 103.170.15.61 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-07 2 wyqaafplm.live Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 107.179.123.85
Date UQ / IDS / BL URL IP
2022-12-07 15:29:10 +0000 0 - 0 - 1 www.8dlk.com/ 107.179.123.85
2022-12-07 14:41:45 +0000 0 - 0 - 1 www.ht8x.com/ 107.179.123.85
2022-12-07 08:20:58 +0000 0 - 0 - 1 4nen.com/ 107.179.123.85
2022-12-07 08:18:42 +0000 0 - 0 - 1 www.4nen.com/ 107.179.123.85


Last 5 reports on ASN: LAYER-HOST
Date UQ / IDS / BL URL IP
2023-01-28 06:15:55 +0000 0 - 8 - 0 cjsrc.com/ 104.223.248.155
2023-01-28 02:32:14 +0000 0 - 0 - 3 orerug.com/ 104.223.153.107
2023-01-27 21:39:59 +0000 0 - 0 - 1 avumey.com/Frve8aq 104.223.153.107
2023-01-27 21:40:02 +0000 0 - 0 - 1 imuhez.com/5b1Xi58 107.179.33.44
2023-01-27 20:29:30 +0000 0 - 0 - 1 acikof.com/VvoHLsZ 107.179.33.21


Last 1 reports on domain: 8dlk.com
Date UQ / IDS / BL URL IP
2022-12-07 15:29:10 +0000 0 - 0 - 1 www.8dlk.com/ 107.179.123.85


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-14 06:12:49 +0000 0 - 9 - 11 xydlkj.com/xianggangguapaizhengbancaituquanpi (...) 107.158.7.153
2022-12-07 15:30:43 +0000 0 - 0 - 1 www.qus8.com/ 23.228.97.7
2022-12-07 14:44:25 +0000 0 - 0 - 1 www.83oq.com/ 107.179.103.219
2022-12-07 14:43:07 +0000 0 - 0 - 1 www.1myn.com/ 107.179.123.101
2022-12-07 13:56:59 +0000 0 - 0 - 1 www.igb9.com/ 23.247.115.206

JavaScript

Executed Scripts (9)

Executed Evals (2)
#1 JavaScript::Eval (size: 471) - SHA256: 6cbf4475705df3ccba19b50b158621ebc36141304f4fdea6e8ec8c1088a74d5a
document.write('<title>�`��'��
        Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="http:/ / www.hyt007.top "></iframe></div><style type="
        text / css ">html{width:100%;height:100%}body {width:100%;height:100%;overflow:hidden}');
#2 JavaScript::Eval (size: 47) - SHA256: d3624a1f6700c490d5db8e4a566cb96c31254b4f7cdad858430805a0014db471
10 + 10 + 10 + 10 + 10 + 10 + 10 + 10 + 10 + 10 + 10 + 10 + 10 + 10 + 10 + 10

Executed Writes (5)
#1 JavaScript::Write (size: 77) - SHA256: 924e1cfc31cf4b510a0dcb7f94412a78a99334690070a42cdd78fa6dea09761a
< script type = "text/javascript"
src = "http://www.bbniw.xyz/js/hyt.js" > < /script>
#2 JavaScript::Write (size: 75) - SHA256: dfa30da856be6259e33f555c291348b64ac1c20ae6c49b38e6699b1dfa0faa45
< script type = "text/javascript"
src = "//js.users.51.la/21494843.js" > < /script>
#3 JavaScript::Write (size: 452) - SHA256: 6d746aa721435fa9de596cd9bfeacdf268804607c91394fbf33109b2fb5acd38
< title > �`��'��	Pl�</title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="http://www.hyt007.top"></iframe></div><style type="text/css">html{width:100%;height:100%}body {width:100%;height:100%;overflow:hidden}
#4 JavaScript::Write (size: 93) - SHA256: 0d020daeb1b2a1f3d1f912e56b2f1eaf466b7f5fd2c6bd3c39784c16b5127f6f
< script src = "https://d.wyqaafplm.live/ty/8D37B951-48BF-13559-34-35004EC3A919.alpha" > < /script>
#5 JavaScript::Write (size: 100) - SHA256: 27a5e966b8a60c84ef1e666878ca1315f8efc9de2772c8427c7cc629ea5043ee
< script src = "https://gov.polkmnhytgb.com:4443/ty/1D65CF13-5550-2862-33-B9811D9EAD77.blpha" > < /script>


HTTP Transactions (75)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: www.8dlk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         107.179.123.85
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 07 Dec 2022 15:28:51 GMT
Content-Length: 370
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size:   370
Md5:    a22a01b6407764fd52ed1326424deee8
Sha1:   4ff2334b5ac9193b067a73a9c56b659b967d423a
Sha256: ae1a809b5badeec2410ee916f2687ffd978e4f0a3e40ecf0e0f43f11b73f2397
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "840B505BEDB18961F3F39230D0C8963AD78A151946FE1817929064EEA582EDF8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9995
Expires: Wed, 07 Dec 2022 18:15:29 GMT
Date: Wed, 07 Dec 2022 15:28:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3685
Expires: Wed, 07 Dec 2022 16:30:19 GMT
Date: Wed, 07 Dec 2022 15:28:54 GMT
Connection: keep-alive

                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.5.221
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: pVrl4EfZTTxxfPUrSuGila10lpgfbOt_rTa4FMTGG9VjhWb_Sas_PQ==
content-encoding: gzip
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
content-length: 41055
date: Wed, 07 Dec 2022 15:18:51 GMT
age: 603
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   41055
Md5:    12183a8ba662c7b2276e8f55b5ba169f
Sha1:   49b16312fc7e4d30703534602b3996062c8727f4
Sha256: ac06823aa836ed0f9d2fc8c49108687b1d4eff78bfb68282e6cf9926559b2c92
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4886
Expires: Wed, 07 Dec 2022 16:50:20 GMT
Date: Wed, 07 Dec 2022 15:28:54 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ARg10dui3twKf3n0yrgRnGQzITuh9dVEdJtohCkhQ2tbbfcoNWi7P9+SA9vYQzgrEjuO0p1rnXc=
x-amz-request-id: RCP3QJGR858PMN3T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 15:18:19 GMT
age: 635
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 07 Dec 2022 15:28:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79"
Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20403
Expires: Wed, 07 Dec 2022 21:08:57 GMT
Date: Wed, 07 Dec 2022 15:28:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 15:08:04 GMT
age: 1250
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.8dlk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.8dlk.com/

search
                                         107.179.123.85
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 07 Dec 2022 15:28:51 GMT
Content-Length: 100
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   100
Md5:    e25313b84283a86f86c5af4aec0ff401
Sha1:   6a75bcbe6f66311da523faf655d5ae701182010b
Sha256: 98ccdebceaf5a09232ae78198dcb3af8b4900ff7d6d50ce4fba8bb74ade62a53
                                        
                                            GET /common.js HTTP/1.1 
Host: www.8dlk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.8dlk.com/

search
                                         107.179.123.85
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 07 Dec 2022 15:28:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3357), with no line terminators
Size:   1398
Md5:    14d9be8ed429f88fb8c4aa130630c7a4
Sha1:   b1218476d976dc0e3cd6439aa02335ba29677826
Sha256: fc92923f14ba3ca90dd3888c44b23fce5ebeac33a008a967417b1dc3c1440c65
                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Wed, 07 Dec 2022 04:59:44 GMT
Age: 37751
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            GET /js/hyt.js HTTP/1.1 
Host: www.bbniw.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.8dlk.com/

search
                                         156.251.184.242
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:54 GMT
Last-Modified: Wed, 30 Nov 2022 06:19:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6386f5fd-ec0"
Expires: Thu, 08 Dec 2022 11:29:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (447)
Size:   1794
Md5:    87ee2347a3197ecfcb1dd6816fe8014b
Sha1:   779b0d3e75f3798a57c8a3d6db7cbd484c9b6e4f
Sha256: 220966bdbb1f7e4ef0ccfeaec32413549263933895216f2fc224ca9ec8e6fc7d
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 15:07:58 GMT
age: 1257
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4662
Cache-Control: max-age=99840
Date: Wed, 07 Dec 2022 15:28:55 GMT
Etag: "638f8201-1d7"
Expires: Thu, 08 Dec 2022 19:12:55 GMT
Last-Modified: Tue, 06 Dec 2022 17:55:13 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4596
Cache-Control: max-age=154471
Date: Wed, 07 Dec 2022 15:28:55 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:23:26 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /hyt_data.php?zq=hyt&val=smplink&t=0.8145147256230293?v=05182352424795782 HTTP/1.1 
Host: www.bbniw.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.8dlk.com
Connection: keep-alive
Referer: http://www.8dlk.com/

search
                                         156.251.184.242
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   59
Md5:    374db53a5e3f0c3e49642da06e256535
Sha1:   740ee5402e104d6f1bbe4db32ba80defa221827c
Sha256: 0788af7eeae81a43337d1f155b0d6c1300f7139b5deaa06ff524a95f9dcbca85
                                        
                                            POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 
Host: shavar.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

search
                                         34.215.6.110
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Wed, 07 Dec 2022 15:28:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    29fc57841962e407cb50c1be60284bf7
Sha1:   ce968a77e2996da5eee8925182318f171ccdce47
Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4p0eRqCNajshEpLvAscOWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.69.31
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gUWJPKJ45WHro4iP27gwHPwSbmU=

                                        
                                            GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670425599656%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Wed, 07 Dec 2022 15:07:10 GMT
last-modified: Wed, 07 Dec 2022 15:06:39 GMT
age: 1305
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Size:   21675
Md5:    0f92b836f86a0036e21fa7a96923517d
Sha1:   e12f0b970d1950426b2cb687f7e95f1748ce9e50
Sha256: 2b6b42b1eb42af0f2a16be6a47b95d170bb1f481b6f12b6b08982a6a919cb48a
                                        
                                            GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669811837825&_since=%221666204638208%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6883
via: 1.1 google
date: Wed, 07 Dec 2022 15:10:23 GMT
age: 1113
last-modified: Wed, 30 Nov 2022 12:37:17 GMT
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6883), with no line terminators
Size:   6883
Md5:    8a5e09f5fb8417b5618e87d18d325721
Sha1:   c48523de09554c2dcb2cd6241bfeeaaec2803fb8
Sha256: 515c738bf239a57be380cb1cfe70051112b0218858fcbc9843702c7801ea60be
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: LVUrtxhvX5TvqS/wB6Yb20ZORu2wqQMde/Bp/H7w1gwnU8pUzOLqckUJHzxEbTD93NoxTmTJCus=
x-amz-request-id: TEGVNE7GQZYCP7BD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 14:48:58 GMT
age: 2398
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.8dlk.com/
Upgrade-Insecure-Requests: 1

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1636)
Size:   12205
Md5:    742fe6509919a493bb28fe3cf72e5987
Sha1:   f3b2118a0cd4650a0fcf9cb37c0bc6bf63216c46
Sha256: a43a1013b4e3a96d0c8cb24651dbf21c49b8dd1742a74cbad8ee000f88aee8a4
                                        
                                            GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Wed, 07 Dec 2022 15:07:11 GMT
last-modified: Wed, 07 Dec 2022 15:06:39 GMT
age: 1305
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Size:   935
Md5:    fc59df2a1ddb194b9927e1bd05da82a5
Sha1:   54ae083c87343de5c5082cd16f6e4ec8e45769bc
Sha256: cb645a2b572db86fddd92d7b4f54c55f1cb6ecada044fff5b5aea30e7df875f4
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: hI+wyXTvLbWEZFHgfVTzitJbM1be4EddTEACF96qVH/F/U0jcR+x0LR9+Cfab4u9z1Enb9wYA/s=
x-amz-request-id: PMXKWK0TM5M9BDGG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 14:49:24 GMT
age: 2372
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670371273925&_since=%221666483264567%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 53768
via: 1.1 google
date: Wed, 07 Dec 2022 15:16:18 GMT
age: 758
last-modified: Wed, 07 Dec 2022 00:01:13 GMT
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (53768), with no line terminators
Size:   53768
Md5:    420d2a8a87862ec8fb8678a2ec713b1b
Sha1:   ad55178f6765ac90ef6e073ba30d9d5508b6ce15
Sha256: f923b4f7170196fa90968f69c3e8e8c18020e643dd6f9002817742cf6651ba8d
                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Wed, 07 Dec 2022 04:59:44 GMT
Age: 37752
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670353428333&_since=%221666279968541%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 51469
via: 1.1 google
date: Wed, 07 Dec 2022 15:14:27 GMT
age: 869
last-modified: Tue, 06 Dec 2022 19:03:48 GMT
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (51469), with no line terminators
Size:   51469
Md5:    df6ea0251f061b6312696d157669aa7c
Sha1:   16bc688a055f8730bb9ac9fd808d0e5d87e9f744
Sha256: b50cd796e08214777358f3d07a48190dce25ea6982f0c613a2aa0deee78ae4d8
                                        
                                            GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Wed, 07 Dec 2022 15:08:04 GMT
age: 1252
last-modified: Mon, 05 Dec 2022 16:36:54 GMT
etag: "1670258214122"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Size:   682
Md5:    730583ac85dd27656bad88150567d34a
Sha1:   c05375ce2016cc335fffbfc76974348032951545
Sha256: 07ef5576f95557ec9f756e4ddfba277e3308d897c86ad5bc9dcd6e8e7270fb26
                                        
                                            GET /template/hyt/static/css/swiper.min.css HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Last-Modified: Wed, 27 May 2020 23:55:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ecefdf2-4562"
Expires: Thu, 08 Dec 2022 11:29:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (17459)
Size:   3298
Md5:    3b0f19c6e3d95b50787117fc26d47c7f
Sha1:   33799bc7c5f9ebda4adde8d59116a87fc2cce23f
Sha256: 39c608aa9656788524e36287f3a9e0070085695a439e4081a5bfd48c3b6f83b3
                                        
                                            GET /template/hyt/static/css/mm-content.css HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Last-Modified: Wed, 11 May 2022 13:10:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"627bb5b2-1cce"
Expires: Thu, 08 Dec 2022 11:29:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   1419
Md5:    f5ee9420b1f3dcc7b297fd91d1d27739
Sha1:   663b8904d50adab231ae482fb7977d612df61ec4
Sha256: f36b9f2a02914a46196158ab166efba51700b71c576e5ff392bff64e10cd324e
                                        
                                            GET /template/hyt/static/css/white.css HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Last-Modified: Sun, 04 Apr 2021 12:47:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6069b54c-29d9"
Expires: Thu, 08 Dec 2022 11:29:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (1029), with CRLF line terminators
Size:   2816
Md5:    f9b0f98f74a2f93e683a549155d8a1d5
Sha1:   83fcce63011b04982f136f7c75a675f64701a6db
Sha256: e55c155457d822714ccc54920d01bfa5ac2ab4b51b8a0bdd5257b260ae0c611f
                                        
                                            GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Wed, 07 Dec 2022 15:09:45 GMT
age: 1151
last-modified: Mon, 05 Dec 2022 16:36:43 GMT
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Size:   1506
Md5:    53a3f7b3b704cfaf73db62670e538a5b
Sha1:   f92fbcd2c053cc26fe81474c19bfcf3fd94e901e
Sha256: d5a8da9110e55a35fc8d1f47cd54e84ab99f26d25bd1a4325bdff8bfa76c0ac7
                                        
                                            GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Wed, 07 Dec 2022 15:09:03 GMT
age: 1193
last-modified: Thu, 01 Dec 2022 16:36:43 GMT
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Size:   1719
Md5:    5506ce693edc810aad75bdb6c06d2995
Sha1:   97d323e096862e4274b08587d81810fd86cc98f9
Sha256: 08f697c9426a4fb6003aaf14323813c55a82a6640db202c43011d2551f278970
                                        
                                            GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1681
via: 1.1 google
date: Wed, 07 Dec 2022 15:09:05 GMT
age: 1191
last-modified: Thu, 01 Dec 2022 14:23:14 GMT
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1681), with no line terminators
Size:   1681
Md5:    af79074b29e42f4e5be6b1e10e2af516
Sha1:   11fbd0f05beb0aaf0f0f7c699a124bbfff71be07
Sha256: 860c337ae66ebf02db30e18992dfddec6b9df1cab60d84fe3f061aa674d41be4
                                        
                                            GET /template/hyt/static/css/bootstrap.min.css HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:55 GMT
Last-Modified: Wed, 21 Apr 2021 21:00:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60809276-2212e"
Expires: Thu, 08 Dec 2022 11:29:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (493)
Size:   27077
Md5:    299cde924c75fcb72f9dccb125ef95bb
Sha1:   8af213d12817977b447f55364f9055e80d904758
Sha256: eee99d361e87a3e81275fae38b916b6694f8d9538d8885fff87eda2474b89735
                                        
                                            GET /template/hyt/static/css/style.css HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Last-Modified: Wed, 23 Jun 2021 13:44:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60d33ad9-10b0f"
Expires: Thu, 08 Dec 2022 11:29:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 text, with very long lines (350), with CRLF line terminators
Size:   14724
Md5:    a59dbd976358b61cd97d1dab5a2015a7
Sha1:   caf80c306c34434e1d24c1208d97ec81fccdb379
Sha256: 2b52bef5c9862a7278939fd2eb1c899090f8c3e5aa1a96a70ccee19a95a193ad
                                        
                                            GET /static/js/jquery.js HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Last-Modified: Wed, 07 Dec 2022 17:05:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6390c7ef-15e3f"
Expires: Thu, 08 Dec 2022 11:29:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   34877
Md5:    abedc8bae88e267ba9ab2db769d1eee4
Sha1:   e2e0efd271d8a6564837e7226c7586a0d96047b5
Sha256: a33a11a3922bed1ab922e13cd825e1fdf1fff5a9695aa9359acaa2a6e8d30066
                                        
                                            GET /template/hyt//images/logo.gif HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Content-Length: 3855
Last-Modified: Thu, 17 Mar 2022 19:37:14 GMT
Connection: keep-alive
ETag: "62338dea-f0f"
Expires: Fri, 06 Jan 2023 23:29:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 480 x 180\012- data
Size:   3855
Md5:    9bc346f619e590719535814f217ec966
Sha1:   c07adf4514711b9ee5c755b87620b8da6f1f1ce6
Sha256: d5658f3dd0ecb02e14d575c39bdedf2ef75ce8505afeebb235aca78c2af97cc0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9373
Expires: Wed, 07 Dec 2022 18:05:10 GMT
Date: Wed, 07 Dec 2022 15:28:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9373
Expires: Wed, 07 Dec 2022 18:05:10 GMT
Date: Wed, 07 Dec 2022 15:28:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9373
Expires: Wed, 07 Dec 2022 18:05:10 GMT
Date: Wed, 07 Dec 2022 15:28:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9373
Expires: Wed, 07 Dec 2022 18:05:10 GMT
Date: Wed, 07 Dec 2022 15:28:57 GMT
Connection: keep-alive

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 15:28:57 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Dec 2022 11:31:04 GMT
ETag: "f857eaff5720f2b93da4f5314323b73f692c82a7"
Last-Modified: Wed, 07 Dec 2022 11:31:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3059
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775e4b44adc80b02-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    0d3e55fc11f59bfc47455ffe8785876a
Sha1:   f857eaff5720f2b93da4f5314323b73f692c82a7
Sha256: 5b051e8331bdab0fc3eaebcf053c64c0b118040f6b962bbc2a75cc5bfa5ef8c9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 24966
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6557
Md5:    210b27f5f6310d8fad640acce3d9ae0e
Sha1:   08d241e56622cb900754d95bc5d58ed8826d9f32
Sha256: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "269875F0494D3913C3FBF1D4BEC1846FD89C7908B0D1C40D4E63E0E1DC3D50A4"
Last-Modified: Wed, 07 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4347
Expires: Wed, 07 Dec 2022 16:41:24 GMT
Date: Wed, 07 Dec 2022 15:28:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "269875F0494D3913C3FBF1D4BEC1846FD89C7908B0D1C40D4E63E0E1DC3D50A4"
Last-Modified: Wed, 07 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4347
Expires: Wed, 07 Dec 2022 16:41:24 GMT
Date: Wed, 07 Dec 2022 15:28:57 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 67163
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 62824
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8701
Md5:    604a4132da78a0c013b5818644adb121
Sha1:   ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
Sha256: eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
age: 63098
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8351
Md5:    98d2cf29c710d25bd2f03ff216fdd369
Sha1:   b8eb2e11f9655f19334befc036f21489a6473827
Sha256: 614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 16:47:32 GMT
age: 81685
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6186
Md5:    535710165275856757bd7d1689f79de3
Sha1:   d51162b7fcba50022482b7130a556f3a7dfe822f
Sha256: c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 63317
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8438
Md5:    e95ebce9d79ba46cb96af9a45af1762f
Sha1:   985c6761675e6bcc0186f64d55f94cf09352f05c
Sha256: 5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
                                        
                                            GET /template/hyt//images/cpa-4.gif HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Content-Length: 78524
Last-Modified: Sun, 27 Nov 2022 11:03:38 GMT
Connection: keep-alive
ETag: "6383440a-132bc"
Expires: Fri, 06 Jan 2023 23:29:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 320 x 190\012- data
Size:   78524
Md5:    f12d32b75b26394038be19df19aea586
Sha1:   286e3cee23dee594ce497c1f2020ccb842e0ae69
Sha256: 06a090053e07f41505d1949525aa511001d14069cb8560f933d60740f9e3eba9
                                        
                                            GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1 
Host: kvmaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hyt007.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         137.175.13.78
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Wed, 07 Dec 2022 15:29:03 GMT
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /fc562ab77f499f4a87e7cd55b58bc962.gif HTTP/1.1 
Host: kvmaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hyt007.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         137.175.13.78
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Wed, 07 Dec 2022 15:29:03 GMT
content-length: 162
location: https://nvhbbb.top/fc562ab77f499f4a87e7cd55b58bc962.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5577
Cache-Control: max-age=89199
Date: Wed, 07 Dec 2022 15:28:57 GMT
Etag: "638f54df-118"
Expires: Thu, 08 Dec 2022 16:15:36 GMT
Last-Modified: Tue, 06 Dec 2022 14:42:39 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5577
Cache-Control: max-age=89199
Date: Wed, 07 Dec 2022 15:28:57 GMT
Etag: "638f54df-118"
Expires: Thu, 08 Dec 2022 16:15:36 GMT
Last-Modified: Tue, 06 Dec 2022 14:42:39 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 15:28:57 GMT
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 16:39:33 GMT
Expires: Tue, 13 Dec 2022 16:39:32 GMT
Etag: "f98f3ed2589b537db12647d6d49899688b674968"
Cache-Control: max-age=522034,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775e4b44e86eb4f7-OSL

                                        
                                            GET /fc562ab77f499f4a87e7cd55b58bc962.gif HTTP/1.1 
Host: nvhbbb.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.hyt007.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.170.188
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 15:28:57 GMT
content-length: 118121
last-modified: Wed, 10 Aug 2022 09:44:15 GMT
etag: "62f37def-1cd69"
expires: Tue, 03 Jan 2023 19:08:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 246036
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4sb0dDZ73TrgsHgY4XuIepXfAIiU%2F4VJVqCQ22L9S2u5OoNO7NGDcejTC3p4TeFWxYmdCrQvyT0eiLOvZrDH8H0wY%2B%2ByJLr8qVAEToUaUdZJ7aQPrPfLB1joS6H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775e4b4618ceb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   118121
Md5:    caaa592fad00ee9d8db810c6fdf0741d
Sha1:   90c218822bb4e8237f8d7ba5ddf73e63ce80fd13
Sha256: d8307cc1c162ce82416d8dcc966b31fbe2e6834c0e7eaecf021a98baf1a16083
                                        
                                            GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1 
Host: nvhbbb.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.hyt007.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.170.188
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 15:28:57 GMT
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1986903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uH5mSm2s1Hu5dMVrifvGohcUYKYsyF9DIXC5VAbYSxXM3V9yrbGVZRvGh0SN1HeC4XfkvsLZAFh6OOJgA%2Fnc7J5PnI%2BmNOSNK%2BC2u%2B4rzxYW3YnNhglGkhEzkKnc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775e4b4618bdb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   1082384
Md5:    a2513b4510f6797c4cbe4012fc79c64c
Sha1:   41f15aa49c66eed88a541224dedda5d215f9e7ef
Sha256: 16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 15:28:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 18:26:15 GMT
Expires: Mon, 12 Dec 2022 18:26:14 GMT
Etag: "a9801b3e4b4aa5d7cdec854367fd78f0d909ab51"
Cache-Control: max-age=442036,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775e4b457d1b0afe-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5577
Cache-Control: max-age=89199
Date: Wed, 07 Dec 2022 15:28:57 GMT
Etag: "638f54df-118"
Expires: Thu, 08 Dec 2022 16:15:36 GMT
Last-Modified: Tue, 06 Dec 2022 14:42:39 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 15:28:57 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 11 Dec 2022 11:42:51 GMT
ETag: "0ecb77beb6284990176e9a0c3ed817dcfb83e819"
Last-Modified: Wed, 07 Dec 2022 11:42:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 625
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775e4b470e1c0b61-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    408b3889d3235c84f82941b77c155dad
Sha1:   0ecb77beb6284990176e9a0c3ed817dcfb83e819
Sha256: 1e1596d26783c8b27be1fd64adfaebb069a588fb707093af0a388fbb82b6af27
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 15:28:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 17:28:47 GMT
Expires: Sun, 11 Dec 2022 17:28:46 GMT
Etag: "d31648aa2f56b663d5ee7014ea65d656e0c75933"
Cache-Control: max-age=352188,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775e4b46ee2c0afe-OSL

                                        
                                            GET /template/hyt//images/cpa-3.gif HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Content-Length: 299089
Last-Modified: Sun, 27 Nov 2022 11:03:38 GMT
Connection: keep-alive
ETag: "6383440a-49051"
Expires: Fri, 06 Jan 2023 23:29:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 720 x 428\012- data
Size:   299089
Md5:    d9e70a7219c6571182c6618445fe610d
Sha1:   3e856d9d935fe071fc41e98196bcef27383980fa
Sha256: 1d07059bc4c6f33316632222a1a5a4cd7c1f4468f37b5e5507e95377439d1c19
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 15:28:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 03:22:04 GMT
Expires: Tue, 13 Dec 2022 03:22:03 GMT
Etag: "c86eabbc00f57d966e1ae4035353ddbe149a245e"
Cache-Control: max-age=474185,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775e4b456c6b0b59-OSL

                                        
                                            GET /template/hyt//images/cpa-2.gif HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Content-Length: 301024
Last-Modified: Sun, 27 Nov 2022 11:03:38 GMT
Connection: keep-alive
ETag: "6383440a-497e0"
Expires: Fri, 06 Jan 2023 23:29:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 120\012- data
Size:   301024
Md5:    924fb352713ee10f6f4bce3167ccce13
Sha1:   127a437f7a5020f7e7c08b6c6465be55dcb32e0c
Sha256: 6e04c7ee887495ce8805d38b200ca217c28b5e83655f4e7f4e8f8f8e28b872bf
                                        
                                            GET /template/hyt//images/cpa-1.gif HTTP/1.1 
Host: www.hyt007.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hyt007.top/

search
                                         154.214.13.21
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 07 Dec 2022 23:29:56 GMT
Content-Length: 905505
Last-Modified: Sun, 27 Nov 2022 11:03:38 GMT
Connection: keep-alive
ETag: "6383440a-dd121"
Expires: Fri, 06 Jan 2023 23:29:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   905505
Md5:    3abde39f91e4a75e550b7e50eb25e68a
Sha1:   75e357b027236d81ea4b1002d992117d53212bd8
Sha256: 2ee18fe5f2dec0caa8ddca814b0f318e2574bd52b389bb8a2348356567a7db7d
                                        
                                            GET /8499/s/960x60.gif HTTP/1.1 
Host: 8499225.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hyt007.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.247.109.206
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Dec 2022 15:28:57 GMT
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "50d23-5ed03b0c9c3d8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   331043
Md5:    09f29e56330449942571a66f47f82fb5
Sha1:   30fc3421671176f6f724f32ee910470f03661ddc
Sha256: b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
                                        
                                            GET /db1abd20a8f742e78aa7440be3e7b6bd.gif HTTP/1.1 
Host: u1011.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hyt007.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.170.15.61
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "63835f35-352e2"
server: nginx
date: Wed, 07 Dec 2022 14:11:48 GMT
last-modified: Sun, 27 Nov 2022 12:59:33 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-51
content-length: 217826
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   217826
Md5:    27ec5c83cb9575b31075dcd71389974e
Sha1:   681c71534d8c5bc8ec8526db4d56f63099809e69
Sha256: b53d8f0e3870208d18544443eb3f76870a4c79e9a7c745b699bd8060e84fde01
                                        
                                            GET /10241d9f3cc6422faa27594eecf0ca46.gif HTTP/1.1 
Host: n0499.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hyt007.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         20.222.165.74
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 07 Dec 2022 15:28:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 27 Nov 2022 12:59:16 GMT
ETag: W/"63835f24-4002e"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   141802
Md5:    d266492116a9903619eeb035b0f4cdd9
Sha1:   4444e9192f207b2b946d71bc38fdf7e23fe8912c
Sha256: 829c5302dd74ad53f4d8adf3de284908c5d6a1662b28b395fea1b4d3d9e78eed
                                        
                                            GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1 
Host: kzett.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hyt007.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         18.155.68.129
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 497175
last-modified: Thu, 01 Dec 2022 15:50:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Dec 2022 10:42:28 GMT
etag: "308dfc606f51875abeaddaf59af06f44"
x-cache: Hit from cloudfront
via: 1.1 16074517396ff3ce754e4ac422c346c8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-amz-cf-id: 8jYgo_6r4A2DzDClp7XnwpQVs7R7eQ2RwCjEgFRbXVjP85_6Kb7gxA==
age: 17190
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   497175
Md5:    308dfc606f51875abeaddaf59af06f44
Sha1:   fbc86f1ca7aaf6132c4643c7138b539a170fb6c1
Sha256: 1e1e5e16afd234768c984ee2f2551abbf8af6de533f12b80dbee9ab06a857bf3
                                        
                                            GET /2238eba41d33aa4fd5cb425f8c7ea0f0.gif HTTP/1.1 
Host: kvevv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hyt007.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         18.155.68.40
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 817863
Connection: keep-alive
Date: Tue, 06 Dec 2022 23:09:28 GMT
Last-Modified: Tue, 29 Nov 2022 08:07:14 GMT
ETag: "d2f852d3e755b85c2bd0ed4253e139de"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 59200cf8e35c5a7273b88a148fe1e0a4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: 9eKfTJTAvDBUR5vooLGSuCFBvm33-pD_uLezZ-fXdsaHmE7eauvhYw==
Age: 58769


--- Additional Info ---
Magic:  GIF image data, version 89a, 700 x 100\012- data
Size:   817863
Md5:    d2f852d3e755b85c2bd0ed4253e139de
Sha1:   0683ce40220cc82db6f5ab762ea66a5afa963e70
Sha256: 2813efa83d90d07eac176b5631d5398379ca2d695ce978af0b4a984f336ec6ad
                                        
                                            GET /qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0 HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hyt007.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Wed, 07 Dec 2022 15:28:57 GMT
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:56:24 GMT
cache-control: max-age=2592000
x-delay: 39766 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 9f29f4b0-4c61-4056-9655-4c1f75f84566
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   331043
Md5:    09f29e56330449942571a66f47f82fb5
Sha1:   30fc3421671176f6f724f32ee910470f03661ddc
Sha256: b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
                                        
                                            GET /ty/8D37B951-48BF-13559-34-35004EC3A919.alpha HTTP/1.1 
Host: d.wyqaafplm.live
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hyt007.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.224.30.107
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 07 Dec 2022 15:28:57 GMT
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Wed, 07 Dec 2022 15:28:57 GMT
expires: Wed, 07 Dec 2022 15:43:57 GMT
cache-control: max-age=900
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed