get.html shouluo.me/blaize/datalayer
400 Bad Request 150 B URL get.html shouluo.me/blaize/datalayer
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document, ASCII text, with CRLF line terminators
Hash 7f077f1fce3d566040b0d69eb1f27d8f
28d9c5f6b214c5cdbe7f7e55d6ed5e82080dea01
487ad0d2cf075f4328a1adf57ef428759ad4e2c873a8ebd2ad9653990829c9cf
get.html /blaize/datalayer HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 15
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: sailthru_pageviews=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 400 Bad Request
Server: nginx
Date: Mon, 02 Jun 2025 17:26:32 GMT
Content-Type: text/html
Content-Length: 150
Connection: close
GET 1686pk.com/webapp/css/ssc_newVersion.css
200 OK 22 kB URL GET 1686pk.com/webapp/css/ssc_newVersion.css
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type Unicode text, UTF-8 text, with very long lines (22369), with no line terminators
Hash 0369d34b173ce7555a12e248399993b9
54f591e9c2fddc9dfbf9635280afa3a84510d32b
55d8170581789fd2baf42f160038645f58d3d1af667c0ce888880af5dde1e25e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/css/ssc_newVersion.css HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 15:37:42 GMT
vary: Accept-Encoding
etag: W/"67b0b4c6-5771"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET shouluo.me/js/26780310980.js
200 OK 324 kB URL GET shouluo.me/js/26780310980.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (65468)
Size 324 kB (324107 bytes)
Hash cca44c35016e2d1cc214ca832fba7436
223ad320f9cf50829fa411bd1d329169c2291d58
100b4105033b9b6e16c5114d9e8211137ba0a13f9f4be354f30e39c6e90c829f
GET /js/26780310980.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Dec 2024 18:37:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6765b964-4f20b"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET dims.apnews.com/dims4/default/8fb3923/2147483647/strip/true/crop/8165x5440+0+2/resize/800x533!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F47%2F93%2Fb343ab56fc6975aa7ff7ee3fc6dd%2F98c23809f7f247d289c9c39430fdaf74
200 OK 103 kB URL GET dims.apnews.com/dims4/default/8fb3923/2147483647/strip/true/crop/8165x5440+0+2/resize/800x533!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F47%2F93%2Fb343ab56fc6975aa7ff7ee3fc6dd%2F98c23809f7f247d289c9c39430fdaf74
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x533, Scaling: [none]x[none], YUV color, decoders should clamp
Size 103 kB (102712 bytes)
Hash 89214cc776cb54777d451ee0989cf631
b183c86feb5c6603e82bff370e68c490b73f9af9
cd95e56c1863ebef972e33f16b1e9693bcd7c8b9ccc51e752f6cabe0b5cf7b3f
GET /dims4/default/8fb3923/2147483647/strip/true/crop/8165x5440+0+2/resize/800x533!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F47%2F93%2Fb343ab56fc6975aa7ff7ee3fc6dd%2F98c23809f7f247d289c9c39430fdaf74 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 102712
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Tue, 02 Jun 2026 17:26:23 GMT
x-envoy-upstream-service-time: 1633
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Jun 2025 17:26:23 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=lPg95EI0zeIn8mRATFQ3RdbeCoH3j4WeKTwl99zGcx0-1748885191-1.0.1.1-nqbQZRceGUNstieaOFHeTq.EhjfnThB_8GGtnbtVsagrt7QkSnhnrtEBrG3DlsfCuZ.KPJ.3Ch0_YHFjiNnQqfg9wT5SaC2y5n7WxA6GrdDWKtJBWwgbb0s9Z1jGtDJ2; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc28465699-OSL
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/img/cltj_img/px10obj.png
200 OK 2.9 kB URL GET 1686pk.com/webapp/img/cltj_img/px10obj.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type PNG image data, 111 x 101, 8-bit/color RGBA, non-interlaced
Hash 5025c85c1772aadbb3e53f953913d3bc
fb7fb9939693929455b21cabd3f99b7b4761d39a
124aeafaabb57da5126971cd6c763b317cde9003ff1690e447a494952f156139
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/img/cltj_img/px10obj.png HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/css/pk10.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: image/png
last-modified: Sat, 15 Feb 2025 15:37:54 GMT
vary: Accept-Encoding
etag: W/"67b0b4d2-b3a"
expires: Wed, 02 Jul 2025 17:26:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET dims.apnews.com/dims4/default/4c2a28b/2147483647/strip/false/crop/5000x3334+0+0/resize/690x460!/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F6a%2Fa1%2F2aca882861475820a3a30b8e4062%2F0af131d1d80f460e8a21b05e1efc6414
200 OK 88 kB URL GET dims.apnews.com/dims4/default/4c2a28b/2147483647/strip/false/crop/5000x3334+0+0/resize/690x460!/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F6a%2Fa1%2F2aca882861475820a3a30b8e4062%2F0af131d1d80f460e8a21b05e1efc6414
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=A stray bobtail cat rests at a park in Nagasaki, southern Japan, on April 26, 2025. (AP Photo/Eugene Hoshiko), manufacturer=SONY, model=ILCE-7CR, xresolution=262, yresolution=270, resolutionunit=2, software=Capture One Macintosh], baseline, precision 8, 690x460, components 3
Hash 9a39a80efeeb25c62faf30fe26e7e1f7
9e4ab867a6834597f6d28e9916df812a1b26c4fe
225575ce98f9d01effbe6abd241c4800c883be5ca39c23dbe28aff3acf9147d7
GET /dims4/default/4c2a28b/2147483647/strip/false/crop/5000x3334+0+0/resize/690x460!/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F6a%2Fa1%2F2aca882861475820a3a30b8e4062%2F0af131d1d80f460e8a21b05e1efc6414 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: __cf_bm=8GHOz447zW8BPsze2zMoO6FhBx_MhNuEQEXnp4PlWYA-1748885191-1.0.1.1-PP82EuUIJLtG3XwMd22mUJwNxAhFje9.XJl8SyCYa2m0Umn4U4jDwZHudWf3PYSzU86pWr8_bTpQB81scCQ.8L33whauUCCOAWM821HoiSEDLxvXzU3DJg27gAUlnOSK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:35 GMT
content-type: image/jpeg
content-length: 87457
cache-control: public, max-age=31536000
cf-bgj: h2pri
alt-svc: h3=":443"; ma=86400
edge-control: downstream-ttl=31536000
expires: Fri, 29 May 2026 02:06:58 GMT
via: 1.1 google
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
x-envoy-upstream-service-time: 741
last-modified: Thu, 29 May 2025 02:06:58 GMT
cf-cache-status: HIT
age: 363520
accept-ranges: bytes
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a816bffdb4f9-OSL
server-timing: cfExtPri
GET shouluo.me/js/all.min.2a3ba00d3122dcdb56f836b7cb0aa611.gz.js
200 OK 220 kB URL GET shouluo.me/js/all.min.2a3ba00d3122dcdb56f836b7cb0aa611.gz.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (65471)
Size 220 kB (219545 bytes)
Hash 255cc93af3df612f5ae949d73fe7cec4
1b5ebc65f04d978fdd73e7efaee95f47662a9c54
136eff888370bb122def806ea6238f520c84b8632243efc7d91a3adc9d7b7307
GET /js/all.min.2a3ba00d3122dcdb56f836b7cb0aa611.gz.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:30 GMT
Content-Type: application/javascript
Last-Modified: Mon, 16 Dec 2024 15:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67604352-35999"
Expires: Tue, 03 Jun 2025 05:26:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET dims.apnews.com/dims4/default/4b9d2fc/2147483647/strip/true/crop/5939x4000+30+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F97%2F97%2F7dfa1d634fff52e70db6cbc7c0a6%2Feba1068128f6492bad00485c38b16678
200 OK 1.7 kB URL GET dims.apnews.com/dims4/default/4b9d2fc/2147483647/strip/true/crop/5939x4000+30+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F97%2F97%2F7dfa1d634fff52e70db6cbc7c0a6%2Feba1068128f6492bad00485c38b16678
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 98x66, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 3a4f793a93da7d69008dce8c44ecdbb7
aea99ddae7a85b4882c41170b08fe86b591b1715
35d18fe4384ddd4f4ab05d7ee5197cf9daca6910377ea4032df07459269279bd
GET /dims4/default/4b9d2fc/2147483647/strip/true/crop/5939x4000+30+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F97%2F97%2F7dfa1d634fff52e70db6cbc7c0a6%2Feba1068128f6492bad00485c38b16678 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 1660
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Sat, 30 May 2026 18:59:56 GMT
x-envoy-upstream-service-time: 773
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 30 May 2025 18:59:56 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=LUKWVuThJLfD2LXLK8uVgklbkLUmayny8rumQKXYpy4-1748885191-1.0.1.1-wmK7CPWHsqmJ_6hIHUKjJs2Z0gjmWIj88_EcL83S_LPe86Qw7T9q.4l9QaLqcPjBvjK_NZFrB7.9lmqVX2Lzibh7WRIwjwyz9MS2nwskc7MMyt4_mmUReJziCwug1rWc; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc28525699-OSL
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/html/public/head.html
200 OK 1.3 kB URL GET 1686pk.com/webapp/html/public/head.html
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 626eb9ecd82619ad149f5b4aeb530720
c69c26a74ba1c15ab35cb3b48242603bbbb83cb7
dd472572f54f664106cd0ffc2a5e3266bbfe14067b202b26d29315a1479ed062
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/html/public/head.html HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: text/html
last-modified: Fri, 09 May 2025 13:41:28 GMT
vary: Accept-Encoding
etag: W/"681e0608-532"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/img/bg_icon.png
200 OK 15 kB URL GET 1686pk.com/webapp/img/bg_icon.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type PNG image data, 948 x 404, 8-bit colormap, non-interlaced
Hash 821582b0c313e76c4f0d979664edf668
dda5e9d9e4cee99daf3af76f83ffab6b712e7697
a5c7914a21f1db358506caaf95ff6d1838769e4c303e6cfa5ebbacdb0b97643b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/img/bg_icon.png HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/css/public.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: image/png
last-modified: Sat, 15 Feb 2025 15:37:52 GMT
vary: Accept-Encoding
etag: W/"67b0b4d0-3c2a"
expires: Wed, 02 Jul 2025 17:26:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET apv-launcher.minute.ly/api/launcher/MIN-900210.js
200 OK 0 B URL GET apv-launcher.minute.ly/api/launcher/MIN-900210.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/launcher/MIN-900210.js HTTP/1.1
Host: apv-launcher.minute.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Set-Cookie: AWSALB=HyiCGjBAV/hIM60e30Xdm0yitkBokonI/qOxwxJ0Y/t90LRhAOIVuPr+tfH4vu1S3SUUMRUUrzxY79B9IMCFRgeWvuE4IDWsAaABIX0RnS+RalCYUvOv85K9eQ43; Expires=Thu, 05 Jun 2025 16:25:58 GMT; Path=/
AWSALBCORS=HyiCGjBAV/hIM60e30Xdm0yitkBokonI/qOxwxJ0Y/t90LRhAOIVuPr+tfH4vu1S3SUUMRUUrzxY79B9IMCFRgeWvuE4IDWsAaABIX0RnS+RalCYUvOv85K9eQ43; Expires=Thu, 05 Jun 2025 16:25:58 GMT; Path=/; SameSite=None; Secure
server: nginx/1.25.1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-request-id: ba69ff5f-eb9d-42f0-8545-3d5ea477dcca
x-runtime: 0.005873
expires: Thu, 29 May 2025 16:25:58 GMT
x-debug-app-get: GET
x-debug-server-name: apv-launcher.minute.ly
x-debug-req-method: GET
access-control-allow-headers: APP-GET,Content-Type
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
Via: 1.1 varnish, 1.1 varnish
Fastly-Debug-Path: (F cache-hel1410034-HEL 1748885195) (F cache-iad-kiad7000082-IAD 1748535959)
x-ioriver: Fastly
Accept-Ranges: bytes
Age: 349237
Date: Mon, 02 Jun 2025 17:26:35 GMT
X-Varnish: 823736009 1151942780, 431314992
X-Served-By: cache-iad-kiad7000082-IAD, cache-hel1410033-HEL
X-Cache: HIT, MISS
X-Cache-Hits: 24, 0
X-Timer: S1748885195.385825,VS0,VE99
Vary: Accept-Encoding
Cache-Control: max-age=30
transfer-encoding: chunked
POST jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 94 B URL POST jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT
Hash 35ad8ac4c497baa94466131d3e5a169c
d305906c88544b259c7d6b199c940b4aa75b4886
aae0c512eaa274c55fb839d86c8a6f0e520beed6d4a91e92d6d59109b8a5a33d
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1098
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 02 Jun 2025 17:26:35 GMT
server: ESF
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET shouluo.me/js/zephr-browser.umd.js
200 OK 43 kB URL GET shouluo.me/js/zephr-browser.umd.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (25308), with LF, NEL line terminators
Hash e05536a3c6f91c8218461413300ec0a2
16c9a63ecec81da6f3877719584740370889a43e
39ce661869eba5404c9cca43c9e5400851b842bf107631a14610e2e7f609d041
GET /js/zephr-browser.umd.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Aug 2023 10:12:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64ddf27e-a926"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET shouluo.me/js/webcomponents-loader.ce44f83d1399e8dd41e607b70e0642c9.gz.js
200 OK 2.8 kB URL GET shouluo.me/js/webcomponents-loader.ce44f83d1399e8dd41e607b70e0642c9.gz.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (2680)
Hash 803c0990e7419f72bc1ae957cd449366
7199591814daa8777411fe42048d2c210e1efe1d
a89881560c77b1a6e5260763c747e15708565f025ab634ea3909f23c2b83c82e
GET /js/webcomponents-loader.ce44f83d1399e8dd41e607b70e0642c9.gz.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Tue, 06 Jun 2023 21:41:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"647fa818-ac6"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET shouluo.me/js/spm.v1.min.js
200 OK 177 kB URL GET shouluo.me/js/spm.v1.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65372)
Size 177 kB (176792 bytes)
Hash baf420a4fb632cc24e50dcdb1d7e984d
64c015a79ddfc3f47b923d5cf954de58f82d3d71
d4ef66da786aac7a6ae7d165b5a6d9f7456ec786ddc04100449d53ab5cf796db
GET /js/spm.v1.min.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Wed, 11 Dec 2024 09:49:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6759603e-2b298"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET dims.apnews.com/dims4/default/26b4277/2147483647/strip/true/crop/1363x918+0+241/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F93%2F55%2F9f691595d421aab9e3ae4a9f7890%2Faa44d9501893452187caeb93d2ba1f8f
200 OK 1.7 kB URL GET dims.apnews.com/dims4/default/26b4277/2147483647/strip/true/crop/1363x918+0+241/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F93%2F55%2F9f691595d421aab9e3ae4a9f7890%2Faa44d9501893452187caeb93d2ba1f8f
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 98x66, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 4b97ee49bce40f8bee473f4c4f2e6829
cefeec6f17c101c5fb74f4900fcdbbb3d4dd30b3
7418a98d97d8f024cbf718b8d9f32f0c7b27ca87438fb6cf9b4511ef1d215ec5
GET /dims4/default/26b4277/2147483647/strip/true/crop/1363x918+0+241/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F93%2F55%2F9f691595d421aab9e3ae4a9f7890%2Faa44d9501893452187caeb93d2ba1f8f HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 1696
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Sat, 16 May 2026 23:00:34 GMT
x-envoy-upstream-service-time: 347
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 May 2025 23:00:34 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=RNtdyFYdsqLBVA4iRRx174k2xKxgm2QS3e9xoZrsqTc-1748885191-1.0.1.1-uZhzO51xdb82x3S1j9o0AWXgCnhh961Os3lcYOOJL5MxIJ3wN_weGU7ASdaaU8KtxIdx_fLqy9LZvkeCZzbKmApz9rjxzN0um.DeF8aUAaeg4QThjorYzufUMe7QbRTL; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc28385699-OSL
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/js/lib/jquery.async.js
200 OK 902 B URL GET 1686pk.com/webapp/js/lib/jquery.async.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, ASCII text, with very long lines (902), with no line terminators
Hash 2e3cd10cd7579756c32b479d018996ce
f802c0231c81b061352b3c7bb4c64c143ce353f2
9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/lib/jquery.async.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
content-length: 902
last-modified: Fri, 09 May 2025 13:41:30 GMT
etag: "681e060a-386"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/js/lib/date.js
200 OK 7.9 kB URL GET 1686pk.com/webapp/js/lib/date.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (7873), with no line terminators
Hash d372d65bf3cac7dd5c8e01e537c1f3f5
20d5f82e581928efd22c6422bc0fb6d30f30a4b0
e9768904049bc1ebda895c104e828ca51fdfd0ba507c6af453738bd359580b12
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/lib/date.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
last-modified: Fri, 09 May 2025 13:41:30 GMT
vary: Accept-Encoding
etag: W/"681e060a-1edd"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
OPTIONS jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL OPTIONS jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 02 Jun 2025 17:26:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET shouluo.me/main.js
200 OK 1.2 kB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (471), with CRLF line terminators
Hash f7d01247591966cf17589c423f328011
5be6f979dee195cbc25f9ffc32017e43c5fe6898
bd08ffd0c8d9b9aa2b9842d8dc20b9c9958a7009275440e3b1a3b5e958699781
GET /main.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Fri, 09 May 2025 05:44:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"681d9627-4ca"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET shouluo.me/js/loader.js
200 OK 1.4 MB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 1.4 MB (1361779 bytes)
Hash 8bc1c57078475c81626480222f26f56c
ee958bf56ec29097fe2ec771d82d297f373d37d0
ee1b70ab9d201bef2dba9a05d8c08c4b9d9fba24b904a8b6721499fe96988d92
GET /js/loader.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: sailthru_pageviews=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:32 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Jan 2025 04:04:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6774bec8-14c773"
Expires: Tue, 03 Jun 2025 05:26:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET 1686pk.com/webapp/js/lib/Sortable.min.js
200 OK 0 B URL GET 1686pk.com/webapp/js/lib/Sortable.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/lib/Sortable.min.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
content-length: 0
last-modified: Fri, 09 May 2025 13:41:30 GMT
etag: "681e060a-0"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/js/local/ssc/index.js
200 OK 81 kB URL GET 1686pk.com/webapp/js/local/ssc/index.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (1920), with CRLF line terminators
Hash 7cbf7c3e6596443aea193db26588a203
dc9284b3d853f40b1f892dc853002b1cbf2e700a
ae8b3e11044bfe4ada3cbe02de1e3a8b9f7476b4cb8cf6e8a29074e423d254e9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/local/ssc/index.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
last-modified: Fri, 09 May 2025 13:41:36 GMT
vary: Accept-Encoding
etag: W/"681e0610-13afa"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET shouluo.me/zephr/features
404 Not Found 58 kB URL GET shouluo.me/zephr/features
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document, ASCII text, with very long lines (56756)
Hash cbb42513032d6c09e496731ac16c20a9
c92f38a701aad58408451d24dd4c47b05f158cf0
d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b
GET /zephr/features HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shouluo.me/
DNT: 1
Connection: keep-alive
Cookie: sailthru_pageviews=1; proper_rtp_split_test={"version_id":"30915","release_ts":"2024-12-11 09:45:39"}; optimizelyEndUserId=oeu1748885193935r0.5306809468148789; __vtins__Kbu0ae6HwHakHTZk=%7B%22sid%22%3A%20%22e17fa06b-4077-586e-89c8-7aedeed4c0da%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201748886994246%2C%20%22ct%22%3A%201748885194246%7D; __51uvsct__Kbu0ae6HwHakHTZk=1; __51vcke__Kbu0ae6HwHakHTZk=9dc67629-a88b-506a-8b38-b7607c206a78; __51vuft__Kbu0ae6HwHakHTZk=1748885194252; __vtins__Kbu1dxpVU3uYOSCF=%7B%22sid%22%3A%20%22383948c6-77c0-5467-b869-59a7cb1bfc1f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201748886994274%2C%20%22ct%22%3A%201748885194274%7D; __51uvsct__Kbu1dxpVU3uYOSCF=1; __51vcke__Kbu1dxpVU3uYOSCF=e053628f-0912-5f40-8629-2b63af96eb45; __51vuft__Kbu1dxpVU3uYOSCF=1748885194277
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 02 Jun 2025 17:26:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67751d63-e3b8"
Content-Encoding: gzip
GET www.google.com/js/th/37RaLk5j69uYEo1Pw3e05PcPyHVq4Ix4s_Z0XL8aIVs.js
200 OK 59 kB URL GET www.google.com/js/th/37RaLk5j69uYEo1Pw3e05PcPyHVq4Ix4s_Z0XL8aIVs.js
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint84:BD:0D:9A:51:CC:86:3E:E9:2F:6E:7C:2D:58:AC:4C:FB:B5:3D:8C
ValidityMon, 12 May 2025 08:44:44 GMT - Mon, 04 Aug 2025 08:44:43 GMT
File type JavaScript source, ASCII text, with very long lines (57509)
Hash 2e5a59554e09e384356d3492e64bb1c4
fdd18384c7a21f400516434fe7efbc24773dd358
dfb45a2e4e63ebdb98128d4fc377b4e4f70fc8756ae08c78b3f6745cbf1a215b
GET /js/th/37RaLk5j69uYEo1Pw3e05PcPyHVq4Ix4s_Z0XL8aIVs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 22451
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 May 2025 13:31:42 GMT
expires: Fri, 29 May 2026 13:31:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 May 2025 09:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 359692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET storage.googleapis.com/quiz_assets/APVar.woff2
200 OK 126 kB URL GET storage.googleapis.com/quiz_assets/APVar.woff2
IP
Certificate IssuerGoogle Trust Services
Subjectstorage.googleapis.com
FingerprintE6:19:2A:54:2B:10:FA:7F:D1:05:6C:BB:F0:95:A7:BC:6F:29:25:69
ValidityMon, 12 May 2025 08:46:48 GMT - Mon, 04 Aug 2025 08:46:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 125672, version 1.0
Size 126 kB (125672 bytes)
Hash 7f50c6dac8d72150899a11a222ba5562
a49561ef3fb015516869584dbde9b1e782d4ffdf
a3a88a86bdc69901f371d4d984aad6fae2199eb6e947ad4c6b49700b5ec2d6fd
GET /quiz_assets/APVar.woff2 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABgVH8-6PDavtz3floyDxYZrjGiC7Kg28pDaMKd27J0b9ZkNLg7an7gdGdy7FL4LHueFKokS
x-goog-generation: 1724423097649149
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125672
x-goog-hash: crc32c=07g3Eg==, md5=f1DG2sjXIVCJmhGiIrpVYg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 125672
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 02 Jun 2025 16:43:11 GMT
expires: Mon, 02 Jun 2025 17:43:11 GMT
cache-control: public, max-age=3600
age: 2604
last-modified: Fri, 23 Aug 2024 14:24:57 GMT
etag: "7f50c6dac8d72150899a11a222ba5562"
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
HEAD pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 0 B URL HEAD pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Certificate IssuerGoogle Trust Services
Subject*.g.doubleclick.net
FingerprintCB:D6:DD:24:49:A1:05:33:C4:D6:0A:04:6A:88:75:11:64:1B:56:6D
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://shouluo.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Mon, 02 Jun 2025 17:26:36 GMT
expires: Mon, 02 Jun 2025 17:26:36 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 17983520432553101679
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 53334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET dims.apnews.com/dims4/default/e4b4a23/2147483647/strip/true/crop/5643x3762+0+1/resize/1440x960!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F1e%2Fe2%2F595b35b252132b5699b6fbce2d48%2Fceeed4af9b404f0f977295136f507107
200 OK 191 kB URL GET dims.apnews.com/dims4/default/e4b4a23/2147483647/strip/true/crop/5643x3762+0+1/resize/1440x960!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F1e%2Fe2%2F595b35b252132b5699b6fbce2d48%2Fceeed4af9b404f0f977295136f507107
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x960, Scaling: [none]x[none], YUV color, decoders should clamp
Size 191 kB (191412 bytes)
Hash 9b1787c12ef094cc79ad212fd865d9f5
4c3e70f2582b7234f5c8c0d58f3e1ecde5b0c9b2
847abbcdcb44c923cb37f58984b3011d3285a3d594ecf92d70a340fd5e6eefeb
GET /dims4/default/e4b4a23/2147483647/strip/true/crop/5643x3762+0+1/resize/1440x960!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F1e%2Fe2%2F595b35b252132b5699b6fbce2d48%2Fceeed4af9b404f0f977295136f507107 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 191412
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Tue, 02 Jun 2026 17:26:22 GMT
x-envoy-upstream-service-time: 1173
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Jun 2025 17:26:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=JpFkiETml3tx8XZ.rBLbTmr9r8ReHVqosSzhfnU7mwU-1748885191-1.0.1.1-nBsEm.D_1e7nW5bwc.K_FV5r4lPei0tjpkMEwRAIb.zaoYMBhri3zjWDvB3E_YlmL1c_WMk2yKAM6_3Qp.BEr7BDnKVpB5sOomszmQjQXOKH4fTmbsUnn3j3eNWiDisO; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc284b5699-OSL
X-Firefox-Spdy: h2
GET dims.apnews.com/dims4/default/8b09eed/2147483647/strip/true/crop/7988x5318+0+4/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fc0%2F39%2Fc5ab3d312d24a77c44690644ea65%2F08c15ffcbdb049a1b44b879c1148029c
200 OK 16 kB URL GET dims.apnews.com/dims4/default/8b09eed/2147483647/strip/true/crop/7988x5318+0+4/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fc0%2F39%2Fc5ab3d312d24a77c44690644ea65%2F08c15ffcbdb049a1b44b879c1148029c
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x233, Scaling: [none]x[none], YUV color, decoders should clamp
Hash f44aef85922afd379e4f3327b8a5bfa0
e0d4544730754213cd22c34023b9d90de23350b8
a8c7b9b129693665f8e4e696ac9906a686dfeac6c00e3523c33c202e9614a455
GET /dims4/default/8b09eed/2147483647/strip/true/crop/7988x5318+0+4/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fc0%2F39%2Fc5ab3d312d24a77c44690644ea65%2F08c15ffcbdb049a1b44b879c1148029c HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 16342
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Tue, 02 Jun 2026 17:26:23 GMT
x-envoy-upstream-service-time: 1416
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Jun 2025 17:26:23 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=03JnqjbE9F2gxBX.HLedBzEcfB6ISi7N3gBAEIbJRqc-1748885191-1.0.1.1-HmX9nT9Gi.jHcwx_lSS6qw8J8o8kzSchwhejsxs3TW0zJjkmPlFgXCAHrsfgpR_XABHFuoh1Mut8gU1nq5dU.YcI0TBdTfYnIiEEr.y7zffeQ4aKxv8Kz9dwWLLmq.g7; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc28545699-OSL
X-Firefox-Spdy: h2
GET dims.apnews.com/dims4/default/0d7764a/2147483647/strip/true/crop/2851x1534+0+0/resize/240x129!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F22%2F25%2F9576fafb4e768552fed602a60238%2Fap-pri-wordmarktagline-rgb-dbg.png
200 OK 4.3 kB URL GET dims.apnews.com/dims4/default/0d7764a/2147483647/strip/true/crop/2851x1534+0+0/resize/240x129!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F22%2F25%2F9576fafb4e768552fed602a60238%2Fap-pri-wordmarktagline-rgb-dbg.png
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 211a42bdf7bcb9d60609ec018f56df93
3850987d1c0aee24cb7c24e9e53040dfeea8a146
24f50745ec2d551e9dabc266ee0541cf4d8bcf8a68ca5a71b58281d30a811d40
GET /dims4/default/0d7764a/2147483647/strip/true/crop/2851x1534+0+0/resize/240x129!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F22%2F25%2F9576fafb4e768552fed602a60238%2Fap-pri-wordmarktagline-rgb-dbg.png HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 4300
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Wed, 22 Apr 2026 08:15:08 GMT
x-envoy-upstream-service-time: 440
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 22 Apr 2025 08:15:08 GMT
cf-cache-status: HIT
age: 1684227
accept-ranges: bytes
set-cookie: __cf_bm=.V4YcC3kpcQnO_1ZhbGOm8sx3AZ1.gGZ6i_qOPM2ldw-1748885191-1.0.1.1-SUMJUCPkJ6xoDfwC98ZOujpCtj6BzSX3XZFEXs4CQ892723AOF.unXzxHAypBma6VkzUT3U_4zgNFOrLVNR8pB0NufRPe3Iaip6ui7S20BKADa5WqVwL_w913mIgkARv; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fca90e5699-OSL
X-Firefox-Spdy: h2
GET yt3.ggpht.com/I2UXf4n7ukd9hl7UQDsPKN0QXQ9X_NoujZfOY_qPhbBwyJv-K3-rFsrWIDGc3CFylr2cL2c7=s68-c-k-c0x00ffffff-no-rj
200 OK 1.8 kB URL GET yt3.ggpht.com/I2UXf4n7ukd9hl7UQDsPKN0QXQ9X_NoujZfOY_qPhbBwyJv-K3-rFsrWIDGc3CFylr2cL2c7=s68-c-k-c0x00ffffff-no-rj
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint27:E5:A6:4D:A7:35:A0:F7:7B:EA:CD:2E:47:1A:64:DB:8B:2C:E6:06
ValidityMon, 12 May 2025 08:43:56 GMT - Mon, 04 Aug 2025 08:43:55 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3
Hash f07875fca12d4075678be7195ebe14a8
68be48896899ae1aa0c1710698f77ac7eb891f8e
7811a2dab1ef387827e25b70ef5289b02bd9d7fd227c6ec93bdb6f24ccc09a90
GET /I2UXf4n7ukd9hl7UQDsPKN0QXQ9X_NoujZfOY_qPhbBwyJv-K3-rFsrWIDGc3CFylr2cL2c7=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1775
x-xss-protection: 0
date: Mon, 02 Jun 2025 15:08:19 GMT
expires: Tue, 03 Jun 2025 15:08:19 GMT
cache-control: public, max-age=86400, no-transform
age: 8296
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET global.proper.io/payloads/latest.js
0 B URL GET global.proper.io/payloads/latest.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /payloads/latest.js HTTP/1.1
Host: global.proper.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
GET 1686pk.com/webapp/html/public/footer.html
200 OK 190 B URL GET 1686pk.com/webapp/html/public/footer.html
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 567513703c616d507c96df9ddf3135d8
963d93ea5b5b783141b3b5d23e134fce3fa74f1f
47039dd508ced3f4da9b0a8fd8fbb0b981528ad8b7c55b141f8468871b3d6778
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/html/public/footer.html HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: text/html
content-length: 190
last-modified: Fri, 09 May 2025 13:41:28 GMT
etag: "681e0608-be"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET api.api168168.com/CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010
200 OK 196 B URL GET api.api168168.com/CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectapi.api168168.com
FingerprintBA:61:3B:49:A2:0B:42:45:3D:01:8E:91:5B:71:F7:B5:21:7A:54:B5
ValidityMon, 28 Apr 2025 18:53:11 GMT - Sun, 27 Jul 2025 18:53:10 GMT
Hash 801813e659d909919738f3645cc68fd1
81daec9e6ea11141f04ab58bb94acfc66dd73f8d
89b76597390df561767fee0b7cfce096d708eb2d8d3d81e358b6f40b89fcc41b
GET /CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1686pk.com
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:40 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://1686pk.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/html/aozxy5/index.html
200 OK 36 kB URL GET 1686pk.com/webapp/html/aozxy5/index.html
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 168906105169211c19d84d1b31821df7
665f053fbd77c566333d876cd1dc4aeefcd68c05
e9a2e7c95095b3aa43115899f72f1c9d294e4dbefc1caab9f440a2096ad30967
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/html/aozxy5/index.html HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: text/html
last-modified: Fri, 09 May 2025 13:41:26 GMT
vary: Accept-Encoding
etag: W/"681e0606-8aac"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-Regular.554b177de19fb126118d8d529f17aa6b.woff2
200 OK 50 kB URL GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-Regular.554b177de19fb126118d8d529f17aa6b.woff2
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type Web Open Font Format (Version 2), CFF, length 50048, version 0.0
Hash 1791b142c0b148cd8d0b3a02e6f8a01d
c330fc7ace365de0466ad2ae7716822d33bd9474
2cf62b80ebbcd8f88f2f1ff485b4afb0a2afd4b0258d7473a176d724d011a39f
GET /resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-Regular.554b177de19fb126118d8d529f17aa6b.woff2 HTTP/1.1
Host: assets.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:32 GMT
content-type: application/octet-stream
content-length: 50048
x-guploader-uploadid: AAO2VwrAhwoDzMrYo56APvZ1r_hbOwj94WXhuus3m3dWtEmAMP67Cx24-22LUBAOVLFPl-jN
cache-control: public, max-age=31536000
expires: Mon, 25 May 2026 01:14:45 GMT
last-modified: Tue, 06 Jun 2023 21:41:40 GMT
etag: "1791b142c0b148cd8d0b3a02e6f8a01d"
x-goog-generation: 1686087700489429
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 50048
x-goog-hash: crc32c=Uvah6A==, md5=F5GxQsCxSM2NCzoC5vigHQ==
x-goog-storage-class: STANDARD
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
set-cookie: __cf_bm=zycC9epwiAFyh165vKwPVismXaXgcVbagsqZQrwnpU4-1748885192-1.0.1.1-4NPPeAuqItdLnDyj2cMx4c9gVoUsHX2WTMRIVrPtomr4zD9n1HGn6PRZEDFbhinJC8lC.v_zjlZkaMNQP3n9Hu11U7F1TRoxDO_Qlm0GrRBo5T6dW24rdEo_JpO3PV8K; path=/; expires=Mon, 02-Jun-25 17:56:32 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9498a80538c0b4f9-OSL
server-timing: cfExtPri
GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-SemiCondensedBold.fcbedb6a106dddd6fdfef5877e011259.woff2
200 OK 52 kB URL GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-SemiCondensedBold.fcbedb6a106dddd6fdfef5877e011259.woff2
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type Web Open Font Format (Version 2), CFF, length 51888, version 0.0
Hash 07d1782ba41483dc78099374acf49cb2
c9998137bc54ebbbc03e0672de5dcd7784a0c369
a62569e03ea0a574c4a7d2815cc7a508c4884d6a3f4e7c99dd3758d9c3412292
GET /resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-SemiCondensedBold.fcbedb6a106dddd6fdfef5877e011259.woff2 HTTP/1.1
Host: assets.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:32 GMT
content-type: application/octet-stream
content-length: 51888
x-guploader-uploadid: AAO2Vwq2tC38mo9-Udyq4YmMLmzUT0TU4nhmwMdoB8XknHnP6084i28uzamFbMdFdvImcG4NjF2qIGgTObI8uw
cache-control: public, max-age=31536000
expires: Mon, 25 May 2026 01:14:45 GMT
last-modified: Tue, 06 Jun 2023 21:41:43 GMT
etag: "07d1782ba41483dc78099374acf49cb2"
x-goog-generation: 1686087703341240
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 51888
x-goog-hash: crc32c=UC1cNg==, md5=B9F4K6QUg9x4CZN0rPScsg==
x-goog-storage-class: STANDARD
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
set-cookie: __cf_bm=oHTJduHmJLBuTdhrXQ2LE.ugZtozL9NE5U5TnA0oXGk-1748885192-1.0.1.1-60EIEyCssSwe_TC7VJ_60XMAF8X34gSJkPOgwcU7ESwj2HvNleR7ZYLHJIZnS5KfmvDZc4ocqivnkSQ9s0bEd4OczbjPm7uIO6F5hgVYbOK9rOl9HsWiOUoVvAuMvAvs; path=/; expires=Mon, 02-Jun-25 17:56:32 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9498a80538bbb4f9-OSL
server-timing: cfExtPri
GET global.proper.io/config/apnews.30915.json
0 B URL GET global.proper.io/config/apnews.30915.json
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /config/apnews.30915.json HTTP/1.1
Host: global.proper.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.youtube.com/s/player/3b4b7883/player_ias.vflset/en_US/remote.js
200 OK 125 kB URL GET www.youtube.com/s/player/3b4b7883/player_ias.vflset/en_US/remote.js
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
File type JavaScript source, ASCII text, with very long lines (543)
Size 125 kB (124867 bytes)
Hash 388ef2a58c540606d280b457f7be0fd2
1af9c32e5bcd540698b6a87c01d218458cb22579
935d3572e006489a4bb9754d5d49f06ed20a1f47f6220f2c7bbd5f1e5b24d74d
GET /s/player/3b4b7883/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 36039
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jun 2025 08:24:30 GMT
expires: Tue, 02 Jun 2026 08:24:30 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 04:13:37 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 32524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST collect-v6.51.la/v6/collect?dt=4
210 0 B URL POST collect-v6.51.la/v6/collect?dt=4
IP
ASN #138915 Kaopu Cloud HK Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 421
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 210
Date: Mon, 02 Jun 2025 17:26:34 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://shouluo.me
Access-Control-Allow-Credentials: true
via: EU-FRA-marseille-EDGE3-CACHE12[208],EU-FRA-marseille-EDGE3-CACHE12[ovl,207],EU-FRA-marseille-EDGE1-CACHE4[ovl,205],EA-HKG-EDGE1-CACHE1[ovl,33],EA-HKG-EDGE2-CACHE1[ovl,32],EA-HKG-GLOBAL1-CACHE3[ovl,31]
X-CCDN-REQ-ID-46B1: 5284c726573efd530db206e214ce4228
POST api.riverdrop.com/api/quiz/promotion
200 OK 3.1 kB URL POST api.riverdrop.com/api/quiz/promotion
IP
Certificate IssuerGoogle Trust Services
Subjectriverdrop.com
Fingerprint35:0F:37:58:D8:CF:E1:6A:47:73:07:76:A0:4C:FE:30:8A:49:C5:08
ValidityFri, 23 May 2025 01:18:00 GMT - Thu, 21 Aug 2025 02:17:41 GMT
Hash d168743a4b6ad4b4ea50a08e03efd2c5
569ec3d8c90bfa775346b81298e6d57b4bdce988
2f2329171d8bcbc959789f7c4a3b2a2ba0c64a1d7d684d0cecdab6196d8306da
POST /api/quiz/promotion HTTP/1.1
Host: api.riverdrop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://shouluo.me/
Content-type: application/json
Content-Length: 143
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: application/json
cf-ray: 9498a810ab885695-OSL
server: cloudflare
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: *
x-cloud-trace-context: c7e2d789a6e8b1327e6d0255e4bb4509
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lairqRcUMFM7TUcfRx%2Fi52zCgTfPgXO81FUutcsADkn1S9WXhq3YjoiI1Uhk9qcZl3GnKA2bg3G02nKWWYW%2FLne0lwOuHSUfKRNDTSRYwWFTAAtNeZ7a4SykWD2cdqHLVeZC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=673&min_rtt=498&rtt_var=360&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4047&recv_bytes=1428&delivery_rate=7400340&cwnd=257&unsent_bytes=0&cid=7599b79836ed06a5&ts=554&x=0"
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/img/haomaimg.png
200 OK 182 kB URL GET 1686pk.com/webapp/img/haomaimg.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type PNG image data, 1204 x 600, 8-bit/color RGBA, non-interlaced
Size 182 kB (182417 bytes)
Hash e2e251464ed0269900791e37a8557086
f26741ef593f9fa19c145d34a1d90b70ee90fe26
2cd69edba71483d88d9663a598f00d975a52b3a8a8422e7c9d50fd1ac3f0464b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/img/haomaimg.png HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/css/public.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: image/png
last-modified: Sat, 15 Feb 2025 15:37:52 GMT
vary: Accept-Encoding
etag: W/"67b0b4d0-2c891"
expires: Wed, 02 Jul 2025 17:26:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APVarW05-Regular.3c0c9d016bf55b85d0800dd405b807e3.woff2
200 OK 141 kB URL GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APVarW05-Regular.3c0c9d016bf55b85d0800dd405b807e3.woff2
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 141160, version 0.0
Size 141 kB (141160 bytes)
Hash 668ff87fcea4e669fcdff0970dcf0c0a
99b304f143fb7e5df6feb2f84710eb21fc52421e
f0ac8af3160e7886946a920658a08dc80d368574b36378b447c155481ac953c2
GET /resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APVarW05-Regular.3c0c9d016bf55b85d0800dd405b807e3.woff2 HTTP/1.1
Host: assets.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://shouluo.me/
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: application/octet-stream
content-length: 141160
x-guploader-uploadid: ABgVH89ed92hI8EXfbkB3hvx7SZQPd88IiDwabjFOBzCyWGiv_zqebXuvS6dm0VW6NOfGz4y
cache-control: public, max-age=31536000
expires: Sat, 30 May 2026 18:59:55 GMT
last-modified: Tue, 06 Jun 2023 21:41:40 GMT
etag: "668ff87fcea4e669fcdff0970dcf0c0a"
x-goog-generation: 1686087700153184
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 141160
x-goog-hash: crc32c=1WhCow==, md5=Zo/4f86k5mn83/CXDc8MCg==
x-goog-storage-class: STANDARD
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=6LXe38BXNhLWEYIQT40LLe2S8H6slpXoJIRLL8FIJO4-1748885191-1.0.1.1-rCtU8rsiD0bP.YM4NDHAzsJxSHpyTHYa_M6vRP_tiqTOxOSesp1dmKIyn9cDdWeKAu77tD1KaV.MOkttg6ilJRNJJ_suTqO0k7BphjZJOrwkEC0hMQm.8wd2k7qrrVLZ; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9498a7f9bd1056a3-OSL
X-Firefox-Spdy: h2
GET dims.apnews.com/dims4/default/beb6721/2147483647/strip/true/crop/1978x1332+11+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F28%2Fc0%2F3743e099603a6203d7bd0fe0a957%2F4db0ab3af43748ffadec510093f6cfa4
200 OK 2.8 kB URL GET dims.apnews.com/dims4/default/beb6721/2147483647/strip/true/crop/1978x1332+11+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F28%2Fc0%2F3743e099603a6203d7bd0fe0a957%2F4db0ab3af43748ffadec510093f6cfa4
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 98x66, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 52c36aa0b695bc2312a51cd25daed656
e8c33abea428c2839c09cb8e58d67ba189f0158f
d1cdd5133eb94e7f2f0e3171d66b3ea469d1d59dc32132bca34bd7b2da795e4f
GET /dims4/default/beb6721/2147483647/strip/true/crop/1978x1332+11+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F28%2Fc0%2F3743e099603a6203d7bd0fe0a957%2F4db0ab3af43748ffadec510093f6cfa4 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 2790
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Sat, 30 May 2026 18:59:56 GMT
x-envoy-upstream-service-time: 399
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 30 May 2025 18:59:56 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=16ZsJuCC6G.8m3mTrR13Y55CmcrMk6J6j7KxEJ2iSH8-1748885191-1.0.1.1-7d4CAiXqsCdlSUwoPFoy.fGkIT_X73RAmBt7mTS0KB7u5k6exl1zpThHtihHFbF6qyfMzu5GUvMzMuWPaRAzxUppHz5Xn_raMR373BXIxkHLbGmgi7k_2XjlcijMX6B0; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc28405699-OSL
X-Firefox-Spdy: h2
GET www.youtube.com/s/player/3b4b7883/www-player.css
200 OK 458 kB URL GET www.youtube.com/s/player/3b4b7883/www-player.css
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 458 kB (458339 bytes)
Hash a080e2693ea700bca63a74efff71cfad
9ac5cacded50ee1066a0056da9a769bb0bdf05f5
7429b1ceb4b7095c2f3d328d1a7afa99a0d2efb54c3f2cb37acb10cafaec39a5
GET /s/player/3b4b7883/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 55768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Jun 2025 07:00:02 GMT
expires: Mon, 01 Jun 2026 07:00:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 04:13:37 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 123991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.youtube.com/s/player/3b4b7883/player_ias.vflset/en_US/embed.js
200 OK 34 kB URL GET www.youtube.com/s/player/3b4b7883/player_ias.vflset/en_US/embed.js
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
File type JavaScript source, ASCII text, with very long lines (3391)
Hash 6c644348a1e3758f3ebf08a62a012e04
a54d883149885bb9ea2b3b834ad1395d3dbd9bb8
3cb26aacd86e260f6190b1fb4318bb9c907ec5b1f64ff55e94400af2e80d24b0
GET /s/player/3b4b7883/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 9558
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jun 2025 08:24:30 GMT
expires: Tue, 02 Jun 2026 08:24:30 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 04:13:37 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 32523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 May 2025 13:13:19 GMT
expires: Fri, 29 May 2026 13:13:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 360794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET shouluo.me/favicon.ico
404 Not Found 58 kB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document, ASCII text, with very long lines (56756)
Hash cbb42513032d6c09e496731ac16c20a9
c92f38a701aad58408451d24dd4c47b05f158cf0
d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b
GET /favicon.ico HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: sailthru_pageviews=1; proper_rtp_split_test={"version_id":"30915","release_ts":"2024-12-11 09:45:39"}; optimizelyEndUserId=oeu1748885193935r0.5306809468148789; __vtins__Kbu0ae6HwHakHTZk=%7B%22sid%22%3A%20%22e17fa06b-4077-586e-89c8-7aedeed4c0da%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201748886994246%2C%20%22ct%22%3A%201748885194246%7D; __51uvsct__Kbu0ae6HwHakHTZk=1; __51vcke__Kbu0ae6HwHakHTZk=9dc67629-a88b-506a-8b38-b7607c206a78; __51vuft__Kbu0ae6HwHakHTZk=1748885194252; __vtins__Kbu1dxpVU3uYOSCF=%7B%22sid%22%3A%20%22383948c6-77c0-5467-b869-59a7cb1bfc1f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201748886994274%2C%20%22ct%22%3A%201748885194274%7D; __51uvsct__Kbu1dxpVU3uYOSCF=1; __51vcke__Kbu1dxpVU3uYOSCF=e053628f-0912-5f40-8629-2b63af96eb45; __51vuft__Kbu1dxpVU3uYOSCF=1748885194277; Hm_lvt_9449080f1fd9d69519fb3ef29e931160=1748885195; Hm_lpvt_9449080f1fd9d69519fb3ef29e931160=1748885195; HMACCOUNT=51400EE01597B957
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 02 Jun 2025 17:26:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67751d63-e3b8"
Content-Encoding: gzip
200 OK 1.1 MB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document, Unicode text, UTF-8 text, with very long lines (6224)
Size 1.1 MB (1128141 bytes)
Hash bfdf8c7eb0f89bba71aae25769450e20
3bf3abcdb22c1250f39367b0964aa803d716b44e
ff1cb939760d553d435fd541d5bb206329e79ea4c340b078b5773a9ddece43a3
GET / HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:30 GMT
Content-Type: text/html
Last-Modified: Fri, 09 May 2025 05:44:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"681d9627-1136cd"
Content-Encoding: gzip
GET shouluo.me/js/507b28fb-2ef1-4c34-8bda-ba32030bb199-web.js
200 OK 730 kB URL GET shouluo.me/js/507b28fb-2ef1-4c34-8bda-ba32030bb199-web.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 730 kB (730162 bytes)
Hash 771c91c1d4f8cc52813aea147e86a21b
35d672200a8f49425f2d34c7c6d73341868750f9
09bc6615722a6b15cb7db02dd7595423da1a57e172d188dc3075da6c976f0aae
GET /js/507b28fb-2ef1-4c34-8bda-ba32030bb199-web.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Dec 2024 17:21:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67630482-b2432"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET shouluo.me/js/load.js
200 OK 617 kB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (65474)
Size 617 kB (616582 bytes)
Hash d07f6c6d6833e3dba162b85af6a677f4
9128fe4b446b288e31cda144726f3b94d0b96fac
06b2c7c987f416964b95805d3178d832ffbacc790aab4efbe96e6b91d5ebe62d
GET /js/load.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Dec 2024 20:41:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67633362-96886"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET abcheck.proper.io/px.gif?ch=2&rn=3.582417554906773
0 B URL GET abcheck.proper.io/px.gif?ch=2&rn=3.582417554906773
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px.gif?ch=2&rn=3.582417554906773 HTTP/1.1
Host: abcheck.proper.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET api.api168168.com/CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010
200 OK 196 B URL GET api.api168168.com/CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectapi.api168168.com
FingerprintBA:61:3B:49:A2:0B:42:45:3D:01:8E:91:5B:71:F7:B5:21:7A:54:B5
ValidityMon, 28 Apr 2025 18:53:11 GMT - Sun, 27 Jul 2025 18:53:10 GMT
Hash 801813e659d909919738f3645cc68fd1
81daec9e6ea11141f04ab58bb94acfc66dd73f8d
89b76597390df561767fee0b7cfce096d708eb2d8d3d81e358b6f40b89fcc41b
GET /CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1686pk.com
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:36 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://1686pk.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
POST ap.blueconic.net/DG/DEFAULT/rest/rpc/425?referer=http%3A%2F%2Fshouluo.me%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-06-02T17%3A26%3A32%2B00%3A00&ts=1748885192232
200 OK 2 B URL POST ap.blueconic.net/DG/DEFAULT/rest/rpc/425?referer=http%3A%2F%2Fshouluo.me%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-06-02T17%3A26%3A32%2B00%3A00&ts=1748885192232
IP
Certificate IssuerAmazon
Subject*.blueconic.net
Fingerprint73:3B:4C:94:75:3C:92:B8:3D:06:91:95:45:80:82:E8:F8:27:87:32
ValidityTue, 08 Apr 2025 00:00:00 GMT - Wed, 06 May 2026 23:59:59 GMT
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /DG/DEFAULT/rest/rpc/425?referer=http%3A%2F%2Fshouluo.me%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-06-02T17%3A26%3A32%2B00%3A00&ts=1748885192232 HTTP/1.1
Host: ap.blueconic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 939
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:32 GMT
content-length: 22
set-cookie: AWSALB=uupxnlQVNYjfEZkbhtBtu6bvEN39cHdEGpZEA49J5/jfhMowRMJRsHXazhGiQVrndFg3f4AK2vKrI2DSkJjkjeEb7uHRFnVJMtYzPi0AD3oZY7J8ZHmsnhb98jLq; Expires=Mon, 09 Jun 2025 17:26:32 GMT; Path=/
AWSALBCORS=uupxnlQVNYjfEZkbhtBtu6bvEN39cHdEGpZEA49J5/jfhMowRMJRsHXazhGiQVrndFg3f4AK2vKrI2DSkJjkjeEb7uHRFnVJMtYzPi0AD3oZY7J8ZHmsnhb98jLq; Expires=Mon, 09 Jun 2025 17:26:32 GMT; Path=/; SameSite=None; Secure
server: -
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
p3p: policyref="", CP="DSP"
strict-transport-security: max-age=120
content-encoding: gzip
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/js/lib/jquery-1.9.1.js
200 OK 93 kB URL GET 1686pk.com/webapp/js/lib/jquery-1.9.1.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 0ced1955d04ad67f93c642501960172d
e346705c96ed71fef43144a893dc26f0d1ff2a81
7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/lib/jquery-1.9.1.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
last-modified: Fri, 09 May 2025 13:41:30 GMT
vary: Accept-Encoding
etag: W/"681e060a-16b57"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET api.api168168.com/CQShiCai/queryDoubleNumber.do?date=&lotCode=10010
200 OK 619 B URL GET api.api168168.com/CQShiCai/queryDoubleNumber.do?date=&lotCode=10010
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectapi.api168168.com
FingerprintBA:61:3B:49:A2:0B:42:45:3D:01:8E:91:5B:71:F7:B5:21:7A:54:B5
ValidityMon, 28 Apr 2025 18:53:11 GMT - Sun, 27 Jul 2025 18:53:10 GMT
Hash 8786f031b6027129f1a24258fdb66de5
eed9b07082844ef1b2788853eba7f2835f68a727
d8b67ce1a903b70b1636d3b3b4e927222dc29417f2ee4898db80aebfb2f20fca
GET /CQShiCai/queryDoubleNumber.do?date=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1686pk.com
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:39 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://1686pk.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET shouluo.me/fragment528e.html
200 OK 4.9 kB URL GET shouluo.me/fragment528e.html
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 8cb51114ae4614c51ac2ad245a93eb31
8f023fbf73e46c708a58de9e20678294c0274bfb
50735b8caa61fce7388d2e40ee80bbaa2955d6574e06d8dbb3ff325a6ae00c14
GET /fragment528e.html HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shouluo.me/
DNT: 1
Connection: keep-alive
Cookie: sailthru_pageviews=1; proper_rtp_split_test={"version_id":"30915","release_ts":"2024-12-11 09:45:39"}; optimizelyEndUserId=oeu1748885193935r0.5306809468148789
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:34 GMT
Content-Type: text/html
Last-Modified: Wed, 01 Jan 2025 04:11:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6774c068-1338"
Content-Encoding: gzip
POST collect-v6.51.la/v6/collect?dt=4
210 0 B URL POST collect-v6.51.la/v6/collect?dt=4
IP
ASN #138915 Kaopu Cloud HK Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 421
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 210
Date: Mon, 02 Jun 2025 17:26:34 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://shouluo.me
Access-Control-Allow-Credentials: true
via: EU-FRA-marseille-EDGE3-CACHE1[212],EU-FRA-marseille-EDGE3-CACHE1[ovl,211],EU-FRA-marseille-EDGE1-CACHE2[ovl,210],EA-HKG-EDGE1-CACHE2[ovl,33],EA-HKG-EDGE2-CACHE2[ovl,32],EA-HKG-GLOBAL1-CACHE8[ovl,30]
X-CCDN-REQ-ID-46B1: 3791aafe4c9b194b160699811bdfbe6f
GET storage.googleapis.com/quiz_assets/APVar.woff2
200 OK 126 kB URL GET storage.googleapis.com/quiz_assets/APVar.woff2
IP
Certificate IssuerGoogle Trust Services
Subjectstorage.googleapis.com
FingerprintE6:19:2A:54:2B:10:FA:7F:D1:05:6C:BB:F0:95:A7:BC:6F:29:25:69
ValidityMon, 12 May 2025 08:46:48 GMT - Mon, 04 Aug 2025 08:46:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 125672, version 1.0
Size 126 kB (125672 bytes)
Hash 7f50c6dac8d72150899a11a222ba5562
a49561ef3fb015516869584dbde9b1e782d4ffdf
a3a88a86bdc69901f371d4d984aad6fae2199eb6e947ad4c6b49700b5ec2d6fd
GET /quiz_assets/APVar.woff2 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABgVH8-6PDavtz3floyDxYZrjGiC7Kg28pDaMKd27J0b9ZkNLg7an7gdGdy7FL4LHueFKokS
x-goog-generation: 1724423097649149
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125672
x-goog-hash: crc32c=07g3Eg==, md5=f1DG2sjXIVCJmhGiIrpVYg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 125672
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 02 Jun 2025 16:43:11 GMT
expires: Mon, 02 Jun 2025 17:43:11 GMT
cache-control: public, max-age=3600
age: 2604
last-modified: Fri, 23 Aug 2024 14:24:57 GMT
etag: "7f50c6dac8d72150899a11a222ba5562"
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET api.api168168.com/CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010
200 OK 7.2 kB URL GET api.api168168.com/CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectapi.api168168.com
FingerprintBA:61:3B:49:A2:0B:42:45:3D:01:8E:91:5B:71:F7:B5:21:7A:54:B5
ValidityMon, 28 Apr 2025 18:53:11 GMT - Sun, 27 Jul 2025 18:53:10 GMT
Hash 82d44c0ffd3e34cb470cdd68202f069b
68d0ade587f259411bacafab119ee166fdcd504e
1333152779cbe9f0abaeb2fc1c03c109bf101536c3378e1254fc31fab227d6dd
GET /CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1686pk.com
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:38 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://1686pk.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET shouluo.me/js/script.js
200 OK 134 kB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (15923)
Size 134 kB (134035 bytes)
Hash b068d71a2929612c1704ce37719e55f6
b0c8d86fdfebc80e2176cf7accac4c9955328588
f553ee2f93fa7db54a249970116bb445094d281cabfed1c89f6d67076700f02d
GET /js/script.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Jan 2025 04:00:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6774bdc8-20b93"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET dims.apnews.com/dims4/default/de60bd6/2147483647/strip/true/crop/4875x3283+25+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fe2%2Ffd%2Ffb6fce2a722525c18d00ee2f5361%2Fc4a61ab413c84c33b6234ad3c6594979
200 OK 2.3 kB URL GET dims.apnews.com/dims4/default/de60bd6/2147483647/strip/true/crop/4875x3283+25+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fe2%2Ffd%2Ffb6fce2a722525c18d00ee2f5361%2Fc4a61ab413c84c33b6234ad3c6594979
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 98x66, Scaling: [none]x[none], YUV color, decoders should clamp
Hash e80d6f1775c1ff9144d422823b0f70b0
fed128ecff7e9ae1a39d54e1db96ed0f3b5d1240
6838dcc94f27002c6a26c507a022265506bd3b879cc3cdd6e609495e399128b8
GET /dims4/default/de60bd6/2147483647/strip/true/crop/4875x3283+25+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fe2%2Ffd%2Ffb6fce2a722525c18d00ee2f5361%2Fc4a61ab413c84c33b6234ad3c6594979 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 2268
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Sat, 30 May 2026 18:59:56 GMT
x-envoy-upstream-service-time: 641
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 30 May 2025 18:59:56 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=tRg_4L8KcfbSTV_yGH.w.Q1e5qtg8zT4fJd5.gis7FY-1748885191-1.0.1.1-a.elprB74PTz.im1QpMmzmLsiL.pdWWHUj8ufsGupRzi.Rxdu4P_B43l6x1bfPWWgoDy_IMLqrcl7s1Dj9jTmAcnzXhdktsB847k3RAEMIZp7mNv2oayJSg7b3F7VUGg; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc28365699-OSL
X-Firefox-Spdy: h2
GET shouluo.me/gtm5445.htmlGTM-KT7RHVG
404 Not Found 58 kB URL GET shouluo.me/gtm5445.htmlGTM-KT7RHVG
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document, ASCII text, with very long lines (56756)
Hash cbb42513032d6c09e496731ac16c20a9
c92f38a701aad58408451d24dd4c47b05f158cf0
d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b
GET /gtm5445.htmlGTM-KT7RHVG HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 02 Jun 2025 17:26:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67751d63-e3b8"
Content-Encoding: gzip
GET 1686pk.com/webapp/js/local/tools/tools.js
200 OK 104 kB URL GET 1686pk.com/webapp/js/local/tools/tools.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (924), with CRLF line terminators
Size 104 kB (103478 bytes)
Hash 5cde36e3133d4390894788243f9819ef
94bfd0492ab3c0d0fc8197ed86190d88d577a30d
face84cf7730594b010cd3ce97f175a580d1ac3c6fdbaf52b141fec6f404986b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/local/tools/tools.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
last-modified: Fri, 09 May 2025 13:41:36 GMT
vary: Accept-Encoding
etag: W/"681e0610-19436"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET dims.apnews.com/dims4/default/7c04b14/2147483647/strip/true/crop/4032x2715+0+154/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fc9%2F47%2F878cb599f14cc488b2fad96e60eb%2Fbf3e3e2e70c1406d9bb043cfa818fc4c
200 OK 2.7 kB URL GET dims.apnews.com/dims4/default/7c04b14/2147483647/strip/true/crop/4032x2715+0+154/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fc9%2F47%2F878cb599f14cc488b2fad96e60eb%2Fbf3e3e2e70c1406d9bb043cfa818fc4c
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 98x66, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ddb3706361fb164db6661dc8285ff81a
3c645cff46bcdd741a7567bc21f39e11ef72f35c
055e4b83c5c41bc89d314bee6536f5d4d1e353385f460fb026fdd60dc45245d1
GET /dims4/default/7c04b14/2147483647/strip/true/crop/4032x2715+0+154/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fc9%2F47%2F878cb599f14cc488b2fad96e60eb%2Fbf3e3e2e70c1406d9bb043cfa818fc4c HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 2688
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Sat, 30 May 2026 18:59:56 GMT
x-envoy-upstream-service-time: 537
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 30 May 2025 18:59:56 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=RZLg1VKS44uYfTVYn3MctFKBleQDBR_r13IxuOPklaw-1748885191-1.0.1.1-koAs50LOtdySQXEw8OtwZ5V2gqJL9z1XAcDeomjAw5WqF9bw0Tr3okPmAWPK0KfDX2fKo0Jx6T2rB1Ov5reL3ZOXUZyKCY_FwRg2woFs73p41o2xaYdo8CsEV7gl8vf2; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc28575699-OSL
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 May 2025 13:29:31 GMT
expires: Fri, 29 May 2026 13:29:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 359822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET shouluo.me/fragmentebb2.html
200 OK 0 B URL GET shouluo.me/fragmentebb2.html
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fragmentebb2.html HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://shouluo.me/
DNT: 1
Connection: keep-alive
Cookie: sailthru_pageviews=1; proper_rtp_split_test={"version_id":"30915","release_ts":"2024-12-11 09:45:39"}; optimizelyEndUserId=oeu1748885193935r0.5306809468148789
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:34 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Wed, 01 Jan 2025 07:31:46 GMT
Connection: keep-alive
ETag: "6774ef62-0"
Accept-Ranges: bytes
GET www.youtube.com/generate_204?p-8WyA
204 No Content 0 B URL GET www.youtube.com/generate_204?p-8WyA
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?p-8WyA HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 02 Jun 2025 17:26:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET api.api168168.com/CQShiCai/queryDoubleNumber.do?date=&lotCode=10010
200 OK 619 B URL GET api.api168168.com/CQShiCai/queryDoubleNumber.do?date=&lotCode=10010
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectapi.api168168.com
FingerprintBA:61:3B:49:A2:0B:42:45:3D:01:8E:91:5B:71:F7:B5:21:7A:54:B5
ValidityMon, 28 Apr 2025 18:53:11 GMT - Sun, 27 Jul 2025 18:53:10 GMT
Hash 8786f031b6027129f1a24258fdb66de5
eed9b07082844ef1b2788853eba7f2835f68a727
d8b67ce1a903b70b1636d3b3b4e927222dc29417f2ee4898db80aebfb2f20fca
GET /CQShiCai/queryDoubleNumber.do?date=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1686pk.com
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:36 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://1686pk.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/css/ssc_index_add.css
200 OK 22 kB URL GET 1686pk.com/webapp/css/ssc_index_add.css
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type Unicode text, UTF-8 text, with very long lines (21920), with no line terminators
Hash ec31771acfe250f8e37425275646d5b9
5786f4e685bd67c0f532d9cbabfb698aa11c5b9e
257c2ba09ca5560c8c0a7b2772beb6e040fcda0dee139896a1901bb0080ea725
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/css/ssc_index_add.css HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 15:37:42 GMT
vary: Accept-Encoding
etag: W/"67b0b4c6-55a8"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/css/pk10.css
200 OK 22 kB URL GET 1686pk.com/webapp/css/pk10.css
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type ASCII text, with CRLF line terminators
Hash 4ad2a39088656d3fbc9a8695463fb540
c736fced00b9a629bb98d61e8e662394ff2afe53
ce537293741ba0dbc920bd27a9bcfb575ce7382ea545f812071851932bf5a8f9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/css/pk10.css HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 15:37:40 GMT
vary: Accept-Encoding
etag: W/"67b0b4c4-53fc"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/css/common.css
200 OK 4.0 kB URL GET 1686pk.com/webapp/css/common.css
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
Hash e5b033e1840c9ced6b1373bd703f48c4
39b3c23ca20086705ef134eb88b287704aad1931
c2485a8fcb032d8921a78c0c0956e8842f4b6cdbcd2a0266cb1197ef96726f47
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/css/common.css HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 15:37:40 GMT
vary: Accept-Encoding
etag: W/"67b0b4c4-f71"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET dims.apnews.com/dims4/default/bd38b18/2147483647/strip/true/crop/2100x1398+0+351/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fbd%2Fcb%2Fdf4fba5c8914cbe67d1395dee842%2Fb1c3b7d3a17b4546853935b9642583fb
200 OK 42 kB URL GET dims.apnews.com/dims4/default/bd38b18/2147483647/strip/true/crop/2100x1398+0+351/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fbd%2Fcb%2Fdf4fba5c8914cbe67d1395dee842%2Fb1c3b7d3a17b4546853935b9642583fb
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x233, Scaling: [none]x[none], YUV color, decoders should clamp
Hash e88ac3ceaddc76481dc48dfb6397547c
9f2cf6df6b9603a89563491f2ef82d02e764a16a
44b3e7a92cd0891ffb72e4dc189ab0a1a69ee2c5b5f57d3a0c97d66c64a60573
GET /dims4/default/bd38b18/2147483647/strip/true/crop/2100x1398+0+351/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fbd%2Fcb%2Fdf4fba5c8914cbe67d1395dee842%2Fb1c3b7d3a17b4546853935b9642583fb HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: __cf_bm=8GHOz447zW8BPsze2zMoO6FhBx_MhNuEQEXnp4PlWYA-1748885191-1.0.1.1-PP82EuUIJLtG3XwMd22mUJwNxAhFje9.XJl8SyCYa2m0Umn4U4jDwZHudWf3PYSzU86pWr8_bTpQB81scCQ.8L33whauUCCOAWM821HoiSEDLxvXzU3DJg27gAUlnOSK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: image/webp
content-length: 42124
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Tue, 26 May 2026 23:24:48 GMT
x-envoy-upstream-service-time: 455
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 26 May 2025 23:24:48 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a80e4899b4f9-OSL
server-timing: cfExtPri
GET api.api168168.com/parameters/getNoAdvertisingDomain.do
200 OK 1.9 kB URL GET api.api168168.com/parameters/getNoAdvertisingDomain.do
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectapi.api168168.com
FingerprintBA:61:3B:49:A2:0B:42:45:3D:01:8E:91:5B:71:F7:B5:21:7A:54:B5
ValidityMon, 28 Apr 2025 18:53:11 GMT - Sun, 27 Jul 2025 18:53:10 GMT
Hash 2b509884e515585be8901ddd42025d1f
922d3f7a0fecefd0aa2a2d0697a15b953751b597
65994222c68b34f297e3e63d2044158014fb5d3d81ecbfe8d9875e7c74fce5a6
GET /parameters/getNoAdvertisingDomain.do HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1686pk.com
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:36 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://1686pk.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET bd51static.com/4pk.js
200 OK 1.4 kB IP
File type JavaScript source, ASCII text, with very long lines (554)
Hash c7ca74a1396f99905b9f0d8e918aa26c
9c16af713a8a5ae01872d72aee8347d1664fd5a5
f66a3e7ec08007c609c1d78f61ddd648097cb94835ee33a190240418d5268a7b
GET /4pk.js HTTP/1.1
Host: bd51static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:30 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 May 2025 07:20:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"681b09c2-556"
Expires: Tue, 03 Jun 2025 05:26:30 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
GET dims.apnews.com/dims4/default/985e500/2147483647/strip/true/crop/5415x3647+28+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F46%2F24%2Fa12e6c01ba7f3bf9b9dc82c4b43d%2F8b009548df054353a3abe0141e710db7
200 OK 2.4 kB URL GET dims.apnews.com/dims4/default/985e500/2147483647/strip/true/crop/5415x3647+28+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F46%2F24%2Fa12e6c01ba7f3bf9b9dc82c4b43d%2F8b009548df054353a3abe0141e710db7
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 98x66, Scaling: [none]x[none], YUV color, decoders should clamp
Hash e16f444ba8c738570273f4003192fa6c
f64038ead2b6d1c92cc5173f5a77c9d647f839ae
77218e96c5c33d29e8aa34b4b1004f512ba3c2365bed3fe56463d3b9b7939c42
GET /dims4/default/985e500/2147483647/strip/true/crop/5415x3647+28+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F46%2F24%2Fa12e6c01ba7f3bf9b9dc82c4b43d%2F8b009548df054353a3abe0141e710db7 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 2358
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Wed, 01 Apr 2026 23:15:20 GMT
x-envoy-upstream-service-time: 651
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Apr 2025 23:15:20 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=tLPbZK5gxDPgRLkUYZi8JTCpSrcswGmvlr.Z0ZzDR90-1748885191-1.0.1.1-JGFY_UpVEUPlu6g86JiBF6Fj4a9.YvjtXCFmoFxDOS6m8yHK.s9IxwIgDn5rBfaGsXUwtdhdzl0QPS6Arx2Oxy1WCZ4K90cC86mlt_1C6NstSPRFcCzlrfNFTb9zK1ud; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc283b5699-OSL
X-Firefox-Spdy: h2
GET www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
200 OK 114 kB URL GET www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
IP
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
File type HTML document, ASCII text, with very long lines (57984)
Size 114 kB (114033 bytes)
Hash c46c72bd472192090d78365865db2ebe
b9025eddbdadf29fc4b37921498aff4acc2006d1
860f6adb1d13670d5f4e4429dcc89dc169d5419529a11b4a40a15562d5612a49
GET /embed/hBPDYTiKwk8?enablejsapi=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Jun 2025 17:26:33 GMT
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=OTI9fTKLnfA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
__Secure-ROLLOUT_TOKEN=CKC-g82R5LzXWxCx87aFodONAxix87aFodONAw%3D%3D; Domain=youtube.com; Expires=Sat, 29-Nov-2025 17:26:33 GMT; Path=/; Secure; HttpOnly; SameSite=none; Partitioned
VISITOR_INFO1_LIVE=mxB7yq65qpE; Domain=.youtube.com; Expires=Sat, 29-Nov-2025 17:26:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIhEh0SGwsMDg8QERITFBUWFxgZGhscHR4fICEiIyQlJiA7; Domain=.youtube.com; Expires=Sat, 29-Nov-2025 17:26:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET ap.blueconic.net/DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221748885192231%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22current_primary_sectiony%5C%22%3A%5B%5D%2C%5C%22current_keywords%5C%22%3A%5B%5D%2C%5C%22random_number%5C%22%3A%5B29%5D%2C%5C%22language%5C%22%3A%5B%5C%22en%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1280%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1024%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221280x1024%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22http%3A%2F%2Fshouluo.me%2F%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22globallistener_primary_section%5C%22%3A%5B%5C%22current_primary_sectiony%5C%22%2C%5C%22current_keywords%5C%22%5D%2C%5C%22listener_random_number%5C%22%3A%5B%5C%22random_number%5C%22%5D%2C%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%5D%7D%7D%22%2C%22id%22%3A%221748885192232%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22resolution%5C%22%3A%5B%5C%221280x1024%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%5D%7D%7D%22%2C%22id%22%3A%221748885192234%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221748885192235%22%7D%5D&referer=http%3A%2F%2Fshouluo.me%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-06-02T17%3A26%3A35%2B00%3A00&callback=bc_json426
200 OK 14 B URL GET ap.blueconic.net/DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221748885192231%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22current_primary_sectiony%5C%22%3A%5B%5D%2C%5C%22current_keywords%5C%22%3A%5B%5D%2C%5C%22random_number%5C%22%3A%5B29%5D%2C%5C%22language%5C%22%3A%5B%5C%22en%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1280%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1024%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221280x1024%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22http%3A%2F%2Fshouluo.me%2F%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22globallistener_primary_section%5C%22%3A%5B%5C%22current_primary_sectiony%5C%22%2C%5C%22current_keywords%5C%22%5D%2C%5C%22listener_random_number%5C%22%3A%5B%5C%22random_number%5C%22%5D%2C%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%5D%7D%7D%22%2C%22id%22%3A%221748885192232%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22resolution%5C%22%3A%5B%5C%221280x1024%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%5D%7D%7D%22%2C%22id%22%3A%221748885192234%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221748885192235%22%7D%5D&referer=http%3A%2F%2Fshouluo.me%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-06-02T17%3A26%3A35%2B00%3A00&callback=bc_json426
IP
Certificate IssuerAmazon
Subject*.blueconic.net
Fingerprint73:3B:4C:94:75:3C:92:B8:3D:06:91:95:45:80:82:E8:F8:27:87:32
ValidityTue, 08 Apr 2025 00:00:00 GMT - Wed, 06 May 2026 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 0285e6f883278ee3b4b99df414043303
12a128ee7fcd1cb0b5c1981e5d00a6c1f30d0e93
5f75d929e7fb67b1dc7ac246f2c2a6080005541cd0bf08d747b025faa9f426fa
GET /DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221748885192231%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22current_primary_sectiony%5C%22%3A%5B%5D%2C%5C%22current_keywords%5C%22%3A%5B%5D%2C%5C%22random_number%5C%22%3A%5B29%5D%2C%5C%22language%5C%22%3A%5B%5C%22en%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1280%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1024%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221280x1024%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22http%3A%2F%2Fshouluo.me%2F%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22globallistener_primary_section%5C%22%3A%5B%5C%22current_primary_sectiony%5C%22%2C%5C%22current_keywords%5C%22%5D%2C%5C%22listener_random_number%5C%22%3A%5B%5C%22random_number%5C%22%5D%2C%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%5D%7D%7D%22%2C%22id%22%3A%221748885192232%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22resolution%5C%22%3A%5B%5C%221280x1024%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%5D%7D%7D%22%2C%22id%22%3A%221748885192234%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221748885192235%22%7D%5D&referer=http%3A%2F%2Fshouluo.me%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-06-02T17%3A26%3A35%2B00%3A00&callback=bc_json426 HTTP/1.1
Host: ap.blueconic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: AWSALBCORS=uupxnlQVNYjfEZkbhtBtu6bvEN39cHdEGpZEA49J5/jfhMowRMJRsHXazhGiQVrndFg3f4AK2vKrI2DSkJjkjeEb7uHRFnVJMtYzPi0AD3oZY7J8ZHmsnhb98jLq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:35 GMT
content-type: text/javascript; charset=utf-8
content-length: 34
set-cookie: AWSALB=OWdwI7MMICAMA4/dfMtvVksSIwhkiQ29O8/oNM0FH60/sEgucrLDh6vLO8nwVMSsZXaq7/4bKlbuIGnhmCgF1WkjNit5og4OiHLEOLmP55u4UhU8g7eexyC4MDCu; Expires=Mon, 09 Jun 2025 17:26:35 GMT; Path=/
AWSALBCORS=OWdwI7MMICAMA4/dfMtvVksSIwhkiQ29O8/oNM0FH60/sEgucrLDh6vLO8nwVMSsZXaq7/4bKlbuIGnhmCgF1WkjNit5og4OiHLEOLmP55u4UhU8g7eexyC4MDCu; Expires=Mon, 09 Jun 2025 17:26:35 GMT; Path=/; SameSite=None; Secure
server: -
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
p3p: policyref="", CP="DSP"
strict-transport-security: max-age=120
accept-ch: sec-ch-ua-platform-version
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-encoding: gzip
X-Firefox-Spdy: h2
GET storage.googleapis.com/quiz_assets/ap-logo.png
200 OK 1.2 kB URL GET storage.googleapis.com/quiz_assets/ap-logo.png
IP
Certificate IssuerGoogle Trust Services
Subjectstorage.googleapis.com
FingerprintE6:19:2A:54:2B:10:FA:7F:D1:05:6C:BB:F0:95:A7:BC:6F:29:25:69
ValidityMon, 12 May 2025 08:46:48 GMT - Mon, 04 Aug 2025 08:46:47 GMT
File type PNG image data, 83 x 96, 8-bit/color RGBA, non-interlaced
Hash d5ce3a656c01f1e60b1ae1467dcf8edf
6d0ba61cf733c0f919d6fe2df72f1a90723cdc59
76e76d568bd5e711063fe68fc35739bfb8752713bb8b355894774aa44767075a
GET /quiz_assets/ap-logo.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABgVH88drer5wmwTspISYfoZbPek3ySbvk6jZFFYByHfswh7NyJp17yolWPqSDyYCWzYULtxmlHsZLk
x-goog-generation: 1726244136253064
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1188
x-goog-hash: crc32c=4494lQ==, md5=1c46ZWwB8eYLGuFGfc+O3w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1188
access-control-allow-origin: *
server: UploadServer
date: Mon, 02 Jun 2025 17:26:36 GMT
expires: Mon, 02 Jun 2025 18:26:36 GMT
cache-control: public, max-age=3600
last-modified: Fri, 13 Sep 2024 16:15:36 GMT
etag: "d5ce3a656c01f1e60b1ae1467dcf8edf"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET shouluo.me/css/all.min.a4a9191436fe8ffd065eafbd4a4e5bff.gz.css
200 OK 534 kB URL GET shouluo.me/css/all.min.a4a9191436fe8ffd065eafbd4a4e5bff.gz.css
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (62643)
Size 534 kB (533646 bytes)
Hash ecae8a3b131b1e3ff6b2ea8b43551983
ceb3374feb9eac47adb4914f4e760e2941e2166c
447074c2d7e3d1c569e4fe26d199b9fc5e65f1a8c645073970cd72eec2206ded
GET /css/all.min.a4a9191436fe8ffd065eafbd4a4e5bff.gz.css HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:30 GMT
Content-Type: text/css
Last-Modified: Mon, 16 Dec 2024 15:12:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67604352-8248e"
Expires: Tue, 03 Jun 2025 05:26:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET shouluo.me/js/api.js
200 OK 870 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (870), with no line terminators
Hash 959fca740c230726e5a7cdf2b7603468
1fa3eb9690cb728a4ba96846bd8eac87fa914073
1a7a8da967879cf8c53e114c331242c5d44c39d4b4778a0824bc2f363504c3a5
GET /js/api.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Content-Length: 870
Last-Modified: Wed, 01 Jan 2025 04:09:42 GMT
Connection: keep-alive
ETag: "6774c006-366"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
GET assets.apnews.com/fa/ba/9258a7114f5ba5c7202aaa1bdd66/aplogo.svg
200 OK 2.3 kB URL GET assets.apnews.com/fa/ba/9258a7114f5ba5c7202aaa1bdd66/aplogo.svg
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type SVG Scalable Vector Graphics image
Hash 06936b39027b69b2d0d8b249e8027e23
c275e8385da784401503725de8a47e01dab20d0f
fb562a1f2bd11580f55512d6dadacb2390b4f45ffd6e66dffc625d387e5e650d
GET /fa/ba/9258a7114f5ba5c7202aaa1bdd66/aplogo.svg HTTP/1.1
Host: assets.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/svg+xml
x-goog-generation: 1685656203002943
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2299
x-goog-meta-content-length: 2299
x-goog-hash: crc32c=UtiMCg==, md5=BpNrOQJ7abLQ2LJJ6AJ+Iw==
x-goog-storage-class: STANDARD
x-guploader-uploadid: AHmUCY1ITT-giurIOi0MRdSRxNgVMJcO26Uq7CoNQRAD_j-XOjQ4qF6T4Ae2V8EUBoAejqpsiyo
expires: Mon, 20 Apr 2026 06:18:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 21:50:03 GMT
etag: W/"06936b39027b69b2d0d8b249e8027e23"
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1687709
priority: u=4,i=?0
set-cookie: __cf_bm=8GHOz447zW8BPsze2zMoO6FhBx_MhNuEQEXnp4PlWYA-1748885191-1.0.1.1-PP82EuUIJLtG3XwMd22mUJwNxAhFje9.XJl8SyCYa2m0Umn4U4jDwZHudWf3PYSzU86pWr8_bTpQB81scCQ.8L33whauUCCOAWM821HoiSEDLxvXzU3DJg27gAUlnOSK; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9498a800d870b4f9-OSL
content-encoding: br
server-timing: cfExtPri
GET dims.apnews.com/dims4/default/7315bee/2147483647/strip/true/crop/6801x4531+0+2/resize/800x533!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F41%2F56%2F18827c236055c89a091cbbef8eb5%2F18040691e1ee4b84ac1f670d160aa71a
200 OK 43 kB URL GET dims.apnews.com/dims4/default/7315bee/2147483647/strip/true/crop/6801x4531+0+2/resize/800x533!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F41%2F56%2F18827c236055c89a091cbbef8eb5%2F18040691e1ee4b84ac1f670d160aa71a
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x533, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 1ca7bce3c1d3f76eeef9072200076eb8
69a4eba9ba44e957acc97ccf66059b7c58885822
cee2034136d7faca05ac83db5b95c73f5762bdaaba8b968357353d6471042686
GET /dims4/default/7315bee/2147483647/strip/true/crop/6801x4531+0+2/resize/800x533!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F41%2F56%2F18827c236055c89a091cbbef8eb5%2F18040691e1ee4b84ac1f670d160aa71a HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 43022
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Tue, 02 Jun 2026 17:26:23 GMT
x-envoy-upstream-service-time: 1281
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Jun 2025 17:26:23 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=rOZ99SCByGRU3un80S1jhAmoFjSt9FGqPLx4TDAxVFU-1748885191-1.0.1.1-XbZEQT20h1qxwfOnSQE8HW9b17zLntuZuOgww..LuqYLPqeEkMM.aHZx2InDk2ui3hVH5L_.evvCea1NE67HYXg8cn1zH6v_BR6VWbbM0otgrVlEangVkfpG2GMJi2eG; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc28535699-OSL
X-Firefox-Spdy: h2
GET shouluo.me/js/newsroom.js
200 OK 133 kB URL GET shouluo.me/js/newsroom.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65536), with no line terminators
Size 133 kB (132975 bytes)
Hash ca4db1eab693d04e07c277fc3348c79d
961f3a892a3d10f52e17b502206a4387baf5e0e6
4d81107ba5b0ac712c87b103803bb08b03d3a3b0f26f0509492497a223a3ead9
GET /js/newsroom.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: sailthru_pageviews=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:32 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Dec 2024 05:05:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"675a6f02-2076f"
Expires: Tue, 03 Jun 2025 05:26:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET shouluo.me/png/apple-touch-icon.png
200 OK 2.9 kB URL GET shouluo.me/png/apple-touch-icon.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Hash df7258253facf3be697c0a5386f07a39
c379d6a36d7371f147411fe96e068514213efd39
23573dba0752d2357dbff63e4d0d17a3d4c25073b3c0744adcc8e705f25b7f2f
GET /png/apple-touch-icon.png HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: sailthru_pageviews=1; proper_rtp_split_test={"version_id":"30915","release_ts":"2024-12-11 09:45:39"}; optimizelyEndUserId=oeu1748885193935r0.5306809468148789; __vtins__Kbu0ae6HwHakHTZk=%7B%22sid%22%3A%20%22e17fa06b-4077-586e-89c8-7aedeed4c0da%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201748886994246%2C%20%22ct%22%3A%201748885194246%7D; __51uvsct__Kbu0ae6HwHakHTZk=1; __51vcke__Kbu0ae6HwHakHTZk=9dc67629-a88b-506a-8b38-b7607c206a78; __51vuft__Kbu0ae6HwHakHTZk=1748885194252; __vtins__Kbu1dxpVU3uYOSCF=%7B%22sid%22%3A%20%22383948c6-77c0-5467-b869-59a7cb1bfc1f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201748886994274%2C%20%22ct%22%3A%201748885194274%7D; __51uvsct__Kbu1dxpVU3uYOSCF=1; __51vcke__Kbu1dxpVU3uYOSCF=e053628f-0912-5f40-8629-2b63af96eb45; __51vuft__Kbu1dxpVU3uYOSCF=1748885194277; Hm_lvt_9449080f1fd9d69519fb3ef29e931160=1748885195; Hm_lpvt_9449080f1fd9d69519fb3ef29e931160=1748885195; HMACCOUNT=51400EE01597B957; sailthru_visitor=1c464f98-9c58-45f5-8cc8-5522c12d2c6c
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:35 GMT
Content-Type: image/png
Last-Modified: Wed, 01 Jan 2025 04:04:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6774bec2-b5b"
Expires: Wed, 02 Jul 2025 17:26:35 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET shouluo.me/txt/f.txt
200 OK 107 kB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (32138)
Size 107 kB (106776 bytes)
Hash 1ae673b32f4a73e8d9d251e1112f7da3
ebf092882660d1d7bf9b44fbea17e964da186050
1ea06a4f2b57d29bffd4a2937662056b7ee6123a35ed92d7f3b348b5715a9600
GET /txt/f.txt HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:30 GMT
Content-Type: text/plain
Last-Modified: Wed, 01 Jan 2025 04:09:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6774c000-1a118"
Content-Encoding: gzip
GET api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
200 OK 256 B URL GET api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
IP
Certificate IssuerAmazon
Subjectapi.sail-personalize.com
FingerprintB9:0F:29:1A:C3:AC:AC:BE:D2:16:60:69:B5:F4:FD:C0:2B:E1:A0:CC
ValiditySat, 22 Feb 2025 00:00:00 GMT - Mon, 23 Mar 2026 23:59:59 GMT
Hash 8c9bab40756d85eb911e9fcb111df133
9c2b1db3dfde9b18f8f219ee1ed002391ab42df7
b77e34451c87f436d6fc2ef286da790d3c25094d1593e3791e9a66de3b60f698
GET /v1/personalize/simple?pageviews=1&isMobile=0 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://shouluo.me/
authorization: Bearer c09a19887a0b3e6633179ff11d8d4f04
content-type: application/json
x-lib-version: v1.0.1
x-referring-url: http://shouluo.me/
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:32 GMT
content-type: application/json
content-length: 173
access-control-allow-origin: *
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-store
expires: -1
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
GET www.youtube.com/s/player/3b4b7883/www-embed-player.vflset/www-embed-player.js
200 OK 354 kB URL GET www.youtube.com/s/player/3b4b7883/www-embed-player.vflset/www-embed-player.js
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
File type JavaScript source, ASCII text, with very long lines (1179)
Size 354 kB (354053 bytes)
Hash 476f4e9de547d76aa9c26ac8d89dd751
93030e0886415cf87418dbd2f15fcec2fd43f2a3
26965c6612a1bd59ef95e23a8ee59303ae2e3926c1039a7e841fcd5fa4a3dac2
GET /s/player/3b4b7883/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 105233
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Jun 2025 15:40:43 GMT
expires: Mon, 01 Jun 2026 15:40:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 04:13:37 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 92750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET 1686pk.com/webapp/js/lib/config.js
200 OK 11 kB URL GET 1686pk.com/webapp/js/lib/config.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (487), with CRLF line terminators
Hash 88ed0ed13dfb4f96db56a75c1d05a6bf
1a55eafde75425c6919d5921bef5a19c6a5e2d15
8ae3d89bb3a88f3f2878b1c9b5526ffb5093b2fef625dd9a73b7de898f2ae272
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/lib/config.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
last-modified: Fri, 09 May 2025 13:41:30 GMT
vary: Accept-Encoding
etag: W/"681e060a-2ad0"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET api.api168168.com/CQShiCai/getBaseCQShiCai.do?issue=&lotCode=10010
200 OK 954 B URL GET api.api168168.com/CQShiCai/getBaseCQShiCai.do?issue=&lotCode=10010
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectapi.api168168.com
FingerprintBA:61:3B:49:A2:0B:42:45:3D:01:8E:91:5B:71:F7:B5:21:7A:54:B5
ValidityMon, 28 Apr 2025 18:53:11 GMT - Sun, 27 Jul 2025 18:53:10 GMT
Hash 82183c0d2bdc2ce6184fc3305c778be0
271e03f7c6da54c3dc1a1af6fd610174c529f58f
7fa13b2b7bab379d35e3d06b0a49da114c46cd5a43ab4aedd4a0fd8fbcf4a93f
GET /CQShiCai/getBaseCQShiCai.do?issue=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1686pk.com
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:36 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://1686pk.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET shouluo.me/js/latest.js
200 OK 637 kB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65521)
Size 637 kB (637248 bytes)
Hash 39dfab4eafaedc7517425f8be740bc5b
59bee0a825c99ae844df481ba4114f589da6835e
3682ce850eb37d9c7692129c5bb2df91e13d1dbb91cd6e3a6f0cf04f0c62c942
GET /js/latest.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:30 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Sep 2024 16:09:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"66e3123e-9b940"
Expires: Tue, 03 Jun 2025 05:26:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET dims.apnews.com/dims4/default/1e25b7d/2147483647/strip/true/crop/6000x4000+0+0/resize/1440x960!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F09%2F9c%2Fe9c346f58e9eab3462b98d4dda3d%2F3c4254f9c3844a35952058bfd03fe75f
200 OK 311 kB URL GET dims.apnews.com/dims4/default/1e25b7d/2147483647/strip/true/crop/6000x4000+0+0/resize/1440x960!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F09%2F9c%2Fe9c346f58e9eab3462b98d4dda3d%2F3c4254f9c3844a35952058bfd03fe75f
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x960, Scaling: [none]x[none], YUV color, decoders should clamp
Size 311 kB (310588 bytes)
Hash 9dff468cb99fbac514e4e1531385fa66
002157bfc47b92fca1b6f41ebf292ba78c7f5cac
ce2b61db6adac35d8818ab1f2a3659b2d0a9eb68f93e709897fb339d133f074d
GET /dims4/default/1e25b7d/2147483647/strip/true/crop/6000x4000+0+0/resize/1440x960!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F09%2F9c%2Fe9c346f58e9eab3462b98d4dda3d%2F3c4254f9c3844a35952058bfd03fe75f HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 310588
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Tue, 02 Jun 2026 17:26:22 GMT
x-envoy-upstream-service-time: 1378
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Jun 2025 17:26:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=cCt.vT8L9zQY5q_iZrG_flrM0BoJYH2ijDkEgchbt_M-1748885191-1.0.1.1-k70udtamMSF0n.RD5vVxAb6jDX30HOAmsmNcHjd.HI1tmekDt4yYIMorucSnv7HDtMie5eo4wGqRTW8UyHpUgGIlTf1SrUx7IuxVLKliUllSDkDms22_Q7zyU6Rl0XG7; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc284c5699-OSL
X-Firefox-Spdy: h2
GET 1686pk.com/webapp/js/lib/iscroll.js
200 OK 20 kB URL GET 1686pk.com/webapp/js/lib/iscroll.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, ASCII text, with very long lines (19891), with no line terminators
Hash 3249e269b6bf59a9596ff4dd4908bd74
16f804a74f66585bf01bb2217997a2a4ff0c4a23
3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/lib/iscroll.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
last-modified: Fri, 09 May 2025 13:41:30 GMT
vary: Accept-Encoding
etag: W/"681e060a-4db3"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET dims.apnews.com/dims4/default/084b59f/2147483647/strip/true/crop/4150x2763+0+2/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fc5%2F5f%2Fd8934a9b483e1163e4f3fae82d18%2F15d786b0558f4aa086e6471382bb3dac
200 OK 31 kB URL GET dims.apnews.com/dims4/default/084b59f/2147483647/strip/true/crop/4150x2763+0+2/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fc5%2F5f%2Fd8934a9b483e1163e4f3fae82d18%2F15d786b0558f4aa086e6471382bb3dac
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x233, Scaling: [none]x[none], YUV color, decoders should clamp
Hash c2af5ba35cc353634560db4628457510
88a1c5d265f298c61500763591121ad8240246d2
cc3e46a4cdb5c5dca480ca3752e072572f8b5193467cdc40b29e4ccb12ad92d6
GET /dims4/default/084b59f/2147483647/strip/true/crop/4150x2763+0+2/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Fc5%2F5f%2Fd8934a9b483e1163e4f3fae82d18%2F15d786b0558f4aa086e6471382bb3dac HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: __cf_bm=8GHOz447zW8BPsze2zMoO6FhBx_MhNuEQEXnp4PlWYA-1748885191-1.0.1.1-PP82EuUIJLtG3XwMd22mUJwNxAhFje9.XJl8SyCYa2m0Umn4U4jDwZHudWf3PYSzU86pWr8_bTpQB81scCQ.8L33whauUCCOAWM821HoiSEDLxvXzU3DJg27gAUlnOSK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: image/webp
content-length: 30760
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Wed, 18 Mar 2026 16:52:20 GMT
x-envoy-upstream-service-time: 619
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 18 Mar 2025 16:52:20 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a80e388fb4f9-OSL
server-timing: cfExtPri
POST jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 101 kB URL POST jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT
Size 101 kB (100905 bytes)
Hash 9204df639428db6b7cac93c2eb9f4b6e
d82e1cae020cf39e17195999be5da363fe33e899
576001b1cd9aac9ab1f4f64af5c78c941d6263f66177ba106b804595eb5bb847
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 02 Jun 2025 17:26:35 GMT
server: ESF
content-length: 46340
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET storage.googleapis.com/quiz_assets/APVar.woff2
200 OK 126 kB URL GET storage.googleapis.com/quiz_assets/APVar.woff2
IP
Certificate IssuerGoogle Trust Services
Subjectstorage.googleapis.com
FingerprintE6:19:2A:54:2B:10:FA:7F:D1:05:6C:BB:F0:95:A7:BC:6F:29:25:69
ValidityMon, 12 May 2025 08:46:48 GMT - Mon, 04 Aug 2025 08:46:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 125672, version 1.0
Size 126 kB (125672 bytes)
Hash 7f50c6dac8d72150899a11a222ba5562
a49561ef3fb015516869584dbde9b1e782d4ffdf
a3a88a86bdc69901f371d4d984aad6fae2199eb6e947ad4c6b49700b5ec2d6fd
GET /quiz_assets/APVar.woff2 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABgVH8-6PDavtz3floyDxYZrjGiC7Kg28pDaMKd27J0b9ZkNLg7an7gdGdy7FL4LHueFKokS
x-goog-generation: 1724423097649149
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125672
x-goog-hash: crc32c=07g3Eg==, md5=f1DG2sjXIVCJmhGiIrpVYg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 125672
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 02 Jun 2025 16:43:11 GMT
expires: Mon, 02 Jun 2025 17:43:11 GMT
cache-control: public, max-age=3600
age: 2604
last-modified: Fri, 23 Aug 2024 14:24:57 GMT
etag: "7f50c6dac8d72150899a11a222ba5562"
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET sdk.51.la/js-sdk-pro.min.js
200 OK 36 kB URL GET sdk.51.la/js-sdk-pro.min.js
IP
ASN #138915 Kaopu Cloud HK Limited
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (35899)
Hash b8a41c9449b73e8ba0224c6be1f0b7e8
33d79319d4110bcf5c44c36f7dd4a291972ac546
52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 02 Jun 2025 17:26:32 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Cache-Control: no-store
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
via: EU-FRA-marseille-EDGE3-CACHE20[216],EU-FRA-marseille-EDGE3-CACHE20[ovl,213],EU-FRA-marseille-EDGE1-CACHE4[ovl,213],EA-HKG-EDGE1-CACHE1[ovl,37],EA-HKG-EDGE2-CACHE4[ovl,36],EA-HKG-GLOBAL1-CACHE12[ovl,34],CHN-GDdongguan-GLOBAL1-CACHE34[ovl,29]
X-CCDN-REQ-ID-46B1: 61408bdb48ebf93419353a584e12e5d2
GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-SemiCondensedMedium.0146527a4261c5e15db1af66f0fc0b28.woff2
200 OK 52 kB URL GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-SemiCondensedMedium.0146527a4261c5e15db1af66f0fc0b28.woff2
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type Web Open Font Format (Version 2), CFF, length 52108, version 0.0
Hash 884bbf3d3dd95977d46d68fe98568a84
194d072f3876b04e7d4c53fe06331281420875a2
83bb76fe81ea3c36039b2f1bbe69a1111d5279cef6291f3a06b602d86125ad43
GET /resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-SemiCondensedMedium.0146527a4261c5e15db1af66f0fc0b28.woff2 HTTP/1.1
Host: assets.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/octet-stream
content-length: 52108
x-guploader-uploadid: ABgVH8-skMGoYJEog0UyCiT_xAZ-C5O9Nihu1_hh1rHE85dmOxUSLiac4B0YoxOVH0gmrdQn
cache-control: public, max-age=31536000
expires: Tue, 02 Jun 2026 17:26:22 GMT
last-modified: Tue, 06 Jun 2023 21:41:43 GMT
etag: "884bbf3d3dd95977d46d68fe98568a84"
x-goog-generation: 1686087702969194
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 52108
x-goog-hash: crc32c=eq0yvA==, md5=iEu/PT3ZWXfUbWj+mFaKhA==
x-goog-storage-class: STANDARD
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
set-cookie: __cf_bm=jAbXNXtmnU0Vssfp7RbjDsyUXCy7bWy2t9w4bZjYYwM-1748885193-1.0.1.1-pI1a882EKWkvipsUvlmDKyi7f8s6UejLL4yjOH4KZSIJo_ptCNUoL9QUmtBgFhjmF71ZKWpLVXJRqvEcVNClDvFrCelA.2HZPHXd9LJRKDy8RxMzoJ.1dGSbCgsIS9h7; path=/; expires=Mon, 02-Jun-25 17:56:33 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9498a8070b89b4f9-OSL
server-timing: cfExtPri
GET 1686pk.com/webapp/img/cltj_img/icon-168index.png
200 OK 29 kB URL GET 1686pk.com/webapp/img/cltj_img/icon-168index.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type PNG image data, 1000 x 213, 8-bit/color RGBA, non-interlaced
Hash 9cadfe91f4676d8abaefd706fd002c70
3c1f5c663282388d8fa739baf8dd77edcb5a82d0
cba1227e78513169698e2b0cf72cd24505429292ecdcb849a8f8f33b9ae5e1d9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/img/cltj_img/icon-168index.png HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/css/ssc_newVersion.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: image/png
last-modified: Sat, 15 Feb 2025 15:37:54 GMT
vary: Accept-Encoding
etag: W/"67b0b4d2-7031"
expires: Wed, 02 Jul 2025 17:26:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET i.ytimg.com/vi/hBPDYTiKwk8/sddefault.jpg
200 OK 67 kB URL GET i.ytimg.com/vi/hBPDYTiKwk8/sddefault.jpg
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subjectedgestatic.com
FingerprintBD:9B:9A:98:48:F7:F4:EB:41:6E:44:69:C4:CE:9D:13:6D:6D:CB:53
ValidityMon, 12 May 2025 08:42:56 GMT - Mon, 04 Aug 2025 08:42:55 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3
Hash 66a2b0c63a824d42754ca2bf87b059cb
80883d5c8da0f8d010690b9dabb1fbd2d71cb4ae
bdfe84747fe980d35439a1ad829d7eca895ee37f232e6b100553049b6c395a88
GET /vi/hBPDYTiKwk8/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 67114
date: Mon, 02 Jun 2025 17:26:34 GMT
expires: Mon, 02 Jun 2025 19:26:34 GMT
cache-control: public, max-age=7200
etag: "1735635050"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET storage.googleapis.com/quiz_assets/APVar.woff2
200 OK 126 kB URL GET storage.googleapis.com/quiz_assets/APVar.woff2
IP
Certificate IssuerGoogle Trust Services
Subjectstorage.googleapis.com
FingerprintE6:19:2A:54:2B:10:FA:7F:D1:05:6C:BB:F0:95:A7:BC:6F:29:25:69
ValidityMon, 12 May 2025 08:46:48 GMT - Mon, 04 Aug 2025 08:46:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 125672, version 1.0
Size 126 kB (125672 bytes)
Hash 7f50c6dac8d72150899a11a222ba5562
a49561ef3fb015516869584dbde9b1e782d4ffdf
a3a88a86bdc69901f371d4d984aad6fae2199eb6e947ad4c6b49700b5ec2d6fd
GET /quiz_assets/APVar.woff2 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABgVH8-6PDavtz3floyDxYZrjGiC7Kg28pDaMKd27J0b9ZkNLg7an7gdGdy7FL4LHueFKokS
x-goog-generation: 1724423097649149
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125672
x-goog-hash: crc32c=07g3Eg==, md5=f1DG2sjXIVCJmhGiIrpVYg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 125672
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 02 Jun 2025 16:43:11 GMT
expires: Mon, 02 Jun 2025 17:43:11 GMT
cache-control: public, max-age=3600
age: 2604
last-modified: Fri, 23 Aug 2024 14:24:57 GMT
etag: "7f50c6dac8d72150899a11a222ba5562"
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
OPTIONS api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
200 OK 18 B URL OPTIONS api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
IP
Certificate IssuerAmazon
Subjectapi.sail-personalize.com
FingerprintB9:0F:29:1A:C3:AC:AC:BE:D2:16:60:69:B5:F4:FD:C0:2B:E1:A0:CC
ValiditySat, 22 Feb 2025 00:00:00 GMT - Mon, 23 Mar 2026 23:59:59 GMT
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /v1/personalize/simple?pageviews=1&isMobile=0 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: http://shouluo.me/
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:32 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: http://shouluo.me
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-CondensedBold.6e5f3d10491d025b55a82beebf812af9.woff2
200 OK 52 kB URL GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-CondensedBold.6e5f3d10491d025b55a82beebf812af9.woff2
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type Web Open Font Format (Version 2), CFF, length 51648, version 0.0
Hash 69c14bd3e60117689185b2b0decc190c
cd7fe16864902b0494cfdd548afa265542707076
1f88558c3c902a45321653ea7bd2cee752f0bd22406ee035945a0a7ede1fa35f
GET /resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-CondensedBold.6e5f3d10491d025b55a82beebf812af9.woff2 HTTP/1.1
Host: assets.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/octet-stream
content-length: 51648
x-guploader-uploadid: ABgVH89eZ0O6_DJ-vs5wSefV_5He2zEgZP4W44BVCCkFLQpC7upmocQik_KQ3po14O4-DncAxIryNCs
cache-control: public, max-age=31536000
expires: Tue, 02 Jun 2026 17:26:22 GMT
last-modified: Tue, 06 Jun 2023 21:41:42 GMT
etag: "69c14bd3e60117689185b2b0decc190c"
x-goog-generation: 1686087702327824
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 51648
x-goog-hash: crc32c=jKxSag==, md5=acFL0+YBF2iRhbKw3swZDA==
x-goog-storage-class: STANDARD
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
set-cookie: __cf_bm=.bBQXi28OgtwIzlsKoS8kXRCEh2xFl3fMbUulzue_9o-1748885193-1.0.1.1-xWOFyOTnzlrOnmwVjL4LXuieTAK9ctFwuYk_O5W.K4KQW5uhCTmB1QQeXEdP1JkKGUWvCJ_DRQih3twZieuhb5eSYKcV8oxD6NyuNqQjhviM7TXzw_j_ya.iAe4Ee85i; path=/; expires=Mon, 02-Jun-25 17:56:33 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9498a806cb37b4f9-OSL
server-timing: cfExtPri
GET 1686pk.com/webapp/js/lib/drawLines.js
200 OK 25 kB URL GET 1686pk.com/webapp/js/lib/drawLines.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, ASCII text, with very long lines (24891), with no line terminators
Hash 7db0502baf867aa0663475b899ffb19e
a69f4ef6ab52c62d9885dc55b733c8c37687383e
8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/lib/drawLines.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
last-modified: Fri, 09 May 2025 13:41:30 GMT
vary: Accept-Encoding
etag: W/"681e060a-613b"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
404 Not Found 0 B URL GET www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
IP
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 02 Jun 2025 17:26:35 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.youtube.com/s/player/3b4b7883/player_ias.vflset/en_US/base.js
200 OK 2.6 MB URL GET www.youtube.com/s/player/3b4b7883/player_ias.vflset/en_US/base.js
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
File type JavaScript source, ASCII text, with very long lines (852)
Size 2.6 MB (2579370 bytes)
Hash 678536cf412094a0f128a881635d148f
ddf758e2cd6d81a5c86bf2741f6c53c404af218e
5e900acf187dbb6b95bb327cab69f8e5599532e7ec9d5f7b14728aa597e9d334
GET /s/player/3b4b7883/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 670908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jun 2025 08:24:30 GMT
expires: Tue, 02 Jun 2026 08:24:30 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 04:13:37 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 32523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET dims.apnews.com/dims4/default/48f2c65/2147483647/strip/true/crop/4502x3032+23+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Ff1%2Fa0%2Fc6f68e037bf407eed44014bda15e%2Fdf9a8b7e60504e14a5c5207902b3d705
200 OK 3.3 kB URL GET dims.apnews.com/dims4/default/48f2c65/2147483647/strip/true/crop/4502x3032+23+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Ff1%2Fa0%2Fc6f68e037bf407eed44014bda15e%2Fdf9a8b7e60504e14a5c5207902b3d705
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 98x66, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 0c4d3651ea79ab4db3b3b699333071cd
8bab61d4559b4292679c99bc7660325513047af2
72aaa81e274ff0cee8576a91fe0d94bc42e4703e9b6d0c019eb54a51890a79ce
GET /dims4/default/48f2c65/2147483647/strip/true/crop/4502x3032+23+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Ff1%2Fa0%2Fc6f68e037bf407eed44014bda15e%2Fdf9a8b7e60504e14a5c5207902b3d705 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 3298
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Sat, 30 May 2026 18:59:56 GMT
x-envoy-upstream-service-time: 549
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 30 May 2025 18:59:56 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=Qyht3fFdeIE_l59bnB0D1av.pBGvu4eVbfzsjUmQM7A-1748885191-1.0.1.1-3VhOHdCKoeRmjyP93O2bKiRFJn1NS.GA.O8gS1Wlrvq9H23b3YYAXk39Dl_z8dfydLqmBWvC3i_fdIkgsm1puVn8bunHRa7rOUpKUjS13mUJ5KRDH1TLeHVUvUR7Exr4; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc28505699-OSL
X-Firefox-Spdy: h2
GET abcheck.proper.io/px.gif?ch=1&rn=3.582417554906773
0 B URL GET abcheck.proper.io/px.gif?ch=1&rn=3.582417554906773
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px.gif?ch=1&rn=3.582417554906773 HTTP/1.1
Host: abcheck.proper.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET hm.baidu.com/hm.gif?hca=51400EE01597B957&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2137662393&si=9449080f1fd9d69519fb3ef29e931160&v=1.3.2&lv=1&sn=18185&r=0&ww=1280&u=http%3A%2F%2Fshouluo.me%2F&tt=%E6%BE%B3%E6%B4%B2%E5%B9%B8%E8%BF%905%E5%AE%98%E6%96%B9%E5%BC%80%E5%A5%96%E5%8E%86%E5%8F%B2%E8%AE%B0%E5%BD%95%2B%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%E5%AE%98%E7%BD%91%E6%9F%A5%E8%AF%A2%E3%80%81%E5%AE%98%E6%96%B9%E7%9B%B4%E6%92%AD%E7%BB%93%E6%9E%9C%7C%E6%BE%B3%E6%B4%B2%E5%B9%B8%E8%BF%905%E5%AE%98%E6%96%B9%E5%BC%80%E5%A5%96%E7%BD%91%E7%AB%99%20Latest%20Headlines%20and%20Videos%20%7C%20AP%20News
200 OK 43 B URL GET hm.baidu.com/hm.gif?hca=51400EE01597B957&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2137662393&si=9449080f1fd9d69519fb3ef29e931160&v=1.3.2&lv=1&sn=18185&r=0&ww=1280&u=http%3A%2F%2Fshouluo.me%2F&tt=%E6%BE%B3%E6%B4%B2%E5%B9%B8%E8%BF%905%E5%AE%98%E6%96%B9%E5%BC%80%E5%A5%96%E5%8E%86%E5%8F%B2%E8%AE%B0%E5%BD%95%2B%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%E5%AE%98%E7%BD%91%E6%9F%A5%E8%AF%A2%E3%80%81%E5%AE%98%E6%96%B9%E7%9B%B4%E6%92%AD%E7%BB%93%E6%9E%9C%7C%E6%BE%B3%E6%B4%B2%E5%B9%B8%E8%BF%905%E5%AE%98%E6%96%B9%E5%BC%80%E5%A5%96%E7%BD%91%E7%AB%99%20Latest%20Headlines%20and%20Videos%20%7C%20AP%20News
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?hca=51400EE01597B957&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2137662393&si=9449080f1fd9d69519fb3ef29e931160&v=1.3.2&lv=1&sn=18185&r=0&ww=1280&u=http%3A%2F%2Fshouluo.me%2F&tt=%E6%BE%B3%E6%B4%B2%E5%B9%B8%E8%BF%905%E5%AE%98%E6%96%B9%E5%BC%80%E5%A5%96%E5%8E%86%E5%8F%B2%E8%AE%B0%E5%BD%95%2B%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%E5%AE%98%E7%BD%91%E6%9F%A5%E8%AF%A2%E3%80%81%E5%AE%98%E6%96%B9%E7%9B%B4%E6%92%AD%E7%BB%93%E6%9E%9C%7C%E6%BE%B3%E6%B4%B2%E5%B9%B8%E8%BF%905%E5%AE%98%E6%96%B9%E5%BC%80%E5%A5%96%E7%BD%91%E7%AB%99%20Latest%20Headlines%20and%20Videos%20%7C%20AP%20News HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 02 Jun 2025 17:26:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7660793B8BD9886D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
GET shouluo.me/js/otautoblock.js
200 OK 552 kB URL GET shouluo.me/js/otautoblock.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (63508)
Size 552 kB (552100 bytes)
Hash ff0e2a8408f9ef154442e39db745c5b4
8da02a594b568c77494d1fd826681398068d5626
a9d0dbd8a7adf9bae5e7eee99a378484bb8b24d1d97e46efd3068120d4a883f1
GET /js/otautoblock.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2024 19:32:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"675745e6-86ca4"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET shouluo.me/js/apnews.min.js
200 OK 13 kB URL GET shouluo.me/js/apnews.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text
Hash ed61ea31975971d18c2237a3b4ce6f6c
db38ee256133281becb57c587ddb2b8bc6151962
345b6fb3cf96827b689b00e99082220b30d280f0dfeeae7521582b2422f5d1bb
GET /js/apnews.min.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:30 GMT
Content-Type: application/javascript
Last-Modified: Wed, 11 Dec 2024 17:45:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6759cfc4-3343"
Expires: Tue, 03 Jun 2025 05:26:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET dims.apnews.com/dims4/default/4adb9f9/2147483647/strip/true/crop/1024x682+0+0/resize/800x533!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F45%2F3e%2F4abead654dd585cc3e0f2b60db4a%2Fap24361836972112.jpg
200 OK 95 kB URL GET dims.apnews.com/dims4/default/4adb9f9/2147483647/strip/true/crop/1024x682+0+0/resize/800x533!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F45%2F3e%2F4abead654dd585cc3e0f2b60db4a%2Fap24361836972112.jpg
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x533, Scaling: [none]x[none], YUV color, decoders should clamp
Hash fb6f165a71f3deb135af0173bf351f8d
08d48bc9453f7124560acca8445d533fa2e6c4cb
c7b7750f4887d4f1e74b35c772127f61b18e429760c7fd8f2ba338aec314ab99
GET /dims4/default/4adb9f9/2147483647/strip/true/crop/1024x682+0+0/resize/800x533!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F45%2F3e%2F4abead654dd585cc3e0f2b60db4a%2Fap24361836972112.jpg HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 95182
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Tue, 02 Jun 2026 17:26:22 GMT
x-envoy-upstream-service-time: 408
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Jun 2025 17:26:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=di53patQ.SHXcLeLU10asUi6ZF_Sq00U_FwegXvh8Gc-1748885191-1.0.1.1-mkdzhtij5ksLkaLi6vmcnRyB8eLLXL17HLhy9h2dHEHQHyIOUUpKiiD9FQZ.k_L3gFKhm0j9ZnkVi85PAc8N6qRm7sJbKzu1DYFCEvZDsqLBsQjNYQOfz48lvuY8KGBW; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc284a5699-OSL
X-Firefox-Spdy: h2
GET hm.baidu.com/hm.js?9449080f1fd9d69519fb3ef29e931160
200 OK 30 kB URL GET hm.baidu.com/hm.js?9449080f1fd9d69519fb3ef29e931160
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0
ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
File type JavaScript source, ASCII text, with very long lines (622)
Hash 282f30c7fffa12a66ac94fb516afb4b0
b2c6c52f9e240741b0ace9f9c9ce98c167f0e9b4
6ddbb617f04cc2768d74aa2a6099a9eaee0c94a708246162072bcc95dfad41b3
GET /hm.js?9449080f1fd9d69519fb3ef29e931160 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11292
Content-Type: application/javascript
Date: Mon, 02 Jun 2025 17:26:33 GMT
Etag: 565a865cac69f34f0d1f369205fc7b22
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=51400EE01597B957; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
OPTIONS api.riverdrop.com/api/quiz/promotion
200 OK 2 B URL OPTIONS api.riverdrop.com/api/quiz/promotion
IP
Certificate IssuerGoogle Trust Services
Subjectriverdrop.com
Fingerprint35:0F:37:58:D8:CF:E1:6A:47:73:07:76:A0:4C:FE:30:8A:49:C5:08
ValidityFri, 23 May 2025 01:18:00 GMT - Thu, 21 Aug 2025 02:17:41 GMT
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /api/quiz/promotion HTTP/1.1
Host: api.riverdrop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://shouluo.me/
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: text/plain; charset=utf-8
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9498a80ee8e25695-OSL
vary: Origin
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: http://shouluo.me
access-control-allow-headers: content-type
x-cloud-trace-context: 6ef9f00722eafb807e6d0255e4bb446d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CO5OZFTEpGkpDM7FOX8vuvW%2F3%2F3pOr7rDw8N8XXNQOSRuO9YTBn1z0gI1TMv8VNkzTbzzoOtxkGEn%2FbqueBWGdvSvDmk0aOuDi75XgITU4eVQ0BBfBvt%2BlBxUn3qwZJSVNg2"}],"group":"cf-nel","max_age":604800}
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=530&min_rtt=498&rtt_var=99&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3205&recv_bytes=1155&delivery_rate=7400340&cwnd=254&unsent_bytes=0&cid=7599b79836ed06a5&ts=294&x=0"
X-Firefox-Spdy: h2
GET shouluo.me/png/favicon-16x16.png
200 OK 492 B URL GET shouluo.me/png/favicon-16x16.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Hash d9a702024e0eaf8c6a83f38c620c6732
17760be2cf3001d0f90be729b67fe86b71563926
6a0c1980122c97b2090b8484ab3167be6e93f95586bef5162c67821dca8c1f40
GET /png/favicon-16x16.png HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: sailthru_pageviews=1; proper_rtp_split_test={"version_id":"30915","release_ts":"2024-12-11 09:45:39"}; optimizelyEndUserId=oeu1748885193935r0.5306809468148789; __vtins__Kbu0ae6HwHakHTZk=%7B%22sid%22%3A%20%22e17fa06b-4077-586e-89c8-7aedeed4c0da%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201748886994246%2C%20%22ct%22%3A%201748885194246%7D; __51uvsct__Kbu0ae6HwHakHTZk=1; __51vcke__Kbu0ae6HwHakHTZk=9dc67629-a88b-506a-8b38-b7607c206a78; __51vuft__Kbu0ae6HwHakHTZk=1748885194252; __vtins__Kbu1dxpVU3uYOSCF=%7B%22sid%22%3A%20%22383948c6-77c0-5467-b869-59a7cb1bfc1f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201748886994274%2C%20%22ct%22%3A%201748885194274%7D; __51uvsct__Kbu1dxpVU3uYOSCF=1; __51vcke__Kbu1dxpVU3uYOSCF=e053628f-0912-5f40-8629-2b63af96eb45; __51vuft__Kbu1dxpVU3uYOSCF=1748885194277; Hm_lvt_9449080f1fd9d69519fb3ef29e931160=1748885195; Hm_lpvt_9449080f1fd9d69519fb3ef29e931160=1748885195; HMACCOUNT=51400EE01597B957; sailthru_visitor=1c464f98-9c58-45f5-8cc8-5522c12d2c6c
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:35 GMT
Content-Type: image/png
Content-Length: 492
Last-Modified: Wed, 01 Jan 2025 04:04:18 GMT
Connection: keep-alive
ETag: "6774bec2-1ec"
Expires: Wed, 02 Jul 2025 17:26:35 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET sdk.51.la/js-sdk-pro.min.js
200 OK 36 kB URL GET sdk.51.la/js-sdk-pro.min.js
IP
ASN #138915 Kaopu Cloud HK Limited
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (35899)
Hash b8a41c9449b73e8ba0224c6be1f0b7e8
33d79319d4110bcf5c44c36f7dd4a291972ac546
52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 02 Jun 2025 17:26:32 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: openresty
Cache-Control: no-store
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
via: EU-FRA-marseille-EDGE3-CACHE9[212],EU-FRA-marseille-EDGE3-CACHE9[ovl,209],EU-FRA-marseille-EDGE1-CACHE1[ovl,208],EA-HKG-EDGE1-CACHE1[ovl,36],EA-HKG-EDGE2-CACHE1[ovl,36],EA-HKG-GLOBAL1-CACHE27[ovl,34],CHN-GDdongguan-GLOBAL1-CACHE90[ovl,28]
X-CCDN-REQ-ID-46B1: 32da8a01679763391d5b2c9b6aaa20d3
GET dims.apnews.com/dims4/default/b96d5f3/2147483647/strip/true/crop/4342x2891+0+2/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F16%2F4b%2F238144a96c0530777504b6755193%2F4f3cd1f722ce4dd188abdf0c7ba0b3c8
200 OK 18 kB URL GET dims.apnews.com/dims4/default/b96d5f3/2147483647/strip/true/crop/4342x2891+0+2/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F16%2F4b%2F238144a96c0530777504b6755193%2F4f3cd1f722ce4dd188abdf0c7ba0b3c8
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x233, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 81381400ee81c975f75836bb9331aad4
1f86a9478d52ea24fc371d960b9ebd187908f8df
b078199f59d74aa160dc66e209d2d08c47d47ece7a5de75b7951523e7380626f
GET /dims4/default/b96d5f3/2147483647/strip/true/crop/4342x2891+0+2/resize/350x233!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2F16%2F4b%2F238144a96c0530777504b6755193%2F4f3cd1f722ce4dd188abdf0c7ba0b3c8 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: __cf_bm=8GHOz447zW8BPsze2zMoO6FhBx_MhNuEQEXnp4PlWYA-1748885191-1.0.1.1-PP82EuUIJLtG3XwMd22mUJwNxAhFje9.XJl8SyCYa2m0Umn4U4jDwZHudWf3PYSzU86pWr8_bTpQB81scCQ.8L33whauUCCOAWM821HoiSEDLxvXzU3DJg27gAUlnOSK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:34 GMT
content-type: image/webp
content-length: 17722
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Sun, 17 May 2026 02:43:56 GMT
x-envoy-upstream-service-time: 562
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 May 2025 02:43:56 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a80e3889b4f9-OSL
server-timing: cfExtPri
GET fonts.googleapis.com/css?family=Roboto:300,400,700|Merriweather:300,400,700&display=swap
200 OK 24 kB URL GET fonts.googleapis.com/css?family=Roboto:300,400,700|Merriweather:300,400,700&display=swap
IP
File type ASCII text, with very long lines (1572)
Hash 0bb9b1e226e2ae5d48d356f1075e1fc4
4fabccbee55ecbe250972a2454027292fc2230d9
acd3d6f7674368593841ecc5144ad7f7841ddfaced4424c2a96ddcc7f1792e04
GET /css?family=Roboto:300,400,700|Merriweather:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 02 Jun 2025 17:26:32 GMT
Date: Mon, 02 Jun 2025 17:26:32 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET shouluo.me/js/sdk.js
200 OK 3.1 kB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, ASCII text, with very long lines (1961)
Hash 54647544026f47648b4af4289e256a3d
9d4ab17452f88a5eafe8d6608135ff288aeda577
cd2141b55411f64c7b36aeea2b14f422024b772d9c76b76e48c4233de475caec
GET /js/sdk.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: sailthru_pageviews=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:32 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Jan 2025 04:09:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6774c008-c19"
Expires: Tue, 03 Jun 2025 05:26:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-Condensed.a2e7de2f933a2cfb561ebf918445be8c.woff2
200 OK 51 kB URL GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-Condensed.a2e7de2f933a2cfb561ebf918445be8c.woff2
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type Web Open Font Format (Version 2), CFF, length 50820, version 0.0
Hash 279ab1e9f53e3c98670951f68d098f6a
da71a9e16a94a7e39a4387ae96855f7ea9d8b2ba
157234e872ca9de58df7fd5a02d2ea6b613fb4f289b67af2c17aee4276e280f4
GET /resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-Condensed.a2e7de2f933a2cfb561ebf918445be8c.woff2 HTTP/1.1
Host: assets.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:32 GMT
content-type: application/octet-stream
content-length: 50820
x-guploader-uploadid: ABgVH8-ZITK7qyOZOHG-4_Aku2JaBAYtvRd0XYtlgl8FhOBK0MkBgOqG7GBs8m_1UpleWZwx
cache-control: public, max-age=31536000
expires: Tue, 02 Jun 2026 17:26:22 GMT
last-modified: Tue, 06 Jun 2023 21:41:41 GMT
etag: "279ab1e9f53e3c98670951f68d098f6a"
x-goog-generation: 1686087701647815
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 50820
x-goog-hash: crc32c=4KzI0g==, md5=J5qx6fU+PJhnCVH2jQmPag==
x-goog-storage-class: STANDARD
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
set-cookie: __cf_bm=ZK1ycmIy3Sa5Noqnmh5TG8JLDLRtUSnqTSiJ_X4RJmo-1748885192-1.0.1.1-G75aPZIuBtwtqxnT_cKAVMdnAfGte_llzFwI0WODB951dQCQm6DkGsLoUBlOQN6SFAkLDzsuGc.pP4CUKUTP_5C_110MHLohta5pbURr3jhI4RrvS6Fl9cKkhHz.sdA9; path=/; expires=Mon, 02-Jun-25 17:56:32 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9498a806cb3bb4f9-OSL
server-timing: cfExtPri
GET 1686pk.com/webapp/css/public.css
200 OK 23 kB URL GET 1686pk.com/webapp/css/public.css
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
Hash 7c54605cb3f71748fb879ee8e6b705ee
f8c8be00cc570ee35564f543357034e6addd2500
5256fc07502ba8b4af3949b231c9bece358850eb090c6c547e187ef423527f78
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/css/public.css HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: text/css
last-modified: Sat, 15 Feb 2025 15:37:40 GMT
vary: Accept-Encoding
etag: W/"67b0b4c4-59ac"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
OPTIONS jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL OPTIONS jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 02 Jun 2025 17:26:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
HEAD pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 0 B URL HEAD pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Certificate IssuerGoogle Trust Services
Subject*.g.doubleclick.net
FingerprintCB:D6:DD:24:49:A1:05:33:C4:D6:0A:04:6A:88:75:11:64:1B:56:6D
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://shouluo.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Mon, 02 Jun 2025 17:26:36 GMT
expires: Mon, 02 Jun 2025 17:26:36 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 14909433561656558641
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 53329
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
POST www.youtube.com/youtubei/v1/log_event?alt=json
200 OK 28 B URL POST www.youtube.com/youtubei/v1/log_event?alt=json
IP
Requested by https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1748885197742
Content-Type: application/json
X-Goog-Visitor-Id: CgtteEI3eXE2NXFwRSjIvffBBjInCgJOTxIhEh0SGwsMDg8QERITFBUWFxgZGhscHR4fICEiIyQlJiA7
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20250528.22.00
X-YouTube-Device: cbr=Firefox&cbrver=134.0&ceng=Gecko&cengver=134.0&cos=Windows&cosver=10.0&cplatform=DESKTOP
X-YouTube-Page-CL: 764512846
X-YouTube-Page-Label: youtube.player.web_20250528_22_RC00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1748885194314&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C535%2C301&vis=1&wgl=true&ca_type=image
Content-Length: 12246
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hBPDYTiKwk8?enablejsapi=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Mon, 02 Jun 2025 17:26:37 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET 1686pk.com/webapp/js/local/ssc/head_aozxy5.js
200 OK 338 B URL GET 1686pk.com/webapp/js/local/ssc/head_aozxy5.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, ASCII text, with very long lines (338), with no line terminators
Hash c3261b46b0ab83708346a608d8c628ce
39835e5d93ce2c5473c7375d9e4492878e598081
a4cd3a4af2595491fd9ea98f5faeb959eb00bf0d04c9dfb358dca7685a27ab97
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/local/ssc/head_aozxy5.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
content-length: 338
last-modified: Fri, 09 May 2025 13:41:36 GMT
etag: "681e0610-152"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET dims.apnews.com/dims4/default/3eee09f/2147483647/strip/true/crop/5096x3432+26+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Ff5%2F26%2F043b50246dd5b52f111c144a9ed8%2Fcdfe8f73dc924bd2942c24c756fcfc41
200 OK 2.9 kB URL GET dims.apnews.com/dims4/default/3eee09f/2147483647/strip/true/crop/5096x3432+26+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Ff5%2F26%2F043b50246dd5b52f111c144a9ed8%2Fcdfe8f73dc924bd2942c24c756fcfc41
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 98x66, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 56deccf016b30fc5e491bc9c7eda85cf
848cb3a41cb9f7ca4247f7f00a5c7b3c4102f13b
c04c1143742825e063a34bef8fcd5d6d8937ccbf24ab8781019dc66636fa58ce
GET /dims4/default/3eee09f/2147483647/strip/true/crop/5096x3432+26+0/resize/98x66!/format/webp/quality/90/?url=https%3A%2F%2Fassets.apnews.com%2Ff5%2F26%2F043b50246dd5b52f111c144a9ed8%2Fcdfe8f73dc924bd2942c24c756fcfc41 HTTP/1.1
Host: dims.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 02 Jun 2025 17:26:31 GMT
content-type: image/webp
content-length: 2916
cache-control: public, max-age=31536000
edge-control: downstream-ttl=31536000
expires: Sat, 30 May 2026 18:59:56 GMT
x-envoy-upstream-service-time: 641
x-envoy-decorator-operation: brightspot-dims-verify.prod-news.svc.cluster.local:80/*
via: 1.1 google
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 30 May 2025 18:59:56 GMT
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=K5bPvwadx0yOakbTFyb9kdkY6dOEjWqb0moXEpXJRmc-1748885191-1.0.1.1-uQOAwJ_7VQg60bY24kiSu1S72bUUStq1Kkzmis.ywGouZOMm1dbh.L89zkWWnTOUYYGyG9QlxfChaqWMkp7qqlNN3uFDgVAaNQMogaqYop2kqPCISggKr2HblkmjIouX; path=/; expires=Mon, 02-Jun-25 17:56:31 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 9498a7fc283d5699-OSL
X-Firefox-Spdy: h2
GET shouluo.me/js/index.js
200 OK 82 kB IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (38105)
Hash a673d56a2356297f97fb25c7846c4716
b3e4bedfbf8c7d21eabce21c1624c05f95e24b72
d8c159402d99d1d1d5199d6be51796a560f343b3a93c17ff61a30944b0d7d72f
GET /js/index.js HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 02 Jun 2025 17:26:31 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Jan 2025 04:17:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6774c1ca-14266"
Expires: Tue, 03 Jun 2025 05:26:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-SemiCondensed.d6d1dd4cf415654d766572b8828ac316.woff2
200 OK 51 kB URL GET assets.apnews.com/resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-SemiCondensed.d6d1dd4cf415654d766572b8828ac316.woff2
IP
Certificate IssuerLet's Encrypt
Subjectapnews.com
Fingerprint50:3A:94:A3:56:F3:BA:38:AB:8A:B0:83:BE:9B:57:51:16:AF:6A:07
ValiditySat, 03 May 2025 21:16:00 GMT - Fri, 01 Aug 2025 21:15:59 GMT
File type Web Open Font Format (Version 2), CFF, length 51300, version 0.0
Hash 0686e53b263d72c62bbbc0bfc826bd15
ea502bb32f054efa50c14db955156c5a2afba712
193d2ee2596a7c59ed6c2388a199acbd4154de9470faa6ecc7e6e0910cd904bb
GET /resource/00000188-2a81-d28a-a1fd-7bfb6ccb0000/assets/fonts/APCustomFont/APW05-SemiCondensed.d6d1dd4cf415654d766572b8828ac316.woff2 HTTP/1.1
Host: assets.apnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://shouluo.me
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 02 Jun 2025 17:26:32 GMT
content-type: application/octet-stream
content-length: 51300
x-guploader-uploadid: AAO2VwoGlhTUFcUxWqG-bOmZdylE4DRPMnhqwk9oxqPzH8AS-yIpSk0fuF-Uwjnr8-0hiv-_cVqyyjE
cache-control: public, max-age=31536000
expires: Thu, 14 May 2026 09:16:06 GMT
last-modified: Tue, 06 Jun 2023 21:41:42 GMT
etag: "0686e53b263d72c62bbbc0bfc826bd15"
x-goog-generation: 1686087702664007
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 51300
x-goog-hash: crc32c=lvLHhA==, md5=BoblOyY9csYru8C/yCa9FQ==
x-goog-storage-class: STANDARD
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
set-cookie: __cf_bm=StjIUJHpdYzbYnn7Yl7XVvxokEIskRFexyQsBt5RHsQ-1748885192-1.0.1.1-k8Xx6_GzwhsKRHVCDaedEKKbduHBdQZoa4yeZWinUo0_6FhQ_nrU2JTgtkSLL6Q6_BxmDFdDGckU.aKom_BQuE0dq094FXeaysE3p3NTx.FVJ0PA5FnXXesG3shnbn8K; path=/; expires=Mon, 02-Jun-25 17:56:32 GMT; domain=.apnews.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 9498a8034d43b4f9-OSL
server-timing: cfExtPri
GET shouluo.me/index.html//connect.facebook.net/en_US/sdk.js?hash=d91750b5fea9f63a5421cee7540ef788
404 Not Found 58 kB URL GET shouluo.me/index.html//connect.facebook.net/en_US/sdk.js?hash=d91750b5fea9f63a5421cee7540ef788
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document, ASCII text, with very long lines (56756)
Hash cbb42513032d6c09e496731ac16c20a9
c92f38a701aad58408451d24dd4c47b05f158cf0
d189695b2f3bb92369881f2428fa861dca9d9a94c638d9bdc4e2fa747d6f315b
GET /index.html//connect.facebook.net/en_US/sdk.js?hash=d91750b5fea9f63a5421cee7540ef788 HTTP/1.1
Host: shouluo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://shouluo.me/
Cookie: sailthru_pageviews=1; proper_rtp_split_test={"version_id":"30915","release_ts":"2024-12-11 09:45:39"}
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 02 Jun 2025 17:26:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67751d63-e3b8"
Content-Encoding: gzip
GET 1686pk.com/webapp/js/lib/pk10BaseTrend.js
200 OK 6.7 kB URL GET 1686pk.com/webapp/js/lib/pk10BaseTrend.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectwww.1686pk.com
Fingerprint24:B6:8D:F1:4F:10:44:99:75:13:3F:53:27:DE:58:71:51:5D:ED:33
ValidityFri, 09 May 2025 04:44:39 GMT - Thu, 07 Aug 2025 04:44:38 GMT
File type JavaScript source, ASCII text, with very long lines (6701), with no line terminators
Hash 6f6fadebe51378762442a2211edfef60
abb6dd63e315112728f3540ef124480e4b1e9048
441c3db4288867eb549306e2797b1075d745408c6674660096a9ed695435391e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /webapp/js/lib/pk10BaseTrend.js HTTP/1.1
Host: 1686pk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/webapp/html/aozxy5/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:33 GMT
content-type: application/javascript
last-modified: Fri, 09 May 2025 13:41:30 GMT
vary: Accept-Encoding
etag: W/"681e060a-1a2d"
expires: Tue, 03 Jun 2025 05:26:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
GET api.api168168.com/CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010
200 OK 7.2 kB URL GET api.api168168.com/CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://1686pk.com/webapp/html/aozxy5/index.html
Certificate IssuerLet's Encrypt
Subjectapi.api168168.com
FingerprintBA:61:3B:49:A2:0B:42:45:3D:01:8E:91:5B:71:F7:B5:21:7A:54:B5
ValidityMon, 28 Apr 2025 18:53:11 GMT - Sun, 27 Jul 2025 18:53:10 GMT
Hash 82d44c0ffd3e34cb470cdd68202f069b
68d0ade587f259411bacafab119ee166fdcd504e
1333152779cbe9f0abaeb2fc1c03c109bf101536c3378e1254fc31fab227d6dd
GET /CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010 HTTP/1.1
Host: api.api168168.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1686pk.com
DNT: 1
Connection: keep-alive
Referer: https://1686pk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jun 2025 17:26:36 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://1686pk.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
35.220.136.220
142.250.74.106
104.16.22.8
38.54.123.53
111.45.3.198
0.0.0.0