fileapi.gyaott.top/001/puppet.Txt?105877
45.207.71.123 224 B URL fileapi.gyaott.top/001/puppet.Txt?105877
IP 45.207.71.123:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document, ASCII text, with CRLF line terminators
Hash 5abd17caff5ac9f16a562f6fd5eb4460
6423d820a668b08f45b2b7ca411ca3a87781b145
26d82981426ce33e8efceb49fc368223e48d977f6f75075710991ffa8876f57c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /001/puppet.Txt?105877 HTTP/1.1
Host: fileapi.gyaott.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 02:09:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
fileapi.gyaott.top/gczx.html
45.207.71.123200 OK 5.8 kB URL User Request GET HTTP/1.1 fileapi.gyaott.top/gczx.html
IP 45.207.71.123:80
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28637)
Hash 200f39af116ed54e6182f27605fe374a
b8bfefc65cb9fbefff48719c96969e78804427f2
27d9da24acf51e0547e5577fa3eec1269258af431fb598ce7c36127082e0c878
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /gczx.html HTTP/1.1
Host: fileapi.gyaott.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fileapi.gyaott.top/001/puppet.Txt?105877
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 02:09:47 GMT
Content-Type: text/html
Last-Modified: Mon, 15 May 2023 15:00:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6462491c-789c"
Content-Encoding: gzip
fileapi.gyaott.top/favicon.ico
45.207.71.123200 OK 224 B URL GET HTTP/1.1 fileapi.gyaott.top/favicon.ico
IP 45.207.71.123:80
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
Requested by http://fileapi.gyaott.top/gczx.html
File type HTML document, ASCII text, with CRLF line terminators
Hash 5abd17caff5ac9f16a562f6fd5eb4460
6423d820a668b08f45b2b7ca411ca3a87781b145
26d82981426ce33e8efceb49fc368223e48d977f6f75075710991ffa8876f57c
GET /favicon.ico HTTP/1.1
Host: fileapi.gyaott.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://fileapi.gyaott.top/gczx.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 02:09:47 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.20.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.20.226:0
Hash 56c0fdf536e2f4ffc66e6be02477ce6f
075871e29acc169f15e6ac576b7add7b95193603
e10662f08d7cecc5d4fad3c358c75defa0f41edf9649311080c5aa357cae0905
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 02:09:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Sun, 11 Jun 2023 00:31:27 GMT
ETag: "075871e29acc169f15e6ac576b7add7b95193603"
Last-Modified: Wed, 07 Jun 2023 00:31:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d355ae32963b4f1-OSL
gczx666.oss-cn-shenzhen.aliyuncs.com/gczx.js
120.77.166.101200 OK 125 B URL GET HTTP/1.1 gczx666.oss-cn-shenzhen.aliyuncs.com/gczx.js
IP 120.77.166.101:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://fileapi.gyaott.top/gczx.html
Certificate IssuerGlobalSign nv-sa
Subject*.oss-cn-shenzhen.aliyuncs.com
Fingerprint83:92:B0:4C:5C:51:15:BB:A3:78:1F:CF:E8:53:1F:23:D6:94:8F:5C
ValidityMon, 30 Jan 2023 02:31:11 GMT - Sat, 02 Mar 2024 02:31:10 GMT
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash 0ff1ad5fc02d31edcb1f315d7d49172a
636631c6ebcc0766a27921cbec58dc71af4399c7
6cb30873cc1f45465e48eba72b4205007b7aab8b06a5713da9923841e5e14331
GET /gczx.js HTTP/1.1
Host: gczx666.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://fileapi.gyaott.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 07 Jun 2023 02:09:48 GMT
Content-Type: application/javascript
Content-Length: 125
Connection: keep-alive
x-oss-request-id: 647FE6EC602BA53236AD7386
Accept-Ranges: bytes
ETag: "0FF1AD5FC02D31EDCB1F315D7D49172A"
Last-Modified: Mon, 05 Jun 2023 04:56:31 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4246857114174384965
x-oss-storage-class: Standard
Content-MD5: D/GtX8AtMe3LHzFdfUkXKg==
x-oss-server-time: 1
ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash 39543f26cf5c843a475c4188a1fceceb
77d3c1a59de8dbff7358ba63e8def840f7c654bf
71b340dd7944d5c4aef63ce1a14ec66f6a5952f6677833ee06971fab5a60406c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 02:09:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 06:10:33 GMT
Expires: Tue, 13 Jun 2023 06:10:32 GMT
Etag: "77d3c1a59de8dbff7358ba63e8def840f7c654bf"
Cache-Control: max-age=532240,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d355afa88e20b49-OSL
936520.com/static/spine-webgl.js
20.205.104.140200 OK 76 kB URL GET HTTP/2 936520.com/static/spine-webgl.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 19c1d621929b70950bb3e79cdf2e6221
1a4d2cda41bde1a410fcb07d58b9484c6cf1c8e3
3338f6728e0dd3b59007b3fd39c1903310cc17ff8e17a3f41133d91b4864721a
GET /static/spine-webgl.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-5a0a5"
content-encoding: gzip
X-Firefox-Spdy: h2
aeis.alicdn.com/AWSC/AWSC/awsc.js?_t=234181
104.110.21.4200 OK 3.9 kB URL GET HTTP/2 aeis.alicdn.com/AWSC/AWSC/awsc.js?_t=234181
IP 104.110.21.4:443
Requested by https://936520.com/register?id=32483556
Certificate IssuerDigiCert Inc
Subjectru.aliexpress.com
FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F
ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11988), with no line terminators
Hash 05ccd82860f1ad63d32696b7b6c0ce14
52090b1208172ff8f4cec5f6454881c61f0e0a2f
bc6b428ea03ce9591b45c8cabfc9489db7e112c55b393c88868de0efe04ceb5a
GET /AWSC/AWSC/awsc.js?_t=234181 HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 3930
x-oss-request-id: 647FDB010A50A33435B307C1
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7512433114953199032
x-oss-storage-class: Standard
content-md5: BczYKGDxrWPTJpa3tsDOFA==
x-oss-server-time: 1
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1686100737
x-swift-savetime: Wed, 07 Jun 2023 02:00:05 GMT
x-swift-cachetime: 1132
eagleid: 2ff62c9516861032049507795e
cache-control: max-age=6564, s-maxage=3600
expires: Wed, 07 Jun 2023 03:59:19 GMT
date: Wed, 07 Jun 2023 02:09:55 GMT
vary: Accept-Encoding
served-from: 23.36.77.199
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 104.110.21.4
X-Firefox-Spdy: h2
936520.com/static/js/6.04d491c77340e0c1de58.js
20.205.104.140200 OK 93 kB URL GET HTTP/2 936520.com/static/js/6.04d491c77340e0c1de58.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash b7a67a147d928d49da24bfca9658ff9d
627886e9c14271a81a3e651544383acf3e10d0c4
10c6cd786a07694ca252d0deef71254805b64c4dd145456416f93a613066b40f
GET /static/js/6.04d491c77340e0c1de58.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-4a3b5"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/v1/management/tenant/getTenantConfig?t=1686103793930
20.205.104.140200 OK 120 kB URL GET HTTP/2 936520.com/v1/management/tenant/getTenantConfig?t=1686103793930
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
Size 120 kB (120208 bytes)
Hash f37e28a5c352b12299c2c166b2925d39
525fb980607c46a78a375bc29ec9f89f3ae34807
6f7ecb769bd0f6eb608fae42ff6f42caebd8b9c9ebee67904d64bf9c812180a0
GET /v1/management/tenant/getTenantConfig?t=1686103793930 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js
104.110.21.4200 OK 77 kB URL GET HTTP/2 aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js
IP 104.110.21.4:443
Requested by https://936520.com/register?id=32483556
Certificate IssuerDigiCert Inc
Subjectru.aliexpress.com
FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F
ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash a4cff78229e56fde5f28d1999679a1d1
8d8f89aa7d26569337192dce8a12daaa1867bcd4
4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0
GET /AWSC/WebUMID/1.93.0/um.js HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 77333
x-oss-request-id: 6468E5E961623D31397B5535
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2332966527039349753
x-oss-storage-class: Standard
content-md5: pM/3ginlb95fKNGZlnmh0Q==
x-oss-server-time: 20
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1684596201
x-swift-savetime: Sat, 20 May 2023 15:23:29 GMT
x-swift-cachetime: 86392
eagleid: 2ff62c9716845962097947285e
served-from: 47.246.44.230
cache-control: max-age=1084484, s-maxage=86400
expires: Mon, 19 Jun 2023 15:24:39 GMT
date: Wed, 07 Jun 2023 02:09:55 GMT
vary: Accept-Encoding
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 104.110.21.4
X-Firefox-Spdy: h2
936520.com/static/js/manifest.bd1c3404b2dcce0589be.js
20.205.104.140200 OK 30 kB URL GET HTTP/2 936520.com/static/js/manifest.bd1c3404b2dcce0589be.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash c1eb41a89cb5b2fd9fc474f5ed7d8d51
50f31214d1e60073b322521a3ac42061d847242f
817c8608383520399bc6ce6a28fbe5f3451dfe3d5f41d81940b654ff5b3ce131
GET /static/js/manifest.bd1c3404b2dcce0589be.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-1b3e"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/static/css/app.7df8101d7996.css
20.205.104.140200 OK 56 kB URL GET HTTP/2 936520.com/static/css/app.7df8101d7996.css
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (58555)
Hash 1dc8945a001c4bfea00e243d8313c212
01f6c6c93e79b488e2e11026415920b8b4eb51e3
1e9cb00e8d30ef3b71312d3226ca0c3712cbe7d43b1c974c11c9dea866a1f78a
GET /static/css/app.7df8101d7996.css HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-2822a"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/static/js/20.cdf42703e7bab8ee56e8.js
20.205.104.140200 OK 20 kB URL GET HTTP/2 936520.com/static/js/20.cdf42703e7bab8ee56e8.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash a77d7ca7b1cf9cd3118690e8761b7067
1b82e40deb5cb05eda27d699cdbc50ca88e3c77a
2ff295e68ddafe4f6e7767401763b94b8b55e1dabc1ec639868dc6c7a757bbf9
GET /static/js/20.cdf42703e7bab8ee56e8.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:54 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-d9d7"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 3a44a5eb266ce5293c26f7572981d23e
cf0d54ba76ae74a132891ef0281106e8bbdad5f8
8afc1ee37d3cf098367c5e4d027867ce8cf06cc18742afa4453cbaf93e1f9a8a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 02:09:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 11 Jun 2023 00:50:39 GMT
ETag: "cf0d54ba76ae74a132891ef0281106e8bbdad5f8"
Last-Modified: Wed, 07 Jun 2023 00:50:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d355b1599fbb4f1-OSL
images.ppa029sdfjshsjkdhksdhjhdu3.com/game/1578637842482.png
20.24.81.156 371 kB URL GET images.ppa029sdfjshsjkdhksdhjhdu3.com/game/1578637842482.png
IP 20.24.81.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject*.ppa022cjklwmkksldjuhnb3llc.com
Fingerprint5E:84:56:51:5C:A7:35:6E:52:FF:61:41:60:CB:2C:13:95:97:9F:00
ValidityWed, 07 Sep 2022 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
File type PNG image data, 2990 x 566, 8-bit colormap, non-interlaced\012- data
Size 371 kB (370952 bytes)
Hash a366792ce69457744b882318850cefe2
5b078849d41e40f9d2c6dba6b821a04a9c0c35b9
faa00bbd3a46b12e4205da06089f1f4d489f01ab874caee4cd5d6c9c37203842
GET /game/1578637842482.png HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 02:09:55 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 27 Jan 2020 07:29:14 GMT
ETag: W/"0819879e3d4d51:0"
X-Powered-By: ASP.NET
Expires: Thu, 08 Jun 2023 02:09:55 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Cache-Control: max-age=86400, max-age=315360000000
X-Cache: HIT
Content-Encoding: gzip
images.ppa029sdfjshsjkdhksdhjhdu3.com/system/common/other/rechargepc.png
20.24.81.156 21 kB URL GET images.ppa029sdfjshsjkdhksdhjhdu3.com/system/common/other/rechargepc.png
IP 20.24.81.156:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject*.ppa022cjklwmkksldjuhnb3llc.com
Fingerprint5E:84:56:51:5C:A7:35:6E:52:FF:61:41:60:CB:2C:13:95:97:9F:00
ValidityWed, 07 Sep 2022 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
File type PNG image data, 480 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d0302853397a2172294fe821b0df0d1
54bb2dfdcd1400f45ca1d722aeee899dce21dd8e
090049ea713e796c3a8d35a73b25f7356c8cef526208a149c08711ea3c7b4d48
GET /system/common/other/rechargepc.png HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 02:09:55 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 08 Dec 2020 07:23:32 GMT
ETag: W/"07248833cdd61:0"
X-Powered-By: ASP.NET
Expires: Thu, 08 Jun 2023 02:09:55 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Cache-Control: max-age=86400, max-age=315360000000
X-Cache: HIT
Content-Encoding: gzip
936520.com/static/css/20.fa3afa77219a.css
20.205.104.140200 OK 18 kB URL GET HTTP/2 936520.com/static/css/20.fa3afa77219a.css
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash f8f9f5139f2b355bd87bd9b23a10bc72
73d7c5b94f859ea658f5343340c05f1f0607c603
9f44e66f238b47405bcfa0bcc184fd65cba429b097ce199641db02e4a6878ed7
GET /static/css/20.fa3afa77219a.css HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:54 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-1239d"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.20.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.20.226:0
Hash 34249158a2c27367b429613147d5bb59
ab51a8e06ea2163cd1760e218663c7284fa3d649
631cbca98b6748496cccd555ca32e2372bb19c2f6b0ded443368f71419d9ba3f
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 02:09:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Sat, 10 Jun 2023 22:57:39 GMT
ETag: "ab51a8e06ea2163cd1760e218663c7284fa3d649"
Last-Modified: Tue, 06 Jun 2023 22:57:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3344
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d355b1b6c54b4f1-OSL
936520.com/v1/users/announcement/list?t=1686103794228&pageSize=20&pageNum=1
20.205.104.140200 OK 1.9 kB URL GET HTTP/2 936520.com/v1/users/announcement/list?t=1686103794228&pageSize=20&pageNum=1
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash c7ef4de4a5a5eae016715cc380a2ac32
46861a3bb6c2710565ae838e34557ea15f796164
83ee5728dd8482e20168c23fd10a079e6d1bd5063e9c27b349e1b963beef2c7a
GET /v1/users/announcement/list?t=1686103794228&pageSize=20&pageNum=1 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/src/img/favicon.267ace1.png
20.205.104.140200 OK 6.3 kB URL GET HTTP/2 936520.com/src/img/favicon.267ace1.png
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash e5ff3031019cf066b4f1a57cbf14fa0c
40dd948b0134f306b6070ea69d3613d04f0d5a40
aef648629dc66139a2220fdaa3eaf8e32b6ac95c6c2022c36724d5ab56832062
GET /src/img/favicon.267ace1.png HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:52 GMT
content-type: text/html
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-fbd"
content-encoding: gzip
X-Firefox-Spdy: h2
ynuf.aliapp.org/service/um.json
203.119.175.235200 OK 136 B URL POST HTTP/2 ynuf.aliapp.org/service/um.json
IP 203.119.175.235:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://936520.com/register?id=32483556
Certificate IssuerGlobalSign nv-sa
Subject*.alibabacorp.com
Fingerprint21:4B:26:A9:58:52:03:EC:07:38:66:00:3B:39:33:F3:9B:56:E7:16
ValidityWed, 12 Apr 2023 23:17:04 GMT - Mon, 13 May 2024 23:11:02 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash f9e5edae34bb970d5fafdf3f40da038e
eafe2e0623088d4d9c8f6441f99d97bfcf44c841
63dd4de38da954944e996ce88a2e1dfdc10ed214e2638c67773c63dc7a649b7a
POST /service/um.json HTTP/1.1
Host: ynuf.aliapp.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 667
Origin: https://936520.com
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Jun 2023 02:09:58 GMT
content-type: text/plain;charset=UTF-8
content-length: 136
x-application-context: umid-web:cn-prod:7001
access-control-allow-origin: https://936520.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Accept,X-PINGARUNER,CONTENT-TYPE,X-Requested-With
set-cookie: umdata_=G28D530CB3552F05B2CEBB6E1F75F7A8CBBE4CCE22922ABF242; Max-Age=31536000; Expires=Thu, 06-Jun-2024 02:09:58 GMT; Domain=ynuf.aliapp.org; Path=/
p3p: CP=IVAa PSAa
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
server: Tengine/Aserver
eagleeye-traceid: 2150775316861037981115094e2cd2
timing-allow-origin: *
X-Firefox-Spdy: h2
936520.com/v1/management/tenant/getSpeedDomain
20.205.104.140200 OK 134 B URL GET HTTP/2 936520.com/v1/management/tenant/getSpeedDomain
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Hash f812de3439d62f88281c09230c75cf91
51beeb0ae1c9e4adeb757782120ad0e55cc2422d
821d5a8af0076069cbcf1204fc01c5a8a7d7fbce62813b532deefa9efec6f27b
GET /v1/management/tenant/getSpeedDomain HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/static/js/9.980024635cbdb3d7060a.js
20.205.104.140200 OK 21 kB URL GET HTTP/2 936520.com/static/js/9.980024635cbdb3d7060a.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/9.980024635cbdb3d7060a.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:54 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-50ce"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/v1/betting/getServerTimeMillisecond?t=1686103793948
20.205.104.140200 OK 58 B URL GET HTTP/2 936520.com/v1/betting/getServerTimeMillisecond?t=1686103793948
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Hash f53363cd643ed42a027de8e86d0c1a97
654e6860d41c0caa932d08b38c5e65821022fe3c
189da2fca582f2e5634baf82af13b7da0a7c8f680790bbc17f9a90ad9f7474de
GET /v1/betting/getServerTimeMillisecond?t=1686103793948 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/static/js/aliyun.min.js
20.205.104.140200 OK 220 kB URL GET HTTP/2 936520.com/static/js/aliyun.min.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (32085)
Size 220 kB (219487 bytes)
Hash 85e7d42d7ec09184b9bbde78b641ca00
0bc92965c772b460ea1a65468fb2e8baabc7b5d0
5c919aeed13a145644e93be09a3ce46b4e2f241133ac316d61f8c5d2dc59758c
GET /static/js/aliyun.min.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-3595f"
content-encoding: gzip
X-Firefox-Spdy: h2
at.alicdn.com/t/font_2430878_tju82v96qxe.woff2
47.246.44.251200 OK 26 kB URL GET HTTP/2 at.alicdn.com/t/font_2430878_tju82v96qxe.woff2
IP 47.246.44.251:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://936520.com/register?id=32483556
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1
ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 25988, version 1.0\012- data
Hash 3d929f77d857dddcd6066bad750bb277
259fd1976fdb8f8e8d354d32b5e7681e3db01341
92edafbe3372b0e72089ee25f8665470b7ee8d4df2250cb96c159d6c1153dbdd
GET /t/font_2430878_tju82v96qxe.woff2 HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://936520.com
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 25988
date: Sun, 04 Jun 2023 17:11:44 GMT
x-oss-request-id: 647CC5D0B096773931C1C550
vary: Origin
accept-ranges: bytes
etag: "3D929F77D857DDDCD6066BAD750BB277"
last-modified: Fri, 24 Dec 2021 22:12:00 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7241217540761008470
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: PZKfd9hX3dzWBmutdQuydw==
x-oss-server-time: 1
ali-swift-global-savetime: 1685898704
via: cache24.l2us1[0,0,200-0,H], cache27.l2us1[1,0], cache8.se1[0,0,200-0,H], cache2.se1[1,0]
age: 205091
x-cache: HIT TCP_MEM_HIT dirn:4:264391866
x-swift-savetime: Mon, 05 Jun 2023 05:59:02 GMT
x-swift-cachetime: 31057962
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9616861037953673960e
X-Firefox-Spdy: h2
936520.com/static/public/need/layer.css
20.205.104.140200 OK 3.7 kB URL GET HTTP/2 936520.com/static/public/need/layer.css
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (3701), with no line terminators
Hash 42f69c087e51045a8a3c7cd673035bac
e8f0e6c08d06438f21a4293f4824615adf1b739d
56f78048287d433001c7733ad944f0a4ef94f3a06e8f8958a7ddf86644c8ec44
GET /static/public/need/layer.css HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-e53"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/static/public/layer.m.js
20.205.104.140200 OK 3.1 kB URL GET HTTP/2 936520.com/static/public/layer.m.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (3208), with no line terminators
Hash 38b405624adacadff4fd9955b0248871
11747a1c224e318ad5c0ff75b1a834c362ff471b
7c394e10425cccb4266d17a22fc5e5e783020d64c0c0c1824c283ca7a12969a8
GET /static/public/layer.m.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-c18"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/static/css/9.e1799f90210d.css
20.205.104.140200 OK 1.1 kB URL GET HTTP/2 936520.com/static/css/9.e1799f90210d.css
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (1099), with no line terminators
Hash b9d1a69e6c40ebff083d8bdddecbc363
8bae8edee00b86532d71191e79c080762f849695
36e91d2c7da3be4ace2d4015c93384b8e51225048821ea7164ffdbb7da110b75
GET /static/css/9.e1799f90210d.css HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:54 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-445"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/v1/users/getAliyunAppKey?t=1686103794232
20.205.104.140200 OK 61 B URL GET HTTP/2 936520.com/v1/users/getAliyunAppKey?t=1686103794232
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Hash 3f96a15a76cb0c794e32492db279a737
91856ffce5fd1375ef6563c5ee8cc67774aeaf59
f135baf1a0c4f59375916c9c2932e816dfe0275a9c34cdbe3b91e15a84c784e3
GET /v1/users/getAliyunAppKey?t=1686103794232 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
static.ppa029sdfjshsjkdhksdhjhdu3.com/ico/zghcp.ico
13.75.115.235200 OK 1.6 kB URL GET HTTP/1.1 static.ppa029sdfjshsjkdhksdhjhdu3.com/ico/zghcp.ico
IP 13.75.115.235:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject*.ppa022cjklwmkksldjuhnb3llc.com
Fingerprint5E:84:56:51:5C:A7:35:6E:52:FF:61:41:60:CB:2C:13:95:97:9F:00
ValidityWed, 07 Sep 2022 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash fbab93a333ba620cc0c53190540c3ae8
ebd68313eac25954b431492428976ae4cb2788ae
d1e12df4932ef28e4bf59ffdfd447abd80501dc9ab2db137d5d1ebe02f449367
GET /ico/zghcp.ico HTTP/1.1
Host: static.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 02:09:57 GMT
Content-Type: image/x-icon
Content-Length: 1612
Last-Modified: Wed, 01 Feb 2023 10:29:11 GMT
Connection: keep-alive
ETag: "63da3ef7-64c"
Expires: Fri, 07 Jul 2023 02:09:57 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
936520.com/register?id=32483556
20.205.104.140200 OK 4.0 kB URL User Request GET HTTP/2 936520.com/register?id=32483556
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4095), with no line terminators
Hash 5fd60212789afb582ef8b4275c4ccadd
0a58db963ebc821fc5ac25371739d5b69a5171d7
fe44b9e5df9642b850ef35a799dcaea0375d0826aaff2155baf0e814acc055aa
GET /register?id=32483556 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://fileapi.gyaott.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:52 GMT
content-type: text/html
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-fbd"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/v1/statistics/push
20.205.104.140200 OK 43 B URL POST HTTP/2 936520.com/v1/statistics/push
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Hash 88f5d81d282db05ba087420dd56bcfc7
4e8326cb4f2e39bfb2ef07a64b11e6c817cd4dda
f77cddfc101160c163bc59fc27fb3ab62cd46f9907d28f795a79e7920a06c400
POST /v1/statistics/push HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
X-Token:
Content-Length: 180
Origin: https://936520.com
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:54 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/static/js/yidun/index.js
20.205.104.140200 OK 11 kB URL GET HTTP/2 936520.com/static/js/yidun/index.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/yidun/index.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-2a81"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/v1/report/tenantReport/getAvgOptTime?t=1686103794234
20.205.104.140200 OK 72 B URL GET HTTP/2 936520.com/v1/report/tenantReport/getAvgOptTime?t=1686103794234
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Hash 690fd06bf0d37ebdbc4e0a9dd7adb63b
45b4d6b707b5753859840df90dd22796c1a64dad
9c0bc5de8f0f4b2e72536c78805c3c484cf9fd8a8bd15b02b7dd1cf40c44137f
GET /v1/report/tenantReport/getAvgOptTime?t=1686103794234 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
ynuf.aliapp.org/w/wu.json
203.119.175.235200 OK 156 B URL GET HTTP/2 ynuf.aliapp.org/w/wu.json
IP 203.119.175.235:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://936520.com/register?id=32483556
Certificate IssuerGlobalSign nv-sa
Subject*.alibabacorp.com
Fingerprint21:4B:26:A9:58:52:03:EC:07:38:66:00:3B:39:33:F3:9B:56:E7:16
ValidityWed, 12 Apr 2023 23:17:04 GMT - Mon, 13 May 2024 23:11:02 GMT
File type ASCII text, with no line terminators
Hash 910ba99f4b2e2c2554b2f40045d90d5e
43d10fa33f8a2ba86bd5988e6072c670b8601470
707396242abe28186e49f07f28bdf60b0d3ecaaf7a9f2a7e189bc40708155fbc
GET /w/wu.json HTTP/1.1
Host: ynuf.aliapp.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 02:09:57 GMT
content-type: text/javascript;charset=utf-8
content-length: 156
x-application-context: umid-web:cn-prod:7001
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: Accept,X-PINGARUNER,CONTENT-TYPE,X-Requested-With
etag: G0798B05256076B1DC0F3034DFE76534DD8E11022DEDA0BACBA
cache-control: no-cache
set-cookie: cbc=G372B87D357450DB0DB9BC92F227EFFF858C99A1993EF67E321; Max-Age=31536000; Expires=Thu, 06-Jun-2024 02:09:57 GMT; Domain=ynuf.aliapp.org; Path=/
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
server: Tengine/Aserver
eagleeye-traceid: 2150775316861037973625007e2cd2
timing-allow-origin: *
X-Firefox-Spdy: h2
936520.com/static/js/initws.js
20.205.104.140200 OK 9.0 kB URL GET HTTP/2 936520.com/static/js/initws.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type C source, Unicode text, UTF-8 text, with very long lines (9159), with no line terminators
Hash 0c8fa7ab7e2c67d69a0851fa58cc7e2d
a0acfa0223b285e7120221ac157129920f350d33
3f5cf63478c72da23b68641226e92013cc9228d3ca2d4f6e8eca82d0c70d5ace
GET /static/js/initws.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:52 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-234a"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/static/css/vendor.959b9f4106cb.css
20.205.104.140200 OK 46 kB URL GET HTTP/2 936520.com/static/css/vendor.959b9f4106cb.css
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (45935), with no line terminators
Hash a196c3510d74827e2edaef5fcae81b5d
522ab58aa97dcf9d3c5372327fe1bfc5343fd3e6
03a1e1b5723402e6185e557b2ab04260e1d4aba985a1bb10b6716a3de8fa4b95
GET /static/css/vendor.959b9f4106cb.css HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-b36f"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/v1/management/tenant/getTenantConfig?t=1686103794191
20.205.104.140200 OK 1.7 kB URL GET HTTP/2 936520.com/v1/management/tenant/getTenantConfig?t=1686103794191
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1783), with no line terminators
Hash b8d0e267ea74be8364ab3224d5762e9c
c0272e1ae2890d6a60e1a6bc685987d31cf4cea0
6756aee30e9e82486cf64dfc9a634a51ddb7ff8394c69c0c27638ed7f1ce6958
GET /v1/management/tenant/getTenantConfig?t=1686103794191 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/v1/management/content/getIntroductionList?t=1686103794227
20.205.104.140200 OK 815 B URL GET HTTP/2 936520.com/v1/management/content/getIntroductionList?t=1686103794227
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (895), with no line terminators
Hash 4226f01978c327448a1e75a2ffd7d4d8
6c130d82d7845b1066514c836053360b5f487535
7990226ccfcba97419496f59fe5a73b62861427e61d787036b8f6ca9edfd9f92
GET /v1/management/content/getIntroductionList?t=1686103794227 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
cf.aliyun.com/nocaptcha/initialize.jsonp?a=FFFF0N0000000000B3B5&t=FFFF0N0000000000B3B5%3A1686103794563%3A0.8846006443321915&scene=nc_login&lang=cn&v=v1.2.18&href=https%3A%2F%2F936520.com%2Fregister&comm={}&callback=initializeJsonp_09372554790298214
203.119.175.190200 OK 94 B URL GET HTTP/2 cf.aliyun.com/nocaptcha/initialize.jsonp?a=FFFF0N0000000000B3B5&t=FFFF0N0000000000B3B5%3A1686103794563%3A0.8846006443321915&scene=nc_login&lang=cn&v=v1.2.18&href=https%3A%2F%2F936520.com%2Fregister&comm={}&callback=initializeJsonp_09372554790298214
IP 203.119.175.190:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://936520.com/register?id=32483556
Certificate IssuerGlobalSign nv-sa
Subject*.aliyun.com
Fingerprint8A:02:46:A2:F6:AA:51:BB:C9:D3:2A:13:53:E3:E6:3D:00:37:A9:DA
ValidityThu, 17 Nov 2022 03:21:03 GMT - Tue, 19 Dec 2023 02:11:06 GMT
File type ASCII text, with no line terminators
Hash d6cbd84911f315461e62f84f5c307d9b
2bd520a7987402f095ff93d685cf0731d20513d0
e49242141195b66e2f3ff0fd6d8a1c2aade0ac09b74b1af5816200bd07fa8952
GET /nocaptcha/initialize.jsonp?a=FFFF0N0000000000B3B5&t=FFFF0N0000000000B3B5%3A1686103794563%3A0.8846006443321915&scene=nc_login&lang=cn&v=v1.2.18&href=https%3A%2F%2F936520.com%2Fregister&comm={}&callback=initializeJsonp_09372554790298214 HTTP/1.1
Host: cf.aliyun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 02:09:56 GMT
content-type: text/javascript;charset=UTF-8
content-length: 94
content-language: zh-CN
server: Tengine/Aserver
eagleeye-traceid: 213e204916861037964464552ee5d5
strict-transport-security: max-age=0
timing-allow-origin: *
X-Firefox-Spdy: h2
images.ppa029sdfjshsjkdhksdhjhdu3.com/pro-management/zghcp/1675256697589.png?349677
20.24.81.156200 OK 3.3 kB URL GET HTTP/1.1 images.ppa029sdfjshsjkdhksdhjhdu3.com/pro-management/zghcp/1675256697589.png?349677
IP 20.24.81.156:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject*.ppa022cjklwmkksldjuhnb3llc.com
Fingerprint5E:84:56:51:5C:A7:35:6E:52:FF:61:41:60:CB:2C:13:95:97:9F:00
ValidityWed, 07 Sep 2022 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
File type PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash e073d651a77c0ac5870b927ecd25619e
59696d9aed4351bb0d839201bd188ff65392caf9
01c07b10e80f6a81f0c7c9aa4a6f71a40215cbf5addf3a1522b58bb8f7ee0446
GET /pro-management/zghcp/1675256697589.png?349677 HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 02:09:55 GMT
Content-Type: application/octet-stream
Content-Length: 3322
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Wed, 01 Feb 2023 13:01:05 GMT
ETag: "e073d651a77c0ac5870b927ecd25619e"
x-amz-request-id: tx00000000000018d3fbef1-00647fe59d-106b-default
Cache-Control: max-age=600
936520.com/v1/users/announcement/content?t=1686103794587&id=117746
20.205.104.140200 OK 897 B URL GET HTTP/2 936520.com/v1/users/announcement/content?t=1686103794587&id=117746
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (803), with no line terminators
Hash c24daa5ed600b98ad26fe8093c0f2a89
4108f7fa6ee629722ff9e494a29cf1165b476e30
11ae9ba8e6cc80c3a44e7e898a8b6c2343a2a8f4757b8a6439c4da5d2a5dc4be
GET /v1/users/announcement/content?t=1686103794587&id=117746 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/favicon.ico
20.205.104.140404 Not Found 159 B IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 047df4239d5e57f4c78db606a5859d7b
6f2a5da57c2a02837e19f8ac1158db728f3ad62c
45eda3cf633f023269cef5c11cf1c1d5dde3345afdc28610589ef3682ae5130a
GET /favicon.ico HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:52 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/static/js/0.fbade850a11b795f8b57.js
20.205.104.140200 OK 611 kB URL GET HTTP/2 936520.com/static/js/0.fbade850a11b795f8b57.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
Size 611 kB (610643 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/0.fbade850a11b795f8b57.js HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 02:09:53 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-95153"
content-encoding: gzip
X-Firefox-Spdy: h2
936520.com/v1/management/tenant/getTenantConfig?t=1686103793919
20.205.104.140200 OK 1.7 kB URL GET HTTP/2 936520.com/v1/management/tenant/getTenantConfig?t=1686103793919
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1783), with no line terminators
Hash b8d0e267ea74be8364ab3224d5762e9c
c0272e1ae2890d6a60e1a6bc685987d31cf4cea0
6756aee30e9e82486cf64dfc9a634a51ddb7ff8394c69c0c27638ed7f1ce6958
GET /v1/management/tenant/getTenantConfig?t=1686103793919 HTTP/1.1
Host: 936520.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://936520.com/register?id=32483556
Cookie: _uab_collina=168610379330224060769994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
images.ppa029sdfjshsjkdhksdhjhdu3.com/system/pc/login/loginBg.png
0.0.0.0 0 B URL GET images.ppa029sdfjshsjkdhksdhjhdu3.com/system/pc/login/loginBg.png
IP 0.0.0.0:0
Requested by https://936520.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject*.ppa022cjklwmkksldjuhnb3llc.com
Fingerprint5E:84:56:51:5C:A7:35:6E:52:FF:61:41:60:CB:2C:13:95:97:9F:00
ValidityWed, 07 Sep 2022 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /system/pc/login/loginBg.png HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 02:09:55 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 18 Oct 2016 16:57:42 GMT
ETag: W/"0477fbd6029d21:0"
X-Powered-By: ASP.NET
Expires: Thu, 08 Jun 2023 02:09:55 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Cache-Control: max-age=86400, max-age=315360000000
X-Cache: HIT
Content-Encoding: gzip
aeis.alicdn.com/AWSC/uab/1.140.0/collina.js
104.110.21.4200 OK 249 kB URL GET HTTP/2 aeis.alicdn.com/AWSC/uab/1.140.0/collina.js
IP 104.110.21.4:443
Requested by https://936520.com/register?id=32483556
Certificate IssuerDigiCert Inc
Subjectru.aliexpress.com
FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F
ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT
Size 249 kB (248730 bytes)
Hash 75fb6b94dcb3a9c89abb59a3ffd7546f
96101820857ef511ba83017e928aeeb88353b162
04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58
GET /AWSC/uab/1.140.0/collina.js HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://936520.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 119440
x-oss-request-id: 6464CEB6B0E0E7333712CD38
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17940526130122019226
x-oss-storage-class: Standard
content-md5: dftrlNyzqciau1mj/9dUbw==
x-oss-server-time: 6
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1684328118
x-swift-savetime: Wed, 17 May 2023 18:04:24 GMT
x-swift-cachetime: 67854
eagleid: 2ff62c9b16843466639526205e
served-from: 23.36.77.237
cache-control: max-age=816254, s-maxage=86400
expires: Fri, 16 Jun 2023 12:54:09 GMT
date: Wed, 07 Jun 2023 02:09:55 GMT
vary: Accept-Encoding
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 104.110.21.4
X-Firefox-Spdy: h2