{"report_id":"501309ea-5c98-45cd-89ab-dae17c3aa100","version":6,"status":"done","tags":[],"date":"2025-08-11T20:04:52Z","url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"title":"GULTIKTOTO: Situs Game Online Super Cepat, Gak Ada Pemberhentian!"},"submit":{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-15T20:04:52Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-11","alert":"Sinkholed","trigger":"arms-retcode-sg.aliyuncs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fourier.taobao.com","ip":{"addr":"123.183.232.34","port":443,"asn":141771,"as":"China Telecom","country":"China","country_code":"CN"},"domain_registered":"2003-04-21","domain_rank":73681,"first_seen":"2019-10-09T10:09:52Z","last_seen":"2025-08-09T11:19:50.930064Z","alert_count":0,"request_count":2,"received_data":1986,"sent_data":1069,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"gj.mmstat.com","ip":{"addr":"47.246.136.160","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"domain_registered":"2007-12-25","domain_rank":103095,"first_seen":"2014-12-16T13:58:44Z","last_seen":"2025-08-07T19:40:30.060874Z","alert_count":0,"request_count":2,"received_data":1049,"sent_data":1295,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"g.lazcdn.com","ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"domain_registered":"2021-11-05","domain_rank":82941,"first_seen":"2022-09-16T08:41:50Z","last_seen":"2025-08-07T12:53:41.159451Z","alert_count":0,"request_count":22,"received_data":3703965,"sent_data":11359,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"lzd-img-global.slatic.net","ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"domain_registered":"2013-09-24","domain_rank":132440,"first_seen":"2021-12-16T05:01:35Z","last_seen":"2025-08-07T12:53:41.236019Z","alert_count":0,"request_count":21,"received_data":224979,"sent_data":10312,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"icms-image.slatic.net","ip":{"addr":"47.246.48.189","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"domain_registered":"2013-09-24","domain_rank":434045,"first_seen":"2020-12-20T18:04:48Z","last_seen":"2025-08-10T07:13:45.785861Z","alert_count":0,"request_count":1,"received_data":7360,"sent_data":474,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"arms-retcode-sg.aliyuncs.com","ip":{"addr":"8.222.203.130","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2012-04-01","domain_rank":118752,"first_seen":"2017-12-29T07:07:12Z","last_seen":"2025-08-07T17:21:37.963302Z","alert_count":1,"request_count":1,"received_data":266,"sent_data":835,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.amplittlegiant.com","ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-04-01","domain_rank":250537,"first_seen":"2024-05-11T14:26:12Z","last_seen":"2025-08-09T20:26:42.065065Z","alert_count":0,"request_count":8,"received_data":1996530,"sent_data":3620,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fourier.alibaba.com","ip":{"addr":"47.246.165.65","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"1999-04-15","domain_rank":73547,"first_seen":"2017-12-29T06:57:08Z","last_seen":"2025-08-07T00:01:52.687524Z","alert_count":0,"request_count":1,"received_data":262,"sent_data":795,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"aeis.alicdn.com","ip":{"addr":"23.49.27.47","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"2008-06-25","domain_rank":75152,"first_seen":"2016-08-25T11:57:46Z","last_seen":"2025-08-09T12:20:49.393624Z","alert_count":0,"request_count":1,"received_data":222008,"sent_data":413,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"g.alicdn.com","ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2008-06-25","domain_rank":38802,"first_seen":"2014-10-06T08:39:58Z","last_seen":"2025-08-09T07:04:31.050609Z","alert_count":0,"request_count":7,"received_data":554648,"sent_data":3208,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"laz-g-cdn.alicdn.com","ip":{"addr":"90.84.161.27","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"domain_registered":"2008-06-25","domain_rank":98700,"first_seen":"2017-09-28T07:51:00Z","last_seen":"2025-08-08T15:15:36.558462Z","alert_count":0,"request_count":3,"received_data":74300,"sent_data":1571,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"gultiktotoe.cfd","ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-16","domain_rank":0,"first_seen":"2025-07-24T16:08:09.237808Z","last_seen":"2025-07-24T16:08:09.237809Z","alert_count":0,"request_count":4,"received_data":861706,"sent_data":1786,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Alibaba Cloud CDN","description":"Alibaba Cloud CDN is a global network of servers designed to deliver high-performance, low-latency content to users around the world. It is a cloud-based service provided by Alibaba Cloud, a subsidiary of the Alibaba Group, that enables businesses to accelerate the delivery of their web content, including images, videos, and static files, to end-users.","website":"https://www.alibabacloud.com/product/content-delivery-network","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["CDN"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"laz-img-cdn.alicdn.com","ip":{"addr":"90.84.161.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"domain_registered":"2008-06-25","domain_rank":123602,"first_seen":"2017-09-20T02:16:41Z","last_seen":"2025-08-08T17:22:20.687971Z","alert_count":0,"request_count":3,"received_data":51926,"sent_data":1398,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"blogger.googleusercontent.com","ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":4332,"first_seen":"2012-05-25T17:41:01Z","last_seen":"2025-08-07T23:25:45.817344Z","alert_count":0,"request_count":6,"received_data":59628,"sent_data":3918,"comment":"","tags":null,"fingerprints":null},{"fqdn":"retcode.taobao.com","ip":{"addr":"59.82.120.37","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2003-04-21","domain_rank":346953,"first_seen":"2015-07-07T07:42:08Z","last_seen":"2025-08-06T08:51:38.787365Z","alert_count":0,"request_count":1,"received_data":377,"sent_data":598,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"g.lazcdn.com/g/retcode/cloud-sdk/bl.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"e31ead706e55b7c4c100d87a5928f099","sha1":"5acc29a266fd91e1bb438bc2b7851d97468a5617","sha256":"caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197","sha512":"8185bb597648afce20b81e15b616576ac655a977a821a46720500de8e06c4abd43515f756e065b18c618878ac3187904d7e4e39474710901941f5c8f7c041a7e","ssdeep":"384:q5mDF0gzqCPaTkYJQd1t6AReVsR7Q0VdgM/gJgDsf5Z3OzgGcKc2kxFVJsOLVwZe:q5BgAhawAAVEgq/zGLvAk09hqRd8nfTO","tlshash":"6e1308cab6c1745207933010512f6107b1bb1aa4284f91a4fa76d9e6aeb864fc273f3d","size":41828,"data":"","first_seen":"2023-03-07T12:02:12Z","last_seen":"2026-04-04T16:41:37.861383Z","times_seen":73721,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/??mui/feloader/5.0.0/feloader-min.js,lzdmod/site-nav-pc/5.2.38/pc/index.js,lzdmod/jquery/5.0.9/index.js,lzdmod/site-nav-pc/5.2.38/assets/links-bar/index.js,lzdmod/common-info/5.0.30/index.js,lzdmod/site-nav-pc/5.2.38/assets/reqwest/index.js,lzdmod/site-nav-pc/5.2.38/assets/common/popper/index.js,lzdmod/site-nav-pc/5.2.38/assets/cart/index.js,lzdmod/site-nav-pc/5.2.38/assets/download-app/index.js,lzdmod/site-nav-pc/5.2.38/i18n.js,lzdmod/site-nav-pc/5.2.38/assets/track-order/index.js,lzdmod/site-nav-pc/5.2.38/assets/switch-lang/index.js,lzdmod/site-nav-pc/5.2.38/assets/user-info/index.js,lzdmod/site-nav-pc/5.2.38/assets/affiliate/index.js,lzdmod/site-nav-pc/5.2.38/assets/logo-bar/index.js,lzdmod/site-nav-pc/5.2.38/assets/search-box/index.js,lzdmod/site-nav-pc/5.2.38/assets/liveup/index.js,lzdmod/site-menu-pc/5.0.45/pc/index.js,lzdmod/site-menu-nav-pc/5.0.73/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/reqwest/index.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ccd0968cdba249db3247c66f9f87c18","sha1":"f2fd43093bea8756c20c99ade52e4e7089d0446e","sha256":"cd1411bbb194fde0a1a0b729f03c3a5bb38ca17b43983b0eb706c519a34280ca","sha512":"608ec691a84bb03f2bc8dcc9ee31670a0d67d399e47e1c59ca5bb119b0ca3bd0e1d0d2952edb1b289b45f2708af92642ff632f101130aad07162ac7bd247cc85","ssdeep":"3072:Hit5xzm9oK6cTq3kEaH1yl4INwhZIGbGVaa0Ff18hhGEb:CT9m9oFc+sbh7jbGVaa0p18hZb","tlshash":"0c044ccd71d1b06243a72078907f650bb236996e280c8444f275ece6bd78a8e527bf7d","size":188948,"data":"","first_seen":"2024-08-12T05:44:55Z","last_seen":"2026-04-04T16:41:37.884348Z","times_seen":69603,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/secdev/sufei_data/3.9.14/index.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9a5a9592db7e29feb4cc5e8814dea21","sha1":"7efbde36c1131ebd7b51ae536eb087a8cebdbb7e","sha256":"f4425a89ec24254262bc3d81a838890e5c9740428e28cd96e520c5bf8ddffa4c","sha512":"26c2a4f256fa23da25a752a02ae6192f69e43ed34e7491b8cd6eaa7cd1b15266bdbc8c7e43efad7e525833f0ed81aacf7b8c5f20e3386fbb85f67072d030e092","ssdeep":"384:1IMDl+jy4oSYIvNj6saelaD6r0lW0m+nVEPrciNY4yT:1Isl+jysygTu","tlshash":"4a82848eb6c674654383147685af010fa23959d41c6fd6c1a4a2f8d17cb84bea337eec","size":17754,"data":"","first_seen":"2023-09-23T19:36:07Z","last_seen":"2026-04-04T16:41:37.878638Z","times_seen":86105,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b32154d3f8dfe1df7d259d627b58139f","sha1":"3058726f3baef7353af611926ecb266f34e9eab3","sha256":"b1962cd8bb0458549069a38f511bf528756a8e5e833fa8725b7ad05868d0d04a","sha512":"0b8c82c2ba25d4d9d2600fdc15955bc43605a352e8f7bc93550de8cd9001d447696811420c219770d23023252b2f985fb604972171dde1906b18bf9945114381","ssdeep":"","tlshash":"3451880aacfb60ada427301d6b7f7106b0a45523a44dd884be8cd2645f7103f61beaed","size":2655,"data":"","first_seen":"2024-12-06T01:41:06.516834Z","last_seen":"2026-03-28T18:02:21.257539Z","times_seen":11972,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"eb6e831d80f1a6cf7faadfd79fab87fa","sha1":"e7d51d0cf1e73888ea8545ef4b64aa37754116ab","sha256":"0c12915be079187bc2757b96f8049988a16f06a9a0c72b0f3c500862fc665a80","sha512":"3bac3ab20c3d366639a5c2eb8747984f62f1f117dd1cf88a02a541d92bcd74e93021c3cb5111bc11e97e9647a22161a3440a56f6b9b16eb25af068c850f2f0b3","ssdeep":"","tlshash":"4221cc1d89fd98f88aa330245b5fe41820b8190bb1c6dd027adcab4c0f5d656b6689ec","size":1234,"data":"","first_seen":"2025-07-24T16:08:12.710293Z","last_seen":"2025-08-11T20:05:29.488419Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"24cde74cc7fc2c325560676364ca86c5","sha1":"b1f3717d256bd5cb2a79a010c4b9926634a07553","sha256":"c5424c786987ce794a9f85365566f7734cda9acdcd98ea307d52d15336826256","sha512":"7d37834f568986f5a4d71f85e7cc6172a0d82263df89a40c82ba71495492666be5f0fd83bcb9cc0e19e726b61f9a98fb9dd96b86032750ab4f180e33a50ace09","ssdeep":"","tlshash":"4c900285045b5121c1b004045e55f5409615501a408670207eac823d6f11303430514b","size":52,"data":"","first_seen":"2024-12-01T05:19:28.005529Z","last_seen":"2026-04-04T16:41:37.906646Z","times_seen":19016,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lazada-search-fe/lzd-searchbox/0.4.11/index.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"1663855fe3963805db3cdd7fb08ea591","sha1":"b4b99318bdb2bcf37de40386cb4f2eb38d865638","sha256":"49760473597b8b5964e4956f746fa8e098419b34f81f1236abb104e2e8ea9d1d","sha512":"7a0a52009c948100ddf8afb686f606ed2a68052422c858fd4854921e02209894f2d10292f8862739eda73fb77a97ca5f99207d31490f8a0349f9d15bd56ce6ee","ssdeep":"1536:CP+c7WMNTwH4XwEwrSSxcx1sxd3F/8IjEH1UM0E:C2cZe4A9FisxgI4H1UM0E","tlshash":"4d83c88c34d1f4e602a32069883f150af2795c2dd559b494f7e2d8f0beb096e9276f2d","size":81573,"data":"","first_seen":"2023-10-16T06:16:38Z","last_seen":"2026-04-04T16:41:37.862015Z","times_seen":67381,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ce73f2d5b298e28b9aa2b1477cd8f8bb","sha1":"f9604856acc070d15f19268b0223f09aa2cb5e3d","sha256":"88abc67efc26636ba601bfcd2319edd6bb6f74fd491ac8ffb15fe1aeadc52dde","sha512":"e2251d511f54f490bc91cd9f1bd9f0c0368da635dbd10186832e34a0ad4e661ce3ceb802c99e7cf9680fa3c7f2c0186b9fca0a3edbb894481d6013657f24d05b","ssdeep":"","tlshash":"0a018248d0a3853250021fec2faa2112f462d51b261e1d507e9c9ec8cfa983f1a76269","size":679,"data":"","first_seen":"2024-12-06T01:41:06.524917Z","last_seen":"2026-04-04T16:41:37.90726Z","times_seen":18496,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d82140c0aacd543897982da496488fae","sha1":"84ad33941b580f5441930dc3046f23bba8b51311","sha256":"254914c98f7d87e0cb1c49e94b2e0728a695853fe4d14a0e7a01ad753f5e992b","sha512":"f1f6aef5596251c4ccb3d6052061217b19d0572ac62bda3539d8f3e1cbef40032d20a6b2abd035a2255f2b3f297d91cb53d28b280b9869cc43173698d067358c","ssdeep":"","tlshash":"26f0e29816e66830447bf3e22b1fbb143ba7418704506a033e8cc381df2f8379e02b48","size":622,"data":"","first_seen":"2024-12-06T01:41:06.526829Z","last_seen":"2026-04-04T16:41:37.907869Z","times_seen":17681,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/lzdfe/pdp-platform/0.1.22/pc.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"03f755900846a59574d3b6b0e8997169","sha1":"56ffb6fca8816d7dafd762ae3cebd3de28103d13","sha256":"873ee891f6b767f25d4bb3eb62a21beb85ca02d6af921d69cde3b65e6e318636","sha512":"8df5357df09a1958abbeca961e547a1efbf7f7a3f57009504e7212402b2fc85617cbc57f820f0fbd124f1807936edac9b5821d198409512efb60b742ead7929e","ssdeep":"768:gsA9wPmwq5/kmOm8QuCwORE3HVLOcIl2K6cxCQYjoXaA:g/9wPmrTOFQMORCCtl2K6aCXjlA","tlshash":"2a836389b8a1f0b146a361b5812f550bf17b197aa08de4c0f7adc5e1afb844e4173f2d","size":86044,"data":"","first_seen":"2025-05-29T10:24:27.938547Z","last_seen":"2026-03-26T09:40:49.659892Z","times_seen":13341,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"606ddcc644ce95802cad32817f1783fb","sha1":"be1f53ac097289d5648d9df84211d66ca3630b77","sha256":"b3b337698c327db8ea4e462b95c2a02d2fd3cf33fa2263251ed359da463f2a73","sha512":"e21d1959a6e3f0a7f4129c0fc0feab6cc54fb6d52323686bb2d54f7b00ce0eb3d21e0e3c256673e1338fca2215639f16e90f5dc1d3d0211f68d99a39675bf4fb","ssdeep":"","tlshash":"f4c048560c0e083200282805ab83be002e220ae265828808bf0cb21d2f600c381ec2b8","size":136,"data":"","first_seen":"2024-12-06T01:41:06.530799Z","last_seen":"2026-04-04T16:41:37.908455Z","times_seen":18479,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6f5e9af8a5ea7f903c6ecf90454b8776","sha1":"929f219f82cd5ed121cd2253baec02d72ace6389","sha256":"e0d4cf7dd54b3ad82cc79ebec0e2d6b067209408917e2d6c47104228250148de","sha512":"48c417d383b3628310d8af8fec9f2c11c00ad1164d396f9147418d7eb3c0782e5c948f055d8442c474782044d58fb4db5e540b6e31c2f52f942a8b914bde74b1","ssdeep":"","tlshash":"43e01223483bcb3543285805ef4fbd046b2202eb59e4d50536aca50cdfb45c341ed5e8","size":334,"data":"","first_seen":"2024-12-06T01:41:06.532878Z","last_seen":"2026-04-04T16:41:37.909183Z","times_seen":17442,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzd/assets/0.0.5/next/0.19.21/next.min.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"e89190474b7dc4b988edbb405ff0cd32","sha1":"e9f418799d20cd8bcdb5eab3ef9c562b2e39da2c","sha256":"07aef6cb37f4d696f2dc269aea4e6646c8514c999105855a16d5199834d172b0","sha512":"98283934c97327c338cfdf343144248d016503fcfc6f66a48fccc86b7ce0082fbb753d75d18733f23e385ad28b25fc36f83613f46de1b15bcb19c5b8ca1bd69c","ssdeep":"24576:tzFAXWdsIPFJ1Yn50NTfKHyqG4ds4vJWrZLPIVpB+n3IhkOrq/UOx8ambP3fuyKl:zgOCe","tlshash":"8915e78c7560f4a502e643a3806f040af3766c2cd429b895b2d5d8e57ef985e12eff39","size":931662,"data":"","first_seen":"2023-03-08T13:45:53Z","last_seen":"2026-04-04T16:41:37.915306Z","times_seen":71588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"302a055e1866a2a87b40302b831a3883","sha1":"e3536c47c5048e803f2edc4a4eac63972e8d1bb4","sha256":"8e33c8378ef8587a24e7d38cf704a483b15107b2160d8e9f416ba74f45ae5f19","sha512":"9dbf8bd1eb8a9c21788124eac927d121d0e7edffdf01a32cc4e1fbfacfd46e2805ebe8749a5bd513ea391ea0e08b8c0ce22fb308dcee8f72a2028f1ae678ecfa","ssdeep":"","tlshash":"bc51880aacfb60ada427301d6b7f7106b0a45523a44dd884be8cd2645f7103f61beaed","size":2909,"data":"","first_seen":"2024-12-06T01:41:06.534753Z","last_seen":"2026-03-22T02:53:09.392025Z","times_seen":12457,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d357c8d2597788e9125b0a97dac9e2da","sha1":"ea8e466c2ccf45b7e97f48d11d176214def90c00","sha256":"00209c23faa59a8475701c7b774d3e3ef1fcb355dd4a576ebf10b830d4488ef5","sha512":"5b799d33cb84101236120a4af1bedb206d8f2e693465d96e927abaab2571db070ad266a1e984ef5f64a50e89c8e829d429647846423febaef231275681c9f7b8","ssdeep":"","tlshash":"9ad092679c1b187394780a24ab83aa923a621be7a04180143a0db20e2f305cb85e8bf4","size":269,"data":"","first_seen":"2024-12-06T01:41:06.536627Z","last_seen":"2026-04-04T16:41:37.910789Z","times_seen":17487,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f2e7b1f17d0c41260689767dbe430e6a","sha1":"8e487db24f132316b8530c5f8e01ad25ceced42c","sha256":"92d44f0a18811ca012f8ad8742ca0a760261d0e5d910f6caeabaf33175cec038","sha512":"610aad5059268665f81863094dcb65d8dee26f62b4f7c766b74a8b88198558ab884aa0d2eef4a8e794ec82e7dd01da9e2f579839db5db4fe370b50da393e9994","ssdeep":"1536:GXf6lZmM3cRuvdgG7bGPTCZWExbJsCHeADQlVkFxg3C9NTd5ep0chNXsJ82bH0rh:7NBfJxds+DJF35epDHM8dI2CoN6sf","tlshash":"8ee3199d7298707a07e720f9002f120aa077a978b40dd4e1daa5d9d4bc78a8f5137fbd","size":151791,"data":"","first_seen":"2024-08-12T05:44:54Z","last_seen":"2026-03-06T20:27:28.938227Z","times_seen":15091,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/sd/baxia-entry/index.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"c969b10707da044bf9603d1e348f0c50","sha1":"944bc2cc33417db0b79af38b4627a24af69abe55","sha256":"339fbe5f134617144f565828c2f9f6dacff4e56def52c0bc5f1dc9c679582364","sha512":"825b3874e8582876100fc5b5cc8644121cddd29946d2b39f13281636096e287e6824928562a35edabac522edfa85b1244a6676c4e223dfa9a6bd4400a724aa8a","ssdeep":"384:B+yHDO1VRDd4ngvaYxaLv10fv/bx11XOlsm5F158IFJTU:B+0OlDGg6p0fFT4JTU","tlshash":"8882730a5a4144ee5bc9019630af0e0c54ff36b24fb5edf5e6c548200de9fc91aaaadd","size":17943,"data":"","first_seen":"2025-07-31T06:26:42.346022Z","last_seen":"2025-09-15T08:50:18.930029Z","times_seen":13262,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/lzdfe/pdp-modules/1.4.4/pc-mod.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff4e0293c7a04cfffe59b6f48fb5d9a8","sha1":"3385d160f5a03f4f8bbe428c2cd3817a63966809","sha256":"0d3485821b2fb73f4e450b1056c9bb54fa2ff6249f64240269c7bb4f707889a0","sha512":"169eed949f7acc391fba1e438ead033eebcd09829e023898c84d3ab88151ade141aa972130dff8e26913606cdcc90fb147fdfdd2e534e2f8fe386915e232f2cd","ssdeep":"49152:+XWXgnWKnNM6HDjsq3R+twfexMyLgfjr/RYKJOPz+/mTsvdB33L4gVOneUKs0FBA:J","tlshash":"76853f4abaf260349163b07d4a2fa805b235154f4d98fd003e8c92a55f6d93c9bb9f9c","size":1827457,"data":"","first_seen":"2024-10-31T22:47:58.881641Z","last_seen":"2026-03-09T22:06:14.048095Z","times_seen":13946,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzd/assets/1.2.13/??babel-polyfill/6.26.0/polyfill.min.js,react/16.8.0/react.production.min.js,react-dom/16.8.0/react-dom.production.min.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea0f33ae2ec68514fd2183b8fb1c8d25","sha1":"7b15588636f37d0733179ce083dc57668979fa25","sha256":"e8f29a92260f28617f602e0236a96a120558028ad188fe201cd13f56effcc76b","sha512":"5eeebeae917940223a02438e1072bf9b76cb0160ce1342152e2d0d817ae22ce082bb225e72ef32e16eab6e01fc8e3a446402c038f729a7c8c2da4f3730945875","ssdeep":"3072:kcVcXG1YlxOUTV6vBaGy3yL8rD5Qi+m2W9tfxUdYUN3oEKLVsz2qo:RVc7lxOUTj3fD5QYbfgSLVaq","tlshash":"e12409ccb982f05606b361b6107f500bb37d566a700dc8a0e15be9e4acbc45e927bf6d","size":223515,"data":"","first_seen":"2024-08-12T05:44:54Z","last_seen":"2026-04-04T16:41:37.885481Z","times_seen":70410,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/secdev/sufei_data/3.9.14/index.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9a5a9592db7e29feb4cc5e8814dea21","sha1":"7efbde36c1131ebd7b51ae536eb087a8cebdbb7e","sha256":"f4425a89ec24254262bc3d81a838890e5c9740428e28cd96e520c5bf8ddffa4c","sha512":"26c2a4f256fa23da25a752a02ae6192f69e43ed34e7491b8cd6eaa7cd1b15266bdbc8c7e43efad7e525833f0ed81aacf7b8c5f20e3386fbb85f67072d030e092","ssdeep":"384:1IMDl+jy4oSYIvNj6saelaD6r0lW0m+nVEPrciNY4yT:1Isl+jysygTu","tlshash":"4a82848eb6c674654383147685af010fa23959d41c6fd6c1a4a2f8d17cb84bea337eec","size":17754,"data":"","first_seen":"2023-09-23T19:36:07Z","last_seen":"2026-04-04T16:41:37.878638Z","times_seen":86105,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/sd/baxia/2.5.31/baxiaCommon.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"d92f78ccaaa2616aa3eb54e89d7032e5","sha1":"1291a7d5ec73b551114f5175cfd05c747b827928","sha256":"cc219d27d7e2ab0b6416fd4a1475fdedcd5b710123506903a526f72a4d208156","sha512":"fbe8c87e0e30dc7a9a1ad572e5827ddf249f11c17058ccea298357d453223156c8a0d1e838c65148193bfa66db20ae8aa313773cb86effb34045eaacc98cb5f3","ssdeep":"384:1rwyZTb26eCecrO0BJWm10bip2d4HefaD1IkTybobX0+a1ZZWNPDyBzpwjPweGBE:15TEC1O0BhKr/RUFajO6tTpy7pz","tlshash":"52f228c976daf06306d36874842f4426b13757d0384cc591eb4aeae06d7cd8f912bbae","size":37289,"data":"","first_seen":"2025-05-26T09:54:46.144611Z","last_seen":"2026-04-04T15:20:46.104274Z","times_seen":72399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/alilog/mlog/aplus_int.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd6d563ce933d2e1de1a0ad5c044f4e6","sha1":"cd411adde979475e3a888ec04510810769a1076a","sha256":"14dd066892b228a0ab55f283fc24e49b2417dabb13bc98b0793b914bb89632ae","sha512":"19907cf7a939b161ae6b377981f1956c3d03ee89700a73f7423e70d7b91a847134a7800a7302ae3861bf88e2b11a4ab88395bb96f4b980eb55e9726a916123d3","ssdeep":"384:Q9SS+9FWaPGdwCr4vmnOQmS4/xr8AUo99xJJHsI:Q9SomGFr4v7JxV9DHsI","tlshash":"0d62e7ee75cd706446a2216a446f120de13b9a95ac0ec090e8d6c9947c7c9ef6323ffc","size":15539,"data":"","first_seen":"2025-07-27T20:52:08.914565Z","last_seen":"2025-10-15T16:39:06.601509Z","times_seen":13929,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/woodpeckerx/jssdk??wpkReporter.js,plugins/flow.js,plugins/interface.js,plugins/blank.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"313fce95ea9fc889a2f8853921915657","sha1":"06a74499752f47966db61127958a9700f8db5818","sha256":"ec8b30600526cd5a830095f016c5eb1016272c154c83a406be845aec0745f2d3","sha512":"2476166b7a9d33ea11702aec59a94f2e4f6569f3fd4404772bc89caeda408a217932f811ed9e2efd84bff70432b6db6b60f710e28b3a25017ed68f3c6be90803","ssdeep":"768:jTrBVkkqUeYzskLT/kC9JeSxAJMN5ANMW7FHhirgYnPaZaS0bLlkb/nnW9TYb/Sf:jT9VDNn9JBNwQvnP+70byznqTYLSf","tlshash":"6b532bca77dc705307b2a070513f290a717795e52c8a88a4a360e9e73c785daa327f7d","size":62257,"data":"","first_seen":"2025-04-02T22:29:48.304196Z","last_seen":"2026-04-04T16:41:37.892613Z","times_seen":71245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"828b08c928315521f29aeb38998c687f","sha1":"f6f767f67a83add1f1027e5e6533bd4afb9ee824","sha256":"6cf5acfbab261501ce9407173403d6505f842b0ca1cfe718cad878d6dc4c2d18","sha512":"05f5fa28707903304bfc659ff9a4b15f162fd123186c9f6762167709051dd43742e763d24c40881543ce8fc2967c229be683e364516e17a0ce8550acfd3e3ef9","ssdeep":"96:JljT04udaQYUbqYfLt0EPYfoRo4YQGiqSEokSH:JljT04waQYUzfLt09foUpSE/SH","tlshash":"5ca1420ae0e314644593e13c976e7224786ad1d70ae8ee08fd0c11804f9442e96bbffa","size":5064,"data":"","first_seen":"2024-12-06T01:41:06.53847Z","last_seen":"2026-04-03T17:30:13.573117Z","times_seen":15056,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/et/1.83.35/et_f.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e3880d214afdb9cd7ea9f2eaabe63c6","sha1":"a04d91f8d3d62d99af52e3995d3e9e075d128d3e","sha256":"b2b659fcc9b076682b602188df870cab2b00b7c698f0eb9ee8a8c4b2726cba31","sha512":"89fcbda260142f9587d9ce116649c5159aa96b14e1830f05ff7bba3ff14c4bf8c60eaed9638b3a6b6b9c05ff70a948f0f630c3f94b49544a7989edd02cd94d66","ssdeep":"3072:2j+GCnqhVKZgCcS5AgNTzFNQMknjF5Cv/SisoqXP4QsJK0NLkVy93XEP:h6+LAgNfFzQWvWXP4QsJTkgNX+","tlshash":"4e544f695213048d1262d7fd143b38caaca8cd14d6540cf7ae32cb97dca9ad350e79eb","size":295155,"data":"","first_seen":"2025-07-29T08:26:57.213487Z","last_seen":"2026-02-10T15:18:30.151276Z","times_seen":20939,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0207a2fda4a4702005699d1538b05b2c","sha1":"f643963ec03ebd06186ce7dba2c7af458c8cfef3","sha256":"1f8b58266f23822e824cfa17e981ec3ac1469b724cdb2023ad1b884e933ec0e4","sha512":"de889afb19a53fe3123562a0d40574a6cf5689fe4776428108aa7119af5a7fa61cc4ecc225e02f43a143eb53d8d9219ec61ff7518d84f51d5e5b69447fab5229","ssdeep":"","tlshash":"30c09201f29f286031b038a00b263a8132b3142ae9c88000bb8de31f3f3684381bc3d9","size":148,"data":"","first_seen":"2024-12-06T01:41:06.5404Z","last_seen":"2026-04-04T16:41:37.912482Z","times_seen":16918,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-mtop/2.5.1/mtop.js,lazada-decorate/lazada-mod-lib/0.0.20/LazadaModLib.min.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"57b2e10e609191c186511592a94d6bb6","sha1":"93b3c6cc26945388a44a1442207011c80f02387c","sha256":"e0bf62f312659a4a2c542885f41c26df7a9d5458e5b4c06ad6186569d3cfc919","sha512":"5f2da680ce621a7ae9cee47c94621bbc48502b212c0d856a8023e820c35584bde7d8a004b0a2f49e5050c2945f49010187590739a0a76f183fafd001f99ee1d6","ssdeep":"12288:YBhbEew0gxQA2pHXoq3cMt8sIYPQbfGXbVRaBYCdy4bPyub4boG0jdyqp+dK:YBhbEew0gxQA2pHXMMSsIYPQbfGXbVRI","tlshash":"84c4078971d0f0a107e750a2803f440af3b6682de419b4a4b3e6d8e57ef959d522bf3d","size":569783,"data":"","first_seen":"2023-06-03T14:51:44Z","last_seen":"2026-04-04T16:41:37.859468Z","times_seen":56853,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gj.mmstat.com/eg.js?t=1754942672486","fqdn":"gj.mmstat.com","domain":"mmstat.com","tld":"com"},"ip":{"addr":"47.246.136.160","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ded33a18a1ea141e7bd86473d69b6050","sha1":"22a789d5f973306ca6494d91ffe3c9dd92bb563a","sha256":"6df34e07b64a4fe07cbc4a04b4dcb4b38ec863f47c2ac6d1c3db3aa60b2abb1c","sha512":"13404b6abf00ed65cffc17b29579c1dee3e037a67a1b4b8339d3a921837225776c2a4cf957a210b5098c333f1df803c9ed0a386066575cf838d8feea7697c862","ssdeep":"","tlshash":"1db012ed884e6c3c7810002c06011500b45cc330c540d0d04170c4313c4148798004d3","size":91,"data":"","first_seen":"2025-08-11T20:05:29.458793Z","last_seen":"2025-08-11T20:05:29.458793Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fourier.taobao.com/rp?ext=51\u0026data=jm_0TohIa2vkR8CAVFfUcL4d4Ho\u0026random=051044956241398265\u0026href=https%3A%2F%2Fgultiktotoe.cfd%2F\u0026protocol=https:\u0026callback=jsonpCallback","fqdn":"fourier.taobao.com","domain":"taobao.com","tld":"com"},"ip":{"addr":"123.183.232.34","port":443,"asn":141771,"as":"China Telecom","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"8af8a0f23331af9be132b12dd8d9626d","sha1":"874603d29b0664147d9d19262587f5cf0bfa7bc2","sha256":"29b7217acb615f118fba97483fb6909f81af614d76294e7e1a4bc1d3d2506c9a","sha512":"5baa36e52978ba24d717b0496a6016a67f1d2a667177d96a0f0d63a32d028100f9c30e9833c9d6cf61e9087a4e3c3eed3ece6dcb9fc496fe4b386f8fac0bf188","ssdeep":"","tlshash":"772165ad3144b0262683911b3cbf15d9a4b157153c42ccc9455becc0a974fca96fbeb6","size":1441,"data":"","first_seen":"2023-07-13T07:25:03Z","last_seen":"2026-04-04T16:41:37.879253Z","times_seen":74748,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"242aea967bf415211ec812e3e7113c93","sha1":"af1fcfedceab9981a95795981e63ab6371e8eb34","sha256":"cb9e2bcc7160a655eb0b06edda0b6733c27521447ddf302ac9a6b608d508e21a","sha512":"8b4a25c6ec6ada82712edcd969f4139f6bcdd2f70c3e3cc79ac893ade5cd714be7e91f237978723df55abbd7b609d25412573ac2909428c348ca5804bcb4aa50","ssdeep":"","tlshash":"68a00241601a68541692b5818e2625c1a6b6102616544944b78cb31f7f27c5347dd346","size":66,"data":"","first_seen":"2024-12-06T01:41:06.542257Z","last_seen":"2026-04-04T16:41:37.91316Z","times_seen":16749,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aeis.alicdn.com/sd/ncpc/nc.js?t=18507","fqdn":"aeis.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.49.27.47","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"11998461d3d77dde9e7ef72a65e08429","sha1":"3863ac62c17ae5e0de527e1a8eeaea40e07c2531","sha256":"994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a","sha512":"b43185549d78f17805626a4252fcf8a95d9c608d00e5c0384800b6f6a4669b8dbd9770bd4a8111e81f8bebdc94e07900f29f81a8cc11ec59310fb0a57354779e","ssdeep":"6144:82FkFcwdCl/viCF7TWjO9vE6qTYEBJg4EOBFuYyLJi:+dCl/viCF7vE6qvBK4EOBH","tlshash":"52244ad9b382301e06a354acdcff360e71369982a805c978fbb1d4d69b7895b511bf2c","size":221174,"data":"","first_seen":"2023-08-15T13:48:39Z","last_seen":"2026-04-04T16:41:37.877333Z","times_seen":59061,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/alilog/mlog/aplus_int.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2546e6e452d3a7d51c1e8adb69fb1671","sha1":"3f3f48568cd6a8051ee5b978e3a337d602015170","sha256":"907499f858ffca98bd70e452acebad825db660a90851c5b80889b800049c16a3","sha512":"ef43e8115fb1127688e3eb4a1a7d5059ed68c08ad74a9c82ea9947d7a7163c0ff00711ecea98d178349a79ac9077830c55777991e9f7aeb37b5a84edd445616e","ssdeep":"384:nFGmyVuKJULbnqGiUYR00STBtd6ze7ijTMvJz03Nkxqyi:nFGm8xeqG/0STfd6bn3NAQ","tlshash":"5772f8de359d70a547b2656a042f110ad1774665ac0ec4a0a8c2cad47cacdefa333fed","size":17177,"data":"","first_seen":"2024-07-18T11:20:29Z","last_seen":"2026-03-09T22:06:14.009167Z","times_seen":18029,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d34045df9136a8c369d5d020cb18a6f0","sha1":"e1c83d379fbcc626cd16195337b01003e174fb4a","sha256":"8d6bd7ebaa3f23b34997f30d2855db79027204f4b635ce9f38df59591c8cb121","sha512":"9a392c78e08bc20477d243fd0f12c5aa9c2913a3cedef06bbec41bea414f4d823f740a1400db1933e0904fc45161d26e221f4950e33c7bedd16510e020c27ca7","ssdeep":"","tlshash":"7561798884db14333863719d9bae232870918623904acd417d4ceb407f8aca9d5fd7ac","size":3336,"data":"","first_seen":"2024-12-06T01:41:06.543838Z","last_seen":"2026-04-04T16:41:37.913862Z","times_seen":15396,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"69ec8f0fff8be2d9a23d54fe0e605862","sha1":"8671ee12b8c55351919665eeeeb409f94532f53f","sha256":"54bfc59ea8f8d19c54dcd330cb3f493f8e9168bc9dd77306dfc9696635ffa866","sha512":"f810c9b5f2231c403cff245ef39a89ecaef55a173a425330c521b92a3412b07b61e807b134ad2a40020784cc53e55ed22e169fc25f0013897e5854261675913a","ssdeep":"","tlshash":"e4e0222e62e02163283336f51b0b2800381187a3002ced80b88ce3a80f05819492a6ec","size":398,"data":"","first_seen":"2024-12-06T01:41:06.545551Z","last_seen":"2026-04-04T16:41:37.914499Z","times_seen":13088,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d455fbc8173baca5482bcb395f137000","sha1":"af60c3d136d37ee461de184d453c03e4d43c64f4","sha256":"7f81216ed604489624e151a653ecb12edc0138d0f25cf95614704556cfcae471","sha512":"97801686779cd7da0832ecb69f43165d7e8d9bbb5dfd18b36eb3b4dde39d4aab5dff4a46852a47459ba1f23f57c9f22f5ad34375091ac1df52e2ff6f0d2cbd2d","ssdeep":"48:h7wqvAFulCBcHhBR0CdB/pVc7MLrdmcR2UGXndDcKIsKsQmt+higqa1ArH:r5jHPdBVcPcRkcK6TiDeArH","tlshash":"68f1331a18fb547001f7e0294fa7fa017920c1536019cc907e9de398bf2a957eab4fca","size":7544,"data":"","first_seen":"2024-12-06T01:41:06.547294Z","last_seen":"2026-03-14T17:59:38.102555Z","times_seen":9388,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"595cf9eb1363e028ab77786ea3aa0ce0","sha1":"2cc517d48f9250a01b94990b9c3a760cb99ac415","sha256":"edc8951020b0340e89e856ef5f87bb8007e06a19b0abaec1d1a7cfc0b1fec86a","sha512":"5329f76401ec0736c2dc12a44c16ca210008a4389e9259e2906b30f872d09c474413a83fc3c9a467b5639c51f8a9e1fedc888ec126ace2afbaf8fcf3d09a4783","ssdeep":"","tlshash":"c5e0e726182f9d3541285405df5fbd007f1616e718d59555364c720c5f745c3519d5e4","size":371,"data":"","first_seen":"2024-12-06T01:41:06.548867Z","last_seen":"2026-04-04T16:41:37.917456Z","times_seen":11166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"22f87499057409abdcd6d65998543238","sha1":"b2b6931f8ebc24452b818a891e615fe87c9c33ec","sha256":"f73f53f51ba913056df801e8559a999abdb4c40c2e02619f8235b3c298f9a23e","sha512":"58167a2aa00f04545731a5ccb74090eff61b96182f4d70d70a7f1d8ae2135415cbfc3a11e8827fd8edd42f34876ed592f4e45f0f63ae3c4d45fe6036973ea5dd","ssdeep":"","tlshash":"31e012b28c39c790a9651444d3bf2510db6314e69e8ec148b16f951cdf90cd7219e0f1","size":359,"data":"","first_seen":"2024-12-06T01:41:06.550603Z","last_seen":"2026-04-04T16:41:37.918088Z","times_seen":10685,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9f7d0fee41636c0afddc63c3bc77a6b7","sha1":"27b13a2cd26c137f52d7af56c4653bde4e4126df","sha256":"a0671325deb9ca605a1067bdad12e91abba947de35242bb84b6606232082eca9","sha512":"3dd3b5efd222ec19487b080946785d1002ae8804215ece89b8dbfe9e2d3dd4668f1e3cbd38545a992194cf1274ee54971a1a35d0f4eb875cb35741b4a95e46f9","ssdeep":"","tlshash":"d3e01227144e583a2037a84dc7876b102da023f71046c4257d1c311c6f9058785845ad","size":390,"data":"","first_seen":"2024-12-06T01:41:06.552073Z","last_seen":"2026-04-04T16:41:37.918669Z","times_seen":10989,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ede66ea2c7b402f47be8dbe8ba6a096f","sha1":"c7dfd15ab84c0e19ade7b38f860bf2d601ffa32a","sha256":"1d7e7809a63b41f797adc6ae226cba9238faf8ad3b3de34055cebca7a7bbd07e","sha512":"579cd370a6191fa404726dd40587976c27375cb91b8da815bdbb2a2754c5632b163474d4536e502684082bc88f4d484a502f15af6d0f9b318b6d53bc846dd655","ssdeep":"","tlshash":"abe09246d2b9a200a753a4ac9b8b28561026900b4456e8057a9dba89cf951a6028d9ac","size":324,"data":"","first_seen":"2024-12-06T01:41:06.553529Z","last_seen":"2026-04-04T16:41:37.919256Z","times_seen":9956,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"61e842395adbb3cf8ee94394686a6943","sha1":"76614725231b2b54288e08d92853f8fd693d32b9","sha256":"90e50e10e898807719539c6117410c075137d1113affa5814a1fbc9311d243da","sha512":"be246942740c6b355af0ac82486215a744afb4430c429b035e10b917e7014aa0de7b6fe38669dc90a2b6da8340b0bab4350926c18cb035743127a3bd7bdbfe24","ssdeep":"","tlshash":"af51380b94d50130657a716a6f1f2c89389f10070c5aec1e3e9d9ec4ff5da1b55e86e8","size":3022,"data":"","first_seen":"2024-12-06T01:41:06.555197Z","last_seen":"2026-04-04T16:41:37.919814Z","times_seen":9515,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/lzd/assets/1.1.37/web-vitals/2.1.0/index.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc60097870ee30b3d6259ce9680c74f2","sha1":"e4382f8ae534d363b2f6a77e6911da1f69d75f7c","sha256":"c3c9c80f6e478858b8d10e71a5077c3d4f55ccc3fc5c3f07ec7e39c4690fa21b","sha512":"39337cd79c86c3fe58c17c56e52cf5e961ea1ce641af0103c16a7fc4a81797bff72d210b14ab0b1011c43584143f336134ccb9a87a3f48f13ae8dd0ed60c7d8d","ssdeep":"192:pYS9S+StS/SyYjOe4b+mcDwowID3MorhG2q57OYzdO5NjgTVbIZ2sIdCJJS6ACoK:Eo7IG2WiIdCJJSjbC","tlshash":"ce8267bea076407541a7a13b961f73067233208b9cc8e9057f6dca846f5cd6f01f6ba9","size":17893,"data":"","first_seen":"2025-05-24T09:13:30.420545Z","last_seen":"2026-03-26T09:40:49.66442Z","times_seen":14760,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d0f3ca74acc663f4f6ac0cc2a261823c","sha1":"f735e74778155144df360a3604d8b0b25c02ad43","sha256":"14b384008b1bfd12ae40b8a1dd23b4488b99192b58906d8b051128fb988aac4e","sha512":"e5eb04386b03319441749432e7cb76dfd7adb810fa5cad437baa1421b180a5d9209120e512eb1972fbc309f5954483684976ad27ad1fa4ec1f3cb2fa07532784","ssdeep":"48:s9uTsSksfosQCHFDECOlXhLyFGNh9EWSClvT:JgSE3CHRECQLyZWSClvT","tlshash":"2bd187ae40b62e1041b3747c4b6ba604363586130906fa217e8cff05ef5862b76b97ca","size":6760,"data":"","first_seen":"2024-12-06T01:41:06.55669Z","last_seen":"2026-04-04T16:41:37.920385Z","times_seen":8255,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/AWSC/awsc.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a0496c878fe138e0ddb4b2eca52a45d","sha1":"8e1c943403ca3175a8de1bf338ad90a875748376","sha256":"3d2a07b4f5b396c633e7cc488a05bca3b7fdb4d6384b5db14b349b3c7d87471e","sha512":"7d94585e0ec90028f67186fcf4dacf56bf27661542ab6a4ebf1f2effb6be7259d8464bc9c041d846c1a308caa14640e2860fa90c08b7395ec0b9f6384930f6ef","ssdeep":"192:pTpGH5q1YwY8Pw4OdjwBvoKxdkSwqTyQJvWtHJyH:vhK/djwhoKxdkGen0","tlshash":"7432e78e3a50702b4b574471a4ff104d757e3ba21c4ec499ab5de1c06af837f066bea8","size":10982,"data":"","first_seen":"2025-07-31T08:33:12.75921Z","last_seen":"2025-08-20T04:43:44.63273Z","times_seen":9841,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"668d06279f4d0acb0f43699066454014","sha1":"eb5b052e8f051ac6d7b291a2d0876ec376f8a5af","sha256":"4b7384365bbd375f78c9d0109a4cc40831545f75489ca7cf70def635b731297b","sha512":"bbf956a69070c9c70917be8ffaffb3bae0b6a06bca738186ddf4125776851babe590386f0b03e4d9420c655eb629892f79e8d5b51ed7d68f86b462bc2da0a3ba","ssdeep":"","tlshash":"84012b4d80f1994310175078896b5044b27a810f7d347e583ecd84541fcd42e80f7a84","size":804,"data":"","first_seen":"2024-12-06T01:41:06.560276Z","last_seen":"2026-04-04T16:41:37.920949Z","times_seen":8756,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/alilog/mlog/cloud-sdk.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d02d4284b5131e832b687e5d33e15ca4","sha1":"3e39b4995b6c7934d5223d8b7fa96209e19a9c52","sha256":"abde8d84b277062fd871adabd3b08138c89590c05111005a3627bd92ddca3dd4","sha512":"db64df6be3e02fd9edf40be0f5e76d5ec932db1f6210ca428faf1f2e29e57237e630c99633f55ec04821628336e3a699adf866e442516c0bdfac84e581b13100","ssdeep":"","tlshash":"0eb0122082f9312831da00671d01620a350e080e24ff02c5640903294d8169c0a9007e","size":90,"data":"","first_seen":"2024-10-31T22:47:58.756623Z","last_seen":"2026-03-09T22:06:14.020713Z","times_seen":14293,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/retcode/cloud-sdk/bl.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e31ead706e55b7c4c100d87a5928f099","sha1":"5acc29a266fd91e1bb438bc2b7851d97468a5617","sha256":"caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197","sha512":"8185bb597648afce20b81e15b616576ac655a977a821a46720500de8e06c4abd43515f756e065b18c618878ac3187904d7e4e39474710901941f5c8f7c041a7e","ssdeep":"384:q5mDF0gzqCPaTkYJQd1t6AReVsR7Q0VdgM/gJgDsf5Z3OzgGcKc2kxFVJsOLVwZe:q5BgAhawAAVEgq/zGLvAk09hqRd8nfTO","tlshash":"6e1308cab6c1745207933010512f6107b1bb1aa4284f91a4fa76d9e6aeb864fc273f3d","size":41828,"data":"","first_seen":"2023-03-07T12:02:12Z","last_seen":"2026-04-04T16:41:37.861383Z","times_seen":73721,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"gultiktotoe.cfd/wild.png","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:32.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gultiktotoe.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 16 Jul 2025 11:24:12 GMT","end":"Tue, 14 Oct 2025 12:22:48 GMT"},"fingerprint":{"sha1":"44:7F:8A:BF:3C:BD:52:65:8C:88:15:62:51:78:8E:C8:C4:D0:DD:55","sha256":"0F:B7:6D:E5:18:7B:A7:7A:16:41:81:E3:90:89:63:03:AD:26:D9:CE:86:C8:E4:6A:A5:AD:36:90:E4:2F:F8:20"}}},"request":{"raw":"GET /wild.png HTTP/1.1\r\nHost: gultiktotoe.cfd\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nCookie: _uab_collina=175494267150868719700667\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 55916\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=R%2FjFF0yBUD5g%2FBkT6TkObwb2rF4hEJuJWZmpcmz%2B9WFH%2F9mSNXmWD45qtnu4t9oWhTPdeiPXt1GzFroB5D2Bvva7XJ93WvsaMeF71UBJZyitTMxjsuiIJUZTqP0d%2BKC6dzo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 16 Aug 2025 18:25:35 GMT\r\nlast-modified: Fri, 27 Jun 2025 18:03:36 GMT\r\naccept-ranges: bytes\r\nx-turbo-charged-by: LiteSpeed\r\nage: 178737\r\ncf-cache-status: HIT\r\ncf-ray: 96da57b5fb803e67-ARN\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=15969\u0026min_rtt=12946\u0026rtt_var=6155\u0026sent=25\u0026recv=24\u0026lost=0\u0026retrans=0\u0026sent_bytes=4425\u0026recv_bytes=2036\u0026delivery_rate=173950\u0026ss_exit_cwnd=0\u0026ss_exit_reason=0\u0026cwnd=15500\u0026unsent_bytes=0\u0026cid=6628a031e5c88b59\u0026ts=2248\u0026inflight_dur=63\u0026x=103\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":55916,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced","md5":"0c8eb0edc7555e7b4037399afdabd956","sha1":"937a5eb1e489e8db3085592b8dd1920d4b72980d","sha256":"6f28ec5e763dcd10349699dae1ff450e851416645a59362e60d5d243331e3347","sha512":"5e4156460869c88ade47df7fe4d6a2bc05adde11a07a7ae546fd7408561f8a125ae91a556c4ed2ebd297651ba2884230d78aaaa52f1fd9832f1985d8dbf84235","ssdeep":"1536:5qJTxHa3wKeKh06JT58eammjblGvLX7jObp+Ong:5I963deIbJNQmqli7j+pw","tlshash":"fe4302db3435e5216297420559b023466a8a380ba7b05df4b7b06ff5ceb8bc32d3971a","first_seen":"2025-06-28T11:12:24.180941Z","last_seen":"2025-10-17T18:07:29.428306Z","times_seen":2960,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"arms-retcode-sg.aliyuncs.com/r.png?t=pv\u0026times=1\u0026page=%2F\u0026tag=\u0026release=\u0026environment=prod\u0026begin=1754942673629\u0026uid=eUm4Ie5O73Oj1nk1p1LwcXItFstk\u0026dt=GULTIKTOTO%3A%20Situs%20Game%20Online%20Super%20Cepat%2C%20Gak%20Ada%20Pemberhentian!\u0026dr=\u0026dpr=1.00\u0026de=utf-8\u0026ul=id-ID\u0026sr=1280x1024\u0026vp=1280x1024\u0026ct=\u0026sid=9zm6yenj73Fj7kksq1q4cXatqsy8\u0026pid=hyey0hz67v%400edb7c0e5e09aea\u0026_v=1.8.30\u0026pv_id=2Fmgqej37mUj87j3RzvvpjwrkIdq\u0026sampling=1\u0026dl=https%3A%2F%2Fgultiktotoe.cfd%2F\u0026z=me7jjzpt","fqdn":"arms-retcode-sg.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"8.222.203.130","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.arms.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 16 Jan 2025 03:36:01 GMT","end":"Tue, 17 Feb 2026 03:36:00 GMT"},"fingerprint":{"sha1":"42:C0:78:4D:62:EF:4A:4A:B5:99:FD:F6:CF:76:75:66:EC:DC:7C:4D","sha256":"47:92:5C:65:29:91:79:5A:45:6A:62:CB:42:BF:AB:81:64:45:72:25:CD:5C:B7:34:55:2E:44:4D:B3:DD:47:45"}}},"request":{"raw":"HEAD /r.png?t=pv\u0026times=1\u0026page=%2F\u0026tag=\u0026release=\u0026environment=prod\u0026begin=1754942673629\u0026uid=eUm4Ie5O73Oj1nk1p1LwcXItFstk\u0026dt=GULTIKTOTO%3A%20Situs%20Game%20Online%20Super%20Cepat%2C%20Gak%20Ada%20Pemberhentian!\u0026dr=\u0026dpr=1.00\u0026de=utf-8\u0026ul=id-ID\u0026sr=1280x1024\u0026vp=1280x1024\u0026ct=\u0026sid=9zm6yenj73Fj7kksq1q4cXatqsy8\u0026pid=hyey0hz67v%400edb7c0e5e09aea\u0026_v=1.8.30\u0026pv_id=2Fmgqej37mUj87j3RzvvpjwrkIdq\u0026sampling=1\u0026dl=https%3A%2F%2Fgultiktotoe.cfd%2F\u0026z=me7jjzpt HTTP/1.1\r\nHost: arms-retcode-sg.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gultiktotoe.cfd/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:35 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\naccess-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Authorization,X-Dtc\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":4083,"timings":{"blocked":1908,"dns":0,"connect":252,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-11","alert":"Sinkholed","trigger":"arms-retcode-sg.aliyuncs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fourier.taobao.com/rp?ext=51\u0026data=jm_0TohIa2vkR8CAVFfUcL4d4Ho\u0026random=051044956241398265\u0026href=https%3A%2F%2Fgultiktotoe.cfd%2F\u0026protocol=https:\u0026callback=jsonpCallback","fqdn":"fourier.taobao.com","domain":"taobao.com","tld":"com"},"ip":{"addr":"123.183.232.34","port":443,"asn":141771,"as":"China Telecom","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tfe.alibaba.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 19 Mar 2025 08:54:01 GMT","end":"Mon, 05 Jan 2026 02:01:01 GMT"},"fingerprint":{"sha1":"2A:E7:3A:AD:21:93:AF:7D:07:7B:ED:C0:D4:25:1B:59:27:BF:EA:34","sha256":"A7:3C:6B:D8:D6:F7:52:74:C8:CD:55:0A:6C:F5:65:41:E6:91:1F:99:DB:98:5E:65:BC:CA:DB:3F:B2:F6:C9:24"}}},"request":{"raw":"GET /rp?ext=51\u0026data=jm_0TohIa2vkR8CAVFfUcL4d4Ho\u0026random=051044956241398265\u0026href=https%3A%2F%2Fgultiktotoe.cfd%2F\u0026protocol=https:\u0026callback=jsonpCallback HTTP/1.1\r\nHost: fourier.taobao.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:34 GMT\r\ncontent-type: application/javascript;charset=UTF-8\r\nvary: Accept-Encoding\r\nserver: Tengine\r\ncache-control: no-store\r\naccess-control-allow-credentials: true\r\nuse-raw: true\r\nbxuuid: {\"login-token\":\"6e6a2bd6b47c94e2e71bddf4a4e1b363___273523___867da12a57bc5935423f68f87cc15bdf\"}\r\nbxpunish: 1\r\nx5-punish-cache: miss\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1441,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1441), with no line terminators","md5":"8af8a0f23331af9be132b12dd8d9626d","sha1":"874603d29b0664147d9d19262587f5cf0bfa7bc2","sha256":"29b7217acb615f118fba97483fb6909f81af614d76294e7e1a4bc1d3d2506c9a","sha512":"5baa36e52978ba24d717b0496a6016a67f1d2a667177d96a0f0d63a32d028100f9c30e9833c9d6cf61e9087a4e3c3eed3ece6dcb9fc496fe4b386f8fac0bf188","ssdeep":"","tlshash":"772165ad3144b0262683911b3cbf15d9a4b157153c42ccc9455becc0a974fca96fbeb6","first_seen":"2023-07-13T07:25:03Z","last_seen":"2026-04-04T16:41:37.879253Z","times_seen":74748,"resource_available":true,"data":null}},"time_used":2499,"timings":{"blocked":944,"dns":2,"connect":298,"send":0,"wait":603,"receive":0,"ssl":647},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"laz-img-cdn.alicdn.com/images/ims-web/TB1Je4vhRr0gK0jSZFnXXbRRXXa.png","fqdn":"laz-img-cdn.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"90.84.161.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"laz-g-cdn.alicdn.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Apr 2025 02:21:08 GMT","end":"Sun, 24 May 2026 02:21:07 GMT"},"fingerprint":{"sha1":"A5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91","sha256":"D6:9F:A3:0F:B9:09:E4:63:05:D1:8F:DC:37:70:16:3B:94:9C:18:3D:DC:FE:8D:81:4D:3D:23:FF:EF:72:95:BD"}}},"request":{"raw":"GET /images/ims-web/TB1Je4vhRr0gK0jSZFnXXbRRXXa.png HTTP/1.1\r\nHost: laz-img-cdn.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 14823\r\nserver: openresty\r\nlast-modified: Wed, 09 Nov 2022 12:48:37 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.027\r\ntraceid: 2ff6329e17128231946522630e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2\r\nali-swift-global-savetime: 1712823195\r\nvia: EU-GER-frankfurt-EDGE5-CACHE4[2],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE3[9],EU-FRA-paris-GLOBAL1-CACHE21[0,TCP_HIT,2],cache20.l2de2[511,511,200-0,M], cache14.l2de2[512,0], ens-cache5.fr4[645,644,200-0,M], ens-cache10.fr4[646,0]\r\naccess-control-allow-origin: *\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Thu, 11 Apr 2024 08:13:15 GMT\r\nx-swift-cachetime: 31536000\r\ntiming-allow-origin: *\r\neagleid: 2ff6329e17128231946522630e\r\nx-ccdn-expires: 691418\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 20279e64590f34af7f9b7dda2a85e311\r\nalt-svc: h3=\":443\"; ma=2592000\r\nnginx-hit: 1\r\nage: 1900601\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":14823,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"0193ee42c3f06bd5b224a582f4c4667a","sha1":"7ca25c4323aa49f9ca89486d5f113a42b1a02fee","sha256":"6696f079f6cd081ea7eaa78a189b7ce7244d00b8f649d87fa01b6126ab4581fb","sha512":"0cd90f774d526931354ec251393492d231790ee711b0437d455fdf66a89178cded8441cf0b91c2fa444e6555a7c90919750e02db269d1980fe42e0503ecace17","ssdeep":"384:egwY9U4JG0ICnUQSExhN8w6xqtQkQYC/qZuVMti6FrAp:egwY9U4JG0ICU/Qv83xqtQjUKMTr+","tlshash":"6462d041f4b83482f94d75679dd8be5f019a8be00be544abc3cf0b67033be5519886a3","first_seen":"2023-05-31T17:00:18Z","last_seen":"2026-04-04T14:32:28.861951Z","times_seen":38531,"resource_available":false,"data":null}},"time_used":664,"timings":{"blocked":473,"dns":3,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-mtop/2.5.1/mtop.js,lazada-decorate/lazada-mod-lib/0.0.20/LazadaModLib.min.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-mtop/2.5.1/mtop.js,lazada-decorate/lazada-mod-lib/0.0.20/LazadaModLib.min.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 185368\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 68935975F7BA2A3130CEAF8D\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6996595059999626840\r\nx-oss-storage-class: Standard\r\ncontent-md5: JifVEYiUXrmAm4B/x/wkKg==\r\nx-oss-server-time: 1\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b55ca017544871576932755e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[5],EU-FRA-marseille-EDGE1-CACHE3[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE24[5],EU-FRA-paris-GLOBAL1-CACHE20[0,TCP_HIT,4],cache24.l2fr1[0,-1,200-0,H], cache13.l2fr1[1,0], ens-cache11.gb9[0,0,200-0,H], ens-cache14.gb9[5,0]\r\nali-swift-global-savetime: 1754487158\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 06 Aug 2025 13:49:22 GMT\r\nx-swift-cachetime: 603796\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a217549418581122509e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 33fdf1c62b2799005c9d0ed66363d733\r\nnginx-hit: 1\r\nage: 808\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":569783,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30792)","md5":"57b2e10e609191c186511592a94d6bb6","sha1":"93b3c6cc26945388a44a1442207011c80f02387c","sha256":"e0bf62f312659a4a2c542885f41c26df7a9d5458e5b4c06ad6186569d3cfc919","sha512":"5f2da680ce621a7ae9cee47c94621bbc48502b212c0d856a8023e820c35584bde7d8a004b0a2f49e5050c2945f49010187590739a0a76f183fafd001f99ee1d6","ssdeep":"12288:YBhbEew0gxQA2pHXoq3cMt8sIYPQbfGXbVRaBYCdy4bPyub4boG0jdyqp+dK:YBhbEew0gxQA2pHXMMSsIYPQbfGXbVRI","tlshash":"84c4078971d0f0a107e750a2803f440af3b6682de419b4a4b3e6d8e57ef959d522bf3d","first_seen":"2023-06-03T14:51:44Z","last_seen":"2026-04-04T16:41:37.859468Z","times_seen":56853,"resource_available":true,"data":null}},"time_used":457,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":303,"receive":119,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/alilog/mlog/aplus_int.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amplittlegiant.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 17 Jul 2025 16:48:36 GMT","end":"Wed, 15 Oct 2025 17:45:01 GMT"},"fingerprint":{"sha1":"C5:66:A6:A9:74:4D:AD:5B:95:D3:7D:C7:33:F0:09:39:5F:C3:23:80","sha256":"07:4E:51:B1:3F:8E:D9:08:74:90:46:04:CF:AE:74:1C:0E:2C:11:4E:79:D1:F6:62:22:B6:84:2B:8A:FF:ED:E8"}}},"request":{"raw":"GET /lazada/g.lazcdn.com/g/alilog/mlog/aplus_int.js HTTP/1.1\r\nHost: cdn.amplittlegiant.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 6549\r\nserver: cloudflare\r\nlast-modified: Thu, 22 Aug 2024 09:01:21 GMT\r\netag: \"4319-62041e711e8ea-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\nage: 851\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cnFHN0cTQyvGBzMAXmCUMX3B1mswlyejcOPE%2F3qkUEqoFaqlIAFEte22Bg602rQRAy4m52eFcQ04Zh4sBIZtZ0EZtaNgkIZLwW1ZLA4Idi3ApVrJ2tc%3D\"}]}\r\ncf-ray: 96da57a9689d5bd9-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17177,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (17177), with no line terminators","md5":"2546e6e452d3a7d51c1e8adb69fb1671","sha1":"3f3f48568cd6a8051ee5b978e3a337d602015170","sha256":"907499f858ffca98bd70e452acebad825db660a90851c5b80889b800049c16a3","sha512":"ef43e8115fb1127688e3eb4a1a7d5059ed68c08ad74a9c82ea9947d7a7163c0ff00711ecea98d178349a79ac9077830c55777991e9f7aeb37b5a84edd445616e","ssdeep":"384:nFGmyVuKJULbnqGiUYR00STBtd6ze7ijTMvJz03Nkxqyi:nFGm8xeqG/0STfd6bn3NAQ","tlshash":"5772f8de359d70a547b2656a042f110ad1774665ac0ec4a0a8c2cad47cacdefa333fed","first_seen":"2024-07-18T11:20:29Z","last_seen":"2026-03-09T22:06:14.009167Z","times_seen":18029,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":1,"connect":22,"send":0,"wait":86,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01D6oQr31GPG1ONK9jd_!!6000000000614-2-tps-34-34.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i4/O1CN01D6oQr31GPG1ONK9jd_!!6000000000614-2-tps-34-34.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 466\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613490\r\nali-swift-global-savetime: 1687244959\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=31536000\r\ncdn-type: kds\r\ncontent-md5: NhOdzJW8AwQXg6/FuP4T4g==\r\neagleid: 800e749a16872454578166996e\r\netag: \"36139DCC95BC03041783AFC5B8FE13E2\"\r\nexpires: Mon, 08 Sep 2025 03:43:02 GMT\r\nlast-modified: Fri, 05 May 2023 08:38:50 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 8562184\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: a15cc58384ca90c98efaa654474fe348\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3887995\r\nx-swift-savetime: Tue, 20 Jun 2023 07:09:24 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":466,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 34, 8-bit colormap, non-interlaced","md5":"36139dcc95bc03041783afc5b8fe13e2","sha1":"968a2961def725ced068e82d4c7bd8ab8c46e6f0","sha256":"1e2f353551fb6fe07ca35850dbe5075a6bf0568ac138f3e007c9b4b721557958","sha512":"98bb694b5ea9243bb531574bf6f8585a5db7c3080ac0befd9acf23facb5baeb84b1319daf4a901fbc468f3bcb3721462ca04cd385d1b17826f7d982ebd6e5e1d","ssdeep":"","tlshash":"1bf054b1714169257701083313b4e79ddcaf513f222ab4da84cc8db0f2406e0e1d07c0","first_seen":"2023-05-29T02:46:56Z","last_seen":"2026-04-04T16:41:37.863294Z","times_seen":62051,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/tfs/TB1nQJUcwmTBuNjy1XbXXaMrVXa-986-930.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/tfs/TB1nQJUcwmTBuNjy1XbXXaMrVXa-986-930.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 108546\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613489\r\nali-swift-global-savetime: 1731757085\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: 3T1ezNSMLsoT107/sGrExw==\r\neagleid: a3b5239817353772479878629e\r\netag: \"DD3D5ECCD48C2ECA13D74EFFB06AC4C7\"\r\nexpires: Wed, 08 Oct 2025 17:45:35 GMT\r\nlast-modified: Tue, 10 Sep 2024 02:07:50 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-31-03\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 8501149\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: e55565144c9f4c89eb0ae05195a846c1\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3209528\r\nx-swift-savetime: Sun, 24 Nov 2024 08:05:57 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":108546,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 986 x 930, 8-bit colormap, non-interlaced","md5":"dd3d5eccd48c2eca13d74effb06ac4c7","sha1":"f8f191e59241a14eab12f0c8d0bb6143e8257f01","sha256":"291eb640c321aaa04e6923e874643621f29ce8d9e0317e15d7367bb8a363735e","sha512":"c06c08988bc3e1b6d22a2fcf63fa0c594b873e4c24f8eb8c7f5040131b212fe422a5e4905f3a23825fe1549eb3f78270dbf43acfa1ce4215c16af83911b43e7d","ssdeep":"1536:aXw2IpWsLFc42C+K4SgnW4HYd5zt4Z1fECQc6Ec45EdO1gpMc4v3TVALGFm:aAtpzFMC+/S4HYd5zte1/6haYYPfrVGn","tlshash":"f2b302e8529af269cc51162e91daf4b1288e387b9f25675801f9718a41e98fcf0e3734","first_seen":"2023-05-05T09:30:02Z","last_seen":"2026-04-04T16:41:37.856959Z","times_seen":76042,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fourier.alibaba.com/ts?url=\u0026token=gM9o9BAn-Q5SWay7ZDXSNbHat7GOFT6CaeedJ9QEgZ7Xy7LdJv0HfEwdy0tF-WY1lefIVwQF-eKewQDtB3t5d9ynWAH9O07KJLbUJ9W53iSWtQktB3tPd9utWApK9mNhzwWUa6kqmMITT9yPYmbVxGNUzeWEmmbfY95INHiD0ZsFLw8FLmxVlM723u7MLLpq-vGykhzYkKjlZNARoR2ivgfl737cci9VC_bw4Z2LpKjlZwbXQqhDcGxMUtpEY7jDgCJhFKSyPSPwdiwC0Dp0OSCPcibtqq-O2_SfmNnmm5NCaisPWmm0OW1PcibtmmV_O_Sf4NC..\u0026cna=0TohIa2vkR8CAVFfUcL4d4Ho\u0026ext=1","fqdn":"fourier.alibaba.com","domain":"alibaba.com","tld":"com"},"ip":{"addr":"47.246.165.65","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:34.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.alibaba.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 11 Mar 2025 05:07:02 GMT","end":"Sun, 12 Apr 2026 05:01:06 GMT"},"fingerprint":{"sha1":"5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B","sha256":"2F:B9:FB:33:64:3A:01:53:79:F3:6B:55:05:CE:EA:42:29:C5:70:F7:0E:3C:14:63:6C:AA:6E:5D:98:D4:34:F2"}}},"request":{"raw":"GET /ts?url=\u0026token=gM9o9BAn-Q5SWay7ZDXSNbHat7GOFT6CaeedJ9QEgZ7Xy7LdJv0HfEwdy0tF-WY1lefIVwQF-eKewQDtB3t5d9ynWAH9O07KJLbUJ9W53iSWtQktB3tPd9utWApK9mNhzwWUa6kqmMITT9yPYmbVxGNUzeWEmmbfY95INHiD0ZsFLw8FLmxVlM723u7MLLpq-vGykhzYkKjlZNARoR2ivgfl737cci9VC_bw4Z2LpKjlZwbXQqhDcGxMUtpEY7jDgCJhFKSyPSPwdiwC0Dp0OSCPcibtqq-O2_SfmNnmm5NCaisPWmm0OW1PcibtmmV_O_Sf4NC..\u0026cna=0TohIa2vkR8CAVFfUcL4d4Ho\u0026ext=1 HTTP/1.1\r\nHost: fourier.alibaba.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:35 GMT\r\ncontent-type: image/gif\r\ncontent-length: 0\r\nserver: Tengine/Aserver\r\neagleeye-traceid: 2101764317549426756217756e53d5\r\nstrict-transport-security: max-age=31536000\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":2823,"timings":{"blocked":800,"dns":9,"connect":256,"send":0,"wait":1222,"receive":1,"ssl":522},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/woodpeckerx/jssdk??wpkReporter.js,plugins/flow.js,plugins/interface.js,plugins/blank.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/woodpeckerx/jssdk??wpkReporter.js,plugins/flow.js,plugins/interface.js,plugins/blank.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 24734\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 6894B24C0F465B30305C490B\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14095781032472792066\r\nx-oss-storage-class: Standard\r\ncontent-md5: NcCmRbKpke0jCzHXWwyfjg==\r\nx-oss-server-time: 3\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5fe9b17545754365996934e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[5],EU-FRA-marseille-EDGE1-CACHE4[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE8[2],EU-FRA-paris-GLOBAL1-CACHE26[0,TCP_HIT,2],cache20.l2fr1[0,0,200-0,H], cache2.l2fr1[0,0], ens-cache2.gb9[0,0,200-0,H], ens-cache8.gb9[1,0]\r\nali-swift-global-savetime: 1754575437\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 07 Aug 2025 14:10:03 GMT\r\nx-swift-cachetime: 604434\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f39c17549422761207642e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 5aa00b67253dc44029e0e235509a1a93\r\nnginx-hit: 1\r\nage: 178\r\ncache-control: max-age=86400,s-maxage=600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":62257,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (61349), with no line terminators","md5":"313fce95ea9fc889a2f8853921915657","sha1":"06a74499752f47966db61127958a9700f8db5818","sha256":"ec8b30600526cd5a830095f016c5eb1016272c154c83a406be845aec0745f2d3","sha512":"2476166b7a9d33ea11702aec59a94f2e4f6569f3fd4404772bc89caeda408a217932f811ed9e2efd84bff70432b6db6b60f710e28b3a25017ed68f3c6be90803","ssdeep":"768:jTrBVkkqUeYzskLT/kC9JeSxAJMN5ANMW7FHhirgYnPaZaS0bLlkb/nnW9TYb/Sf:jT9VDNn9JBNwQvnP+70byznqTYLSf","tlshash":"6b532bca77dc705307b2a070513f290a717795e52c8a88a4a360e9e73c785daa327f7d","first_seen":"2025-04-02T22:29:48.304196Z","last_seen":"2026-04-04T16:41:37.892613Z","times_seen":71245,"resource_available":true,"data":null}},"time_used":308,"timings":{"blocked":95,"dns":1,"connect":49,"send":0,"wait":104,"receive":1,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/alilog/mlog/aplus_int.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/alilog/mlog/aplus_int.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 7191\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 689135BB0696843432AA025B\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14234033245426670000\r\nx-oss-storage-class: Standard\r\ncontent-md5: zW1WPOkz0uHeGgrVwET05g==\r\nx-oss-server-time: 3\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: 2ff6319d17543469382325763e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[2],EU-FRA-marseille-EDGE1-CACHE4[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE21[3],EU-FRA-paris-GLOBAL1-CACHE4[0,TCP_HIT,2],cache30.l2fr1[0,0,200-0,H], cache34.l2fr1[0,0], ens-cache5.gb9[0,0,200-0,H], ens-cache14.gb9[1,0]\r\nali-swift-global-savetime: 1754346939\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 05 Aug 2025 08:35:44 GMT\r\nx-swift-cachetime: 568795\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a217549374720794501e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 397d08046d5ceb7302577030561930d1\r\nnginx-hit: 1\r\nage: 2776\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":15539,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (15369)","md5":"cd6d563ce933d2e1de1a0ad5c044f4e6","sha1":"cd411adde979475e3a888ec04510810769a1076a","sha256":"14dd066892b228a0ab55f283fc24e49b2417dabb13bc98b0793b914bb89632ae","sha512":"19907cf7a939b161ae6b377981f1956c3d03ee89700a73f7423e70d7b91a847134a7800a7302ae3861bf88e2b11a4ab88395bb96f4b980eb55e9726a916123d3","ssdeep":"384:Q9SS+9FWaPGdwCr4vmnOQmS4/xr8AUo99xJJHsI:Q9SomGFr4v7JxV9DHsI","tlshash":"0d62e7ee75cd706446a2216a446f120de13b9a95ac0ec090e8d6c9947c7c9ef6323ffc","first_seen":"2025-07-27T20:52:08.914565Z","last_seen":"2025-10-15T16:39:06.601509Z","times_seen":13929,"resource_available":true,"data":null}},"time_used":554,"timings":{"blocked":-1,"dns":0,"connect":78,"send":0,"wait":384,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-11T20:04:29.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gultiktotoe.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 16 Jul 2025 11:24:12 GMT","end":"Tue, 14 Oct 2025 12:22:48 GMT"},"fingerprint":{"sha1":"44:7F:8A:BF:3C:BD:52:65:8C:88:15:62:51:78:8E:C8:C4:D0:DD:55","sha256":"0F:B7:6D:E5:18:7B:A7:7A:16:41:81:E3:90:89:63:03:AD:26:D9:CE:86:C8:E4:6A:A5:AD:36:90:E4:2F:F8:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gultiktotoe.cfd\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:29 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 17 Jul 2025 01:35:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eSCEshXutC0vqA3G0k97z2qVWvHR0X2vuSW4MagbP2Z2yq6vDE2UzcWYott5pDnmoq5tcg8eAfLr%2FbTB%2BWSMMjMC6%2FO2qtYW8Gix%2B%2Bo11A%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 96da57a27b253e67-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud CDN","description":"Alibaba Cloud CDN is a global network of servers designed to deliver high-performance, low-latency content to users around the world. It is a cloud-based service provided by Alibaba Cloud, a subsidiary of the Alibaba Group, that enables businesses to accelerate the delivery of their web content, including images, videos, and static files, to end-users.","website":"https://www.alibabacloud.com/product/content-delivery-network","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":628667,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4706), with CRLF line terminators","md5":"acade92818f63b3ab9fbfc878fa21e3f","sha1":"218610382f84f5c0cc7ab26555d795f0d9695295","sha256":"60bd6c5487695e12159b1e40ec4db8884c69cef0c96ff94f5fdcf87ddfd6a0be","sha512":"825f6ada3859657f73a31b200a1a3bcfa8337e0533d0253f9170265d27f2a1e2a6de364180df6f4558f1c78ffcc103cad0769f36d3f9b15c8cf3b0ddad8734db","ssdeep":"6144:9Vt5Lv1hzaVXeRQUkkrMHXkbPxjAlIomUetec3D2NJB2tw:v7w","tlshash":"a7d4e1ad14ec8ad8232155c861b9f21cd43a621ffbc06dd5b69c9d270fb19a2193f8d3","first_seen":"2025-08-11T20:05:29.433442Z","last_seen":"2025-08-11T20:05:29.433442Z","times_seen":1,"resource_available":false,"data":null}},"time_used":838,"timings":{"blocked":49,"dns":2,"connect":15,"send":0,"wait":716,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aeis.alicdn.com/sd/ncpc/nc.js?t=18507","fqdn":"aeis.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.49.27.47","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ru.aliexpress.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 20 Mar 2025 00:00:00 GMT","end":"Fri, 20 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DA:5C:41:82:2B:53:17:58:AB:EB:B9:35:7E:77:FE:D0:25:60:59:04","sha256":"8C:68:21:B5:32:52:BC:0B:D0:F9:36:62:13:A8:E1:F9:9D:1A:F9:D2:05:AC:F4:77:4A:47:2B:E2:47:FF:A0:1D"}}},"request":{"raw":"GET /sd/ncpc/nc.js?t=18507 HTTP/1.1\r\nHost: aeis.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: application/javascript\r\ncontent-length: 68933\r\nx-oss-request-id: 689A3EEAAD02983332C9E2FA\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1561788439659902122\r\nx-oss-storage-class: Standard\r\ncontent-md5: EZmEYdPXfd6efvcqZeCEKQ==\r\nx-oss-server-time: 4\r\nx-source-scheme: https\r\ncontent-encoding: gzip\r\nali-swift-global-savetime: 1754939115\r\nx-swift-savetime: Mon, 11 Aug 2025 19:05:18 GMT\r\nx-swift-cachetime: 3597\r\neagleid: 2ff62c9b17549426634903746e\r\ncache-control: max-age=45, s-maxage=3600\r\nexpires: Mon, 11 Aug 2025 20:05:15 GMT\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nvary: Accept-Encoding\r\nserved-from: 23.36.79.30\r\nnetwork_info: NO_OSLO_211309\r\ntiming-allow-origin: *, *\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: FW_IP\r\nfw_ip: 23.49.27.47\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":221174,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32041)","md5":"11998461d3d77dde9e7ef72a65e08429","sha1":"3863ac62c17ae5e0de527e1a8eeaea40e07c2531","sha256":"994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a","sha512":"b43185549d78f17805626a4252fcf8a95d9c608d00e5c0384800b6f6a4669b8dbd9770bd4a8111e81f8bebdc94e07900f29f81a8cc11ec59310fb0a57354779e","ssdeep":"6144:82FkFcwdCl/viCF7TWjO9vE6qTYEBJg4EOBFuYyLJi:+dCl/viCF7vE6qvBK4EOBH","tlshash":"52244ad9b382301e06a354acdcff360e71369982a805c978fbb1d4d69b7895b511bf2c","first_seen":"2023-08-15T13:48:39Z","last_seen":"2026-04-04T16:41:37.877333Z","times_seen":59061,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":36,"dns":9,"connect":9,"send":0,"wait":15,"receive":12,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/lzdfe/pdp-platform/0.1.22/pc.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amplittlegiant.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 17 Jul 2025 16:48:36 GMT","end":"Wed, 15 Oct 2025 17:45:01 GMT"},"fingerprint":{"sha1":"C5:66:A6:A9:74:4D:AD:5B:95:D3:7D:C7:33:F0:09:39:5F:C3:23:80","sha256":"07:4E:51:B1:3F:8E:D9:08:74:90:46:04:CF:AE:74:1C:0E:2C:11:4E:79:D1:F6:62:22:B6:84:2B:8A:FF:ED:E8"}}},"request":{"raw":"GET /lazada/g.lazcdn.com/g/lzdfe/pdp-platform/0.1.22/pc.js HTTP/1.1\r\nHost: cdn.amplittlegiant.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 21714\r\nserver: cloudflare\r\nlast-modified: Thu, 29 May 2025 08:59:21 GMT\r\netag: \"1501d-6364283714132-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FaccWJPKwIT%2B7UfzsrkKJQZneYfaerKUpjGX5ufJZdQO7QJQ5cyUFuTcmHOY37%2BSOP3omEA%2BFNbkk%2BF9mXQBq0ZSuZaqd6iUMeZiMYCTOzwdZkzyAtg%3D\"}]}\r\nage: 6503\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 96da57a9584a5bd9-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86045,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (53670)","md5":"03f755900846a59574d3b6b0e8997169","sha1":"56ffb6fca8816d7dafd762ae3cebd3de28103d13","sha256":"873ee891f6b767f25d4bb3eb62a21beb85ca02d6af921d69cde3b65e6e318636","sha512":"8df5357df09a1958abbeca961e547a1efbf7f7a3f57009504e7212402b2fc85617cbc57f820f0fbd124f1807936edac9b5821d198409512efb60b742ead7929e","ssdeep":"768:gsA9wPmwq5/kmOm8QuCwORE3HVLOcIl2K6cxCQYjoXaA:g/9wPmrTOFQMORCCtl2K6aCXjlA","tlshash":"2a836389b8a1f0b146a361b5812f550bf17b197aa08de4c0f7adc5e1afb844e4173f2d","first_seen":"2025-05-29T10:24:27.938547Z","last_seen":"2026-03-26T09:40:49.659892Z","times_seen":13341,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":13,"send":0,"wait":76,"receive":1,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzd/assets/0.0.5/next/0.19.21/next.min.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzd/assets/0.0.5/next/0.19.21/next.min.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 270147\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 68986017B786313739220005\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13953652536235100702\r\nx-oss-storage-class: Standard\r\ncontent-md5: 6JGQR0t9xLmI7btAX/DNMg==\r\nx-oss-server-time: 5\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5fdab17548165349787160e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[5],EU-FRA-marseille-EDGE1-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE8[7],EU-FRA-paris-GLOBAL1-CACHE21[0,TCP_HIT,4],cache21.l2fr1[0,0,200-0,H], cache31.l2fr1[1,0], ens-cache5.gb9[0,0,200-0,H], ens-cache15.gb9[1,0]\r\nali-swift-global-savetime: 1754816535\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 10 Aug 2025 10:02:20 GMT\r\nx-swift-cachetime: 601195\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a317549389674202749e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 7df761d8316d9e0b78927acb4beb3db7\r\nnginx-hit: 1\r\nage: 3089\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":931662,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32077)","md5":"e89190474b7dc4b988edbb405ff0cd32","sha1":"e9f418799d20cd8bcdb5eab3ef9c562b2e39da2c","sha256":"07aef6cb37f4d696f2dc269aea4e6646c8514c999105855a16d5199834d172b0","sha512":"98283934c97327c338cfdf343144248d016503fcfc6f66a48fccc86b7ce0082fbb753d75d18733f23e385ad28b25fc36f83613f46de1b15bcb19c5b8ca1bd69c","ssdeep":"24576:tzFAXWdsIPFJ1Yn50NTfKHyqG4ds4vJWrZLPIVpB+n3IhkOrq/UOx8ambP3fuyKl:zgOCe","tlshash":"8915e78c7560f4a502e643a3806f040af3766c2cd429b895b2d5d8e57ef985e12eff39","first_seen":"2023-03-08T13:45:53Z","last_seen":"2026-04-04T16:41:37.915306Z","times_seen":71588,"resource_available":true,"data":null}},"time_used":437,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":295,"receive":76,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/secdev/sufei_data/3.9.14/index.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /secdev/sufei_data/3.9.14/index.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 7398\r\nServer: Tengine\r\nx-oss-request-id: 68625C8CD5460937354444FC\r\nAccept-Ranges: bytes\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12593839585633272550\r\nx-oss-storage-class: Standard\r\nContent-Encoding: gzip\r\nContent-MD5: mYdC0z0rPw0pY52mKJdpuQ==\r\nx-oss-server-time: 21\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b427e17512766844763104e1fce\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 28\r\ns-rt: 28\r\nSERVED-FROM: 2.23.186.216\r\nCache-Control: max-age=96334010\r\nExpires: Wed, 30 Aug 2028 19:31:23 GMT\r\nDate: Mon, 11 Aug 2025 20:04:33 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nNetwork_Info: NO_OSLO_211309\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 23.36.77.80\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":17754,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17754), with no line terminators","md5":"b9a5a9592db7e29feb4cc5e8814dea21","sha1":"7efbde36c1131ebd7b51ae536eb087a8cebdbb7e","sha256":"f4425a89ec24254262bc3d81a838890e5c9740428e28cd96e520c5bf8ddffa4c","sha512":"26c2a4f256fa23da25a752a02ae6192f69e43ed34e7491b8cd6eaa7cd1b15266bdbc8c7e43efad7e525833f0ed81aacf7b8c5f20e3386fbb85f67072d030e092","ssdeep":"384:1IMDl+jy4oSYIvNj6saelaD6r0lW0m+nVEPrciNY4yT:1Isl+jysygTu","tlshash":"4a82848eb6c674654383147685af010fa23959d41c6fd6c1a4a2f8d17cb84bea337eec","first_seen":"2023-09-23T19:36:07Z","last_seen":"2026-04-04T16:41:37.878638Z","times_seen":86105,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/et/1.83.35/et_f.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /AWSC/et/1.83.35/et_f.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 103824\r\nServer: Tengine\r\nx-oss-request-id: 6887248E989F15333758EF8E\r\nAccept-Ranges: bytes\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4389186217373846546\r\nx-oss-storage-class: Standard\r\nContent-Encoding: gzip\r\nContent-MD5: 79ySMUZeJlMufi71al+Qcg==\r\nx-oss-server-time: 22\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b41d917536871823783956e1f92\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 29\r\ns-rt: 30\r\nCache-Control: max-age=1336509, s-maxage=86400\r\nExpires: Wed, 27 Aug 2025 07:19:42 GMT\r\nDate: Mon, 11 Aug 2025 20:04:33 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSERVED-FROM: 23.36.77.68\r\nNetwork_Info: NO_OSLO_211309\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 23.36.77.80\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":295155,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (61374)","md5":"1e3880d214afdb9cd7ea9f2eaabe63c6","sha1":"a04d91f8d3d62d99af52e3995d3e9e075d128d3e","sha256":"b2b659fcc9b076682b602188df870cab2b00b7c698f0eb9ee8a8c4b2726cba31","sha512":"89fcbda260142f9587d9ce116649c5159aa96b14e1830f05ff7bba3ff14c4bf8c60eaed9638b3a6b6b9c05ff70a948f0f630c3f94b49544a7989edd02cd94d66","ssdeep":"3072:2j+GCnqhVKZgCcS5AgNTzFNQMknjF5Cv/SisoqXP4QsJK0NLkVy93XEP:h6+LAgNfFzQWvWXP4QsJTkgNX+","tlshash":"4e544f695213048d1262d7fd143b38caaca8cd14d6540cf7ae32cb97dca9ad350e79eb","first_seen":"2025-07-29T08:26:57.213487Z","last_seen":"2026-02-10T15:18:30.151276Z","times_seen":20939,"resource_available":true,"data":null}},"time_used":607,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":555,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdhpFMxTt9ZLjmKQ0UNNtWDTr5EPQK7mMJUCS2j8VVcYQGGoFNX8xrz0Mh1DlFAuzWUTMuqE2kZHhUB2s5pbAd0h3kSimQ7xE5kNfO3lThfDP4G3m4DNBorV3qYqPmQntb7BfjAIHfmuAC2FZegG3Xvqexhw6xH6mrTOwWytGHbWyLMbcX4UG6lWV1vI4w/s1600/cs.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:32.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:06 GMT","end":"Mon, 29 Sep 2025 08:35:05 GMT"},"fingerprint":{"sha1":"63:78:72:6F:FA:74:62:BB:8E:62:97:12:1D:27:37:96:37:81:92:E4","sha256":"F3:9B:D5:68:46:33:18:76:62:06:0D:55:5C:13:48:C7:C0:46:24:43:7E:C5:8D:9A:8B:DA:47:44:DA:33:B0:A2"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjdhpFMxTt9ZLjmKQ0UNNtWDTr5EPQK7mMJUCS2j8VVcYQGGoFNX8xrz0Mh1DlFAuzWUTMuqE2kZHhUB2s5pbAd0h3kSimQ7xE5kNfO3lThfDP4G3m4DNBorV3qYqPmQntb7BfjAIHfmuAC2FZegG3Xvqexhw6xH6mrTOwWytGHbWyLMbcX4UG6lWV1vI4w/s1600/cs.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3bdc\"\r\nexpires: Tue, 12 Aug 2025 20:04:32 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"cs.png\"\r\nx-content-type-options: nosniff\r\ndate: Mon, 11 Aug 2025 20:04:32 GMT\r\nserver: fife\r\ncontent-length: 11966\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11966,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 171 x 150, 8-bit/color RGBA, non-interlaced","md5":"3aae190d8835e5f7737e6398b29b70e5","sha1":"ad15f98668adae3d271062466e47ca25e94c89ff","sha256":"9f6d945147e9ba01b1640299ff12bce97e60f3a66ea5f038def7a121f422f9c8","sha512":"5b3d870d937e7c7a5adf691c3a80c7b684544c65ca70e6be5e2c018ba201b13a7b4c0d49e59e5962e9b7c3073abf7d450898a35338b1e08665b92bc8c03a0cca","ssdeep":"192:zbmhxRf+lLLWlUdORZLmUfYX/1D6ielikrP7eZ7WBgFM9m8Nx6mlThA6Cp7:ejRf+lLtd8aUfYPwiwCaokme7lThK","tlshash":"1a32ae1b254fecaf6cc38142343992108487796abb702c999876f59fd3f1e6d9a143e8","first_seen":"2025-01-27T03:02:38.841544Z","last_seen":"2025-11-24T18:30:34.346581Z","times_seen":3986,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":21,"send":0,"wait":281,"receive":2,"ssl":301},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i2/O1CN01ENOAXK1UR05CB9iwA_!!6000000002513-2-tps-96-70.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i2/O1CN01ENOAXK1UR05CB9iwA_!!6000000002513-2-tps-96-70.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 7098\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613630\r\nali-swift-global-savetime: 1723314137\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: fkT7ZfVo9GZN4LQMQH15Vg==\r\neagleid: a3b58c9a17237148726963565e\r\netag: \"7E44FB65F568F4664DE0B40C407D7956\"\r\nexpires: Sat, 27 Sep 2025 06:09:08 GMT\r\nlast-modified: Wed, 19 Jun 2024 03:15:55 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-09\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 2862957\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 8328ad87dea3137a1eee8acf5ae76ac0\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3867071\r\nx-swift-savetime: Sun, 11 Aug 2024 00:11:06 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7098,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced","md5":"7e44fb65f568f4664de0b40c407d7956","sha1":"f253a79f0042f85bb301d8e8ebdb40121fcaa9a7","sha256":"34b8804296d8073ac8158e2454e97b39977344498ff18fdc591878d4a0acf4ec","sha512":"c7cd5c855bf54c7a836bd2d8c8c7f61f28eb26a4cf4f539693e89f86291790ea557536a47f247082b54e5bbdd01f8b33af44050203262d540eef0b355c0c979c","ssdeep":"192:QPphcKGtlkbRW2PBsmEM4IeHERfKSEUdJ+0cacC:MqCEMtfKAdJhcacC","tlshash":"e7e1af18738899fd075344c7905a371cf912c626f4f4729cf13428e9fa0aff5a1161b8","first_seen":"2023-08-17T12:11:36Z","last_seen":"2026-04-04T16:41:37.889706Z","times_seen":63340,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":72,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/alilog/??s/8.15.23/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.23/plugin/aplus_ae.js,s/8.15.23/aplus_int.js,s/8.15.23/plugin/aplus_spmact.js?v=20240718161046","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /alilog/??s/8.15.23/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.23/plugin/aplus_ae.js,s/8.15.23/aplus_int.js,s/8.15.23/plugin/aplus_spmact.js?v=20240718161046 HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gultiktotoe.cfd/\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nServer: Tengine\r\nx-oss-request-id: 68638A82AF49DB32368A6A8A\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 987014062333166271\r\nx-oss-storage-class: Standard\r\nContent-MD5: zxpVTdRI/5oVJWSZng/nGg==\r\nx-oss-server-time: 2\r\nx-bucket-code: 3\r\nContent-Encoding: gzip\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b427e17513539869632833e1dbd\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 14\r\ns-rt: 14\r\nContent-Length: 55977\r\nSERVED-FROM: 2.22.30.215\r\nCache-Control: max-age=27515314, s-maxage=31104000\r\nDate: Mon, 11 Aug 2025 20:04:32 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nNetwork_Info: NO_OSLO_211309\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 23.36.77.80\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":151791,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32049)","md5":"f2e7b1f17d0c41260689767dbe430e6a","sha1":"8e487db24f132316b8530c5f8e01ad25ceced42c","sha256":"92d44f0a18811ca012f8ad8742ca0a760261d0e5d910f6caeabaf33175cec038","sha512":"610aad5059268665f81863094dcb65d8dee26f62b4f7c766b74a8b88198558ab884aa0d2eef4a8e794ec82e7dd01da9e2f579839db5db4fe370b50da393e9994","ssdeep":"1536:GXf6lZmM3cRuvdgG7bGPTCZWExbJsCHeADQlVkFxg3C9NTd5ep0chNXsJ82bH0rh:7NBfJxds+DJF35epDHM8dI2CoN6sf","tlshash":"8ee3199d7298707a07e720f9002f120aa077a978b40dd4e1daa5d9d4bc78a8f5137fbd","first_seen":"2024-08-12T05:44:54Z","last_seen":"2026-03-06T20:27:28.938227Z","times_seen":15091,"resource_available":true,"data":null}},"time_used":2156,"timings":{"blocked":1030,"dns":1,"connect":1008,"send":0,"wait":9,"receive":86,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto/latin.woff2","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdfe/static/0.0.29/Roboto/latin.woff2 HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 10748\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nx-oss-request-id: 6894A503670C1230398A7144\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15489323926058991130\r\nx-oss-storage-class: Standard\r\naccess-control-allow-origin: *\r\ncontent-md5: 7OZnPkd7TXrKEvBNrOXtYA==\r\nx-oss-server-time: 61\r\nx-source-scheme: https\r\neagleeye-traceid: 2ff6309f17545720351656314e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE2[3],EU-FRA-marseille-EDGE1-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE12[22],EU-FRA-paris-GLOBAL1-CACHE22[16,TCP_MISS,21],cache9.l2fr1[0,0,200-0,H], cache21.l2fr1[1,0], ens-cache1.gb9[0,0,200-0,H], ens-cache21.gb9[4,0]\r\nali-swift-global-savetime: 1754572035\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 07 Aug 2025 13:07:18 GMT\r\nx-swift-cachetime: 604797\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a917549398192966851e\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 3b0c4b416f2263b343220fd86b814e5e\r\nnginx-hit: 1\r\nage: 2852\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10748, version 1.0","md5":"ece6673e477b4d7aca12f04dace5ed60","sha1":"f8ff7fbe231448a58d3989d84803dd66851b9988","sha256":"4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280","sha512":"ed231b71207e839a9198da5225572e31012ab2df344b27167d1f63559d9a2b5a764dd9b98bd1e9575fb82f2f5dbaedaa5a29d4b7c33ff7e284d33b2018809912","ssdeep":"192:FpOviNVAWDDak7ID391Z6eGEik8m/8CuiYA3TvrOMl9RI7YLg:DOgfDDd7IR1Z6RUx0zi3TvrOMlLI0Lg","tlshash":"9622bfcdf01ad267d585bf349c164b4ad3a79733a1a816af8075e0549fc0ab020935ec","first_seen":"2023-04-06T18:54:24Z","last_seen":"2026-04-04T16:41:37.884992Z","times_seen":80325,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":73,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"laz-g-cdn.alicdn.com/lzdfe/static/0.0.48/iconfont-hp.woff","fqdn":"laz-g-cdn.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"90.84.161.27","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"laz-g-cdn.alicdn.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Apr 2025 02:21:08 GMT","end":"Sun, 24 May 2026 02:21:07 GMT"},"fingerprint":{"sha1":"A5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91","sha256":"D6:9F:A3:0F:B9:09:E4:63:05:D1:8F:DC:37:70:16:3B:94:9C:18:3D:DC:FE:8D:81:4D:3D:23:FF:EF:72:95:BD"}}},"request":{"raw":"GET /lzdfe/static/0.0.48/iconfont-hp.woff HTTP/1.1\r\nHost: laz-g-cdn.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\ncontent-type: font/woff\r\ncontent-length: 10800\r\nserver: openresty\r\nx-oss-request-id: 6868E2A09C6AF033334CCCA7\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11084093574867788336\r\nx-oss-storage-class: Standard\r\naccess-control-allow-origin: *\r\ncontent-md5: 5+/rWkRzXbwnk3ZVLNNvDA==\r\nx-oss-server-time: 19\r\nx-source-scheme: https\r\nvia: EU-GER-frankfurt-EDGE5-CACHE6[4],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE5[3],EU-FRA-paris-GLOBAL1-CACHE8[0,TCP_HIT,2],ens-cache25.l2nu20-20[0,0,200-0,H], ens-cache56.l2nu20-20[0,0], ens-cache2.l2hk11[31,32,200-0,M], ens-cache21.l2hk11[33,0], cache25.l2fr1[279,279,200-0,M], cache3.l2fr1[281,0], ens-cache35.fr6[0,0,200-0,H], ens-cache4.fr6[3,0]\r\nali-swift-global-savetime: 1751704224\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 05 Jul 2025 08:31:31 GMT\r\nx-swift-cachetime: 3533\r\ntiming-allow-origin: *\r\neagleid: a3b5fd9817517071933567565e\r\nx-ccdn-expires: 1948307\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 3da603750107e1de52f60d2f66d68650\r\nalt-svc: h3=\":443\"; ma=2592000\r\nnginx-hit: 1\r\nage: 643693\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10800,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 10800, version 1.0","md5":"e7efeb5a44735dbc279376552cd36f0c","sha1":"6fbf95afd6bd4b5ceaa90e0a988ee379b0ce1536","sha256":"4c4d8e923e008e615f10407b2992418005e89555259fc3c048d7424a058584ba","sha512":"d69caf82558474397532ced0ab88bc0a66b87ebc8d717b6738bfa60010bae1f6338c48c99c51815f128314fb7ca7050f8b057f7f067c6e532a8745a3fd2b2360","ssdeep":"192:NkKkwlu7pXsfSICwmcF2qQ2drvKbGHBBLeBdfkRcdwi6g/:NkKkGu7p8A+NTdrvbDLeBdSkL6g/","tlshash":"f922b024af89656ce50834b773ddf377cf613e80254858fd781a24e01e48dea93b9110","first_seen":"2023-05-05T09:30:02Z","last_seen":"2026-04-04T16:41:37.8947Z","times_seen":73670,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/secdev/sufei_data/3.9.14/index.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /secdev/sufei_data/3.9.14/index.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nContent-Length: 7398\r\nServer: Tengine\r\nx-oss-request-id: 68625C8CD5460937354444FC\r\nAccept-Ranges: bytes\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12593839585633272550\r\nx-oss-storage-class: Standard\r\nContent-Encoding: gzip\r\nContent-MD5: mYdC0z0rPw0pY52mKJdpuQ==\r\nx-oss-server-time: 21\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b427e17512766844763104e1fce\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 28\r\ns-rt: 28\r\nSERVED-FROM: 2.23.186.216\r\nCache-Control: max-age=96334010\r\nExpires: Wed, 30 Aug 2028 19:31:23 GMT\r\nDate: Mon, 11 Aug 2025 20:04:33 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nNetwork_Info: NO_OSLO_211309\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 23.36.77.80\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":17754,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17754), with no line terminators","md5":"b9a5a9592db7e29feb4cc5e8814dea21","sha1":"7efbde36c1131ebd7b51ae536eb087a8cebdbb7e","sha256":"f4425a89ec24254262bc3d81a838890e5c9740428e28cd96e520c5bf8ddffa4c","sha512":"26c2a4f256fa23da25a752a02ae6192f69e43ed34e7491b8cd6eaa7cd1b15266bdbc8c7e43efad7e525833f0ed81aacf7b8c5f20e3386fbb85f67072d030e092","ssdeep":"384:1IMDl+jy4oSYIvNj6saelaD6r0lW0m+nVEPrciNY4yT:1Isl+jysygTu","tlshash":"4a82848eb6c674654383147685af010fa23959d41c6fd6c1a4a2f8d17cb84bea337eec","first_seen":"2023-09-23T19:36:07Z","last_seen":"2026-04-04T16:41:37.878638Z","times_seen":86105,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":69,"dns":11,"connect":7,"send":0,"wait":40,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdfe/pdp-modules/1.4.4/pc-mod.css","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdfe/pdp-modules/1.4.4/pc-mod.css HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/css\r\ncontent-length: 35722\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 68971B1EB74E0C34382B4051\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14096634822127312349\r\nx-oss-storage-class: Standard\r\ncontent-md5: Ok34KZAvp1FnHsMo9bNckQ==\r\nx-oss-server-time: 21\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5f39f17547333421438395e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[5],EU-FRA-marseille-EDGE1-CACHE2[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE23[12],EU-FRA-paris-GLOBAL1-CACHE26[9,TCP_MISS,11],cache19.l2fr1[865,865,200-0,M], cache6.l2fr1[867,0], ens-cache1.gb9[0,0,200-0,H], ens-cache3.gb9[1,0]\r\nali-swift-global-savetime: 1754733343\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 09 Aug 2025 09:55:43 GMT\r\nx-swift-cachetime: 604800\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f39717549061451781068e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 1c2657db1fb34cf946d08e9818dce554\r\nnginx-hit: 1\r\nage: 36525\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":136794,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65532), with CRLF line terminators","md5":"1952aa6fb1be87726e9458038df98843","sha1":"f60be3d75a74da45d09d70fb822cb77cbfefd27a","sha256":"0c84e192095dee0121011bea0c0b0f674bd0621edd7317e92022a827f520856a","sha512":"548de1066bcfe81976594f3864cb72b2eaa187f490f030a9227e0ad70dcfbad174c330b601269ecb23d5d4642582e67734252e3f235f8e0247dae7d7021d742e","ssdeep":"3072:IXDXxXPXgX/XnX+X4XbxxVctwehCDy8D5Igw3IiR7FwVZTZEZ4nZ40Z4MY41lmsI:IXDXxXPXgX/XnX+X4XbxxVctwehCDy8S","tlshash":"d9d37532f2b8113ab13bc636e4e0b6db71249553d26387bbe901f624c6cf596276325c","first_seen":"2024-08-14T18:04:04Z","last_seen":"2026-04-04T16:41:37.901307Z","times_seen":66329,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":87,"dns":0,"connect":0,"send":0,"wait":106,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjU8R49tmpB-2FufNHbKDK4JhUgH8h562spp3UMhp6pOKl46F4RT9Kq5ldDMxv18MefOY3n7sanMwgeAydWMTphSvgkdKau-4apuSoF6CeTMOP9nGvmKNOvQNQZ9-kGUvW4cncv-CrCudZRzPqTWUbLxLmalls-dxzyd2AJ41X4xD4S__DSxc3DN2F32ZPz/s1600/link.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:32.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:06 GMT","end":"Mon, 29 Sep 2025 08:35:05 GMT"},"fingerprint":{"sha1":"63:78:72:6F:FA:74:62:BB:8E:62:97:12:1D:27:37:96:37:81:92:E4","sha256":"F3:9B:D5:68:46:33:18:76:62:06:0D:55:5C:13:48:C7:C0:46:24:43:7E:C5:8D:9A:8B:DA:47:44:DA:33:B0:A2"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjU8R49tmpB-2FufNHbKDK4JhUgH8h562spp3UMhp6pOKl46F4RT9Kq5ldDMxv18MefOY3n7sanMwgeAydWMTphSvgkdKau-4apuSoF6CeTMOP9nGvmKNOvQNQZ9-kGUvW4cncv-CrCudZRzPqTWUbLxLmalls-dxzyd2AJ41X4xD4S__DSxc3DN2F32ZPz/s1600/link.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3bdc\"\r\nexpires: Tue, 12 Aug 2025 20:04:32 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"link.png\"\r\nx-content-type-options: nosniff\r\ndate: Mon, 11 Aug 2025 20:04:32 GMT\r\nserver: fife\r\ncontent-length: 11188\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11188,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 145 x 145, 8-bit/color RGBA, non-interlaced","md5":"0a0c141ddbb85480e09b03665e981b0c","sha1":"b4b63ce813cb5191263075f4cc4a7bfabd4d88d0","sha256":"9d5b32d5f625534231fb2a49cb97585946ae289559ad17ab645bf5eb0c9cca46","sha512":"f9a9e7ee3e3e20030153e83ff2fb3801e1a0fde08d55b4fb78dfe09197b5a8f9ad51921b76e075ec7e9c29d9148086029c09385e4fcf911ccb934106acde90a4","ssdeep":"192:xbmhxRf+lLLWlUQCDBwcMlSwUfwozfUeg9w8YbifRO7kozipd3okcZ:sjRf+lLtQQUZHeg9w8Y74oziptu","tlshash":"1d32d06f050f50ffa41fb280a4af977ac5ee91e1c3c8aed65474e034d03c622ae157a8","first_seen":"2025-03-24T22:12:33.631105Z","last_seen":"2025-10-16T17:55:59.523667Z","times_seen":3983,"resource_available":false,"data":null}},"time_used":1151,"timings":{"blocked":367,"dns":70,"connect":22,"send":0,"wait":239,"receive":105,"ssl":345},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN01EShTwh1uKIMLn9AjA_!!6000000006018-0-tps-34-34.jpg","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i1/O1CN01EShTwh1uKIMLn9AjA_!!6000000006018-0-tps-34-34.jpg HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/jpeg\r\ncontent-length: 1189\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1658926\r\nali-swift-global-savetime: 1739355244\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: YyDsEMx5s47bdjx4uxTX9A==\r\neagleid: a3b523a717428695853093150e\r\netag: \"6320EC10CC79B38EDB763C78BB14D7F4\"\r\nexpires: Wed, 30 Jul 2025 08:44:52 GMT\r\nlast-modified: Wed, 25 Sep 2024 03:52:21 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-02\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 4519597\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 10428da69d7d71991a29bbcbbae42338\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3357337\r\nx-swift-savetime: Tue, 18 Feb 2025 13:38:27 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1189,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 34x34, components 3","md5":"25af287e867164172f028fedeefd74de","sha1":"5b7194ecbeb20809949e2a1a4e59c755fb4ac9f8","sha256":"5c29a4d5eadca9d201ad4c2d3dbf4d5d3bcffea3b794baa7880531230a136722","sha512":"252245f04b64c984c193b96c3a701ef113888132a6c6d3ff1d7fe113dfd7bbcb21cc394a259da9a369f7ca7a10c071da15384999da460e86fdcf72b491c02876","ssdeep":"","tlshash":"cc21897f119bfe10de3408752894b3e1d388db81dcb8961de19835413c3dce648d6417","first_seen":"2024-10-04T14:56:34Z","last_seen":"2026-04-04T16:41:37.891486Z","times_seen":50159,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01RNizk522j2cPtaRjc_!!6000000007155-2-tps-96-70.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i3/O1CN01RNizk522j2cPtaRjc_!!6000000007155-2-tps-96-70.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 7663\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613798\r\nali-swift-global-savetime: 1741789200\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: /UyV004Pt6DqCY4oFq7UJw==\r\neagleid: a3b5239d17446164697504060e\r\netag: \"FD4C95D34E0FB7A0EA098E2816AED427\"\r\nexpires: Wed, 30 Jul 2025 08:44:51 GMT\r\nlast-modified: Fri, 09 Aug 2024 04:00:48 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-07\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 4415752\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 978ab6c4b4bb5b1b2d276b184f3e6630\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3226341\r\nx-swift-savetime: Thu, 20 Mar 2025 06:07:39 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7663,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced","md5":"fd4c95d34e0fb7a0ea098e2816aed427","sha1":"1819b9b759b018db77fb60269309a3ccb43011cd","sha256":"d34efe5f1f7f0c134024c2e86b03ec10f231ff41e91910cf7ac6696515dad147","sha512":"9e22b6c89eeeae6722d086e4f03b5040f3decc6ae5e147eca711d0968cc0ee9ca36e9767b9a4e247034b30778acf8a57185690ba22d88a516388da6180f7d848","ssdeep":"192:lYC1Fsx/Ed6DNaGFAbLWfu5dFboPF4J6qkhacaz9aB9:lYkAzZaj8u5dxod7ycw9a3","tlshash":"5df19e586305436c5f70df316e83b7fceed1506cb64496b0be4e020f4561b93ce689a5","first_seen":"2023-05-05T09:30:02Z","last_seen":"2026-04-04T16:41:37.893215Z","times_seen":63567,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"laz-g-cdn.alicdn.com/lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/font_482437_i9tqljab236p3nmi.woff","fqdn":"laz-g-cdn.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"90.84.161.27","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"laz-g-cdn.alicdn.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Apr 2025 02:21:08 GMT","end":"Sun, 24 May 2026 02:21:07 GMT"},"fingerprint":{"sha1":"A5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91","sha256":"D6:9F:A3:0F:B9:09:E4:63:05:D1:8F:DC:37:70:16:3B:94:9C:18:3D:DC:FE:8D:81:4D:3D:23:FF:EF:72:95:BD"}}},"request":{"raw":"GET /lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/font_482437_i9tqljab236p3nmi.woff HTTP/1.1\r\nHost: laz-g-cdn.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\ncontent-type: font/woff\r\ncontent-length: 49860\r\nserver: openresty\r\nx-oss-request-id: 6868EAC80835C33033DF01AE\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12542599084261558410\r\nx-oss-storage-class: Standard\r\ncontent-md5: ntCprxPpn0oJTTZnx7+wcQ==\r\nx-oss-server-time: 18\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\nvia: EU-GER-frankfurt-EDGE5-CACHE6[4],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE20[3],EU-FRA-paris-GLOBAL1-CACHE21[0,TCP_HIT,2],ens-cache22.l2nu20-20[0,0,200-0,H], ens-cache59.l2nu20-20[1,0], ens-cache4.l2hk11[0,0,200-0,H], ens-cache2.l2hk11[2,0], cache31.l2fr1[0,0,200-0,H], cache14.l2fr1[1,0], ens-cache30.fr6[0,0,200-0,H], ens-cache6.fr6[1,0]\r\nali-swift-global-savetime: 1751706312\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 05 Jul 2025 09:06:16 GMT\r\nx-swift-cachetime: 3536\r\ntiming-allow-origin: *\r\neagleid: a3b5fd9a17517071699282243e\r\nx-ccdn-expires: 1948162\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 590af11431bc4ff01fcfaac35b82f280\r\nalt-svc: h3=\":443\"; ma=2592000\r\nnginx-hit: 1\r\nage: 643838\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":49860,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 49860, version 1.0","md5":"9ed0a9af13e99f4a094d3667c7bfb071","sha1":"e8c1a8ddde34f6f1fc5adacc1a24a29cab98c1db","sha256":"e31ffa4ab077866db78d07241dddd66d8930229f67f42350ec8c8cbf278a539a","sha512":"af085555a12d8fd2275e78f0850e8f06124dc0d8159f17a72d3c59c6ce8edf2895ab42fee8af72aeeadfe3043dc9b84bd93b93b5cfe7215562bc1d0c3e497ca3","ssdeep":"768:L8iL28G+MaJWu0YL6yHYM+8FcZ9ruPWZ81txwIJolwJsw4zWaTcmhT29c726jIi2:I83J0FSFS9wRjzOdWS7Ric72bi2","tlshash":"6e230273c1344dade7f9367dc0f838f66847c7a19dca8e90528d06f0126eb776aa5098","first_seen":"2023-06-03T14:51:44Z","last_seen":"2026-04-04T16:41:37.88794Z","times_seen":68915,"resource_available":false,"data":null}},"time_used":672,"timings":{"blocked":173,"dns":1,"connect":56,"send":0,"wait":193,"receive":133,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzjjBVZ2ny09LU3tqf6BstNoankMC6WEGjunfq6tQ3qo8IIwh_YZ8O98T_uB703wn51d1D7ybW-3EwBPzHxwnt-724WoCoq68iegpSCac17SY3TjC6JcfxNvwvysSrbJ5MUNxFOUwOisJHyu-EoXWH4anZK4wN1cfEhwyR-3lAP1qKZcshknICS1FQacQw/s1600/promo.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:32.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:06 GMT","end":"Mon, 29 Sep 2025 08:35:05 GMT"},"fingerprint":{"sha1":"63:78:72:6F:FA:74:62:BB:8E:62:97:12:1D:27:37:96:37:81:92:E4","sha256":"F3:9B:D5:68:46:33:18:76:62:06:0D:55:5C:13:48:C7:C0:46:24:43:7E:C5:8D:9A:8B:DA:47:44:DA:33:B0:A2"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEhzjjBVZ2ny09LU3tqf6BstNoankMC6WEGjunfq6tQ3qo8IIwh_YZ8O98T_uB703wn51d1D7ybW-3EwBPzHxwnt-724WoCoq68iegpSCac17SY3TjC6JcfxNvwvysSrbJ5MUNxFOUwOisJHyu-EoXWH4anZK4wN1cfEhwyR-3lAP1qKZcshknICS1FQacQw/s1600/promo.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3bdc\"\r\nexpires: Tue, 12 Aug 2025 20:04:33 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"promo.png\"\r\nx-content-type-options: nosniff\r\ndate: Mon, 11 Aug 2025 20:04:33 GMT\r\nserver: fife\r\ncontent-length: 13198\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13198,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 156, 8-bit/color RGBA, non-interlaced","md5":"d3e0bbf9ee9e1eb4fb0ffb991df19401","sha1":"8ac57d791fde9f45cf59c837ae4fc09e85681b03","sha256":"ad8b41ff97a364f30ee47941eb0eb53b30c6065892c001f813974f1b4c909a37","sha512":"9d49804fc9cdff77ae2fa933faece97da5ce3089916b4f723644ae619ea4deb5f9b19de8ed8a3c984c219b2ff0485b724431dd06babc168194e0de0eefaf76d8","ssdeep":"384:TjRf+lLtREn1eTzGqkJm4JNLdnsr0Y+xM7:TteK1kgh1sr0rM7","tlshash":"9642ae33304f357f968152b12225521ab1a946e8ffb1aa0c2d68e43be077495df1d67c","first_seen":"2025-01-27T03:02:38.843196Z","last_seen":"2025-11-24T18:30:34.337398Z","times_seen":3994,"resource_available":false,"data":null}},"time_used":1536,"timings":{"blocked":597,"dns":0,"connect":0,"send":0,"wait":365,"receive":0,"ssl":574},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdfe/pdp-platform/0.1.22/pc.css","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdfe/pdp-platform/0.1.22/pc.css HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/css\r\ncontent-length: 2240\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 6892FAB880F1CC3934CB3B27\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3171041400854944349\r\nx-oss-storage-class: Standard\r\ncontent-md5: LO+js6UX0N1j7hLy9V9TjA==\r\nx-oss-server-time: 19\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5fd9517544629039941859e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[2],EU-FRA-marseille-EDGE1-CACHE4[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE19[3],EU-FRA-paris-GLOBAL1-CACHE11[0,TCP_HIT,2],cache10.l2fr1[0,0,200-0,H], cache30.l2fr1[1,0], ens-cache8.gb9[0,0,200-0,H], ens-cache9.gb9[1,0]\r\nali-swift-global-savetime: 1754462905\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 06 Aug 2025 10:24:27 GMT\r\nx-swift-cachetime: 591838\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f39d17548214829753989e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 41547c730d87215c65c52a10230f0341\r\nnginx-hit: 1\r\nage: 37720\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6453,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6449), with CRLF line terminators","md5":"17fbadd502b81b226f140e2626b59882","sha1":"418a3bb9c84482cf5c6eabcb251496ec79a5c00b","sha256":"f025608eb81037815a5c2de7868b0d941819fee8a0dbff8052703c7bfecd4c16","sha512":"e6ffe519d180d1c0189c18919697a7dddbec5411e59e394a37bb9ec75e8e766efd1de463af8cae4d5aeb40582b701b86f39e4f9bafb4fcea376cfb5b2260f3ac","ssdeep":"192:1HCPDlgTe5wRgMRj5Nrar9pnatYhNkKXsJgaS3tHmp:1HCPDlnKx5Nrar9RatYhNkKXTaS3tHmp","tlshash":"e6d13222773426feb13bd013eaa8a6dd352a4533b753c6efe901fa71a10b9cd2530615","first_seen":"2024-08-14T18:04:04Z","last_seen":"2026-04-04T16:41:37.895274Z","times_seen":66500,"resource_available":false,"data":null}},"time_used":712,"timings":{"blocked":157,"dns":0,"connect":79,"send":0,"wait":384,"receive":0,"ssl":88},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/??lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-1.css,lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-2.css,lazada/lazada-product-detail/1.7.4/index/index.css","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/??lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-1.css,lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-2.css,lazada/lazada-product-detail/1.7.4/index/index.css HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/css\r\ncontent-length: 67226\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 6891542083B9F334302655D4\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15844781135382133320\r\nx-oss-storage-class: Standard\r\ncontent-md5: rQDWIYFqRsvPnTYuX7UILA==\r\nx-oss-server-time: 5\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5fdb117543547192833843e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[3],EU-FRA-marseille-EDGE1-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE19[3],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,2],cache36.l2fr1[0,0,200-0,H], cache5.l2fr1[2,0], ens-cache15.gb9[0,0,200-0,H], ens-cache19.gb9[1,0]\r\nali-swift-global-savetime: 1754354720\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 05 Aug 2025 08:45:36 GMT\r\nx-swift-cachetime: 575984\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a717549380456118271e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 657270126d7af9ca188484735ef47f06\r\nnginx-hit: 1\r\nage: 1583\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":412214,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65532), with CRLF line terminators","md5":"0b0e18dda16ec5e61529240b3a3191c6","sha1":"d91faebc6c036977981192a546db68148b268d57","sha256":"428999fa916da237442560ccd11f22dc53a5f73c036d476813c85d540670e620","sha512":"654c0ab67469cae2a8750377eace14cfa23da360170e55591c5fbbc9610409432f1b6d20383e05a77e039352b784d71182945f01833b6c04ae0611d114116b17","ssdeep":"1536:jclfUZ/LQfc3Yjbhr3LpNwdZdh3eMLFZB9/zz6TzHLlzzpg11RL9Pc0gyWeTJHfN:B2DN6rgNfxJFi6c9O9kv","tlshash":"4794a45c919e1c5fe223c03b65c070a1502ad642e6a2cee7f6c35adcc59668836bfed4","first_seen":"2024-08-14T18:04:04Z","last_seen":"2026-04-04T16:41:37.889136Z","times_seen":65522,"resource_available":false,"data":null}},"time_used":868,"timings":{"blocked":-1,"dns":0,"connect":82,"send":0,"wait":285,"receive":309,"ssl":190},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN011gka8L1E0PIZlHK7e_!!6000000000289-2-tps-34-34.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i4/O1CN011gka8L1E0PIZlHK7e_!!6000000000289-2-tps-34-34.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 1892\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613884\r\nali-swift-global-savetime: 1725121726\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: EkewBBSkySHBflIPgbmu5A==\r\neagleid: a3b58ca017272551953074985e\r\netag: \"1247B00414A4C921C17E520F81B9AEE4\"\r\nexpires: Wed, 08 Oct 2025 02:46:18 GMT\r\nlast-modified: Sat, 13 Jul 2024 02:59:00 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-04\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 2000011\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 1c0db6b20cd461ea0378ecf9db9b3504\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 2725392\r\nx-swift-savetime: Sat, 14 Sep 2024 03:25:34 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1892,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 34, 8-bit colormap, non-interlaced","md5":"1247b00414a4c921c17e520f81b9aee4","sha1":"f6ceb3c012dd4c758a4e700c8ec2500ab1d52749","sha256":"d8a77cdf2b32f27183512a5d20d99d5d708433cf6fb45d3ef0beb8aec61fa9e7","sha512":"70987c00bd476e473e0246fa8e57f0d72f0904a77cfe7ec97fb7c1129de3d45693ab43d9a59aade67eecf76763ca7ddf84735b230f0db8b6a7118a7b0c83a25c","ssdeep":"","tlshash":"d5412d86f890d53650ea9e3d7f4351658b6101341990e55f60b01d2edfc3af9d31c5c2","first_seen":"2023-05-29T02:46:56Z","last_seen":"2026-04-04T16:41:37.896454Z","times_seen":64067,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdfe/pdp-platform/0.1.22/pc.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdfe/pdp-platform/0.1.22/pc.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 25538\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 6895E47BF1931B39301AAFEA\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 541127663539026094\r\nx-oss-storage-class: Standard\r\ncontent-md5: m979c9wluEv+jZkXthIAIA==\r\nx-oss-server-time: 16\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b55cec17546538183645455e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE4[3],EU-FRA-marseille-EDGE1-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE4[12],EU-FRA-paris-GLOBAL1-CACHE12[8,TCP_MISS,11],cache31.l2fr1[0,0,200-0,H], cache7.l2fr1[1,0], ens-cache13.gb9[0,0,200-0,H], ens-cache20.gb9[1,0]\r\nali-swift-global-savetime: 1754653819\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 10 Aug 2025 10:09:34 GMT\r\nx-swift-cachetime: 438045\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a817549069740596180e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 22c57e1b31b3a43c059937bb3f122286\r\nnginx-hit: 1\r\nage: 35696\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":74177,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9bdefd73dc25b84bfe8d9917b6120020","sha1":"006f41d33d4a21eadbfe250e569b140a63fd5469","sha256":"73a8360e318e76b752e953261326592e2ed9be1c1da0b6dbc9dd527e8f76830d","sha512":"d9344e58a3f9ef4ddda7b68ce6614b6683b0c6cb2dfb3ad1f87783fccb1c67f41080d65a99b892f18442cfa59b6ffdd82c4482ee4c387e49d8193ab5c396e336","ssdeep":"768:69wPmwq5/kmOm8QuCwORE3HVLOcIl2K6cxCQYjoXaO:69wPmrTOFQMORCCtl2K6aCXjlO","tlshash":"8c737189b991f0b557a365b4802f450bf17b1a78b09da4c0e7bad5f1acb844e8133f2d","first_seen":"2023-06-03T14:51:44Z","last_seen":"2026-04-04T16:41:37.852992Z","times_seen":71891,"resource_available":true,"data":null}},"time_used":766,"timings":{"blocked":168,"dns":0,"connect":94,"send":0,"wait":411,"receive":3,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdfe/pdp-modules/1.4.4/pc-mod.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdfe/pdp-modules/1.4.4/pc-mod.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 271566\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 6895C961D865A532340B51BF\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4681579850532549158\r\nx-oss-storage-class: Standard\r\ncontent-md5: LcZXW8lsoro/JeTUiCF48g==\r\nx-oss-server-time: 48\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5f3ab17546468804506941e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE4[3],EU-FRA-marseille-EDGE1-CACHE4[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE23[12],EU-FRA-paris-GLOBAL1-CACHE4[9,TCP_MISS,12],ens-cache4.l2de3[1051,154,200-0,C], ens-cache11.l2de3[162,0], ens-cache16.gb9[0,0,200-0,H], ens-cache6.gb9[0,0]\r\nali-swift-global-savetime: 1754646881\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 08 Aug 2025 09:54:41 GMT\r\nx-swift-cachetime: 604800\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f39a17549060913757203e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 12cf124035cf84ca459a1f9e101c59bc\r\nnginx-hit: 1\r\nage: 36579\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":810700,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2dc6575bc96ca2ba3f25e4d4882178f2","sha1":"a6fe61638e3dd7d71a4c00e1b87e5e6d1b80e474","sha256":"295424257477b4cdb96b2b990bc42060434eff8b4e038655ee48903cd0ac3779","sha512":"7d8673b0f9916f6dee3a8eb317502fc7c6ac31632746f8c96f177133d6dff00959e3bb1cc1a862f6f04241d859626a23cd8f05ef2428f1f7cf5bc7bd9a5263cc","ssdeep":"24576:npdTrzjNabj3kuUd9vEy2p9Jpz8xogOe3Co1oh1Zi:nXTrzJabj3kuUd9vEy2p9Jpz8xogOe3/","tlshash":"0a05fa88f1a0f07843d71065803f650af2ba2e6cd46c9444e2a9d4e97db96de532bf3d","first_seen":"2024-08-12T05:44:55Z","last_seen":"2026-04-04T16:41:37.882388Z","times_seen":69175,"resource_available":true,"data":null}},"time_used":576,"timings":{"blocked":122,"dns":0,"connect":0,"send":0,"wait":137,"receive":317,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/lzdfe/pdp-modules/1.4.4/pc-mod.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amplittlegiant.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 17 Jul 2025 16:48:36 GMT","end":"Wed, 15 Oct 2025 17:45:01 GMT"},"fingerprint":{"sha1":"C5:66:A6:A9:74:4D:AD:5B:95:D3:7D:C7:33:F0:09:39:5F:C3:23:80","sha256":"07:4E:51:B1:3F:8E:D9:08:74:90:46:04:CF:AE:74:1C:0E:2C:11:4E:79:D1:F6:62:22:B6:84:2B:8A:FF:ED:E8"}}},"request":{"raw":"GET /lazada/g.lazcdn.com/g/lzdfe/pdp-modules/1.4.4/pc-mod.js HTTP/1.1\r\nHost: cdn.amplittlegiant.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 14 Sep 2024 04:58:57 GMT\r\netag: \"1be281-6220d327fdb2a-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2Mbvdf08p%2BKtQ%2B2tjViYEHFVe%2F5A6vpgafv8eDlIppBLxX16HXvvSIzCen5xBS6VRAdgZkfF%2Bqfevd2tVf9I0aqoolGoYIb3Jbn0dKUVNom5RMOmjxI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 6503\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 96da57a9584c5bd9-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1827457,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"2ed59c0c2cc7e1f3ce2b6a45debbc9e8","sha1":"f412f5c535a3eb8a629f986c249f9988ad3e8147","sha256":"d81becb43d41b74ab8a8bcf69fa9de07f0badd68bbdd78e7d8af01aa1cfe0cd0","sha512":"28fa3b7ca6f9592a546542488904f37bebf03ce0fdfa19af3ab049339769468ba9393cc70131c027b40a855f0302d91281afd06335e0eaafb4a600bc2c6010d4","ssdeep":"24576:+XWXgnWKnNM6HDjsq3R+twfexMyLgfjr/RYKJOPz+/mTsvdB33L4gVOneUKs0FBt:+XWXgnWKnNM6HDjsq3R+twfexMyLgfjH","tlshash":"46253e0abaf360345163b07d8b2fd805b235455f0988fd043e8c92a59f5993d9bb9fac","first_seen":"2025-07-26T17:13:43.289429Z","last_seen":"2026-03-26T09:40:49.663639Z","times_seen":2186,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":1,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN019tUhkL1abQnOURPrd_!!6000000003348-2-tps-96-70.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i1/O1CN019tUhkL1abQnOURPrd_!!6000000003348-2-tps-96-70.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 4287\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1614192\r\nali-swift-global-savetime: 1743337208\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: /cIBj74ArW4ZUyyAECAB1w==\r\neagleid: a3b523a717460890925578369e\r\netag: \"FDC2018FBE00AD6E19532C80102001D7\"\r\nexpires: Mon, 01 Sep 2025 07:04:47 GMT\r\nlast-modified: Thu, 15 Aug 2024 04:47:46 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-08\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 7969286\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 45b46c97f1ced6c9e7e158c999f4ec04\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3450721\r\nx-swift-savetime: Fri, 04 Apr 2025 13:48:07 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced","md5":"fdc2018fbe00ad6e19532c80102001d7","sha1":"f1e8e27bb35e2765a0e705d0e8bbcbcdf8609dad","sha256":"2e5551d5b65b23e629b9b510cd5796475f98e91e65cb02b647b978864b7755b4","sha512":"96a3cbea18a7401a1dc49266d0c7360253601706f595dcc4f5c739385438f5968f029b4cb34d3d3bac3a7eac4f2e04d68c8b5e08f53b8919d44183b12fa3655a","ssdeep":"96:13vCnaXtiXA0mQF8h6ozdn6eGABOycCAe84OhWrIbMzRKp0:RCnQihk6SlPHEfCAe87hjM9K6","tlshash":"b6916d2b12795c1351f3dacee0825e90cbf96268375b2520f905c72fefdec868418129","first_seen":"2023-08-17T12:11:36Z","last_seen":"2026-04-04T16:41:37.886112Z","times_seen":63231,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":64,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/tfs/TB1jyJMv.H1gK0jSZSyXXXtlpXa-184-120.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/tfs/TB1jyJMv.H1gK0jSZSyXXXtlpXa-184-120.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 6179\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1614145\r\nali-swift-global-savetime: 1739432754\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: WoeDQPPW/L0ihquozpktNw==\r\neagleid: a3b523a817416386547782474e\r\netag: \"5A878340F3D6FCBD2286ABA8CE992D37\"\r\nexpires: Wed, 30 Jul 2025 08:44:53 GMT\r\nlast-modified: Tue, 20 Aug 2024 02:14:41 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 1292728\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 7eb14694d4713738107e0d3de50ed272\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3434847\r\nx-swift-savetime: Tue, 18 Feb 2025 13:38:27 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6179,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 184 x 120, 8-bit colormap, non-interlaced","md5":"5a878340f3d6fcbd2286aba8ce992d37","sha1":"85adfa61f988fc2e519e5a309d04265023c1e9d3","sha256":"a0cc1b2660da8fe09c2aad9634a4ef2562e374dfcd47358b070fb139dc6bface","sha512":"90324666b867d72268731ca42f0a03eb85998f50238f5e424f572c2fdc2929073e6f2ba776dce9279e64bf462e3ffdba389ea45f1cb9c05d523fff18b9e6d342","ssdeep":"96:EwSPhj7eb+XkfA2Upe1L3niDwZ9xfBi/6Je5NU0XfWWhlswV+e17AyupOuPMJ/nN:EwSJjCb+U42UY1jnlZffg1UUnlswX2yN","tlshash":"d6d1a04afa92f8bec1260893a7f381b7e350540b15355c90e917d81cec6a16f0f9795d","first_seen":"2023-05-05T09:30:02Z","last_seen":"2026-04-04T16:41:37.902517Z","times_seen":53685,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01zt1zOu1zsFnzoIWje_!!6000000006769-2-tps-34-34.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i4/O1CN01zt1zOu1zsFnzoIWje_!!6000000006769-2-tps-34-34.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 314\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3888000\r\nage: 1614145\r\nali-swift-global-savetime: 1733492905\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: hvUb2Rd9UsXy5kJemNlc8A==\r\neagleid: a3b58c9f17364071449038104e\r\netag: \"86F51BD9177D52C5F2E6425E98D95CF0\"\r\nexpires: Wed, 30 Jul 2025 08:44:52 GMT\r\nlast-modified: Tue, 24 Sep 2024 13:34:28 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-12\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 159852\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 9d7a35135669cc01417130c3bb6e8c96\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 1677082\r\nx-swift-savetime: Wed, 01 Jan 2025 03:57:03 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":314,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 34, 8-bit colormap, non-interlaced","md5":"86f51bd9177d52c5f2e6425e98d95cf0","sha1":"30b0520aed734b206f0f421b241e7168fac215d4","sha256":"4810ae2a6d9cfc4603201912516cc79e41b5470319925b428ab8daaae7daa82c","sha512":"5636f567e30c9825a35dcc28d912370b29b4fc1768a3d3630b5dd3d7deb29304b6f121a9e08f2ba56a4ceedcca8053cde16bd28e7c95ca9bce0bb86e1164786d","ssdeep":"","tlshash":"d4e02bd621517c34dd74023bda00a67c48a07c5416c2220700e168377901571a56c257","first_seen":"2023-05-29T02:46:56Z","last_seen":"2026-04-04T16:41:37.860742Z","times_seen":63073,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":16,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/??mui/feloader/5.0.0/feloader-min.js,lzdmod/site-nav-pc/5.2.38/pc/index.js,lzdmod/jquery/5.0.9/index.js,lzdmod/site-nav-pc/5.2.38/assets/links-bar/index.js,lzdmod/common-info/5.0.30/index.js,lzdmod/site-nav-pc/5.2.38/assets/reqwest/index.js,lzdmod/site-nav-pc/5.2.38/assets/common/popper/index.js,lzdmod/site-nav-pc/5.2.38/assets/cart/index.js,lzdmod/site-nav-pc/5.2.38/assets/download-app/index.js,lzdmod/site-nav-pc/5.2.38/i18n.js,lzdmod/site-nav-pc/5.2.38/assets/track-order/index.js,lzdmod/site-nav-pc/5.2.38/assets/switch-lang/index.js,lzdmod/site-nav-pc/5.2.38/assets/user-info/index.js,lzdmod/site-nav-pc/5.2.38/assets/affiliate/index.js,lzdmod/site-nav-pc/5.2.38/assets/logo-bar/index.js,lzdmod/site-nav-pc/5.2.38/assets/search-box/index.js,lzdmod/site-nav-pc/5.2.38/assets/liveup/index.js,lzdmod/site-menu-pc/5.0.45/pc/index.js,lzdmod/site-menu-nav-pc/5.0.73/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/reqwest/index.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/??mui/feloader/5.0.0/feloader-min.js,lzdmod/site-nav-pc/5.2.38/pc/index.js,lzdmod/jquery/5.0.9/index.js,lzdmod/site-nav-pc/5.2.38/assets/links-bar/index.js,lzdmod/common-info/5.0.30/index.js,lzdmod/site-nav-pc/5.2.38/assets/reqwest/index.js,lzdmod/site-nav-pc/5.2.38/assets/common/popper/index.js,lzdmod/site-nav-pc/5.2.38/assets/cart/index.js,lzdmod/site-nav-pc/5.2.38/assets/download-app/index.js,lzdmod/site-nav-pc/5.2.38/i18n.js,lzdmod/site-nav-pc/5.2.38/assets/track-order/index.js,lzdmod/site-nav-pc/5.2.38/assets/switch-lang/index.js,lzdmod/site-nav-pc/5.2.38/assets/user-info/index.js,lzdmod/site-nav-pc/5.2.38/assets/affiliate/index.js,lzdmod/site-nav-pc/5.2.38/assets/logo-bar/index.js,lzdmod/site-nav-pc/5.2.38/assets/search-box/index.js,lzdmod/site-nav-pc/5.2.38/assets/liveup/index.js,lzdmod/site-menu-pc/5.0.45/pc/index.js,lzdmod/site-menu-nav-pc/5.0.73/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/reqwest/index.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 76005\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 68912AAC89AEF038335BF528\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5754340992191081510\r\nx-oss-storage-class: Standard\r\ncontent-md5: Xignf5zBtp7GvqZWEqODlA==\r\nx-oss-server-time: 3\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b55ca317543441077636301e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[5],EU-FRA-marseille-EDGE1-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE2[4],EU-FRA-paris-GLOBAL1-CACHE25[0,TCP_HIT,3],cache39.l2fr1[0,0,200-0,H], cache28.l2fr1[1,0], ens-cache18.gb9[0,0,200-0,H], ens-cache18.gb9[1,0]\r\nali-swift-global-savetime: 1754344109\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Tue, 05 Aug 2025 08:49:10 GMT\r\nx-swift-cachetime: 565159\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a617549394868921428e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 25093f9941e6fbea570b114a4769739e\r\nnginx-hit: 1\r\nage: 1423\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":188948,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (27672)","md5":"2ccd0968cdba249db3247c66f9f87c18","sha1":"f2fd43093bea8756c20c99ade52e4e7089d0446e","sha256":"cd1411bbb194fde0a1a0b729f03c3a5bb38ca17b43983b0eb706c519a34280ca","sha512":"608ec691a84bb03f2bc8dcc9ee31670a0d67d399e47e1c59ca5bb119b0ca3bd0e1d0d2952edb1b289b45f2708af92642ff632f101130aad07162ac7bd247cc85","ssdeep":"3072:Hit5xzm9oK6cTq3kEaH1yl4INwhZIGbGVaa0Ff18hhGEb:CT9m9oFc+sbh7jbGVaa0p18hZb","tlshash":"0c044ccd71d1b06243a72078907f650bb236996e280c8444f275ece6bd78a8e527bf7d","first_seen":"2024-08-12T05:44:55Z","last_seen":"2026-04-04T16:41:37.884348Z","times_seen":69603,"resource_available":true,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":393,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gj.mmstat.com/eg.js?t=1754942672486","fqdn":"gj.mmstat.com","domain":"mmstat.com","tld":"com"},"ip":{"addr":"47.246.136.160","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:32.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.mmstat.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 17 Mar 2025 11:27:01 GMT","end":"Thu, 04 Sep 2025 00:00:00 GMT"},"fingerprint":{"sha1":"73:BF:BA:7F:66:D6:A0:89:45:65:C0:C5:EA:71:A5:B1:ED:05:ED:E1","sha256":"6D:59:40:26:41:F3:61:AA:6E:53:E2:28:9F:C1:A1:9F:B4:6E:73:81:80:A3:25:F7:BB:50:07:69:F9:4B:9F:CA"}}},"request":{"raw":"GET /eg.js?t=1754942672486 HTTP/1.1\r\nHost: gj.mmstat.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 Aug 2025 20:04:33 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 91\r\netag: \"0TohIa2vkR8CAVFfUcL4d4Ho\"\r\nstag: 2\r\nset-cookie: cna=0TohIa2vkR8CAVFfUcL4d4Ho; expires=Thu, 09-Aug-35 20:04:33 GMT; path=/; domain=.mmstat.com;\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"ded33a18a1ea141e7bd86473d69b6050","sha1":"22a789d5f973306ca6494d91ffe3c9dd92bb563a","sha256":"6df34e07b64a4fe07cbc4a04b4dcb4b38ec863f47c2ac6d1c3db3aa60b2abb1c","sha512":"13404b6abf00ed65cffc17b29579c1dee3e037a67a1b4b8339d3a921837225776c2a4cf957a210b5098c333f1df803c9ed0a386066575cf838d8feea7697c862","ssdeep":"","tlshash":"1db012ed884e6c3c7810002c06011500b45cc330c540d0d04170c4313c4148798004d3","first_seen":"2025-08-11T20:05:29.458793Z","last_seen":"2025-08-11T20:05:29.458793Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2116,"timings":{"blocked":1002,"dns":0,"connect":107,"send":0,"wait":111,"receive":1,"ssl":893},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdmod/??site-nav-pc/5.2.43/pc/index.css,site-menu-nav-pc/5.0.83/pc/index.css,site-menu-pc/5.0.51/pc/index.css","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdmod/??site-nav-pc/5.2.43/pc/index.css,site-menu-nav-pc/5.0.83/pc/index.css,site-menu-pc/5.0.51/pc/index.css HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/css\r\ncontent-length: 9678\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 689097E726A67C383251BBC7\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2241752031559070708\r\nx-oss-storage-class: Standard\r\ncontent-md5: z0H7TvnGDNUVj8l9Q2XCNQ==\r\nx-oss-server-time: 24\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: 2ff6079d17543065354336909e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[5],EU-FRA-marseille-EDGE1-CACHE4[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE22[12],EU-FRA-paris-GLOBAL1-CACHE4[9,TCP_MISS,11],cache30.l2fr1[0,0,200-0,H], cache20.l2fr1[1,0], ens-cache1.gb9[0,0,200-0,H], ens-cache14.gb9[1,0]\r\nali-swift-global-savetime: 1754306536\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 10 Aug 2025 10:12:50 GMT\r\nx-swift-cachetime: 90566\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a217549071703726500e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 0069740473d84ee525dfe9785d9fcbfb\r\nnginx-hit: 1\r\nage: 35500\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39439,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (39435), with CRLF line terminators","md5":"4860926722ff0e0db37ce1d83f273764","sha1":"b87d39c6fcdcaac124295f9be89d9df97a1d60e3","sha256":"c49104f9d604c252ba5569ca38580bc4c1d4588672ebfbeddb41742dc3470f6b","sha512":"e3a9340351e8e8130414578a09383ab097a8e7e0ea4cef534ded1a62abd802fea93f7396d6fc31ac5e85ea3e0d75204dad73e117261a9f3004a944853af7d715","ssdeep":"768:C9Kr/nMMclx2VKBqXqcHXgJdLebzCSa9hYSXkc:dnMMGx2VzXqcHwJdLe/CSa9hYSXkc","tlshash":"e003c82269d5342c93f65d29f1cc799c561dc003eb7389aee1e0a88f89c234ad3f9b55","first_seen":"2024-08-14T18:04:04Z","last_seen":"2026-04-04T16:41:37.895867Z","times_seen":69880,"resource_available":false,"data":null}},"time_used":370,"timings":{"blocked":65,"dns":0,"connect":0,"send":0,"wait":304,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN011Ya3Kg1OSw3sg81tm_!!6000000001705-2-tps-96-70.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i3/O1CN011Ya3Kg1OSw3sg81tm_!!6000000001705-2-tps-96-70.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 5990\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1614305\r\nali-swift-global-savetime: 1737521223\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: BaCDIGTm1G6v6hDlrJ+Wzw==\r\neagleid: a3b58c9717404216376205616e\r\netag: \"05A0832064E6D46EAFEA10E5AC9F96CF\"\r\nexpires: Wed, 30 Jul 2025 08:44:51 GMT\r\nlast-modified: Sun, 18 Aug 2024 04:27:04 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-09\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 8292797\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 289989da91810fa3bc50e970a62fa146\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3810123\r\nx-swift-savetime: Thu, 23 Jan 2025 02:25:00 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5990,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced","md5":"05a0832064e6d46eafea10e5ac9f96cf","sha1":"d28077383314ee082499d493cf889e1809b4a72e","sha256":"1c7dc518bff241df97f82393487d5bca438a2983073ea7607c75f3d10a7c9095","sha512":"0a9e90a5175bb8f683b68a1e98f04e0723333e4998f812be7a3e21d40e753add5ccbdae33a0c2ae9347db4fd9f3b525d9c1adbf100ade305ab0712a41b44d3d5","ssdeep":"96:rJPQkyAAwwPmiQ7L5Nt/Da0Nk9cCG+mPoU7oRgL33iXl17zWhbSAN/W:o3P+B3a92X7oOL3y1Rz2mAdW","tlshash":"39c18debfb5a47e55a3c879d477258a336a8ce1d0322663c0d4baba930e08e71095486","first_seen":"2023-08-17T12:11:36Z","last_seen":"2026-04-04T16:41:37.899218Z","times_seen":63218,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/sd/baxia/2.5.31/baxiaCommon.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /sd/baxia/2.5.31/baxiaCommon.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nServer: Tengine\r\nx-oss-request-id: 6887226E712A583133B515CF\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8518556844306691727\r\nx-oss-storage-class: Standard\r\nContent-MD5: 2S94zKqiYWqj61TonXAy5Q==\r\nx-oss-server-time: 20\r\nContent-Encoding: gzip\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b427e17536866381202123e1d18\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 26\r\ns-rt: 27\r\nContent-Length: 12005\r\nCache-Control: max-age=1335965, s-maxage=86400\r\nExpires: Wed, 27 Aug 2025 07:10:38 GMT\r\nDate: Mon, 11 Aug 2025 20:04:33 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSERVED-FROM: 23.36.77.68\r\nNetwork_Info: NO_OSLO_211309\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 23.36.77.80\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":37289,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37062)","md5":"d92f78ccaaa2616aa3eb54e89d7032e5","sha1":"1291a7d5ec73b551114f5175cfd05c747b827928","sha256":"cc219d27d7e2ab0b6416fd4a1475fdedcd5b710123506903a526f72a4d208156","sha512":"fbe8c87e0e30dc7a9a1ad572e5827ddf249f11c17058ccea298357d453223156c8a0d1e838c65148193bfa66db20ae8aa313773cb86effb34045eaacc98cb5f3","ssdeep":"384:1rwyZTb26eCecrO0BJWm10bip2d4HefaD1IkTybobX0+a1ZZWNPDyBzpwjPweGBE:15TEC1O0BhKr/RUFajO6tTpy7pz","tlshash":"52f228c976daf06306d36874842f4426b13757d0384cc591eb4aeae06d7cd8f912bbae","first_seen":"2025-05-26T09:54:46.144611Z","last_seen":"2026-04-04T15:20:46.104274Z","times_seen":72399,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/sd/baxia-entry/index.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /sd/baxia-entry/index.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nServer: Tengine\r\nx-oss-request-id: 689A4CB7B0CAA238332FFEAB\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5436027439497329502\r\nx-oss-storage-class: Standard\r\nContent-MD5: yWmxBwfaBEv5YD0eNI8MUA==\r\nx-oss-server-time: 4\r\nContent-Encoding: gzip\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b800a17549426470911493e1ebc\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 12\r\ns-rt: 13\r\nContent-Length: 6349\r\nCache-Control: max-age=3574, s-maxage=3600\r\nExpires: Mon, 11 Aug 2025 21:04:07 GMT\r\nDate: Mon, 11 Aug 2025 20:04:33 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSERVED-FROM: 23.36.77.76\r\nNetwork_Info: NO_OSLO_211309\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 23.36.77.80\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17943,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17934)","md5":"c969b10707da044bf9603d1e348f0c50","sha1":"944bc2cc33417db0b79af38b4627a24af69abe55","sha256":"339fbe5f134617144f565828c2f9f6dacff4e56def52c0bc5f1dc9c679582364","sha512":"825b3874e8582876100fc5b5cc8644121cddd29946d2b39f13281636096e287e6824928562a35edabac522edfa85b1244a6676c4e223dfa9a6bd4400a724aa8a","ssdeep":"384:B+yHDO1VRDd4ngvaYxaLv10fv/bx11XOlsm5F158IFJTU:B+0OlDGg6p0fFT4JTU","tlshash":"8882730a5a4144ee5bc9019630af0e0c54ff36b24fb5edf5e6c548200de9fc91aaaadd","first_seen":"2025-07-31T06:26:42.346022Z","last_seen":"2025-09-15T08:50:18.930029Z","times_seen":13262,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":56,"dns":11,"connect":7,"send":0,"wait":15,"receive":1,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/aeis.alicdn.com/sd/ncpc/nc.js?t=18507","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amplittlegiant.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 17 Jul 2025 16:48:36 GMT","end":"Wed, 15 Oct 2025 17:45:01 GMT"},"fingerprint":{"sha1":"C5:66:A6:A9:74:4D:AD:5B:95:D3:7D:C7:33:F0:09:39:5F:C3:23:80","sha256":"07:4E:51:B1:3F:8E:D9:08:74:90:46:04:CF:AE:74:1C:0E:2C:11:4E:79:D1:F6:62:22:B6:84:2B:8A:FF:ED:E8"}}},"request":{"raw":"GET /lazada/g.lazcdn.com/g/aeis.alicdn.com/sd/ncpc/nc.js?t=18507 HTTP/1.1\r\nHost: cdn.amplittlegiant.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=1pA8uUcI0Hh3zZppsWLE7gKjMrrrnnOxfppascnS6%2B8X2KZGxRS%2FVDpYBTw35v0lPpaHWYOfsQanMABG52nLg7Xgmze%2FWHVobgl38GLhIgRkC3%2BB9cLuOVBBMUTv3Agjt2HvACnLfvjl\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nage: 157\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 96da57aead9043fc-ARN\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=14532\u0026min_rtt=13361\u0026rtt_var=4784\u0026sent=21\u0026recv=22\u0026lost=0\u0026retrans=0\u0026sent_bytes=4249\u0026recv_bytes=1910\u0026delivery_rate=193300\u0026ss_exit_cwnd=0\u0026ss_exit_reason=0\u0026cwnd=15507\u0026unsent_bytes=0\u0026cid=5b51641fd2b64c71\u0026ts=791\u0026inflight_dur=62\u0026x=103\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":201,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":148,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN0193C9ay1QIykTmUlwk_!!6000000001954-2-tps-34-34.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i4/O1CN0193C9ay1QIykTmUlwk_!!6000000001954-2-tps-34-34.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 818\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3888000\r\nage: 1613966\r\nali-swift-global-savetime: 1737075859\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: zNipLPC0BuiNzpvMYel+sw==\r\neagleid: a3b58c9d17391768009195870e\r\netag: \"CCD8A92CF0B406E88DCE9BCC61E97EB3\"\r\nexpires: Wed, 30 Jul 2025 08:44:51 GMT\r\nlast-modified: Tue, 24 Sep 2024 13:34:29 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-05\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 1524297\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 814e7c6e3b065a1c6b7613f32c3cc10a\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3883857\r\nx-swift-savetime: Fri, 17 Jan 2025 02:13:22 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":818,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 34, 8-bit colormap, non-interlaced","md5":"ccd8a92cf0b406e88dce9bcc61e97eb3","sha1":"7052c4c90179593c11231f414af3971666eb1b64","sha256":"9756b9d29ce32ca935095424fbcef5588e4baa9c33c89cbd37aba40778c6eedc","sha512":"2b515fa6f219f71201d07757e7e9d6a5e6949031c1fcd6c6c167f8b494cfaa260bca508eb6559db85c46e2251a8f6250c0a2ef277009cf63e7c12fd4256ed3c8","ssdeep":"","tlshash":"1501466b3ede694ae4581a33410b14776b5641d861a0039b5441b81cac452cd6d87b3f","first_seen":"2023-05-29T02:46:56Z","last_seen":"2026-04-04T16:41:37.88361Z","times_seen":63097,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lazada-search-fe/lzd-searchbox/0.4.11/index.css","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lazada-search-fe/lzd-searchbox/0.4.11/index.css HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/css\r\ncontent-length: 2776\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 68945543FB3A233633EFA38D\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8400074587530186081\r\nx-oss-storage-class: Standard\r\ncontent-md5: BNKEEPEDNd5YwGEYwAWrzA==\r\nx-oss-server-time: 16\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5fdb617545516190593795e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[6],EU-FRA-marseille-EDGE1-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE4[13],EU-FRA-paris-GLOBAL1-CACHE1[9,TCP_MISS,12],cache16.l2fr1[0,0,200-0,H], cache10.l2fr1[1,0], ens-cache14.gb9[0,-1,200-0,H], ens-cache20.gb9[2,0]\r\nali-swift-global-savetime: 1754551620\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 07 Aug 2025 09:55:15 GMT\r\nx-swift-cachetime: 595905\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a817549061187705704e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 57caa78d405276726d4fb87138d17f0c\r\nnginx-hit: 1\r\nage: 36552\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8853,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8849), with CRLF line terminators","md5":"f23672268cc87f40b08144ae6977a9b7","sha1":"b4fdcc07372060da24b4f605f677bc957f6f98a9","sha256":"5d3641ce34fc23d609ca95b002b0b03f652685a7a0043ffe7330546468996629","sha512":"fe6661c491aaf8d41a40f22eed7246edb9cc42e9c319009e8f519af98c5b1dad4e8535ac77c15f0dca60201e5a83d3d496834ef23b18e4e5ae5bbb1d9b108f5f","ssdeep":"192:Cw6DB3Xi1YTxUmftEHRHza4iVojZLrad+:CF9LI","tlshash":"3b02c82399451568743fcaa2f490ed8971308803a9230b7ef6e0a62dcbef5dd275b74d","first_seen":"2024-05-20T10:27:44Z","last_seen":"2026-04-04T16:41:37.880464Z","times_seen":65551,"resource_available":false,"data":null}},"time_used":373,"timings":{"blocked":65,"dns":0,"connect":0,"send":0,"wait":304,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN01qvF2hw1lWoZrnGZev_!!6000000004827-2-tps-96-70.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i1/O1CN01qvF2hw1lWoZrnGZev_!!6000000004827-2-tps-96-70.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 9860\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613630\r\nali-swift-global-savetime: 1739885904\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: ICXMxcEIDwoKTSdorGPhvw==\r\neagleid: a3b523a917411517814867709e\r\netag: \"2025CCC5C1080F0A0A4D2768AC63E1BF\"\r\nexpires: Fri, 19 Sep 2025 01:24:06 GMT\r\nlast-modified: Tue, 20 Aug 2024 05:00:04 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 6043833\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 80d5ac069aea7f6483ccd3dc3fdb3845\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3887996\r\nx-swift-savetime: Tue, 18 Feb 2025 13:38:28 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9860,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced","md5":"2025ccc5c1080f0a0a4d2768ac63e1bf","sha1":"a4f180053433648878829f7499247a5b6725110f","sha256":"352048753e300041b1f4a748cde42beb808d76c42d634490ee9f8a902bcf38d8","sha512":"a2591b9534fe5961cdea5d036e5693a8305c7e661c742006c0d52a1abb32524acd3c5eede4db7dc5edfb4d33bf069cb178841a817d9b66e3b650cc1325c140bb","ssdeep":"192:KDJ5fE0CtQ00XoyY0M2oVD5ELy1jDLk4MuI1VLqlels+4qX3EmSKeg5POOl2:KDJ5yXe3Yj2AKy1jDoaIoelsF63EvKe/","tlshash":"8e12cf2b04c9f70a9e756552c5310e42ec3920dc4e8ea5992e4ac9c25b6e2ffd7cd843","first_seen":"2023-08-17T12:11:36Z","last_seen":"2026-04-04T16:41:37.851051Z","times_seen":63423,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":74,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto/latin.woff2","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdfe/static/0.0.29/Roboto/latin.woff2 HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 10748\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nx-oss-request-id: 6894A503670C1230398A7144\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15489323926058991130\r\nx-oss-storage-class: Standard\r\naccess-control-allow-origin: *\r\ncontent-md5: 7OZnPkd7TXrKEvBNrOXtYA==\r\nx-oss-server-time: 61\r\nx-source-scheme: https\r\neagleeye-traceid: 2ff6309f17545720351656314e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE4[3],EU-FRA-marseille-EDGE1-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE12[22],EU-FRA-paris-GLOBAL1-CACHE22[16,TCP_MISS,21],cache9.l2fr1[0,0,200-0,H], cache21.l2fr1[1,0], ens-cache1.gb9[0,0,200-0,H], ens-cache21.gb9[4,0]\r\nali-swift-global-savetime: 1754572035\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 07 Aug 2025 13:07:18 GMT\r\nx-swift-cachetime: 604797\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a917549398192966851e\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 4a68fa6431572ccc177d79092860d513\r\nnginx-hit: 1\r\nage: 2852\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10748, version 1.0","md5":"ece6673e477b4d7aca12f04dace5ed60","sha1":"f8ff7fbe231448a58d3989d84803dd66851b9988","sha256":"4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280","sha512":"ed231b71207e839a9198da5225572e31012ab2df344b27167d1f63559d9a2b5a764dd9b98bd1e9575fb82f2f5dbaedaa5a29d4b7c33ff7e284d33b2018809912","ssdeep":"192:FpOviNVAWDDak7ID391Z6eGEik8m/8CuiYA3TvrOMl9RI7YLg:DOgfDDd7IR1Z6RUx0zi3TvrOMlLI0Lg","tlshash":"9622bfcdf01ad267d585bf349c164b4ad3a79733a1a816af8075e0549fc0ab020935ec","first_seen":"2023-04-06T18:54:24Z","last_seen":"2026-04-04T16:41:37.884992Z","times_seen":80325,"resource_available":true,"data":null}},"time_used":491,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01bSHOIg1O2N9lO20XK_!!6000000001647-2-tps-34-34.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i3/O1CN01bSHOIg1O2N9lO20XK_!!6000000001647-2-tps-34-34.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 533\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1614420\r\nali-swift-global-savetime: 1742214799\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: j9jIdUNdnxshYKoqmZTPQg==\r\neagleid: a3b5239817449566025333093e\r\netag: \"8FD8C875435D9F1B2160AA2A9994CF42\"\r\nexpires: Wed, 30 Jul 2025 08:44:53 GMT\r\nlast-modified: Tue, 24 Sep 2024 20:36:17 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 3993611\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 91930573987091d42db2e982c69d5585\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 2841650\r\nx-swift-savetime: Sat, 29 Mar 2025 15:12:29 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":533,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 34, 8-bit colormap, non-interlaced","md5":"8fd8c875435d9f1b2160aa2a9994cf42","sha1":"932831ffec70a345d5c0b4daad315d0915edaa37","sha256":"7e1588c6fa7175777e2fdf34c17895bb0b2ce24583ab591eadc1c024a5a056d7","sha512":"869a8ffcc9ccdacc94d9533ede7104e161562636f915d0faf236ba3e7540b719e3dbf7e0a6b3028c0b19939ad3e3258f4f0987a2a77a9aa08ffac3522f936028","ssdeep":"","tlshash":"1bf02043f61756df80e54c2f6e0ec910eb3063745a9132b302cbec3aa9fa6081118461","first_seen":"2023-05-29T02:46:56Z","last_seen":"2026-04-04T16:41:37.886662Z","times_seen":63037,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lazada-search-fe/lzd-searchbox/0.4.11/index.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lazada-search-fe/lzd-searchbox/0.4.11/index.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 26356\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 689616DF54D44A3834016C57\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16651348871760440931\r\nx-oss-storage-class: Standard\r\ncontent-md5: FmOFX+OWOAXbPN1/sI6lkQ==\r\nx-oss-server-time: 4\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b55ced17546667192428685e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[15],EU-FRA-marseille-EDGE1-CACHE2[0,TCP_HIT,11],EU-FRA-paris-GLOBAL1-CACHE21[13],EU-FRA-paris-GLOBAL1-CACHE8[9,TCP_MISS,11],cache14.l2fr1[0,0,200-0,H], cache6.l2fr1[0,0], ens-cache2.gb9[0,0,200-0,H], ens-cache12.gb9[1,0]\r\nali-swift-global-savetime: 1754666720\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sun, 10 Aug 2025 09:55:07 GMT\r\nx-swift-cachetime: 451813\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a017549061105531014e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 2c086f0074d04ed4705406c11e457932\r\nnginx-hit: 1\r\nage: 36560\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":81573,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1663855fe3963805db3cdd7fb08ea591","sha1":"b4b99318bdb2bcf37de40386cb4f2eb38d865638","sha256":"49760473597b8b5964e4956f746fa8e098419b34f81f1236abb104e2e8ea9d1d","sha512":"7a0a52009c948100ddf8afb686f606ed2a68052422c858fd4854921e02209894f2d10292f8862739eda73fb77a97ca5f99207d31490f8a0349f9d15bd56ce6ee","ssdeep":"1536:CP+c7WMNTwH4XwEwrSSxcx1sxd3F/8IjEH1UM0E:C2cZe4A9FisxgI4H1UM0E","tlshash":"4d83c88c34d1f4e602a32069883f150af2795c2dd559b494f7e2d8f0beb096e9276f2d","first_seen":"2023-10-16T06:16:38Z","last_seen":"2026-04-04T16:41:37.862015Z","times_seen":67381,"resource_available":true,"data":null}},"time_used":430,"timings":{"blocked":65,"dns":0,"connect":0,"send":0,"wait":304,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/tfs/TB1lbmoqYr1gK0jSZR0XXbP8XXa-340-200.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/tfs/TB1lbmoqYr1gK0jSZR0XXbP8XXa-340-200.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 6579\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1614145\r\nali-swift-global-savetime: 1723856144\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: g0PcJz8TXRUGSdXypwQOIg==\r\neagleid: 2ff6149c17268678745016112e\r\netag: \"8343DC273F135D150649D5F2A7040E22\"\r\nexpires: Sat, 27 Sep 2025 06:25:35 GMT\r\nlast-modified: Thu, 20 Jun 2024 01:58:44 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-03\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 2549367\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 567f978aa747755db8613a9a0b1308cc\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3522718\r\nx-swift-savetime: Wed, 21 Aug 2024 06:23:46 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6579,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 340 x 200, 8-bit colormap, non-interlaced","md5":"8343dc273f135d150649d5f2a7040e22","sha1":"11d2781f43b240835a8746ab79ea8276b5474e15","sha256":"3ffff47c6c9f5d002661a268eeaa579218f8c1800f2b12a7c29c810e5cbf5464","sha512":"78ee43f267b3e4a26fee73869752f610a87b3a3c72bc901f0588ac9d92d31f454d5a9c9d334485b93c5272ebf2786e60d6abca9acc77b892c28a4cfd0a606a1a","ssdeep":"192:SKWRGVzZB2VSlyyTr8br1fW1aQdg7AOrpcXOxW:SKW0VzZAVS/f8br1+1pupcXOQ","tlshash":"43d1afac173c1ce6bb538536a7870ee751d45828cfde8d82c9b290c53a0915ead2395e","first_seen":"2023-05-05T09:30:02Z","last_seen":"2026-04-04T16:41:37.862631Z","times_seen":53677,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN01Y8JAuA1pB4EhCiF0K_!!6000000005321-2-tps-96-70.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i1/O1CN01Y8JAuA1pB4EhCiF0K_!!6000000005321-2-tps-96-70.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 7843\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1614305\r\nali-swift-global-savetime: 1730196801\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: +HRCyZWmBRZNz/izLHusng==\r\neagleid: a3b58c9b17331267710388189e\r\netag: \"F87442C995A605164DCFF8B32C7BAC9E\"\r\nexpires: Wed, 30 Jul 2025 08:44:49 GMT\r\nlast-modified: Sat, 10 Aug 2024 09:21:36 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-31-03\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 4405920\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 252387781a3356175071f5f7f64f5c54\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 1224211\r\nx-swift-savetime: Fri, 29 Nov 2024 06:09:50 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7843,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced","md5":"f87442c995a605164dcff8b32c7bac9e","sha1":"cc6c778e82111ae03773caef53241a16151d2075","sha256":"ca437af32df2c4d2419cacb3b959fc506bc9aa42c514ed5c25093105983fdff6","sha512":"3fbf18dd95bba7683aae9ce94243109c68a0b3a6dccea9951022745b6203df9d90a01ac37484b77c62507ea027f7b9ad9396ae705f45f5ae74d38e92225e3d6b","ssdeep":"192:PQFoUeIOd0JN3n140ns3WIF3bD00vjBQMZbMEZSHBP8r5Q6Dq:I2XIx6TTF3bRvdQIA0OX","tlshash":"19f1bf563525e6ec81f29714392c2ea90a25309e6cd947c35221a37362ba0e5455d37e","first_seen":"2023-08-17T12:11:36Z","last_seen":"2026-04-04T16:41:37.860113Z","times_seen":63354,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":75,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/AWSC/awsc.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.36.77.80","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":"Alibaba Cloud Computing Ltd."},"issuer":{"commonName":"DigiCert TLS Hybrid ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 05 Jun 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F","sha256":"A9:6D:0A:32:93:6D:AA:EE:C2:5C:13:17:32:17:55:3F:28:78:07:5A:46:31:38:D9:2F:B9:AC:BE:90:B4:30:34"}}},"request":{"raw":"GET /AWSC/AWSC/awsc.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/javascript\r\nServer: Tengine\r\nx-oss-request-id: 689A3FC6989F153830D8ADB3\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11764853148195581825\r\nx-oss-storage-class: Standard\r\nContent-MD5: CgSWyHj+E44N20suylKkXQ==\r\nx-oss-server-time: 2\r\nContent-Encoding: gzip\r\nx-bucket-code: 3\r\nUps-Target-Key: cdn-relay.vipserver\r\nX-protocol: HTTP/1.1\r\nEagleEye-TraceId: 211b41d917549393342118213e1f01\r\nStrict-Transport-Security: max-age=0\r\ns-brt: 9\r\ns-rt: 9\r\nContent-Length: 3981\r\nCache-Control: max-age=3861, s-maxage=3600\r\nExpires: Mon, 11 Aug 2025 21:08:54 GMT\r\nDate: Mon, 11 Aug 2025 20:04:33 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSERVED-FROM: 23.36.77.76\r\nNetwork_Info: NO_OSLO_211309\r\nTiming-Allow-Origin: *\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: FW_IP\r\nFW_IP: 23.36.77.80\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":10982,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10982), with no line terminators","md5":"0a0496c878fe138e0ddb4b2eca52a45d","sha1":"8e1c943403ca3175a8de1bf338ad90a875748376","sha256":"3d2a07b4f5b396c633e7cc488a05bca3b7fdb4d6384b5db14b349b3c7d87471e","sha512":"7d94585e0ec90028f67186fcf4dacf56bf27661542ab6a4ebf1f2effb6be7259d8464bc9c041d846c1a308caa14640e2860fa90c08b7395ec0b9f6384930f6ef","ssdeep":"192:pTpGH5q1YwY8Pw4OdjwBvoKxdkSwqTyQJvWtHJyH:vhK/djwhoKxdkGen0","tlshash":"7432e78e3a50702b4b574471a4ff104d757e3ba21c4ec499ab5de1c06af837f066bea8","first_seen":"2025-07-31T08:33:12.75921Z","last_seen":"2025-08-20T04:43:44.63273Z","times_seen":9841,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":65,"dns":2,"connect":7,"send":0,"wait":58,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzd/assets/1.2.13/??babel-polyfill/6.26.0/polyfill.min.js,react/16.8.0/react.production.min.js,react-dom/16.8.0/react-dom.production.min.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzd/assets/1.2.13/??babel-polyfill/6.26.0/polyfill.min.js,react/16.8.0/react.production.min.js,react-dom/16.8.0/react-dom.production.min.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 89524\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 6895C8CB042A1F3631515379\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1740928884983200401\r\nx-oss-storage-class: Standard\r\ncontent-md5: iYPg55sIv8S2Ar4z+67mCA==\r\nx-oss-server-time: 5\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5f3aa17546467312241653e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[5],EU-FRA-marseille-EDGE1-CACHE2[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE29[15],EU-FRA-paris-GLOBAL1-CACHE25[11,TCP_MISS,14],ens-cache2.l2de3[481,482,200-0,M], ens-cache2.l2de3[484,0], ens-cache20.gb9[0,0,200-0,H], ens-cache15.gb9[3,0]\r\nali-swift-global-savetime: 1754646731\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 08 Aug 2025 09:52:11 GMT\r\nx-swift-cachetime: 604800\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a317549059373487630e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 6e8ec5011355ca9749b312341fd8c264\r\nnginx-hit: 1\r\nage: 36733\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":223515,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31999), with LF, NEL line terminators","md5":"ea0f33ae2ec68514fd2183b8fb1c8d25","sha1":"7b15588636f37d0733179ce083dc57668979fa25","sha256":"e8f29a92260f28617f602e0236a96a120558028ad188fe201cd13f56effcc76b","sha512":"5eeebeae917940223a02438e1072bf9b76cb0160ce1342152e2d0d817ae22ce082bb225e72ef32e16eab6e01fc8e3a446402c038f729a7c8c2da4f3730945875","ssdeep":"3072:kcVcXG1YlxOUTV6vBaGy3yL8rD5Qi+m2W9tfxUdYUN3oEKLVsz2qo:RVc7lxOUTj3fD5QYbfgSLVaq","tlshash":"e12409ccb982f05606b361b6107f500bb37d566a700dc8a0e15be9e4acbc45e927bf6d","first_seen":"2024-08-12T05:44:54Z","last_seen":"2026-04-04T16:41:37.885481Z","times_seen":70410,"resource_available":true,"data":null}},"time_used":362,"timings":{"blocked":67,"dns":0,"connect":0,"send":0,"wait":199,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"laz-img-cdn.alicdn.com/images/ims-web/TB1x8lvhHj1gK0jSZFuXXcrHpXa.png","fqdn":"laz-img-cdn.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"90.84.161.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"laz-g-cdn.alicdn.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Apr 2025 02:21:08 GMT","end":"Sun, 24 May 2026 02:21:07 GMT"},"fingerprint":{"sha1":"A5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91","sha256":"D6:9F:A3:0F:B9:09:E4:63:05:D1:8F:DC:37:70:16:3B:94:9C:18:3D:DC:FE:8D:81:4D:3D:23:FF:EF:72:95:BD"}}},"request":{"raw":"GET /images/ims-web/TB1x8lvhHj1gK0jSZFuXXcrHpXa.png HTTP/1.1\r\nHost: laz-img-cdn.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 14608\r\nserver: openresty\r\nlast-modified: Sat, 29 Jul 2023 11:18:26 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.039\r\ntraceid: 2ff632a317149698633381443e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2\r\nali-swift-global-savetime: 1714969863\r\nvia: EU-GER-frankfurt-EDGE5-CACHE4[3],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE21[2],EU-FRA-paris-GLOBAL1-CACHE29[0,TCP_HIT,1],cache25.l2de2[0,11,200-0,H], cache23.l2de2[12,0], ens-cache3.fr4[0,0,200-0,H], ens-cache3.fr4[1,0]\r\naccess-control-allow-origin: *\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Fri, 10 May 2024 18:05:33 GMT\r\nx-swift-cachetime: 31141530\r\ntiming-allow-origin: *\r\neagleid: 2ff6329717154161299982064e\r\nx-ccdn-expires: 1947994\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 34a7fcd350dfe2336a778e1439845ea4\r\nalt-svc: h3=\":443\"; ma=2592000\r\nnginx-hit: 1\r\nage: 644025\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"436f973ccf5d8ab22b6e0638ba4c16c2","sha1":"6c925136b759ff507b06c1b9c4db2922b8eff0d4","sha256":"08b0407cb259c1a2371a2dfad3659d7938480b41375802252944d58b30854d3f","sha512":"ba65910e975c4a1ec22eba6610932ed5975d3b90ec9f9be606978dc0f7baaa3383ac7162bceb70cb9e681b097ac962091793836e90cd76f268373a60c18b5490","ssdeep":"384:JQMZ1ywriPPCURCNJQGCl1YwWGJ8qY4sTsAhg6IC:CWyQCCNIGIYwDD1AhaC","tlshash":"5062d08e15f6b93eeefd81b455f216b29019702383583fbe4d0b68a44f4e89f9206e44","first_seen":"2023-05-31T17:00:18Z","last_seen":"2026-04-04T14:32:28.767519Z","times_seen":38629,"resource_available":false,"data":null}},"time_used":663,"timings":{"blocked":472,"dns":3,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/alilog/mlog/cloud-sdk.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amplittlegiant.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 17 Jul 2025 16:48:36 GMT","end":"Wed, 15 Oct 2025 17:45:01 GMT"},"fingerprint":{"sha1":"C5:66:A6:A9:74:4D:AD:5B:95:D3:7D:C7:33:F0:09:39:5F:C3:23:80","sha256":"07:4E:51:B1:3F:8E:D9:08:74:90:46:04:CF:AE:74:1C:0E:2C:11:4E:79:D1:F6:62:22:B6:84:2B:8A:FF:ED:E8"}}},"request":{"raw":"GET /lazada/g.lazcdn.com/g/alilog/mlog/cloud-sdk.js HTTP/1.1\r\nHost: cdn.amplittlegiant.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 104\r\nserver: cloudflare\r\nlast-modified: Thu, 22 Aug 2024 20:05:17 GMT\r\netag: \"5a-6204b2d6eb52b-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\nage: 851\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vpd%2FIGMp8%2FEe9PmNKLOFdUwhPC20boXxYeFLL2PPAO8GMXwh8ycRGPNlGgrH4Ze0Mh9bj48Ec9IJLnFzleXoKTZkwhIxi%2FwkItJuZiUA6z9PzjdxuQU%3D\"}]}\r\ncf-ray: 96da57a958515bd9-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"d02d4284b5131e832b687e5d33e15ca4","sha1":"3e39b4995b6c7934d5223d8b7fa96209e19a9c52","sha256":"abde8d84b277062fd871adabd3b08138c89590c05111005a3627bd92ddca3dd4","sha512":"db64df6be3e02fd9edf40be0f5e76d5ec932db1f6210ca428faf1f2e29e57237e630c99633f55ec04821628336e3a699adf866e442516c0bdfac84e581b13100","ssdeep":"","tlshash":"0eb0122082f9312831da00671d01620a350e080e24ff02c5640903294d8169c0a9007e","first_seen":"2024-10-31T22:47:58.756623Z","last_seen":"2026-03-09T22:06:14.020713Z","times_seen":14293,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/lzd/assets/1.1.37/web-vitals/2.1.0/index.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amplittlegiant.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 17 Jul 2025 16:48:36 GMT","end":"Wed, 15 Oct 2025 17:45:01 GMT"},"fingerprint":{"sha1":"C5:66:A6:A9:74:4D:AD:5B:95:D3:7D:C7:33:F0:09:39:5F:C3:23:80","sha256":"07:4E:51:B1:3F:8E:D9:08:74:90:46:04:CF:AE:74:1C:0E:2C:11:4E:79:D1:F6:62:22:B6:84:2B:8A:FF:ED:E8"}}},"request":{"raw":"GET /lazada/g.lazcdn.com/g/lzd/assets/1.1.37/web-vitals/2.1.0/index.js HTTP/1.1\r\nHost: cdn.amplittlegiant.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 4151\r\nserver: cloudflare\r\nlast-modified: Sat, 24 May 2025 03:06:18 GMT\r\netag: \"45e6-635d8ffa0031b-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\nage: 6191\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kwmqs6U95wOa2z0xwrXVAfrETJcxZa3Dg1uSzzb5%2BdVclg4xdbFaKE03pnrQ6%2B%2ByFQyrC0W9rOy6C7UEjL8pu7uoWlc3P5hRxj3HHMdUKg0RVCCZkdM%3D\"}]}\r\ncf-ray: 96da57a958525bd9-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17894,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4360)","md5":"fc60097870ee30b3d6259ce9680c74f2","sha1":"e4382f8ae534d363b2f6a77e6911da1f69d75f7c","sha256":"c3c9c80f6e478858b8d10e71a5077c3d4f55ccc3fc5c3f07ec7e39c4690fa21b","sha512":"39337cd79c86c3fe58c17c56e52cf5e961ea1ce641af0103c16a7fc4a81797bff72d210b14ab0b1011c43584143f336134ccb9a87a3f48f13ae8dd0ed60c7d8d","ssdeep":"192:pYS9S+StS/SyYjOe4b+mcDwowID3MorhG2q57OYzdO5NjgTVbIZ2sIdCJJS6ACoK:Eo7IG2WiIdCJJSjbC","tlshash":"ce8267bea076407541a7a13b961f73067233208b9cc8e9057f6dca846f5cd6f01f6ba9","first_seen":"2025-05-24T09:13:30.420545Z","last_seen":"2026-03-26T09:40:49.66442Z","times_seen":14760,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":10,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"retcode.taobao.com/r.png?uid=5d114ae0-d4c6-4ac8-b875-a3d45b3a5eea\u0026userNick=\u0026times=1\u0026_t=16989504350\u0026tag=\u0026type=per\u0026spm=GULTIKTOTO.pdp_revamp\u0026rrt=715\u0026dns=2\u0026cnt=70\u0026ntw=822\u0026dct=2415\u0026flt=4542\u0026ct=\u0026sampling=10","fqdn":"retcode.taobao.com","domain":"taobao.com","tld":"com"},"ip":{"addr":"59.82.120.37","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.taobao.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 07 May 2025 06:41:02 GMT","end":"Mon, 08 Jun 2026 06:41:01 GMT"},"fingerprint":{"sha1":"5C:5A:6F:AD:91:BE:B9:C3:31:C9:DE:6A:49:4B:AC:B5:A6:CD:8F:1D","sha256":"37:A2:B7:0E:AE:7D:63:3E:2D:5D:6B:D7:B7:F0:D4:44:C5:9C:81:1F:C5:BE:9C:2C:67:58:61:FB:27:89:A5:40"}}},"request":{"raw":"GET /r.png?uid=5d114ae0-d4c6-4ac8-b875-a3d45b3a5eea\u0026userNick=\u0026times=1\u0026_t=16989504350\u0026tag=\u0026type=per\u0026spm=GULTIKTOTO.pdp_revamp\u0026rrt=715\u0026dns=2\u0026cnt=70\u0026ntw=822\u0026dct=2415\u0026flt=4542\u0026ct=\u0026sampling=10 HTTP/1.1\r\nHost: retcode.taobao.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:34 GMT\r\ncontent-type: image/png\r\ncontent-length: 183\r\nserver: Tengine\r\nlast-modified: Tue, 07 Apr 2020 08:58:03 GMT\r\naccept-ranges: bytes\r\nups-target-key: retcode.taobao.com\r\nx-protocol: HTTP/2.0\r\neagleeye-traceid: 215042c217549426741078044e112e\r\nstrict-transport-security: max-age=31536000\r\ns-brt: 1\r\ns-rt: 2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":982,"timings":{"blocked":400,"dns":1,"connect":180,"send":0,"wait":181,"receive":0,"ssl":215},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01mFypLB1jt8eRUFBC0_!!6000000004605-2-tps-96-70.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i4/O1CN01mFypLB1jt8eRUFBC0_!!6000000004605-2-tps-96-70.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 8434\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613456\r\nali-swift-global-savetime: 1723269913\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: g67sDx26P69+8wJaKex9xQ==\r\neagleid: a3b58c9e17249043775638729e\r\netag: \"83AEEC0F1DBA3FAF7EF3025A29EC7DC5\"\r\nexpires: Sat, 27 Sep 2025 06:09:07 GMT\r\nlast-modified: Tue, 18 Jun 2024 07:19:01 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-31-03\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 8219291\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: b47239097327082ed799eec1af52a21e\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3888000\r\nx-swift-savetime: Sat, 10 Aug 2024 06:05:13 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8434,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced","md5":"83aeec0f1dba3faf7ef3025a29ec7dc5","sha1":"a513b681989acda9d22cfcf585acbdb930c2e5ca","sha256":"dd01e976e33293fc04ce0ebe4aeaf7cbb5da3cc0d71ef82f551f4d38b38c63a4","sha512":"0d8bed04e4a6d2b8264935f0ad2d06f86f21d1b6fe0948eb9e0b7a6d4de58270bca72ca31a51e47a4915c121bc3b813c42131e994da68d0d250db349344d9316","ssdeep":"192:sHqRlDnDMyOKxS6JIB2wlllHYswrshG5BH01L:RjDTnwPPwAAH0V","tlshash":"1502b04828de3e5bf15be8b477a47940def17339d486de84c69e9e38809017131d22f5","first_seen":"2023-08-17T12:11:36Z","last_seen":"2026-04-04T16:41:37.890887Z","times_seen":63300,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":68,"dns":19,"connect":26,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i2/O1CN01b9cK511pjsP40xyAX_!!6000000005397-2-tps-34-34.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i2/O1CN01b9cK511pjsP40xyAX_!!6000000005397-2-tps-34-34.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 590\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1614420\r\nali-swift-global-savetime: 1733187790\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: Lx7s3TF8KogDkq2f3CrIMg==\r\neagleid: a3b58c9917342700415305357e\r\netag: \"2F1EECDD317C2A880392AD9FDC2AC832\"\r\nexpires: Wed, 30 Jul 2025 08:44:52 GMT\r\nlast-modified: Tue, 24 Sep 2024 14:10:10 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 6211624\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 4904b7750b773fbc11bb9fbedbae9e78\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3888000\r\nx-swift-savetime: Tue, 03 Dec 2024 01:03:10 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":590,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 34, 8-bit colormap, non-interlaced","md5":"2f1eecdd317c2a880392ad9fdc2ac832","sha1":"48320603f6f647322e50ba4753093a95fcc5ed58","sha256":"1c5ee33a75c5dcf1762c990271036927804c334533fbaa0bef7fc50c4da49ca4","sha512":"fd8218c16a5ef173fa8ec1deeb452b800f3a0806d25aae52b8366f6f1226ad2c0385645802cd03c13642e63fc50432c484d04de8cf93e5c374d3ca57a6dff574","ssdeep":"","tlshash":"a2f0ace45a878bebf9aa0939270a64beee814728ebd66402154a0c7c661f3514648647","first_seen":"2023-06-27T04:23:29Z","last_seen":"2026-04-04T16:41:37.863934Z","times_seen":62961,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/wild.png","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gultiktotoe.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 16 Jul 2025 11:24:12 GMT","end":"Tue, 14 Oct 2025 12:22:48 GMT"},"fingerprint":{"sha1":"44:7F:8A:BF:3C:BD:52:65:8C:88:15:62:51:78:8E:C8:C4:D0:DD:55","sha256":"0F:B7:6D:E5:18:7B:A7:7A:16:41:81:E3:90:89:63:03:AD:26:D9:CE:86:C8:E4:6A:A5:AD:36:90:E4:2F:F8:20"}}},"request":{"raw":"GET /wild.png HTTP/1.1\r\nHost: gultiktotoe.cfd\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 55916\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 16 Aug 2025 18:25:35 GMT\r\nlast-modified: Fri, 27 Jun 2025 18:03:36 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 178734\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a2%2BfLRi89cxjh%2BY8MkjRbnXjC1Ek7LgDLcz5KH0hTtyfr8RMUrwyG1Y7AYRrgO6FqC2myHbK1T4z%2FpqtK3%2BRssHOZOKFkjCRzaMUNcTyZQ%3D%3D\"}]}\r\ncf-ray: 96da57a91c203e67-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":55916,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced","md5":"0c8eb0edc7555e7b4037399afdabd956","sha1":"937a5eb1e489e8db3085592b8dd1920d4b72980d","sha256":"6f28ec5e763dcd10349699dae1ff450e851416645a59362e60d5d243331e3347","sha512":"5e4156460869c88ade47df7fe4d6a2bc05adde11a07a7ae546fd7408561f8a125ae91a556c4ed2ebd297651ba2884230d78aaaa52f1fd9832f1985d8dbf84235","ssdeep":"1536:5qJTxHa3wKeKh06JT58eammjblGvLX7jObp+Ong:5I963deIbJNQmqli7j+pw","tlshash":"fe4302db3435e5216297420559b023466a8a380ba7b05df4b7b06ff5ceb8bc32d3971a","first_seen":"2025-06-28T11:12:24.180941Z","last_seen":"2025-10-17T18:07:29.428306Z","times_seen":2960,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"laz-img-cdn.alicdn.com/images/ims-web/TB1b43RtrvpK1RjSZFqXXcXUVXa.png","fqdn":"laz-img-cdn.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"90.84.161.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"laz-g-cdn.alicdn.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Apr 2025 02:21:08 GMT","end":"Sun, 24 May 2026 02:21:07 GMT"},"fingerprint":{"sha1":"A5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91","sha256":"D6:9F:A3:0F:B9:09:E4:63:05:D1:8F:DC:37:70:16:3B:94:9C:18:3D:DC:FE:8D:81:4D:3D:23:FF:EF:72:95:BD"}}},"request":{"raw":"GET /images/ims-web/TB1b43RtrvpK1RjSZFqXXcXUVXa.png HTTP/1.1\r\nHost: laz-img-cdn.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 19149\r\nserver: openresty\r\nlast-modified: Fri, 11 Nov 2022 07:48:04 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.017\r\ntraceid: 2ff6329b17128233905701327e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: png2\r\nali-swift-global-savetime: 1712823390\r\nvia: EU-GER-frankfurt-EDGE5-CACHE4[4],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE9[39],EU-GER-frankfurt-GLOBAL1-CACHE2[35,TCP_MISS,38],cache1.l2de2[0,0,200-0,H], cache17.l2de2[6,0], ens-cache4.de5[20,20,200-0,M], ens-cache15.de5[22,0]\r\naccess-control-allow-origin: *\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Thu, 11 Apr 2024 09:04:07 GMT\r\nx-swift-cachetime: 31533143\r\ntiming-allow-origin: *\r\neagleid: a3b55ca317128262471303171e\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 6e98404b0dc5784972a1c299643b57b9\r\nalt-svc: h3=\":443\"; ma=2592000\r\nnginx-hit: 1\r\nage: 2531572\r\ncache-control: max-age=31536000\r\nx-ccdn-expires: 60454\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19149,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"ea19428365bcd34d1bd8f3141a85a873","sha1":"03439c89d831bcabc262d385445d4260304ccd63","sha256":"44b879ed47dcd5b43719b2b529fcd3ba868fe20ee38b0f0b277cdbce801227b2","sha512":"131540c39f986de2c158b580c041973193be4442e066bf38aa62b986df47c07d0921a02714164d5b734006387774ef320e31355a8cfc779c8cb4244e74ce4b8b","ssdeep":"384:6XOp4mhHE4MmnkHhFoltebbRKcyih4w0ecHlWYCsRNhCdc/EQH:0OeIMmnkjOeTyi+w8MYFsu/EQH","tlshash":"6582e0584a93a874d2bd638afcda63d0cb0132621b7cb5e67884b68c557f5ca38c3cd4","first_seen":"2023-10-16T06:16:39Z","last_seen":"2026-04-04T16:41:37.854112Z","times_seen":65360,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":484,"dns":3,"connect":33,"send":0,"wait":47,"receive":18,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01Wdetn224xMIRNihao_!!6000000007457-2-tps-34-34.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i3/O1CN01Wdetn224xMIRNihao_!!6000000007457-2-tps-34-34.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 476\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1713259\r\nali-swift-global-savetime: 1737450826\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: 2aiaUB5X0MusgepKBU3Psg==\r\neagleid: a3b523a317406779607738457e\r\netag: \"D9A89A501E57D0CBAC81EA4A054DCFB2\"\r\nexpires: Sat, 20 Sep 2025 07:16:38 GMT\r\nlast-modified: Wed, 04 Sep 2024 03:00:34 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-04\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 7259679\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: ab13bd7d3737568608b2dfd0c3f2fa2d\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 1144187\r\nx-swift-savetime: Sat, 22 Feb 2025 03:23:59 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":476,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 34, 8-bit colormap, non-interlaced","md5":"d9a89a501e57d0cbac81ea4a054dcfb2","sha1":"6b8079fecc67d2ac01c0574bc6f7db479be07cb5","sha256":"79224ccc77d1f0025f05756e8d5635604018ffea20be8f1568e4ed421c5f567a","sha512":"b5f8f7971bfc036e065871f2fabfa1d01256eed1f92d5cc265426d66a5ed71e9e42e04b3d972cd0bfda175a6df7c29089fe7e8198dae366a948fe00b00ee5724","ssdeep":"","tlshash":"d6f0dcd76b9ebab889c21e334b6f8ac2ab1155ba1256922c75839432b6037945291331","first_seen":"2023-05-29T02:46:56Z","last_seen":"2026-04-04T16:41:37.903094Z","times_seen":64363,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"laz-g-cdn.alicdn.com/lzdfe/static/0.0.37/iconfont-hp.woff","fqdn":"laz-g-cdn.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"90.84.161.27","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"laz-g-cdn.alicdn.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Apr 2025 02:21:08 GMT","end":"Sun, 24 May 2026 02:21:07 GMT"},"fingerprint":{"sha1":"A5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91","sha256":"D6:9F:A3:0F:B9:09:E4:63:05:D1:8F:DC:37:70:16:3B:94:9C:18:3D:DC:FE:8D:81:4D:3D:23:FF:EF:72:95:BD"}}},"request":{"raw":"GET /lzdfe/static/0.0.37/iconfont-hp.woff HTTP/1.1\r\nHost: laz-g-cdn.alicdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\ncontent-type: font/woff\r\ncontent-length: 9904\r\nserver: openresty\r\nx-oss-request-id: 6868E41B1B39F7313605CBCD\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17242847704197017710\r\nx-oss-storage-class: Standard\r\naccess-control-allow-origin: *\r\ncontent-md5: 0giDxnJr/eklVmXqUcM/Zw==\r\nx-oss-server-time: 12\r\nx-source-scheme: https\r\nvia: EU-GER-frankfurt-EDGE5-CACHE6[4],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE2[3],EU-FRA-paris-GLOBAL1-CACHE11[0,TCP_HIT,2],ens-cache28.l2nu20-20[0,0,200-0,H], ens-cache25.l2nu20-20[1,0], ens-cache20.l2hk11[0,0,200-0,H], ens-cache35.l2hk11[0,0], cache10.l2fr1[0,0,200-0,H], cache8.l2fr1[0,0], ens-cache14.fr6[0,0,200-0,H], ens-cache21.fr6[2,0]\r\nali-swift-global-savetime: 1751704603\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 05 Jul 2025 08:38:11 GMT\r\nx-swift-cachetime: 3512\r\ntiming-allow-origin: *\r\neagleid: a3b5fda917517068892205355e\r\nx-ccdn-expires: 1633122\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 440674e87f015f9572be3bae0d025f50\r\nalt-svc: h3=\":443\"; ma=2592000\r\nnginx-hit: 1\r\nage: 958878\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9904,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 9904, version 1.0","md5":"d20883c6726bfde9255665ea51c33f67","sha1":"ce37f7e211df8667755b92bffe55e32105f7c171","sha256":"1fe8f44a5484673e59c667febe3b6ed1cacbff991e45a146748e5886aa9e6a21","sha512":"5cfe0141237c5286b00de74a8362715b3590ed901e3d7bec6c61c5b9a001a87dead5e9a0b76e11a11002e3995ba8cfe32874c8d9949c6b869fca16e7be44b4e2","ssdeep":"192:jKz67muK11f1FIdagKn62Q7ZaJGQ42kDJJYhrWeBA9mpOO5tX9gCQ60:Z44ERTLkM3+ccOP9gCQR","tlshash":"b612c02c3dd04c2d882c657f5e2e8be54f914acf1186d6545c79ceb4a72928b9d31bf0","first_seen":"2023-05-05T09:30:02Z","last_seen":"2026-04-04T16:41:37.903647Z","times_seen":75047,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":155,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzd/assets/1.1.37/web-vitals/2.1.0/index.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzd/assets/1.1.37/web-vitals/2.1.0/index.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1891\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 689202FDFD6DF137319E57EA\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6511134473971354897\r\nx-oss-storage-class: Standard\r\ncontent-md5: WF8BsTizESEe10oYhwdu7w==\r\nx-oss-server-time: 3\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b55c9e17543994845902571e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[2],EU-FRA-marseille-EDGE1-CACHE3[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE10[4],EU-FRA-paris-GLOBAL1-CACHE27[0,TCP_HIT,3],cache22.l2fr1[0,0,200-0,H], cache30.l2fr1[210,0], ens-cache24.gb9[0,0,200-0,H], ens-cache24.gb9[1,0]\r\nali-swift-global-savetime: 1754399485\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Wed, 06 Aug 2025 08:55:01 GMT\r\nx-swift-cachetime: 533784\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3ac17549025253801205e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 001fcd8c04cd46727c18f6f768e9e1b4\r\nnginx-hit: 1\r\nage: 38899\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":4360,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4360), with no line terminators","md5":"585f01b138b311211ed74a1887076eef","sha1":"a2b7842d9c2389df0a6a138851fd14ecff2e8ad0","sha256":"7e4dbdd0c5823c3ae9f4b5768d6abec547046b1ca985c0c8a4c8ba444dc2293a","sha512":"872577e480cd6816472d140cfdaab131fd59f37f32c9ec25ce269500365f255112bc8561b787801faae76939652553021b469490fb4fd778cdf273bbd9b73580","ssdeep":"48:NtIq4I7gP9bSRz/TF3FiWKoYS1tBu6pORgEakdciSkNoG+lLVfpJeOSUTRVWTYC2:jIdI7Jx3jSz2OyyyGynoaaDGXkHQh+Hi","tlshash":"6a914eccfa48353916f7a636306f620663776655694b4818973fdac01c3c88e2763fac","first_seen":"2023-03-14T06:37:34Z","last_seen":"2026-04-04T16:41:37.883027Z","times_seen":56325,"resource_available":true,"data":null}},"time_used":869,"timings":{"blocked":-1,"dns":1,"connect":82,"send":0,"wait":590,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgMOXXf_LFJ3zimk3aj3-TlD-l4WBNq1nHMfUWxeZ_uA-rEpaxKZkWA8JxExaHuDr0nA2c_GjnK_9bH6E70l5vB53YvwtUiwxeQI1M7vskaD6iEUagnglhkhKedhdFWpdRWpjIgPJxhXk8ANUjf5ELF3ybPyZDS9ad9A4VOyfyGmDQQjtNKYOm6RwRPeqC/s1600/enter.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:32.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:06 GMT","end":"Mon, 29 Sep 2025 08:35:05 GMT"},"fingerprint":{"sha1":"63:78:72:6F:FA:74:62:BB:8E:62:97:12:1D:27:37:96:37:81:92:E4","sha256":"F3:9B:D5:68:46:33:18:76:62:06:0D:55:5C:13:48:C7:C0:46:24:43:7E:C5:8D:9A:8B:DA:47:44:DA:33:B0:A2"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjgMOXXf_LFJ3zimk3aj3-TlD-l4WBNq1nHMfUWxeZ_uA-rEpaxKZkWA8JxExaHuDr0nA2c_GjnK_9bH6E70l5vB53YvwtUiwxeQI1M7vskaD6iEUagnglhkhKedhdFWpdRWpjIgPJxhXk8ANUjf5ELF3ybPyZDS9ad9A4VOyfyGmDQQjtNKYOm6RwRPeqC/s1600/enter.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3bdc\"\r\nexpires: Tue, 12 Aug 2025 20:04:32 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"enter.png\"\r\nx-content-type-options: nosniff\r\ndate: Mon, 11 Aug 2025 20:04:32 GMT\r\nserver: fife\r\ncontent-length: 10568\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10568,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 171 x 171, 8-bit/color RGBA, non-interlaced","md5":"221fcefbdad41be699dcc5007e13782f","sha1":"dfb9e492bb6d92a9114816b290c764aa57ba88ad","sha256":"5977c05b3d2e273624642d509770ae794fa0d1f84545f54e231480ce476f628f","sha512":"3dbfce513577c1bab99e1baa9156ec04bc775e4a6d112fcfe1ee4c583f15220b9a17160f9bd2dcddfd9f5e8fab480fe2dd7716ecb305421080e5d5210323f29c","ssdeep":"192:rbmhxRf+lLLWlUgkuz4QsDXhq6MsKGGSqlO2c6HvMdy4OgWNxCvJuj4V:WjRf+lLtgXz4VvxABvMOgWNgvYj4V","tlshash":"7e22b068b06b2f774ed31d5924366a4c6ccd02085ded65664f72b017fb732d4ca6b2b0","first_seen":"2025-01-27T03:02:38.84474Z","last_seen":"2025-11-24T18:30:34.373655Z","times_seen":3982,"resource_available":false,"data":null}},"time_used":1007,"timings":{"blocked":330,"dns":71,"connect":22,"send":0,"wait":225,"receive":50,"ssl":308},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/retcode/cloud-sdk/bl.js","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amplittlegiant.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 17 Jul 2025 16:48:36 GMT","end":"Wed, 15 Oct 2025 17:45:01 GMT"},"fingerprint":{"sha1":"C5:66:A6:A9:74:4D:AD:5B:95:D3:7D:C7:33:F0:09:39:5F:C3:23:80","sha256":"07:4E:51:B1:3F:8E:D9:08:74:90:46:04:CF:AE:74:1C:0E:2C:11:4E:79:D1:F6:62:22:B6:84:2B:8A:FF:ED:E8"}}},"request":{"raw":"GET /lazada/g.lazcdn.com/g/retcode/cloud-sdk/bl.js HTTP/1.1\r\nHost: cdn.amplittlegiant.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 14413\r\nserver: cloudflare\r\nlast-modified: Thu, 22 Aug 2024 09:01:22 GMT\r\netag: \"a364-62041e712f28b-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\nage: 3253\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pueAwITrVqC16mjDZbTCsba%2B2B6kUh1OEpuOnHTRGoEAdQvrti2LmeTDo2qxW8AOD1W34wHz4%2BMrqvuqzNk4NnwlxNZKydH9b6S%2B%2FGuYn7op31bM%2FTQ%3D\"}]}\r\ncf-ray: 96da57aacc515bd9-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41828,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (41828), with no line terminators","md5":"e31ead706e55b7c4c100d87a5928f099","sha1":"5acc29a266fd91e1bb438bc2b7851d97468a5617","sha256":"caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197","sha512":"8185bb597648afce20b81e15b616576ac655a977a821a46720500de8e06c4abd43515f756e065b18c618878ac3187904d7e4e39474710901941f5c8f7c041a7e","ssdeep":"384:q5mDF0gzqCPaTkYJQd1t6AReVsR7Q0VdgM/gJgDsf5Z3OzgGcKc2kxFVJsOLVwZe:q5BgAhawAAVEgq/zGLvAk09hqRd8nfTO","tlshash":"6e1308cab6c1745207933010512f6107b1bb1aa4284f91a4fa76d9e6aeb864fc273f3d","first_seen":"2023-03-07T12:02:12Z","last_seen":"2026-04-04T16:41:37.861383Z","times_seen":73721,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":14,"send":0,"wait":25,"receive":16,"ssl":260},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2 HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 10788\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nx-oss-request-id: 6894A3CF65246F3031AE2FBA\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9556587264596756474\r\nx-oss-storage-class: Standard\r\naccess-control-allow-origin: *\r\ncontent-md5: cJ9vkMfUk80WuM0IffSSqw==\r\nx-oss-server-time: 18\r\nx-source-scheme: https\r\neagleeye-traceid: 2ff62e9817545717266243833e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE4[3],EU-FRA-marseille-EDGE1-CACHE1[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE30[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2],cache24.l2fr1[0,0,200-0,H], cache13.l2fr1[1,0], ens-cache13.gb9[0,0,200-0,H], ens-cache23.gb9[1,0]\r\nali-swift-global-savetime: 1754571727\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 07 Aug 2025 13:02:09 GMT\r\nx-swift-cachetime: 604798\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3ab17549383634591926e\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 04520a9a4b8f78af00ae2bf91a09a08a\r\nnginx-hit: 1\r\nage: 2941\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":10788,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10788, version 1.0","md5":"709f6f90c7d493cd16b8cd087df492ab","sha1":"8fb2a4d035a6f1a5290dc14b4cba324d558f1205","sha256":"b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188","sha512":"c7721f7494d9e174dc762d057899dada797e5ea2cc4d23939893ce4ceb420af4142254b24d70a8a651a5c0775ef6401361062da77cf1858889abbda60146c5e0","ssdeep":"192:8KcsLuE4oixfYkmJIckfJLDjYWQC+E4oa2n+5a2faCX:DJrWZmKckfJLDjB+3oz+82fa6","tlshash":"f622c07f4a46a84ac9326a30ff74834d9abfc6124fde51b0f90850e174c962ef181669","first_seen":"2023-04-06T18:54:24Z","last_seen":"2026-04-04T16:41:37.887289Z","times_seen":78045,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gj.mmstat.com/v.gif?logtype=1\u0026title=GULTIKTOTO%3A%20Situs%20Game%20Online%20Super%20Cepat%2C%20Gak%20Ada%20Pemberhentian!\u0026pre=\u0026scr=1280x1024\u0026_p_url=https%3A%2F%2Fgultiktotoe.cfd%2F\u0026cna=0TohIa2vkR8CAVFfUcL4d4Ho\u0026spm-cnt=GULTIKTOTO.pdp_revamp.0.0.51cb997frOzWT3\u0026clog=o\u0026aplus\u0026sidx=aplusSidx\u0026ckx=aplusCkx\u0026p=1\u0026o=linux\u0026b=firefox96\u0026s=1280x1024\u0026w=gecko\u0026ism=other\u0026cache=ace6952\u0026lver=8.15.23\u0026jsver=aplus_int\u0026pver=0.7.12\u0026pageid=1989abc091512d3e784f1ad21209e147765b78998d\u0026tag=0\u0026stag=2\u0026lstag=0\u0026_slog=0","fqdn":"gj.mmstat.com","domain":"mmstat.com","tld":"com"},"ip":{"addr":"47.246.136.160","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.mmstat.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 17 Mar 2025 11:27:01 GMT","end":"Thu, 04 Sep 2025 00:00:00 GMT"},"fingerprint":{"sha1":"73:BF:BA:7F:66:D6:A0:89:45:65:C0:C5:EA:71:A5:B1:ED:05:ED:E1","sha256":"6D:59:40:26:41:F3:61:AA:6E:53:E2:28:9F:C1:A1:9F:B4:6E:73:81:80:A3:25:F7:BB:50:07:69:F9:4B:9F:CA"}}},"request":{"raw":"GET /v.gif?logtype=1\u0026title=GULTIKTOTO%3A%20Situs%20Game%20Online%20Super%20Cepat%2C%20Gak%20Ada%20Pemberhentian!\u0026pre=\u0026scr=1280x1024\u0026_p_url=https%3A%2F%2Fgultiktotoe.cfd%2F\u0026cna=0TohIa2vkR8CAVFfUcL4d4Ho\u0026spm-cnt=GULTIKTOTO.pdp_revamp.0.0.51cb997frOzWT3\u0026clog=o\u0026aplus\u0026sidx=aplusSidx\u0026ckx=aplusCkx\u0026p=1\u0026o=linux\u0026b=firefox96\u0026s=1280x1024\u0026w=gecko\u0026ism=other\u0026cache=ace6952\u0026lver=8.15.23\u0026jsver=aplus_int\u0026pver=0.7.12\u0026pageid=1989abc091512d3e784f1ad21209e147765b78998d\u0026tag=0\u0026stag=2\u0026lstag=0\u0026_slog=0 HTTP/1.1\r\nHost: gj.mmstat.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 Aug 2025 20:04:33 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\np3p: CP=\"NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV\"\r\ncross-origin-resource-policy: cross-origin\r\nset-cookie: cna=0TohIa2vkR8CAVFfUcL4d4Ho; expires=Thu, 09-Aug-35 20:04:33 GMT; path=/; domain=.mmstat.com;\nsca=0a931b1a; path=/; domain=.mmstat.com\natpsida=fbecccfaf3e590ee26a34faa_1754942673_1; path=/; domain=.mmstat.com\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-04T16:49:48.177818Z","times_seen":327151,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.amplittlegiant.com/lazada/g.lazcdn.com/g/aeis.alicdn.com/sd/ncpc/nc.js?t=18507","fqdn":"cdn.amplittlegiant.com","domain":"amplittlegiant.com","tld":"com"},"ip":{"addr":"172.67.163.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amplittlegiant.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 17 Jul 2025 16:48:36 GMT","end":"Wed, 15 Oct 2025 17:45:01 GMT"},"fingerprint":{"sha1":"C5:66:A6:A9:74:4D:AD:5B:95:D3:7D:C7:33:F0:09:39:5F:C3:23:80","sha256":"07:4E:51:B1:3F:8E:D9:08:74:90:46:04:CF:AE:74:1C:0E:2C:11:4E:79:D1:F6:62:22:B6:84:2B:8A:FF:ED:E8"}}},"request":{"raw":"GET /lazada/g.lazcdn.com/g/aeis.alicdn.com/sd/ncpc/nc.js?t=18507 HTTP/1.1\r\nHost: cdn.amplittlegiant.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nserver: cloudflare\r\nage: 156\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ABfNyAHQBARkUQW%2FWtA0qIWUFgi0u5tcvgBBG2FSPBLNj9Lz%2FvIwnxsHn0r2ZvTgKzDwfBQXu1pBDuIgstdcKVK0a0uE65NTchwrPZKyV23R6eHx7G0%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 96da57a958575bd9-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":1,"connect":15,"send":0,"wait":100,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"icms-image.slatic.net/images/ims-web/9174453f-455e-4e30-87d2-bd90239e6994.png","fqdn":"icms-image.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"47.246.48.189","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /images/ims-web/9174453f-455e-4e30-87d2-bd90239e6994.png HTTP/1.1\r\nHost: icms-image.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/png\r\ncontent-length: 6407\r\ndate: Mon, 11 Aug 2025 19:16:11 GMT\r\nx-oss-request-id: 689A417BCA1C63353811D460\r\nx-oss-cdn-auth: success\r\naccept-ranges: bytes\r\nx-oss-object-type: Normal\r\nx-oss-storage-class: Standard\r\nx-oss-version-id: null\r\ncontent-md5: u9OBOHpSLW8raCj7TfEDqg==\r\nx-oss-server-time: 6\r\nvia: cache1.l2fr1[0,0,304-0,H], cache5.l2fr1[1,0], ens-cache3.nl3[0,0,200-0,H], ens-cache4.nl3[2,0]\r\nx-oss-qos-delay-time: 94\r\netag: \"BBD381387A522D6F2B6828FB4DF103AA\"\r\nlast-modified: Thu, 26 Jan 2023 07:19:33 GMT\r\nx-oss-hash-crc64ecma: 5225846883818102798\r\nage: 2898\r\nali-swift-global-savetime: 1754939772\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Mon, 11 Aug 2025 19:16:48 GMT\r\nx-swift-cachetime: 3600\r\ncdn-type: alibaba\r\nx-real-ip: 81.95.81.194\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\ntiming-allow-origin: *\r\neagleid: 2ff6309817549426708614337e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":6407,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"bbd381387a522d6f2b6828fb4df103aa","sha1":"4c642941b598d1be605ea7a813a82acef2e06e70","sha256":"c72efb3b01662a094b0aef72c88c73d515cf39cab73c55e91b041cf3a04d4e58","sha512":"392eb6d7a7b406a2e86bf920df3c09b54568225e639dd399487e5e5f9f845fb670d6ddbb823b0526871fbacc75289c2cf35f2b335faca36438d60b1a1b17ff8e","ssdeep":"192:BN/gpdifTXDyJYANSNbf/Re93SC7VTOBtS:B2pIj8ZN03Re93SC7VaLS","tlshash":"bbd18dc70303ffa5d5497b31a986757121e283d39381c36b709c1d2c94bd1e8da8379a","first_seen":"2023-10-16T06:16:39Z","last_seen":"2026-04-04T14:32:28.837028Z","times_seen":37511,"resource_available":false,"data":null}},"time_used":615,"timings":{"blocked":467,"dns":3,"connect":35,"send":0,"wait":69,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbxF7gnWrYObrTx8aSjfuesA5_b3BG1MMfBGGy-reyo7oCBX8mU30wy9ND4OuAhmcS0p94sA4JklJHUMFbaMEEvARHHg5SvC1RV871pPqTeFpxSP97tlRaYM_ZUBUCxs-cE4c7jV2PvZeifanRvUFK3NUVsSlPtztkwIw5eOtpgLR_HlskMkqvMfN0okTL/s1600/star.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:32.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:06 GMT","end":"Mon, 29 Sep 2025 08:35:05 GMT"},"fingerprint":{"sha1":"63:78:72:6F:FA:74:62:BB:8E:62:97:12:1D:27:37:96:37:81:92:E4","sha256":"F3:9B:D5:68:46:33:18:76:62:06:0D:55:5C:13:48:C7:C0:46:24:43:7E:C5:8D:9A:8B:DA:47:44:DA:33:B0:A2"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjbxF7gnWrYObrTx8aSjfuesA5_b3BG1MMfBGGy-reyo7oCBX8mU30wy9ND4OuAhmcS0p94sA4JklJHUMFbaMEEvARHHg5SvC1RV871pPqTeFpxSP97tlRaYM_ZUBUCxs-cE4c7jV2PvZeifanRvUFK3NUVsSlPtztkwIw5eOtpgLR_HlskMkqvMfN0okTL/s1600/star.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3bc7\"\r\nexpires: Tue, 12 Aug 2025 20:04:32 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"star.png\"\r\nx-content-type-options: nosniff\r\ndate: Mon, 11 Aug 2025 20:04:32 GMT\r\nserver: fife\r\ncontent-length: 445\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":445,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 30, 8-bit colormap, non-interlaced","md5":"f407ba6de2a136dfedeb7e63d112e2f5","sha1":"b93f4b3fc0064486cd62150a3246d84bf4c7101a","sha256":"cbead9b6b2d23def1a6a3c017fd0c84fc90e8af1e34bfe29da1830daefea362f","sha512":"4ec7f62e51518f8c187e086836af22f0ce852276b6204b7af82ae9bdbe081891fedb754a274e4ff9391f1c548f2dc031e6df3304ecae19f543d83712ec185fd0","ssdeep":"","tlshash":"f6f0dc81fa0ddc00e1e6a1158b3b01e38168b7b0632a6d5b1212c03b7941349c9f131a","first_seen":"2025-03-24T22:12:33.615705Z","last_seen":"2026-01-27T18:05:56.641734Z","times_seen":3916,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":142,"dns":25,"connect":20,"send":0,"wait":274,"receive":0,"ssl":121},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/tfs/TB1xEeTdBGw3KVjSZFDXXXWEpXa-75-66.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/tfs/TB1xEeTdBGw3KVjSZFDXXXWEpXa-75-66.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 634\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613708\r\nali-swift-global-savetime: 1742383983\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: jwg5iQRCHOnBkDXRjZQOPA==\r\neagleid: a3b523a817460891144196365e\r\netag: \"8F08398904421CE9C19035D18D940E3C\"\r\nexpires: Wed, 30 Jul 2025 08:45:14 GMT\r\nlast-modified: Mon, 09 Sep 2024 02:51:47 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-01\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 4414826\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: d674a625e2468640f3c88c1a29dab5ac\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 2848922\r\nx-swift-savetime: Mon, 31 Mar 2025 12:11:01 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":634,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 75 x 66, 8-bit colormap, non-interlaced","md5":"8f08398904421ce9c19035d18d940e3c","sha1":"33273d2e9f1463c5faa46a3077b1f21b62dd4b12","sha256":"32163dcdb6eccb0b804c76800614b1545e19cb65627842b47d5d9921340741c4","sha512":"5deef53a6e6bec5379b9a18d40331bffb8642cbb2fde72ec2ab7ca252eb078f7334ce873c2ba64396865b88b4e541f4089e9e7f9d8199f12a53e2e90885a31ed","ssdeep":"","tlshash":"dbf023da6c89bc3881d50511402b3104456cfbaf784cea72f8103536ba1dd0a99823a4","first_seen":"2023-05-05T09:30:02Z","last_seen":"2026-04-04T16:41:37.899827Z","times_seen":54900,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhep7PrInKnU_XQiSdRNEo0558DJFzoHD1nzOvdZ6D3SvNAAh-M6BwXVVkVmO5G9uPfAteyYqqZwwAyQoOmPqBjjfbB0R2aun4Fv6hjmLrZZO_iVALv_qJFUSm-HJJaKNO5_z4IQzITqSw3zGptFksBe92Ws96-0lgZQa4ahsk2STRCNBxPrASMCHBCQa2_/s1600/plus.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.97","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:32.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:06 GMT","end":"Mon, 29 Sep 2025 08:35:05 GMT"},"fingerprint":{"sha1":"63:78:72:6F:FA:74:62:BB:8E:62:97:12:1D:27:37:96:37:81:92:E4","sha256":"F3:9B:D5:68:46:33:18:76:62:06:0D:55:5C:13:48:C7:C0:46:24:43:7E:C5:8D:9A:8B:DA:47:44:DA:33:B0:A2"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEhep7PrInKnU_XQiSdRNEo0558DJFzoHD1nzOvdZ6D3SvNAAh-M6BwXVVkVmO5G9uPfAteyYqqZwwAyQoOmPqBjjfbB0R2aun4Fv6hjmLrZZO_iVALv_qJFUSm-HJJaKNO5_z4IQzITqSw3zGptFksBe92Ws96-0lgZQa4ahsk2STRCNBxPrASMCHBCQa2_/s1600/plus.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v3bdc\"\r\nexpires: Tue, 12 Aug 2025 20:04:32 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"plus.png\"\r\nx-content-type-options: nosniff\r\ndate: Mon, 11 Aug 2025 20:04:32 GMT\r\nserver: fife\r\ncontent-length: 9502\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9502,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 171 x 178, 8-bit/color RGBA, non-interlaced","md5":"688f217bcb9f347b1260b4db2f61bd71","sha1":"716428607eb0f77a63c6251b965c703fea7731d8","sha256":"4a3cb710b921b0ff0f9e41a60f9bd783712c0756ac3d1a320c584acdb9e1445f","sha512":"d7acbf6bfaaead07c3505237d6b8be33ef20ef70cf94e65f404cd5824e86b20eeff61b3a1ddd6ac9bea34be3013ea8a57eeadb14eb382a2de7decc7994abfc46","ssdeep":"192:vbmhxRf+lLLWlUo3wYdUb4GAP3tTkr8pkjVKmvSGDkKatglUTWxSqGV:ijRf+lLtoAY6rAiIkZcKFcWoqGV","tlshash":"3c12c062967ac8f69c99872c6071d0e5293240e5ba57ef105ff0f329a016514db4b864","first_seen":"2025-01-27T03:02:38.846362Z","last_seen":"2025-11-24T18:30:34.352596Z","times_seen":3978,"resource_available":false,"data":null}},"time_used":1241,"timings":{"blocked":455,"dns":70,"connect":22,"send":0,"wait":257,"receive":2,"ssl":433},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdmod/desktop-footer/6.1.1/??pc/index.css","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdmod/desktop-footer/6.1.1/??pc/index.css HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: text/css\r\ncontent-length: 2437\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 6897176842D0F13733702A27\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9594161757221752562\r\nx-oss-storage-class: Standard\r\ncontent-md5: Zg5+ADmfoZe7+kyAM11Qfg==\r\nx-oss-server-time: 3\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5f39f17547323925085940e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE1[4],EU-FRA-marseille-EDGE1-CACHE4[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE7[14],EU-FRA-paris-GLOBAL1-CACHE9[10,TCP_MISS,12],cache10.l2fr1[429,429,200-0,M], cache5.l2fr1[431,0], ens-cache5.gb9[0,0,200-0,H], ens-cache21.gb9[1,0]\r\nali-swift-global-savetime: 1754732392\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Sat, 09 Aug 2025 09:39:52 GMT\r\nx-swift-cachetime: 604800\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a917549052078225919e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 43ef9a12259d733e4ed6f8d278045c5b\r\nnginx-hit: 1\r\nage: 37463\r\ncache-control: max-age=2592000,s-maxage=86400\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7256,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7252), with CRLF line terminators","md5":"006001ba402d502f054f7e4bafb9a44e","sha1":"ae1963e915e14e333300261885e1c46b0c07fefa","sha256":"90566aed73a2035c2f72f2fbfcba62d0cf31270bb81853e441cb8d84bad7b8bd","sha512":"3ddc07d2812a9456afe02fa31004e3fdbcc39667e5bc6d6d7cb71c9b3e512ff114d64a4952b4eebde504b57db9b8d0d2621f5f7ec0b58cf27a20b476595da6ad","ssdeep":"96:PmxgxHuxr00qBpUv087qF/w64BggxMjd2Lo633AuSbnN2aW9S3eF:P805BpUvj0tUgxd2Lo633ApbnN2aW9Sa","tlshash":"04e1343d7db51b3cb8330956b989a9d97236c803e5634ebaf18d3b66c1474462e3260d","first_seen":"2024-08-14T18:04:04Z","last_seen":"2026-04-04T16:41:37.854717Z","times_seen":68348,"resource_available":false,"data":null}},"time_used":451,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01DGonqR1H5qmpBI2hf_!!6000000000707-2-tps-96-70.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i3/O1CN01DGonqR1H5qmpBI2hf_!!6000000000707-2-tps-96-70.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 8912\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613490\r\nali-swift-global-savetime: 1739372926\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: OnyIAKoh3xQWyjCTQdDEtw==\r\neagleid: a3b523a317418120300953442e\r\netag: \"3A7C8800AA21DF1416CA309341D0C4B7\"\r\nexpires: Wed, 30 Jul 2025 08:44:53 GMT\r\nlast-modified: Thu, 15 Aug 2024 05:13:35 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-09\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 864002\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: 862d73d99b51519c600fd701de0a3ec2\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3375019\r\nx-swift-savetime: Tue, 18 Feb 2025 13:38:27 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8912,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced","md5":"3a7c8800aa21df1416ca309341d0c4b7","sha1":"cf72ac3a1dfb31d5ac92032b888dc47d98774df1","sha256":"f832556bf78ff9accfed3397e84ca5f850b544599beeb4db5086a447d29e2ed5","sha512":"a721cd3987cae4be1425d2c1bb1223370c70490b0a862f4333e180095a260b4aaad86f3436f93ec3a49f392fc69b568c991786f34ed67de8705719c10a2a2008","ssdeep":"192:9MJE4TmAKuBao1wWwhclf3BoSJMHzF4XEYiYOIIs:9MJE4Tl+i2heNMHzG0YiYOg","tlshash":"5602afb1a13c5c634da89d685203faedca33224baf523db093767a12c441a085340ecc","first_seen":"2023-08-17T12:11:36Z","last_seen":"2026-04-04T16:41:37.878016Z","times_seen":63315,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":73,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fourier.taobao.com/ts?url=\u0026token=BGlpRW0ZJQJ7Cxm2N9_7z2q-exXDNl1owz8kJQte5dCP0onkU4ZtOFfUku5k0fWg\u0026cna=0TohIa2vkR8CAVFfUcL4d4Ho\u0026ext=1","fqdn":"fourier.taobao.com","domain":"taobao.com","tld":"com"},"ip":{"addr":"123.183.232.34","port":443,"asn":141771,"as":"China Telecom","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:33.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tfe.alibaba.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 19 Mar 2025 08:54:01 GMT","end":"Mon, 05 Jan 2026 02:01:01 GMT"},"fingerprint":{"sha1":"2A:E7:3A:AD:21:93:AF:7D:07:7B:ED:C0:D4:25:1B:59:27:BF:EA:34","sha256":"A7:3C:6B:D8:D6:F7:52:74:C8:CD:55:0A:6C:F5:65:41:E6:91:1F:99:DB:98:5E:65:BC:CA:DB:3F:B2:F6:C9:24"}}},"request":{"raw":"GET /ts?url=\u0026token=BGlpRW0ZJQJ7Cxm2N9_7z2q-exXDNl1owz8kJQte5dCP0onkU4ZtOFfUku5k0fWg\u0026cna=0TohIa2vkR8CAVFfUcL4d4Ho\u0026ext=1 HTTP/1.1\r\nHost: fourier.taobao.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:35 GMT\r\ncontent-type: image/gif\r\ncontent-length: 0\r\nserver: Tengine\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T16:49:31.594606Z","times_seen":13339169,"resource_available":true,"data":null}},"time_used":2933,"timings":{"blocked":1182,"dns":1,"connect":296,"send":0,"wait":567,"receive":1,"ssl":877},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdfe/static/0.0.44/iconfont-hp.woff","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:32.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdfe/static/0.0.44/iconfont-hp.woff HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:32 GMT\r\ncontent-type: font/woff\r\ncontent-length: 10376\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nx-oss-request-id: 6894B15DAD42E438388FD3D7\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 131960460927145503\r\nx-oss-storage-class: Standard\r\naccess-control-allow-origin: *\r\ncontent-md5: DqzgZ3MJykiW/14r9W7+bA==\r\nx-oss-server-time: 29\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5fea017545751967141957e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE2[4],EU-FRA-marseille-EDGE1-CACHE4[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE15[3],EU-FRA-paris-GLOBAL1-CACHE10[0,TCP_HIT,2],cache19.l2fr1[0,0,200-0,H], cache36.l2fr1[0,0], ens-cache18.gb9[0,0,200-0,H], ens-cache7.gb9[2,0]\r\nali-swift-global-savetime: 1754575197\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 07 Aug 2025 14:00:52 GMT\r\nx-swift-cachetime: 604745\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f39b17549369029964040e\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 2943c93a74bcf5796ad4ea3d3dc27adc\r\nnginx-hit: 1\r\nage: 2345\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10376,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 10376, version 1.0","md5":"0eace0677309ca4896ff5e2bf56efe6c","sha1":"c1982d2df0551f8b2293d6c025a2379cd893cd18","sha256":"72035184dc490d665f8bb7295ce6d6a8fb65e7e0ab370820708b24d54f9f5e51","sha512":"1b1cd9295b1307e84dd4fa207736d4697def1bf1f0d47a8b98f5b239f68a3c843a9cef8de47a764f419a11e1f48eb66f9b91d775fc1a0238b4f86e71c56f8836","ssdeep":"192:FyKYwuJRe/+H4OltFFA4yoVabuUDYCmq1BYLAx8w6L:J6e/4VF+4FcbunBqnYLAb0","tlshash":"8822c0f265506981cf89e3ae664b9df37b00585f80c84051542f80e78e7372a92596b9","first_seen":"2023-05-05T09:30:02Z","last_seen":"2026-04-04T16:41:37.876563Z","times_seen":74086,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":76,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gultiktotoe.cfd/resmi.jpg","fqdn":"gultiktotoe.cfd","domain":"gultiktotoe.cfd","tld":"cfd"},"ip":{"addr":"172.67.215.138","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gultiktotoe.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 16 Jul 2025 11:24:12 GMT","end":"Tue, 14 Oct 2025 12:22:48 GMT"},"fingerprint":{"sha1":"44:7F:8A:BF:3C:BD:52:65:8C:88:15:62:51:78:8E:C8:C4:D0:DD:55","sha256":"0F:B7:6D:E5:18:7B:A7:7A:16:41:81:E3:90:89:63:03:AD:26:D9:CE:86:C8:E4:6A:A5:AD:36:90:E4:2F:F8:20"}}},"request":{"raw":"GET /resmi.jpg HTTP/1.1\r\nHost: gultiktotoe.cfd\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 118076\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 16 Aug 2025 18:25:35 GMT\r\nlast-modified: Thu, 10 Jul 2025 09:34:03 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 178734\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9gdTAKDL5F3PeAg6%2BBhi2QzKXgLzyG2YxZ%2BCHm0tir6QMEvbBnyav3Uh9NDuTtHqURiUOJyNItUhHgCHzMRVA5W2p2Xn45zm02MYCmdoYg%3D%3D\"}]}\r\ncf-ray: 96da57a90bdc3e67-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":118076,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3","md5":"53de4f7fa90c5b200a928228459738a8","sha1":"1f2ce066fa638dd5e5888b00b076fbc421ea9667","sha256":"1daa077596e1427a6c42ec32b609be12dbe2619595e437d2ffe81a726d50f057","sha512":"f11ca5d3df6a9c7fa65aee85ac0ecdf4f627ff10531e1040bc49453e5561139b1b1ad4a84d37958395d0fd3da5c015c0b2d1688f7eacae687a3a5f40806b4b1c","ssdeep":"3072:mMxThM1sEvZALgnKyvuWTMQDqdHBGEj2Bh7WK:TTK9ZfKvWfD5EjY7WK","tlshash":"15b312c267dd6de0ff3d5a2ccc9e4cc922729805712723aba9d1916d63f4afc06821c1","first_seen":"2025-07-12T09:58:14.513736Z","last_seen":"2025-10-16T17:55:59.59671Z","times_seen":610,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01uOZizA1UOFhot1z5u_!!6000000002507-2-tps-96-70.png","fqdn":"lzd-img-global.slatic.net","domain":"slatic.net","tld":"net"},"ip":{"addr":"23.251.63.10","port":443,"asn":62468,"as":"HKCLOUDX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/tps/imgextra/i4/O1CN01uOZizA1UOFhot1z5u_!!6000000002507-2-tps-96-70.png HTTP/1.1\r\nHost: lzd-img-global.slatic.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Byte-nginx\r\ncontent-type: image/png\r\ncontent-length: 11068\r\naccept-ranges: bytes\r\naccess-control-allow-methods: GET,HEAD\r\naccess-control-allow-origin: *\r\nage: 1613630\r\nali-swift-global-savetime: 1723536210\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"\r\ncache-control: max-age=3888000, s-maxage=3888000\r\ncdn-type: kds\r\ncontent-md5: fQAgLXdmxhrPmUM+Kpm8bg==\r\neagleid: a3b54e9d17247631886456766e\r\netag: \"7D00202D7766C61ACF99433E2A99BC6E\"\r\nexpires: Mon, 01 Sep 2025 07:04:46 GMT\r\nlast-modified: Sun, 16 Jun 2024 05:47:46 GMT\r\nnginx-hit: 1\r\ntiming-allow-origin: *\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-06\r\nx-ccdn-cachettl: 8640000\r\nx-ccdn-expires: 6289201\r\nx-hcs-proxy-type: 1\r\nx-oss-cdn-auth: success\r\nx-request-id: f6d95e6fa1ee8e44e8f45e9863bc7de2\r\nx-request-ip: 81.95.81.194\r\nx-response-cache: edge_hit\r\nx-response-cinfo: 81.95.81.194\r\nx-swift-cachetime: 3888000\r\nx-swift-savetime: Tue, 13 Aug 2024 08:03:30 GMT\r\nx-tt-trace-tag: id=5\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11068,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced","md5":"7d00202d7766c61acf99433e2a99bc6e","sha1":"819a071137728d5d9d39c9a6bd7e9a63d3747133","sha256":"67f535f6ea005ed45055bca2126b8421d3b32ec55aed99528d71c71b4d53b3ec","sha512":"4eb763367f99587399cf486161f5bdc3220c76821548a301101ec006ab3b390cf8dea625b8e21f5298e8e6a382f6e269373bed148f844e044ce773d87af1423c","ssdeep":"192:yCJP8YOnL0EoFu6hf2yWM0nhEZ0PkBaTx+9lPtDd7O29xL:y88zL0Eot12c0u6Pk8Tx8VNOuZ","tlshash":"e432b0968d0655f474c2c00bf679855c506c28ff197fa784964019f1dfda9708ebcadc","first_seen":"2023-08-17T12:11:36Z","last_seen":"2026-04-04T16:41:37.901913Z","times_seen":63247,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":23,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:31.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2 HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://g.lazcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:31 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 10788\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nx-oss-request-id: 6894A3CF65246F3031AE2FBA\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9556587264596756474\r\nx-oss-storage-class: Standard\r\naccess-control-allow-origin: *\r\ncontent-md5: cJ9vkMfUk80WuM0IffSSqw==\r\nx-oss-server-time: 18\r\nx-source-scheme: https\r\neagleeye-traceid: 2ff62e9817545717266243833e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE2[3],EU-FRA-marseille-EDGE1-CACHE1[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE30[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2],cache24.l2fr1[0,0,200-0,H], cache13.l2fr1[1,0], ens-cache13.gb9[0,0,200-0,H], ens-cache23.gb9[1,0]\r\nali-swift-global-savetime: 1754571727\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 07 Aug 2025 13:02:09 GMT\r\nx-swift-cachetime: 604798\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3ab17549383634591926e\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 4c72346901571cdd3ad89f7918bcfdc0\r\nnginx-hit: 1\r\nage: 2941\r\ncache-control: max-age=2592000,s-maxage=3600\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10788,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10788, version 1.0","md5":"709f6f90c7d493cd16b8cd087df492ab","sha1":"8fb2a4d035a6f1a5290dc14b4cba324d558f1205","sha256":"b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188","sha512":"c7721f7494d9e174dc762d057899dada797e5ea2cc4d23939893ce4ceb420af4142254b24d70a8a651a5c0775ef6401361062da77cf1858889abbda60146c5e0","ssdeep":"192:8KcsLuE4oixfYkmJIckfJLDjYWQC+E4oa2n+5a2faCX:DJrWZmKckfJLDjB+3oz+82fa6","tlshash":"f622c07f4a46a84ac9326a30ff74834d9abfc6124fde51b0f90850e174c962ef181669","first_seen":"2023-04-06T18:54:24Z","last_seen":"2026-04-04T16:41:37.887289Z","times_seen":78045,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":75,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.lazcdn.com/g/retcode/cloud-sdk/bl.js","fqdn":"g.lazcdn.com","domain":"lazcdn.com","tld":"com"},"ip":{"addr":"90.84.160.23","port":443,"asn":2285,"as":"Orange","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gultiktotoe.cfd/","date":"2025-08-11T20:04:30.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.lazcdn.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 27 Dec 2024 07:01:06 GMT","end":"Wed, 28 Jan 2026 07:01:05 GMT"},"fingerprint":{"sha1":"AE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA","sha256":"DD:A4:30:C8:EB:11:50:8E:0B:E6:B2:79:33:15:AC:C5:EF:82:5F:52:03:03:BB:33:71:65:F4:23:1C:97:1F:8F"}}},"request":{"raw":"GET /g/retcode/cloud-sdk/bl.js HTTP/1.1\r\nHost: g.lazcdn.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gultiktotoe.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gultiktotoe.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Aug 2025 20:04:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 17497\r\nserver: openresty\r\nstrict-transport-security: max-age=360000; includeSubDomains\r\nvary: Accept-Encoding, Accept-Encoding, Accept-Encoding\r\nx-oss-request-id: 6894A4B25DF3193536928972\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7956181089051082725\r\nx-oss-storage-class: Standard\r\ncontent-md5: 4x6tcG5Vt8TBANh6WSjwmQ==\r\nx-oss-server-time: 11\r\naccess-control-allow-origin: *\r\nx-source-scheme: https\r\neagleeye-traceid: a3b5fe9d17545719533156258e\r\ntiming-allow-origin: *\r\nvia: EU-FRA-marseille-EDGE1-CACHE4[3],EU-FRA-marseille-EDGE1-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE8[2],EU-FRA-paris-GLOBAL1-CACHE3[0,TCP_HIT,0],cache26.l2fr1[0,0,200-0,H], cache8.l2fr1[1,0], ens-cache9.gb9[0,0,200-0,H], ens-cache18.gb9[2,0]\r\nali-swift-global-savetime: 1754571954\r\nx-cache: HIT TCP_MEM_HIT dirn:-2:-2\r\nx-swift-savetime: Thu, 07 Aug 2025 13:06:07 GMT\r\nx-swift-cachetime: 604787\r\naccess-control-allow-methods: GET,HEAD\r\nalt-svc: h3=\":443\"; ma=2592000\r\neagleid: a3b5f3a617549425921751072e\r\ncontent-encoding: br\r\nx-hcs-proxy-type: 1\r\nx-ccdn-cachettl: 2592000\r\nx-ccdn-req-id-46b1: 65494d1468c77c7a26c56e3524b888cf\r\nnginx-hit: 1\r\ncache-control: max-age=86400,s-maxage=60\r\nage: 49\r\naccept-ranges: bytes\r\ncdn-type: hwc\r\nx-content-type-options: nosniff\r\ncontent-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":41828,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (41828), with no line terminators","md5":"e31ead706e55b7c4c100d87a5928f099","sha1":"5acc29a266fd91e1bb438bc2b7851d97468a5617","sha256":"caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197","sha512":"8185bb597648afce20b81e15b616576ac655a977a821a46720500de8e06c4abd43515f756e065b18c618878ac3187904d7e4e39474710901941f5c8f7c041a7e","ssdeep":"384:q5mDF0gzqCPaTkYJQd1t6AReVsR7Q0VdgM/gJgDsf5Z3OzgGcKc2kxFVJsOLVwZe:q5BgAhawAAVEgq/zGLvAk09hqRd8nfTO","tlshash":"6e1308cab6c1745207933010512f6107b1bb1aa4284f91a4fa76d9e6aeb864fc273f3d","first_seen":"2023-03-07T12:02:12Z","last_seen":"2026-04-04T16:41:37.861383Z","times_seen":73721,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":67,"send":0,"wait":136,"receive":1,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}