r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e051e6e01b12b9ad6e0014603f93431a
ada9efe77054d8593f2687fb3a7eada8908ef7e8
c41be8ffe176ca674efb0588164fdfd237754c6b5b461f8f46387b96ae7d6090
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41BE8FFE176CA674EFB0588164FDFD237754C6B5B461F8F46387B96AE7D6090"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5706
Expires: Sat, 04 Feb 2023 11:32:53 GMT
Date: Sat, 04 Feb 2023 09:57:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5249
Expires: Sat, 04 Feb 2023 11:25:16 GMT
Date: Sat, 04 Feb 2023 09:57:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 09:43:37 GMT
content-type: application/json
age: 850
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14982
Expires: Sat, 04 Feb 2023 14:07:29 GMT
Date: Sat, 04 Feb 2023 09:57:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +ZXZ8UkSozkefTGNqxdB3etScbKZmKcBBCUrjOL79oVKQCaMIOQ8oRkQepZ0rykD3El38rXQfiA=
x-amz-request-id: 6P1HVP5MBTBTCT41
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 09:52:47 GMT
age: 300
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 09:57:47 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ywzxyjh.com/
156.238.121.92301 Moved Permanently 0 B IP 156.238.121.92:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ywzxyjh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 09:57:47 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.ywzxyjh.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 09:49:07 GMT
age: 520
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4335
Expires: Sat, 04 Feb 2023 11:10:03 GMT
Date: Sat, 04 Feb 2023 09:57:48 GMT
Connection: keep-alive
push.services.mozilla.com/
54.203.75.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.75.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jZGfnkXAD6FaP2+mw2CoPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 56Az24fq1OL3yS4v/R1LJBX6qgI=
www.ywzxyjh.com/index.php
156.238.121.92200 OK 524 B URL HTTP/1.1 www.ywzxyjh.com/index.php
IP 156.238.121.92:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (563), with CRLF line terminators
Hash 86922665adb8d861e348f5b6f9f1db2a
7bfc5b2b3ae860ba4ae05cf441866b085495f133
18e89642c4af9ced5d2cec41657f1be1eaaee874dd64ab0ca9713ec77c011d94
GET /index.php HTTP/1.1
Host: www.ywzxyjh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.ywzxyjh.com/tj.js
156.238.121.92200 OK 258 B IP 156.238.121.92:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash dd787fdbd1f3ea7a3e97b9e378dced43
0eee48edbf4c0f6a37dd18875acb1b8aad40ad5b
de7bfdfa93823d80635d11ee1e972a2855d723d1c0428fa7f657669eb0820841
GET /tj.js HTTP/1.1
Host: www.ywzxyjh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ywzxyjh.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:48 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.ywzxyjh.com/common.js
156.238.121.92200 OK 639 B URL HTTP/1.1 www.ywzxyjh.com/common.js
IP 156.238.121.92:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, ASCII text, with very long lines (1228), with no line terminators
Hash d18a92ae60c212029e05c7a9e1c1d5f6
aa61f4985f8f4b1963927ee27f915c05a26ac86d
32e5c954712e88b60e39c5d4bb4203c9013c0bb6eb43be53c47ceb74325cea18
GET /common.js HTTP/1.1
Host: www.ywzxyjh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ywzxyjh.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:48 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.ywzxyjh.com/favicon.ico
156.238.121.92200 OK 1.2 kB URL HTTP/1.1 www.ywzxyjh.com/favicon.ico
IP 156.238.121.92:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.ywzxyjh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ywzxyjh.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:49 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 09 Feb 2023 09:57:49 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17979
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 09:57:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17979
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 09:57:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17979
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 09:57:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 42689
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 13065
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 42748
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 42448
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 42725
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:14:12 GMT
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
age: 42217
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash dc82e7181f8e9aca9815a9d4e791460d
40628a5fd9c657b28765116249dc99a3cf4eaa01
871e3dfd39d121014fd3e1d8c5019869acb165add6a5510b047a9b23e4d843ab
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 09:57:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 06:15:44 GMT
ETag: "40628a5fd9c657b28765116249dc99a3cf4eaa01"
Last-Modified: Sat, 04 Feb 2023 06:15:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2751
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79428b5adaeab518-OSL
ykingb76.top/
122.10.10.168200 OK 10 kB IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1302), with CRLF, LF line terminators
Hash 23d8c872e7d147c521c48b54c87c111f
e8886938b5a95cc7229728caaed1ee0483869904
891abc18bc572c8d5deb06179b9e914dbb33966702b27afdbf9adb9dc77b86cb
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ywzxyjh.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 48c8d917c78e7f9387d2c594bfa50508
fa64eac0a004041baa0d3c44ee0fa3416664f13c
8982cfd469c027f831c3ae2c7fc090fa9226a81c8803e6f63be2d719723b4ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5202
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:57:50 GMT
Last-Modified: Sat, 04 Feb 2023 08:31:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 48c8d917c78e7f9387d2c594bfa50508
fa64eac0a004041baa0d3c44ee0fa3416664f13c
8982cfd469c027f831c3ae2c7fc090fa9226a81c8803e6f63be2d719723b4ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:57:50 GMT
Last-Modified: Sat, 04 Feb 2023 09:07:11 GMT
Server: ECS (amb/6B86)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 48c8d917c78e7f9387d2c594bfa50508
fa64eac0a004041baa0d3c44ee0fa3416664f13c
8982cfd469c027f831c3ae2c7fc090fa9226a81c8803e6f63be2d719723b4ca3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5202
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:57:50 GMT
Last-Modified: Sat, 04 Feb 2023 08:31:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ykingb76.top/template/m1938pc/css/ate.css
122.10.10.168200 OK 6.0 kB URL HTTP/1.1 ykingb76.top/template/m1938pc/css/ate.css
IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash 775ec9fd65a59632efdf68fc5af2dfad
a51c8530feab204356baa78c94848b688de1caf5
683dab144184920b21b643c2e6de55202e5528633318697e652fec75a8016d93
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ykingb76.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:50 GMT
Content-Type: text/css
Last-Modified: Thu, 21 Apr 2022 12:25:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62614d4c-126e4"
Expires: Sat, 04 Feb 2023 21:57:50 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
z4a.net/images/2022/12/29/960x60.gif
104.21.234.234200 OK 169 kB URL HTTP/2 z4a.net/images/2022/12/29/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 169 kB (168777 bytes)
Hash 729a348b918f6435c5a38c8938a81587
f82b088813167cd5396bf74feedb4d8e35612dcf
cd580979947876de1d553e460e57bd4d7b432c682097f67c6249b667eb3c6726
GET /images/2022/12/29/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:57:50 GMT
content-type: image/gif
content-length: 168777
expires: Sun, 04 Feb 2024 00:01:54 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 35756
last-modified: Sat, 04 Feb 2023 00:01:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzJ7%2FCVW6zN78MTPdiBFPzFicdycWcXE%2FTrJQshYdn47OCsNW4UtPs5g5riLfxtkbLCi7gy75EYjJnTJLUr%2BHS%2FrypOar9OAtGFy8dywtQOZ1Ypnl2qhiRv0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79428b5c19dc23ff-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2023/02/03/380x170.gif
104.21.234.234200 OK 200 kB URL HTTP/2 z4a.net/images/2023/02/03/380x170.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 380 x 170\012- data
Size 200 kB (200544 bytes)
Hash 338119e3a394e6d5d0fdb8e35259ee51
2e7c99b1635bb23eeb01844c0abf4005bdf2d730
331a118cfd5b282fa21a420d29224e2a5c07316883821c7426c326ed04b0f19c
GET /images/2023/02/03/380x170.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:57:50 GMT
content-type: image/gif
content-length: 200544
expires: Sat, 03 Feb 2024 10:46:55 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 83455
last-modified: Fri, 03 Feb 2023 10:46:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrikYY0C8aCjXj%2FtuaD%2FgX8iuV2gONkImJxvGq3vkSViWxDiunB0n7%2F4JzbPUNs0YP7d7wHX9DbAsHhIbGI4OjNS%2F9esEPako%2F0YHwqNp7likQYNJpEDXdpI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79428b5c19e623ff-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/29/200x200.gif
104.21.234.234200 OK 290 kB URL HTTP/2 z4a.net/images/2022/12/29/200x200.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 290 kB (289621 bytes)
Hash cadf1f7ee2520be9233442ecbb0b4d88
e77e636cf8a2c2682a8172fd1c6f2034a8822b25
b11e0be6b505c61f5362f8ec6c0430fe24aa062e27b39ba4bfb6b514dfbd4648
GET /images/2022/12/29/200x200.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:57:50 GMT
content-type: image/gif
content-length: 289621
expires: Sun, 04 Feb 2024 00:02:03 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 35747
last-modified: Sat, 04 Feb 2023 00:02:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZmWkl8zzkzG%2FL5N943SmKvE%2B7x7G8sMnQVnSBbupLWbUxG7sgVSJY3vJfzni%2FwWAeTStRUl9UBJIu8R6iqq5Bljw2%2F%2FrK9pImexhyjD3vNCdY1El82G4C2f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79428b5c19e423ff-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2023/02/03/960-60.gif
104.21.234.234200 OK 491 kB URL HTTP/2 z4a.net/images/2023/02/03/960-60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 491 kB (491072 bytes)
Hash bd01a4be20eb5bdfdaedaae4a4411828
1098f402a465f5bc5ddcc534a25ff676ae21b10e
a90b24c4d94518bda6f24b7ff8851167c36c37b5fcd02adf51c5fa2e4501214f
GET /images/2023/02/03/960-60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:57:50 GMT
content-type: image/gif
content-length: 491072
expires: Sun, 04 Feb 2024 00:01:55 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 35755
last-modified: Sat, 04 Feb 2023 00:01:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YD%2Fs1YVqh5VyZHZT2WCRiOF%2FuDJOooqn9DpCnbkW2%2BtLr6y%2BnCpyVVI9ZIsDssOg0dtULGcgRYOUq5ZBDDwBdFYNMEKCJf6xW7ncugIOvSLRKazgNqWUY32i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79428b5c19de23ff-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ykingb76.top/template/m1938pc/css/zui.css
122.10.10.168200 OK 22 kB URL HTTP/1.1 ykingb76.top/template/m1938pc/css/zui.css
IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, Unicode text, UTF-8 (with BOM) text
Hash 4378f1663173a87a5961c3c044053b10
b5006f73439368d03d54f95e688555d86251a5f0
a0d6837a9a00938d49402078d087769fc750acdb2f93f9d5d9ac6a6d8cdda0d2
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ykingb76.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:50 GMT
Content-Type: text/css
Last-Modified: Sun, 24 Apr 2022 03:44:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6264c780-1806e"
Expires: Sat, 04 Feb 2023 21:57:50 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ykingb76.top/template/m1938pc/ads/sz_zyxf.js
122.10.10.168200 OK 1.7 kB URL HTTP/1.1 ykingb76.top/template/m1938pc/ads/sz_zyxf.js
IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text
Hash ae393f42663d1f13fa4aa6586f9bdddb
c3929a17dafb8600d36a5a539c3e82f4bc9a79ea
b5b56d95762df66d0389ff498dcf504f5606885fb75f02a67281b968bebd5a3e
GET /template/m1938pc/ads/sz_zyxf.js HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ykingb76.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:50 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Feb 2023 10:41:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63db9366-21ba"
Expires: Sat, 04 Feb 2023 21:57:50 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ykingb76.top/template/m1938pc/ads/img/1.gif
122.10.10.168200 OK 254 B URL HTTP/1.1 ykingb76.top/template/m1938pc/ads/img/1.gif
IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/ads/img/1.gif HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ykingb76.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:50 GMT
Content-Type: image/gif
Content-Length: 254
Last-Modified: Thu, 21 Apr 2022 12:25:50 GMT
Connection: keep-alive
ETag: "62614d4e-fe"
Expires: Mon, 06 Mar 2023 09:57:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ykingb76.top/template/m1938pc/images/video-play.png
122.10.10.168200 OK 1.6 kB URL HTTP/1.1 ykingb76.top/template/m1938pc/images/video-play.png
IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ykingb76.top/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:50 GMT
Content-Type: image/png
Content-Length: 1567
Last-Modified: Thu, 21 Apr 2022 12:26:08 GMT
Connection: keep-alive
ETag: "62614d60-61f"
Expires: Mon, 06 Mar 2023 09:57:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.buypass.com/
95.101.11.123200 OK 1.7 kB IP 95.101.11.123:0
ASN #20940 Akamai International B.V.
Hash 5b084ad31326f71faa14e18402975ca5
05fcc21329286cdae62959b6909fa126e02ab58f
b564c0c154e4808da200be7a2e9bbbebc65e0984940836a5591a6c589a083381
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: ca1c44ad-84cc-4851-a528-281bb7023a0a
Content-Length: 1701
Date: Sat, 04 Feb 2023 09:57:50 GMT
Connection: keep-alive
ykingb76.top/template/m1938pc/ads/kongjiang.gif
122.10.10.168200 OK 73 kB URL HTTP/1.1 ykingb76.top/template/m1938pc/ads/kongjiang.gif
IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 960 x 80\012- data
Hash 3786e56d6d1ab748179b5cdcc97e0dc1
a1fabf9e794492452aeddae395618e245e892805
830e9e2171ca93ba4618970ee447880c54d99edc65aa4b26fa4e02c2fb963982
GET /template/m1938pc/ads/kongjiang.gif HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ykingb76.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:50 GMT
Content-Type: image/gif
Content-Length: 73157
Last-Modified: Thu, 02 Feb 2023 10:14:07 GMT
Connection: keep-alive
ETag: "63db8cef-11dc5"
Expires: Mon, 06 Mar 2023 09:57:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash b241b00a748ff3f607e37c564480ae25
73156f24b2a227c06fdcfd59de5c5647f00dea10
54019bbdd97395719322061f98a4e08d78e89a81830a883d5568c3d82492ae40
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 09:57:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 07:49:03 GMT
ETag: "73156f24b2a227c06fdcfd59de5c5647f00dea10"
Last-Modified: Sat, 04 Feb 2023 07:49:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3239
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79428b62ac30b4f4-OSL
pic.picnewsss.com/tu-2022290039/se-1.jpg
23.225.139.251200 OK 27 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/se-1.jpg
IP 23.225.139.251:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Hash d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e
GET /tu-2022290039/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Sat, 04 Feb 2023 09:42:57 GMT
etag: "1675504074"
expires: Mon, 06 Mar 2023 09:42:57 GMT
last-modified: Sat, 04 Feb 2023 09:47:54 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 26754
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?b90722b5d2498b7f299d13d5ab36a800
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b90722b5d2498b7f299d13d5ab36a800
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash ca06a2cc4d2cc6ce20d0d39be8fac0c2
e8f497d415460726d4eb7b8a69b4d586ac40f2ec
9cfdfb361a89656c5d0d82c4f8772e02a2ef383982cab4d9c5a06b614bcfa9ef
GET /hm.js?b90722b5d2498b7f299d13d5ab36a800 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11263
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 09:57:50 GMT
Etag: 7c92a957bf93c7b9b1e074418df04a1a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2C480E34C3C22425; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?6537787b7f86e6daa786a38016c9c7ab
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6537787b7f86e6daa786a38016c9c7ab
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash f8f2d3a11a3149286d9a3b44def3d0b6
611cd044c9364e813420731764c3e1e1b226fd85
2a0ea8bef681ef0acc344e015516995124475f1b5644c2b2848a7965ffc9b279
GET /hm.js?6537787b7f86e6daa786a38016c9c7ab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ywzxyjh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11264
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 09:57:50 GMT
Etag: ce7c7059d7a8855da73724a22b99e9a4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B57C43E3019D1D48; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ykingb76.top/template/m1938pc/ads/250.jpg
122.10.10.168200 OK 49 kB URL HTTP/1.1 ykingb76.top/template/m1938pc/ads/250.jpg
IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x853, components 3\012- data
Hash 98a4aa2e4fe727bed1dc7c1bbbd9a7ab
940e48d705212722a9231f60e8c7996dd7b334aa
6b0d412ab6b3c76049b9d3e5127a0b43440606ddf568965923fcb04bfe4f5687
GET /template/m1938pc/ads/250.jpg HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ykingb76.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:50 GMT
Content-Type: image/jpeg
Content-Length: 48575
Last-Modified: Mon, 26 Dec 2022 13:09:15 GMT
Connection: keep-alive
ETag: "63a99cfb-bdbf"
Expires: Mon, 06 Mar 2023 09:57:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ykingb76.top/template/m1938pc/ads/huangguan.gif
122.10.10.168200 OK 214 kB URL HTTP/1.1 ykingb76.top/template/m1938pc/ads/huangguan.gif
IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 960 x 60\012- data
Size 214 kB (213805 bytes)
Hash f410f5836079ff0b5cd79587a13c8dfa
f0962f95bcb436be5121eb66b143c04daeaf74db
38563dbaaf4cb7aa5ff89f1fb50ab63a477cf7772b4065c407bf5d246fa8dcb3
GET /template/m1938pc/ads/huangguan.gif HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ykingb76.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:50 GMT
Content-Type: image/gif
Content-Length: 213805
Last-Modified: Thu, 02 Feb 2023 10:14:06 GMT
Connection: keep-alive
ETag: "63db8cee-3432d"
Expires: Mon, 06 Mar 2023 09:57:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ykingb76.top/template/m1938pc/ads/bibo.gif
122.10.10.168200 OK 355 kB URL HTTP/1.1 ykingb76.top/template/m1938pc/ads/bibo.gif
IP 122.10.10.168:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 960 x 60\012- data
Size 355 kB (355361 bytes)
Hash c9d6002216323dd36e9a428a46fa4209
e287daccaea06192967ead4a46290ec9a9080f02
11105b08395bb42d516058100e71ceaebcb2c2d182e2c2e4acc64f73ab6f2477
GET /template/m1938pc/ads/bibo.gif HTTP/1.1
Host: ykingb76.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ykingb76.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 09:57:50 GMT
Content-Type: image/gif
Content-Length: 355361
Last-Modified: Thu, 02 Feb 2023 10:14:02 GMT
Connection: keep-alive
ETag: "63db8cea-56c21"
Expires: Mon, 06 Mar 2023 09:57:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1953513281&si=b90722b5d2498b7f299d13d5ab36a800&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36896&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1953513281&si=b90722b5d2498b7f299d13d5ab36a800&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36896&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1953513281&si=b90722b5d2498b7f299d13d5ab36a800&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36896&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 09:57:51 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D3624F59352B398B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1633592595&si=6537787b7f86e6daa786a38016c9c7ab&v=1.3.0&lv=1&sn=36896&r=0&ww=1280&u=http%3A%2F%2Fwww.ywzxyjh.com%2Findex.php&tt=%E8%8F%8F%E6%B3%BD%E6%A4%85%E7%A4%BA%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1633592595&si=6537787b7f86e6daa786a38016c9c7ab&v=1.3.0&lv=1&sn=36896&r=0&ww=1280&u=http%3A%2F%2Fwww.ywzxyjh.com%2Findex.php&tt=%E8%8F%8F%E6%B3%BD%E6%A4%85%E7%A4%BA%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1633592595&si=6537787b7f86e6daa786a38016c9c7ab&v=1.3.0&lv=1&sn=36896&r=0&ww=1280&u=http%3A%2F%2Fwww.ywzxyjh.com%2Findex.php&tt=%E8%8F%8F%E6%B3%BD%E6%A4%85%E7%A4%BA%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ywzxyjh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 09:57:51 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=ADC75ED5F3E3A896; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?b6267909077517b271f24efcf233727e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b6267909077517b271f24efcf233727e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 971193fccc1c8959cfa61aed432dff16
b033244958b8842cb08f35b217b1e6dbded844dd
83f6eee9fc3315174fc9291c74e6b6e4b573a2a044941f881e23da2b9bdc2dc0
GET /hm.js?b6267909077517b271f24efcf233727e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 09:57:51 GMT
Etag: 42a23ee53d53d6ad1264a064a89dac5f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A8574C9E7535ACAC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?d742f37d799b672d7761483ec806a10f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d742f37d799b672d7761483ec806a10f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (630)
Hash 0f858b88e383ac19b35c4b48a08a6c38
eaeaba8dd21a99d62213f0412ee64693fe739580
3af4651790e2d977c1bfabab24b98de1d90dee3e94b8ce48e5e741355ee54df3
GET /hm.js?d742f37d799b672d7761483ec806a10f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11268
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 09:57:51 GMT
Etag: ca369ccd574d56959ea40904faf851df
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=72D5B2557A483FA7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?c7e75a198aeeb6c19451998248286982
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?c7e75a198aeeb6c19451998248286982
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash 6ed7d39732b34a3eb6eaa008ca433725
9fe74889e0e403b84918f2114747ab23a0c204ee
71f8c2052502d16bfd843d1bc8aa80546a2119fec944cf7d30c367f1f756cedc
GET /hm.js?c7e75a198aeeb6c19451998248286982 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11265
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 09:57:51 GMT
Etag: 4f94b3fc69e80a703f334096f2f690a1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8B77267AE0B37BEE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=745759116&si=b6267909077517b271f24efcf233727e&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36897&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=745759116&si=b6267909077517b271f24efcf233727e&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36897&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=745759116&si=b6267909077517b271f24efcf233727e&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36897&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 09:57:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1D49C8FCBCF8D9F4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=136520848&si=d742f37d799b672d7761483ec806a10f&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36897&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=136520848&si=d742f37d799b672d7761483ec806a10f&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36897&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=136520848&si=d742f37d799b672d7761483ec806a10f&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36897&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 09:57:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=045293F57FB2D7EC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1076134031&si=c7e75a198aeeb6c19451998248286982&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36897&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1076134031&si=c7e75a198aeeb6c19451998248286982&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36897&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1076134031&si=c7e75a198aeeb6c19451998248286982&su=http%3A%2F%2Fwww.ywzxyjh.com%2F&v=1.3.0&lv=1&sn=36897&r=0&ww=1268&u=http%3A%2F%2Fykingb76.top%2F&tt=%E4%BC%98%E6%92%ADTV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 09:57:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6DF4C7A0CFEBEE99; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 4a196cc08e3b153790ec4fdae811edf6
1b4c09eb8d41a2edac67db35d5cd2b4ec6ec0f88
fd232468006c80004b6be6420e240eb99ba73ebb36076824ce10f186a83d42b3
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 09:57:52 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 22:45:42 GMT
Expires: Fri, 10 Feb 2023 22:45:41 GMT
Etag: "1b4c09eb8d41a2edac67db35d5cd2b4ec6ec0f88"
Cache-Control: max-age=563868,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79428b6a9cd1b511-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 771181635d9c7fe1ddf5bb82d4bf2c12
b146bc4dee082bc0209b582e6fc2705a1ada6abb
fc3f89dd283c7a8ea1a0b75ee6962321fdadc102c0c4edb801038a4bd4590417
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5741
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:57:52 GMT
Last-Modified: Sat, 04 Feb 2023 08:22:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/62b96b792d09439f9ded2ead53b76328
47.246.44.229200 OK 180 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/62b96b792d09439f9ded2ead53b76328
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 300 x 250\012- data
Size 180 kB (180339 bytes)
Hash 157cc4620c454f3e1852b544ad7f8b1c
d32dfdef2a092c097a22cbc66eff064e991e40dc
691bfd19f363505d0ff8f189935c6c5201090e56dc4e61c75e9db781ef26cad7
GET /obj/tos-cn-i-dy/62b96b792d09439f9ded2ead53b76328 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 180339
date: Thu, 02 Feb 2023 16:20:04 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 02 Feb 2023 13:41:53 GMT
nw-session-id: 20230202214153F46B0E56FC7A6FB03EA3tf24d02dy
nw-session-trace: 2023-02-02T21:41:53.614486574+08:00 433
x-bdcdn-cache-status: TCP_HIT
x-length: 180339
x-powered-by: ImageX
x-response-date: Thu, 02 Feb 2023 21:41:53 GMT
x-tt-logid: 20230202214153F46B0E56FC7A6FB03EA3
via: n204-100-029, cache17.l2de2[0,0,206-0,H], cache15.l2de2[1,0], cache15.l2de2[1,0], cache7.se1[0,0,200-0,H], cache7.se1[2,0]
x-request-ip: fdbd:dc01:27:215::152
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 019a6b6abbdabcace9c7a85b2f475a44d5563ad658fda087b8c82f72ceee70c4da47765688eed2a10eef8f8d88570e22074ae4bedd9e29b417b6fa4d5017ad4a8ebdbf46d783cccd7e31c05863f06d1f2091491810b0a22cbd0c7bc59595f0314f
x-response-lb: image
ali-swift-global-savetime: 1675354804
age: 149868
x-cache: HIT TCP_HIT dirn:3:305972446
x-swift-savetime: Fri, 03 Feb 2023 00:21:59 GMT
x-swift-cachetime: 31507085
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16755046726813818e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 771181635d9c7fe1ddf5bb82d4bf2c12
b146bc4dee082bc0209b582e6fc2705a1ada6abb
fc3f89dd283c7a8ea1a0b75ee6962321fdadc102c0c4edb801038a4bd4590417
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 09:57:52 GMT
Etag: "63dd82c4-2d7"
Server: ECS (amb/6BC6)
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/3e7c904dfb7f409f9e6981ebc7e496cb
47.246.44.229200 OK 506 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/3e7c904dfb7f409f9e6981ebc7e496cb
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 506 kB (505710 bytes)
Hash d63ef12d0280b3e158a677e65dbdfc4a
a7f5ba73badd87984d5f0633899af90aaf56db76
70121186fa1c91e1ae1ea1d8e0973721daf9ea921f34bec643f9e4836e15856b
GET /obj/tos-cn-i-dy/3e7c904dfb7f409f9e6981ebc7e496cb HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 505710
date: Tue, 31 Jan 2023 05:18:05 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 30 Jan 2023 13:25:16 GMT
nw-session-id: 2023013021251666718FADD7461C1B9EE2tlfcw02dy
nw-session-trace: 2023-01-30T21:25:16.606854344+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 505710
x-powered-by: ImageX
x-response-date: Mon, 30 Jan 2023 21:25:16 GMT
x-tt-logid: 2023013021251666718FADD7461C1B9EE2
via: n150-059-133, cache19.l2de2[0,0,206-0,H], cache17.l2de2[1,0], cache17.l2de2[1,0], cache1.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc02:19:466::91
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01b1b4ef092888dfb9df4db4c4c4c13125e0f8ffafbb2cdfc03a6ac1b5e591282cec2e40809dd70175e53db0f447db05ab8a175caf63ef40ea37fc61d063bbd86f3f57d26b7090200a3e5682ca23e3dbe34e9f32a5659eb0b8e7a756358b88c724
x-response-lb: image
ali-swift-global-savetime: 1675142285
age: 362387
x-cache: HIT TCP_MEM_HIT dirn:11:300754434
x-swift-savetime: Tue, 31 Jan 2023 06:12:21 GMT
x-swift-cachetime: 31532744
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16755046728673982e
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 13335b06df987132bb4924f6b82d5f0a
3bb9565f16a90a5239cbe817a1a56b290f92c3da
a4a8eb823b91b451d2a1f7016731a1f2ad9a52e557d154467df5c668a3c0be94
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 09:57:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 15:22:03 GMT
Expires: Fri, 10 Feb 2023 15:22:02 GMT
Etag: "3bb9565f16a90a5239cbe817a1a56b290f92c3da"
Cache-Control: max-age=537249,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79428b6d0a6e0b3d-OSL
p.qlogo.cn/qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hjWNundlxFzh4RVn7iclj3asdlcq0yDbtViagxYbGicsA10M/0
43.154.254.32200 OK 306 kB URL HTTP/2 p.qlogo.cn/qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hjWNundlxFzh4RVn7iclj3asdlcq0yDbtViagxYbGicsA10M/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 100\012- data
Size 306 kB (306060 bytes)
Hash 46849841d98246ac6d44660ddbc19642
61f8e7ee0ba933a87feec89b47c28d6d337090a8
1007ba0e9fd38f3c0a55517657bd3b22e22fe9055ac4463ced82c796017f0917
GET /qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hjWNundlxFzh4RVn7iclj3asdlcq0yDbtViagxYbGicsA10M/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Sat, 04 Feb 2023 09:57:51 GMT
content-type: image/gif
content-length: 306060
vary: Accept,Origin
last-modified: Mon, 19 Dec 2022 13:01:50 GMT
cache-control: max-age=2592000
x-delay: 38907 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 306060
chid: 0
fid: 0
x-nws-log-uuid: cc825f21-6951-4a1c-ba9c-374150147180
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 13335b06df987132bb4924f6b82d5f0a
3bb9565f16a90a5239cbe817a1a56b290f92c3da
a4a8eb823b91b451d2a1f7016731a1f2ad9a52e557d154467df5c668a3c0be94
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 09:57:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 15:22:03 GMT
Expires: Fri, 10 Feb 2023 15:22:02 GMT
Etag: "3bb9565f16a90a5239cbe817a1a56b290f92c3da"
Cache-Control: max-age=537248,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79428b6e2b661c16-OSL
8499583.com/8499/s200x200.gif
172.247.50.239200 OK 248 kB URL HTTP/2 8499583.com/8499/s200x200.gif
IP 172.247.50.239:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 248 kB (248099 bytes)
Hash 761862416e1a2ae8b95e67e823ee7e5a
05c3fd100ac5801602b15243bb49e31b063ea7b5
69f49182c975f54c14c7f88bbd74ddd97f9b87a294147b26f1a2bf83000971e2
GET /8499/s200x200.gif HTTP/1.1
Host: 8499583.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 09:57:52 GMT
content-type: image/gif
content-length: 248099
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
etag: "3c923-5f0e000943a64"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
u1011.com/4190ec1275ad41e5b97e3f9b9b17e2b8.gif
103.189.109.74200 OK 32 kB URL HTTP/2 u1011.com/4190ec1275ad41e5b97e3f9b9b17e2b8.gif
IP 103.189.109.74:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 65b2dc464a3013c17cdb8a8c643719d8
fae937a6f094f2ceb6b0fa84f5a4e9ce336ee70d
70be7f27981ddf58e361ad923fa88110eaf976b93913eaea5f584856b99ed0cc
GET /4190ec1275ad41e5b97e3f9b9b17e2b8.gif HTTP/1.1
Host: u1011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63c6929c-7dc8"
server: nginx
date: Fri, 27 Jan 2023 08:34:32 GMT
content-type: image/gif
last-modified: Tue, 17 Jan 2023 12:20:44 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-064
content-length: 32200
X-Firefox-Spdy: h2
img.5969a.com/images/63dbbbbb5eeed921ab034c9c.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.5969a.com/images/63dbbbbb5eeed921ab034c9c.gif
IP 3.36.126.81:0
GET /images/63dbbbbb5eeed921ab034c9c.gif HTTP/1.1
Host: img.5969a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/62b96b792d09439f9ded2ead53b76328
X-Firefox-Spdy: h2
img.6327a.com/images/63dbaf845eeed921ab034c99.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.6327a.com/images/63dbaf845eeed921ab034c99.gif
IP 3.36.126.81:0
GET /images/63dbaf845eeed921ab034c99.gif HTTP/1.1
Host: img.6327a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ykingb76.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/3e7c904dfb7f409f9e6981ebc7e496cb
X-Firefox-Spdy: h2