r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7146
Expires: Tue, 31 Jan 2023 06:34:24 GMT
Date: Tue, 31 Jan 2023 04:35:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5526
Expires: Tue, 31 Jan 2023 06:07:24 GMT
Date: Tue, 31 Jan 2023 04:35:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 03:43:15 GMT
content-type: application/json
age: 3123
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cyshangji.com/
104.165.72.45301 Moved Permanently 0 B IP 104.165.72.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: cyshangji.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 31 Jan 2023 04:35:12 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.cyshangji.com/index.php
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15836
Expires: Tue, 31 Jan 2023 08:59:14 GMT
Date: Tue, 31 Jan 2023 04:35:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: elIHkGlnZlcwfyeyaCiJnm1xQqxUz6CDhzX213O0Caers2FKqFDYagJKcnOfET9Zdk9/ZolGT30=
x-amz-request-id: CCV7A9B70Z0KXNVZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 03:51:01 GMT
age: 2657
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:18 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 03:41:42 GMT
age: 3216
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.cyshangji.com/index.php
104.165.72.45200 OK 622 B URL HTTP/1.1 www.cyshangji.com/index.php
IP 104.165.72.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (873), with CRLF line terminators
Hash 8206bcd37a9ee2b19745a7d00918f6d1
79b411e83a116f63c424a1f66c99787d8d048d7d
500938fbd4bfec86378295b3cd1c12f55a263602ed755a4772d4cde46e82eafe
Analyzer Verdict Alert fortinet Phishing
GET /index.php HTTP/1.1
Host: www.cyshangji.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 04:35:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19268
Expires: Tue, 31 Jan 2023 09:56:27 GMT
Date: Tue, 31 Jan 2023 04:35:19 GMT
Connection: keep-alive
www.cyshangji.com/common.js
104.165.72.45200 OK 681 B URL HTTP/1.1 www.cyshangji.com/common.js
IP 104.165.72.45:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Hash 2e12d3a974ca0f965f3602fdb81eedf2
34f8d20c7211c9c245ab4cb9a034c9a2cb9f3a78
46b050796e07214daaccc3e01e82f3315c910bc67cc022aa771d217865444957
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.cyshangji.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cyshangji.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 04:35:13 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.cyshangji.com/tj.js
104.165.72.45200 OK 462 B IP 104.165.72.45:0
File type ASCII text, with CRLF line terminators
Hash 3214928f0cfa34a609a6e0fbce94d478
3371d5aee50744536e97c0b21abbdf484add8ef3
4eb42e25f45026384b645ed18993e8a8fb098cb57a32ddcb5e8d71b37039b540
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.cyshangji.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cyshangji.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 04:35:13 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.148.238.232101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.238.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8zlZuj+85VILEm17U0etpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Qis8qza/Ku8BwcaP+iN71b/0E8Y=
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash db67d71d640b09d26251809b9ed65e4e
f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31
a1dc1f8cfc725b06ec5e37cfea4454a2755369bb4ef2a74996e41cc5398c3f0f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 03:09:25 GMT
ETag: "f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31"
Last-Modified: Tue, 31 Jan 2023 03:09:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3083
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd72ab8bb4f7-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash db67d71d640b09d26251809b9ed65e4e
f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31
a1dc1f8cfc725b06ec5e37cfea4454a2755369bb4ef2a74996e41cc5398c3f0f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 03:09:25 GMT
ETag: "f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31"
Last-Modified: Tue, 31 Jan 2023 03:09:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3083
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd72a9bcb50b-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash db67d71d640b09d26251809b9ed65e4e
f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31
a1dc1f8cfc725b06ec5e37cfea4454a2755369bb4ef2a74996e41cc5398c3f0f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 03:09:25 GMT
ETag: "f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31"
Last-Modified: Tue, 31 Jan 2023 03:09:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3083
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd72aef9b4f9-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash db67d71d640b09d26251809b9ed65e4e
f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31
a1dc1f8cfc725b06ec5e37cfea4454a2755369bb4ef2a74996e41cc5398c3f0f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 03:09:25 GMT
ETag: "f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31"
Last-Modified: Tue, 31 Jan 2023 03:09:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3083
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd72ae710b3d-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash db67d71d640b09d26251809b9ed65e4e
f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31
a1dc1f8cfc725b06ec5e37cfea4454a2755369bb4ef2a74996e41cc5398c3f0f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 03:09:25 GMT
ETag: "f8f56d32963e4bbc7fea2c8ef2f5daaba06b4a31"
Last-Modified: Tue, 31 Jan 2023 03:09:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3083
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd72ac36fabc-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62a224f5bbec67ce11c901b867b1a764
cff5f8a5fc1c4599082dc5ae09b9cb9c0d32620c
c6bd82f1a39c8d3394b7a783b3d710fb0ae1dc5bd188631b4260918cfdb41546
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6BD82F1A39C8D3394B7A783B3D710FB0AE1DC5BD188631B4260918CFDB41546"
Last-Modified: Mon, 30 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 31 Jan 2023 10:35:20 GMT
Date: Tue, 31 Jan 2023 04:35:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5747
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 04:35:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5747
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 04:35:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5747
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 04:35:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b8edbb541668f634636dc44f1559b50
0a2322b18a1cc6ca4710fce7b6d8f28263ca6064
2765a746ef8f589399e2588727364fbea9c9710327f61c979371765def1e9694
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6893
x-amzn-requestid: 02212aa9-354a-4bad-9527-137b8d87115a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3jkHL9oAMFZAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c7d-27bd90b622159be117d43a21;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _ANr_OX05FwLjw68wKrj7y34-R-daqoh7b1SO4AGqe-fzSrVaDpEiA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:11:08 GMT
age: 23052
etag: "0a2322b18a1cc6ca4710fce7b6d8f28263ca6064"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5747
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 04:35:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39003a0d-b88f-4013-b50c-7e01c5afc867.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39003a0d-b88f-4013-b50c-7e01c5afc867.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b60240f10673b4c275619f7c2f5005cf
d29076a2ad44f9d44da6f77fd1dcaea9a28c7d51
ccfdf6106ab405f6fd346bd501a7bc121acba3db657bf0bc2f7587cbe6488f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39003a0d-b88f-4013-b50c-7e01c5afc867.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5757
x-amzn-requestid: 7d5679c9-d86c-4179-b9eb-0bb0c669ff06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRYfEwvoAMFbsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c902-797b832050c000dd5a905f3b;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: x_N3UeM26YGF3H0FrJF1O8CD7p7n7HacaSr8Xc6-g51wJemoO6zmEg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 08:54:39 GMT
age: 70841
etag: "d29076a2ad44f9d44da6f77fd1dcaea9a28c7d51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 14538
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 146cb1c622ae62d62090dcaf81709056
c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e
d1a2caf59c5bfb3fd66c804217c60705de91e5beebd006cffab1d712a5aef85b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8755
x-amzn-requestid: 18054ad3-92df-4a07-b7d1-643293ba4a5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1hDGZfoAMFsFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c6c-7aae5ef32459231c25465b1b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:05:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5GkQA5AcFOFc2Wn5rdaX7nH5F4wfy52vtlpbI8Qlai-jQE77inKzqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 10:06:07 GMT
age: 66553
etag: "c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d143b65b98551bde96a7f026808d4583
3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7
004be88ebe2a4840bb718a5148fcf7d2dc1400f6c1c880cee4428d66ba91dbd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9972
x-amzn-requestid: 8a609804-1429-4a2d-abdc-7dc74a83a35b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcWB-GO8oAMF5Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4d072-0a0afc9625eb840c0b14b259;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:36:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uOHt5PEtB9XCEUi1eFA_7pTZsZgHQnvadZNw7BiXJTYMmnYgAzZ7pQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:58 GMT
age: 2662
etag: "3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac9e49e19b226b271d1a6f29d7159e64
df578148d224d67fb6e098da3eeb1d86c233cb73
1e065f356fe4ae535ec6fa40ddbad8a2ddad1fa1a053bedceb25c90fa3620ad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12154
x-amzn-requestid: 0ba17a3e-c78c-4634-8706-eedd20d8e3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk303H-mIAMFelA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b8-1d7f813471bcbd3341f06e86;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xPsBUAX9p6j3zfTl4956VqN0aME12n_E5Q2eoHoBaPE1_ElvMrSx5g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:49:14 GMT
etag: "df578148d224d67fb6e098da3eeb1d86c233cb73"
content-type: image/jpeg
age: 24366
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.cyshangji.com/favicon.ico
104.165.72.45200 OK 1.2 kB URL HTTP/1.1 www.cyshangji.com/favicon.ico
IP 104.165.72.45:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.cyshangji.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cyshangji.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 04:35:14 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 05 Feb 2023 04:35:14 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
hm.baidu.com/hm.js?8808c453e04941cefdf86ca964a5377b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8808c453e04941cefdf86ca964a5377b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 448306e067b4819ca61ab4ef6c5db9fe
bdd5fa1e9d06505df1c0788d2da69206d3b47c21
e4842363adcee5bc9b2db1cd7d7f763fcb664ec67a57cbd9efd468e6890b8116
GET /hm.js?8808c453e04941cefdf86ca964a5377b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:20 GMT
Etag: 194283705747d2371b0ba485477cc36a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=98E22016F7F294FA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?53356e85af24db6e5ce44456cf015af1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?53356e85af24db6e5ce44456cf015af1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash cdbad9b95025f9e12d92d08880bd0c97
67ec478422833b627237c16743255f62ddd58e68
844ec7eceb82a2588d9e065056245f8261f6b430e25ee3f94d54835822707019
GET /hm.js?53356e85af24db6e5ce44456cf015af1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:20 GMT
Etag: 63f4f511f95224afbf9c09a24c89878b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=391ADEE9E5E8CD8B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?01c1fa948560a0c7e30f7858b732d8ec
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?01c1fa948560a0c7e30f7858b732d8ec
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 0ae2e98383e0602b5a4d4f3b2fe0e8cf
e09d9c92e219c49db9c7a4ef67d37c57b44f4004
f2b6769a561f779372da15295e628c61d5b2cb3c35ff9dac4e4556f83750513e
GET /hm.js?01c1fa948560a0c7e30f7858b732d8ec HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:20 GMT
Etag: 99373076ef9a2916ea80582f732cd0ba
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A7CE719BCC31991F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?fbb7e8b302a6ffdf7325d4958b51e7c7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?fbb7e8b302a6ffdf7325d4958b51e7c7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash f5b6ed7e24f026adea7c3a84dbc78e8b
b1462fe9658d56fc3e4e5ef27c853140c4f46595
c544dcca68bdf951a0ef3fd9330a0d2226bc1ea2be1e53d0da2195a808785625
GET /hm.js?fbb7e8b302a6ffdf7325d4958b51e7c7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:20 GMT
Etag: 1912875bcf13757ddede60b8a04bc1fe
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=513F37F6C998282A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?166e3ca93b3ec424128484b55f16cbeb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?166e3ca93b3ec424128484b55f16cbeb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 53967124d0e96b240abbcf0ab65db72c
d4694f958ac3f8aecbe4941812d555e416ab71e4
faf38bcb21f434caf8544c1f5323140b76ab2065cf69e98e4c23c3913ded22fe
GET /hm.js?166e3ca93b3ec424128484b55f16cbeb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:20 GMT
Etag: e9521093107f952da5a602bbf89c0c2e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6CDB4895C8C84F28; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?b80522d91e8bac373bffa6d8507deed7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b80522d91e8bac373bffa6d8507deed7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 22e0df57526bf6b1f90ae67ab29f31cf
4e3000a998c0523a86c6b70a053fb6557aae2d0b
0c7a9b60efccb3c6d8363baf5b477df63a542547324fde62670c3baa5918b5a1
GET /hm.js?b80522d91e8bac373bffa6d8507deed7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:20 GMT
Etag: e4a20265438ebf5ff78b0830e5491c54
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C8AAF64A0E9A8BA8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1997940684&si=8808c453e04941cefdf86ca964a5377b&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1997940684&si=8808c453e04941cefdf86ca964a5377b&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1997940684&si=8808c453e04941cefdf86ca964a5377b&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:21 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1656B56A89F2F9B5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1763708899&si=53356e85af24db6e5ce44456cf015af1&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1763708899&si=53356e85af24db6e5ce44456cf015af1&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1763708899&si=53356e85af24db6e5ce44456cf015af1&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:21 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=11407CADFA3CE988; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1672460608&si=01c1fa948560a0c7e30f7858b732d8ec&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1672460608&si=01c1fa948560a0c7e30f7858b732d8ec&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1672460608&si=01c1fa948560a0c7e30f7858b732d8ec&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:21 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=313DF13EE7D8F805; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=255931711&si=166e3ca93b3ec424128484b55f16cbeb&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=255931711&si=166e3ca93b3ec424128484b55f16cbeb&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=255931711&si=166e3ca93b3ec424128484b55f16cbeb&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:21 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0FC0EACA12716C7F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=994878806&si=fbb7e8b302a6ffdf7325d4958b51e7c7&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=994878806&si=fbb7e8b302a6ffdf7325d4958b51e7c7&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=994878806&si=fbb7e8b302a6ffdf7325d4958b51e7c7&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:21 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=91FBC844C427C4F3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=195421232&si=b80522d91e8bac373bffa6d8507deed7&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=195421232&si=b80522d91e8bac373bffa6d8507deed7&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=195421232&si=b80522d91e8bac373bffa6d8507deed7&v=1.3.0&lv=1&sn=65136&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:21 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=DE24DEE980BFA6B6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?8149876294d86d0ed1db82fd8e72baf2
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8149876294d86d0ed1db82fd8e72baf2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 4fe115d1575b360a1bf26d9110388e4f
7bf6ff8b92910338d0c9fce4a11ffe2a6bd7b3c1
de63178bb6cab691acc8b837d87557670ac8ef55b3cfecaf04df5c254259abd9
GET /hm.js?8149876294d86d0ed1db82fd8e72baf2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:21 GMT
Etag: 98ad5ba35c05d183a91dfcd44bda5f18
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D9975AD263E17ABD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?71a181015cd087dce6fc3f1a27416d20
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?71a181015cd087dce6fc3f1a27416d20
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 162eb3ddb0c1b20094cfb3b2ad64787d
3bf6a89f118d49553d292e19380ed3d37681e1e7
28780a8c032565707558deee32c9c586eb9afb152c4aa5d5f83795d9333103a2
GET /hm.js?71a181015cd087dce6fc3f1a27416d20 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:21 GMT
Etag: e274e7072b02e0944ad099ad9a48efb1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=223BB76908C6394E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?0b30f9881f6a871b43d6ef23ab7e401a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0b30f9881f6a871b43d6ef23ab7e401a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 90acff6726a8243bb62aacb77259a5ff
8cfc9f8cd8c1c256aa3641be5973a4958f20e871
542d0fc214a2116fde4ca933e44f245cca04dc0e992ba5bb08289dbd5d5d48f7
GET /hm.js?0b30f9881f6a871b43d6ef23ab7e401a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:21 GMT
Etag: cbb02b2e40f236a57d3d00428424b2ed
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FEA0BD979183BE97; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2051036364&si=8149876294d86d0ed1db82fd8e72baf2&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2051036364&si=8149876294d86d0ed1db82fd8e72baf2&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2051036364&si=8149876294d86d0ed1db82fd8e72baf2&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:22 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F2D1ED03F022FCD1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?86961013e4dcc06728bf0416a5f4c506
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?86961013e4dcc06728bf0416a5f4c506
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 6c5c09c12c12e823b38458a5682e76e3
a400357b456378fb8e758d52fb7d2e54e9f2f0c1
51000a5cbc596d7097fb063a9f746928bc40d0712a168eda05f74208dffb1984
GET /hm.js?86961013e4dcc06728bf0416a5f4c506 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:21 GMT
Etag: 1d76727891fb56c98c0bd8ac9204b03f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C9767017B28BF981; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?79979f7a0b1b425ab0f7991fa490d994
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?79979f7a0b1b425ab0f7991fa490d994
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash ec7e0002da8235bbcde867b1a5e82623
8f107feb7a3029886c22ea6d19846412ada0bbd5
6b617d6b9759e10d3727a722b0b4ea265dc43b7b3734df9fc1136bb5c791fa7a
GET /hm.js?79979f7a0b1b425ab0f7991fa490d994 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:21 GMT
Etag: 4597bb7df47b12ce8fd665330f1c8232
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9AAA1EE169136363; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
8881img.com/xcsj/960x80-5.gif
54.230.111.26200 OK 523 kB URL HTTP/2 8881img.com/xcsj/960x80-5.gif
IP 54.230.111.26:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 523 kB (522889 bytes)
Hash d8c74f4c27d5be4113fdf1a4ad695c13
2d6b8a3355ba0a67c3db6f2dec0521d385735cd9
233a63ef3df2519470299524bb5054df03e13804c38410ee797eabaa50bc9091
GET /xcsj/960x80-5.gif HTTP/1.1
Host: 8881img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 522889
server: nginx
date: Tue, 10 Jan 2023 19:54:26 GMT
last-modified: Sat, 07 Jan 2023 12:58:09 GMT
etag: "63b96c61-7fa89"
expires: Thu, 09 Feb 2023 19:54:26 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: m0-lF0Mj1TIQ_Lzc2CvahuD2sBIiAJ_VnrHjo7Q04GL8FWgR4s8-AA==
age: 1759256
X-Firefox-Spdy: h2
8881img.com/xcsj/150x150.gif
54.230.111.26200 OK 218 kB URL HTTP/2 8881img.com/xcsj/150x150.gif
IP 54.230.111.26:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 218 kB (218293 bytes)
Hash 648d657e78d076e5c0df25141cb41432
c7e719516049581e6219869a4ad8fedef62b9396
0531362b4e955a06c2bfcc3cef0e059de4451e65617ad198218fc2f4c45e68cf
GET /xcsj/150x150.gif HTTP/1.1
Host: 8881img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 218293
server: nginx
date: Mon, 09 Jan 2023 18:06:00 GMT
last-modified: Sat, 07 Jan 2023 12:58:06 GMT
etag: "63b96c5e-354b5"
expires: Wed, 08 Feb 2023 18:06:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nqOxOKJL6y9cGAk-5wwERMSzFls14_eHTQ1oTF5AZIvrnwvxpnYeHw==
age: 1852162
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 7f92c2877bb52188ed6a0f7ee4779b37
b49183eaf6c0cc56ee1862b18733b999b6951a95
c9959792802d1ffd37a5be12101f9f34fcf180eeebf749d1691ef2170f718c2a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 04:35:22 GMT
Last-Modified: Tue, 31 Jan 2023 04:19:35 GMT
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ecEUIUzMODK8ZOIAKrSJixY1rRQOqycPaDNJLcnSBQrPhEqTxcKBdQ==
Age: 947
8881img.com/xcsj/200x200.gif
54.230.111.26200 OK 305 kB URL HTTP/2 8881img.com/xcsj/200x200.gif
IP 54.230.111.26:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 305 kB (304630 bytes)
Hash 616b404a780629dce921fed59248917a
b0835a59b7a1f85590204090084f7e379c2c730f
bcf6e4c08fff7ddbaf6021553a4c336bbb40bf2d888d00a43908a3766fd7b933
GET /xcsj/200x200.gif HTTP/1.1
Host: 8881img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 304630
server: nginx
date: Mon, 09 Jan 2023 06:18:00 GMT
last-modified: Sat, 07 Jan 2023 12:58:07 GMT
etag: "63b96c5f-4a5f6"
expires: Wed, 08 Feb 2023 06:18:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9Y6zEfgW9EgSms0HYWeJ_y47Ml9UpN1JRfq2WER-JsDTlvZ0Ciq2fg==
age: 1894641
X-Firefox-Spdy: h2
595tuchuang.com/960x80.gif
183.255.106.38301 Moved Permanently 166 B URL HTTP/1.1 595tuchuang.com/960x80.gif
IP 183.255.106.38:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 04:35:22 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://595tuchuang.com/960x80.gif
Server: cdn
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 7f92c2877bb52188ed6a0f7ee4779b37
b49183eaf6c0cc56ee1862b18733b999b6951a95
c9959792802d1ffd37a5be12101f9f34fcf180eeebf749d1691ef2170f718c2a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116755
Date: Tue, 31 Jan 2023 04:35:22 GMT
Etag: "63d7bf9d-1d7"
Expires: Wed, 01 Feb 2023 13:01:18 GMT
Last-Modified: Mon, 30 Jan 2023 13:01:17 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 86wbjHcLabKLGALGy6LMcnNB5gvPium6LXyLlD2tDNcRh_tR06FB8A==
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 7f92c2877bb52188ed6a0f7ee4779b37
b49183eaf6c0cc56ee1862b18733b999b6951a95
c9959792802d1ffd37a5be12101f9f34fcf180eeebf749d1691ef2170f718c2a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116755
Date: Tue, 31 Jan 2023 04:35:22 GMT
Etag: "63d7bf9d-1d7"
Expires: Wed, 01 Feb 2023 13:01:17 GMT
Last-Modified: Mon, 30 Jan 2023 13:01:17 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KKTua4Y22M_LrQn51cKhxg9UlwPNBf4AzrT_y2OhnoUsdmbMPZ-kNQ==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fdc5f640873393bc09bed9040dff4a44
84bbbff600c250ea9b5416a0218b87b4951b4298
a488b6fc3dbd5ae5b58b99a6f13e9efa52a2c1474d2164fad3a834fdd1ca6956
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A488B6FC3DBD5AE5B58B99A6F13E9EFA52A2C1474D2164FAD3A834FDD1CA6956"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19456
Expires: Tue, 31 Jan 2023 09:59:39 GMT
Date: Tue, 31 Jan 2023 04:35:23 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 7490e6edc76d9175140d3082c7e64f7b
22a1369923dd04d93cc074c9a3b53c9c6a68f4a3
c045b345598f3ae15bef3848f09ca22e0c6a7820ff88c160c95cbaa9d47fa665
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 02:32:05 GMT
ETag: "22a1369923dd04d93cc074c9a3b53c9c6a68f4a3"
Last-Modified: Tue, 31 Jan 2023 02:32:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 23
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd859c8db4f7-OSL
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1765853367&si=71a181015cd087dce6fc3f1a27416d20&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1765853367&si=71a181015cd087dce6fc3f1a27416d20&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1765853367&si=71a181015cd087dce6fc3f1a27416d20&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:22 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CB3E5D9EAEBE966A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
uumy1.bond/template/m1938pc/html9/ads/960.gif
27.124.8.144200 OK 25 kB URL HTTP/2 uumy1.bond/template/m1938pc/html9/ads/960.gif
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
File type GIF image data, version 89a, 1020 x 60\012- data
Hash edb0e0745fe1ce51b71b2dcfec486c58
03e96bdda66106f9f76a721c4520af213c3c5c77
1d659201aba0c958e20c651c65627563827a97fa0d4969c8737f9d0f3e52374f
GET /template/m1938pc/html9/ads/960.gif HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: image/gif
content-length: 24836
last-modified: Wed, 09 Nov 2022 10:18:12 GMT
etag: "636b7e64-6104"
expires: Thu, 02 Mar 2023 04:35:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1164936589&si=0b30f9881f6a871b43d6ef23ab7e401a&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1164936589&si=0b30f9881f6a871b43d6ef23ab7e401a&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1164936589&si=0b30f9881f6a871b43d6ef23ab7e401a&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=80B4674095D9A2BF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=147043504&si=79979f7a0b1b425ab0f7991fa490d994&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=147043504&si=79979f7a0b1b425ab0f7991fa490d994&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=147043504&si=79979f7a0b1b425ab0f7991fa490d994&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C82AC2D763DABA71; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2022709934&si=86961013e4dcc06728bf0416a5f4c506&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2022709934&si=86961013e4dcc06728bf0416a5f4c506&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2022709934&si=86961013e4dcc06728bf0416a5f4c506&v=1.3.0&lv=1&sn=65137&r=0&ww=1280&u=http%3A%2F%2Fwww.cyshangji.com%2Findex.php&tt=%E6%B7%AE%E5%AE%89%E5%9E%A6%E8%82%A5%E5%BD%B1%E9%99%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:23 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1739CBE23FDD1531; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kzeqq.com/3452e6815c59e9149b94c505e9bb4abd.gif
88.99.102.224200 OK 228 kB URL HTTP/2 kzeqq.com/3452e6815c59e9149b94c505e9bb4abd.gif
IP 88.99.102.224:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 960 x 60\012- data
Size 228 kB (228331 bytes)
Hash 071d2c3b39f6cb11b6de27e7ca7ca0af
0abe57cc261ad0c6f1e299005c4885ce969ac715
f7df02cd92df16e23878af2d4c24c483c78d613ed8d66a6218b11e7c1cf273af
GET /3452e6815c59e9149b94c505e9bb4abd.gif HTTP/1.1
Host: kzeqq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:23 GMT
content-type: image/gif
content-length: 228331
last-modified: Fri, 30 Dec 2022 03:00:18 GMT
etag: "63ae5442-37beb"
expires: Tue, 31 Jan 2023 16:35:23 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 79212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDDQYTIr190P7P%2BIv4NQA2g42xV3n4%2BeTMZDZqP52d6S9Yib2R84bKg3fopQ940iJ9JCg0Cd4nuwbFh1qBNtokknSBQ6jgFEVGCP3LrlKyE2x5tyfKTqSCwFMv57"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7917aeb13e19c30f-VIE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
587tuchuang.com/960x80.gif
183.255.106.38200 OK 46 kB URL HTTP/1.1 587tuchuang.com/960x80.gif
IP 183.255.106.38:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Hash 71f52eb6b257632ccf5f1ca592e24630
078e286ab14da4c78fd1a245b6d75a411b5dd6aa
05821b4f922a0eaa3454b7bef9da02cde5ae19ab2cc64e827eeadce056bcc670
GET /960x80.gif HTTP/1.1
Host: 587tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:22 GMT
Content-Type: image/gif
Content-Length: 45891
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 15:48:40 GMT
ETag: "63b6f158-b343"
Expires: Sun, 26 Feb 2023 15:44:59 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
u22033.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
13.227.254.70200 OK 393 kB URL HTTP/2 u22033.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP 13.227.254.70:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 393 kB (393378 bytes)
Hash a930de5ec6e818c397927d0c8e288eb4
5740c07c68ec2828cf3544a76afa1755077a6f57
e5a218bd1dc9bc6410f36069969a1c36a3f34f0d42079c4bd02ec8c19421bee0
GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: u22033.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 393378
last-modified: Tue, 03 Jan 2023 03:28:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 23:58:16 GMT
etag: "a930de5ec6e818c397927d0c8e288eb4"
x-cache: Hit from cloudfront
via: 1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KrmVbMKQVqTsWbl6xHDcApweXx0N6yFJpKLi3DRZeUP-TE_ySq66Ig==
age: 16627
X-Firefox-Spdy: h2
u22033.com/363336fe019a7dad576dbc0cd5e59477.gif
13.227.254.70200 OK 16 kB URL HTTP/2 u22033.com/363336fe019a7dad576dbc0cd5e59477.gif
IP 13.227.254.70:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash e7b760d5b9f1a1be175fed8a7896bf31
d9ea37fa0efad766da3bb101ad5735486f51b0a4
c1d4fc49d3a7165588dc654c14911fe2ebc87a83520e6074721ef9f810d5eba3
GET /363336fe019a7dad576dbc0cd5e59477.gif HTTP/1.1
Host: u22033.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 16442
last-modified: Thu, 01 Dec 2022 15:50:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 22:38:04 GMT
etag: "e7b760d5b9f1a1be175fed8a7896bf31"
x-cache: Hit from cloudfront
via: 1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TjBA5NM0ja_d1tRMyJqknBVSofk7R-CLl9QXQii-uQjmkIi_tb3-dw==
age: 21439
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 78c4c0a872646f1166bc91f57f14b2c5
284a79667673cfde7c319e57583c90b42c429e79
238eb9fc09bd226fd794516c4816b449737e715da5ae13ec2085a2169885848a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238EB9FC09BD226FD794516C4816B449737E715DA5AE13EC2085A2169885848A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17709
Expires: Tue, 31 Jan 2023 09:30:32 GMT
Date: Tue, 31 Jan 2023 04:35:23 GMT
Connection: keep-alive
683tuchuang.com/683x80.gif
183.255.106.38200 OK 150 kB URL HTTP/1.1 683tuchuang.com/683x80.gif
IP 183.255.106.38:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 150 kB (149463 bytes)
Hash 3c2fa85a8ef9e16cf3f19c0271603a30
3da49aedf0f2131bad3089261687e10a080ea76f
11254003ad7540ce48193298be4aade73c03834674394c8a66c2f6d5e4de6fa1
GET /683x80.gif HTTP/1.1
Host: 683tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:22 GMT
Content-Type: image/gif
Content-Length: 149463
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 15:43:03 GMT
ETag: "63d3f107-247d7"
Expires: Tue, 28 Feb 2023 13:27:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
hm.baidu.com/hm.js?fbb7e8b302a6ffdf7325d4958b51e7c7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?fbb7e8b302a6ffdf7325d4958b51e7c7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 6e18a6f8aa0d238b081a5b2dba8bc9d3
41f419974dfefef8489bff7644c4fb7d67ba8237
6091f1a36da9d8f681f6b1338d17d85d27ffad9312b689b2718e7ac2c2ba29d6
GET /hm.js?fbb7e8b302a6ffdf7325d4958b51e7c7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 1912875bcf13757ddede60b8a04bc1fe
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: 460d45ac1065b35ff64059cf52a29fd2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BD2242C0748AD85E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?71ee2868d55df0e2975eb376098651cb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?71ee2868d55df0e2975eb376098651cb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash e5367ea15783ea5cad0ed888618ee115
428d7d9d444125fd1650888df5001db23ed6224d
acf6536080cc2b1614bc3119ff9c47043bfb023f9cebea2abc506c20e51231e8
GET /hm.js?71ee2868d55df0e2975eb376098651cb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: ab48f9c70f8a50bfdacc9169f0898c00
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BA7AD4F310C3C7DE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?8808c453e04941cefdf86ca964a5377b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8808c453e04941cefdf86ca964a5377b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash d3ba23b824dbd14f4fcc84f4f5af616a
f3e6e9d2d90408ee5461f7d04956775d1fb84b5d
3d4d2f72ea4c11dd27e04911b7eb22a6ccf5afaf8c4ae49180a42e81181aa51e
GET /hm.js?8808c453e04941cefdf86ca964a5377b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 194283705747d2371b0ba485477cc36a
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: 9f4ac37ed484bbeff9957de1e150b664
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F37F3A5FDF75F3C3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?01c1fa948560a0c7e30f7858b732d8ec
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?01c1fa948560a0c7e30f7858b732d8ec
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 6cd862d84a4bc629149a875c588e6b2d
2ebbc92f457249c1d860932715441ab70ccfdc1c
6257568dc5e330558afac02ae6c8dc18ed5046325e23c57307650e336b9c4947
GET /hm.js?01c1fa948560a0c7e30f7858b732d8ec HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 99373076ef9a2916ea80582f732cd0ba
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: 02206b3b27090c1d8031a9b903b26eb7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B2578161859D606A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?166e3ca93b3ec424128484b55f16cbeb
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?166e3ca93b3ec424128484b55f16cbeb
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash aa65c2d38bc9feef4d65958abc814c63
ad726fd6c9867de85cdbf208254de8664a202ced
785539f6929397beb9481a92aa90f15ca176d48bf26b062582fe2fc063e30522
GET /hm.js?166e3ca93b3ec424128484b55f16cbeb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: e9521093107f952da5a602bbf89c0c2e
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: 999368ac45044747d9a2889e4162eb5a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EFD962188EBF3C2C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?b80522d91e8bac373bffa6d8507deed7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b80522d91e8bac373bffa6d8507deed7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash eb04fabb7ed6a987f76e3076f2c01557
09174d67883f70049e8755460a7f7e3a9bb226b8
bd22cdec95176a12f5f2441649b39572276e5e186ab871d161c6fe8fec82d3cb
GET /hm.js?b80522d91e8bac373bffa6d8507deed7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: e4a20265438ebf5ff78b0830e5491c54
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: c1d98633684faab67f11c9d6e5e8caf5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B7BA56645FEFA2ED; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?0b30f9881f6a871b43d6ef23ab7e401a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0b30f9881f6a871b43d6ef23ab7e401a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 2dad3ad5557d515934d95a24cd773361
ac52ce7dbd0d7ce01575332d2e87eb62378bcf01
1c016315e6271aa52df657a6949684e430a3355af49747dbdb0080ad9bb6b2a1
GET /hm.js?0b30f9881f6a871b43d6ef23ab7e401a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: cbb02b2e40f236a57d3d00428424b2ed
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: 72f3cfa1492c05330ded1c74b9dff4ee
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8E86C29BD41BCDAE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 732bf430cf74a9c786f279bf6b21b795
2e073f3598f6bdb81819f74ec6b11e035cedbb38
4aad0cc28c0a88c5b3ac27a405f7ecbe933292eaf6676bcea31dee0e8ec32458
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 04 Feb 2023 01:08:22 GMT
ETag: "2e073f3598f6bdb81819f74ec6b11e035cedbb38"
Last-Modified: Tue, 31 Jan 2023 01:08:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3539
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd8ab8a50b55-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 732bf430cf74a9c786f279bf6b21b795
2e073f3598f6bdb81819f74ec6b11e035cedbb38
4aad0cc28c0a88c5b3ac27a405f7ecbe933292eaf6676bcea31dee0e8ec32458
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 04 Feb 2023 01:08:22 GMT
ETag: "2e073f3598f6bdb81819f74ec6b11e035cedbb38"
Last-Modified: Tue, 31 Jan 2023 01:08:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3539
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd8abe600b06-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 732bf430cf74a9c786f279bf6b21b795
2e073f3598f6bdb81819f74ec6b11e035cedbb38
4aad0cc28c0a88c5b3ac27a405f7ecbe933292eaf6676bcea31dee0e8ec32458
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 04 Feb 2023 01:08:22 GMT
ETag: "2e073f3598f6bdb81819f74ec6b11e035cedbb38"
Last-Modified: Tue, 31 Jan 2023 01:08:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3539
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd8abbee0b65-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 732bf430cf74a9c786f279bf6b21b795
2e073f3598f6bdb81819f74ec6b11e035cedbb38
4aad0cc28c0a88c5b3ac27a405f7ecbe933292eaf6676bcea31dee0e8ec32458
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 04 Feb 2023 01:08:22 GMT
ETag: "2e073f3598f6bdb81819f74ec6b11e035cedbb38"
Last-Modified: Tue, 31 Jan 2023 01:08:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3539
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd8ab99ab4fd-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 732bf430cf74a9c786f279bf6b21b795
2e073f3598f6bdb81819f74ec6b11e035cedbb38
4aad0cc28c0a88c5b3ac27a405f7ecbe933292eaf6676bcea31dee0e8ec32458
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 04 Feb 2023 01:08:22 GMT
ETag: "2e073f3598f6bdb81819f74ec6b11e035cedbb38"
Last-Modified: Tue, 31 Jan 2023 01:08:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3539
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791fbd8ab8f7b4fa-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b466580ca48edd198dd26594ca61cbb5
f3e63e81b0503fbe8f0518f91d1e13a9a00bd8ff
288aedc495dcaf32025f2364d1fafdf3b1a2cac97873f94ed6f434aae6be21a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 04:35:24 GMT
Etag: "63d770aa-118"
Server: ECS (amb/6BBA)
Content-Length: 280
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f6c08c27cb2c561cd982e2de6e469410
8f95b4cb6ddd3cb64e9bebf4481b5acbd3de558a
4d966bafa7351797a9847d94885d6a98f113dd4621d53c8fb287900d406c704d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 04:41:26 GMT
Expires: Sun, 05 Feb 2023 04:41:25 GMT
Etag: "8f95b4cb6ddd3cb64e9bebf4481b5acbd3de558a"
Cache-Control: max-age=431760,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8b0fcdb4f3-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bb9d1ec51678425989c6057ed138308d
fcd3edeea200fe1a39bac26e8d61860d1446dd31
ab59970dc8bc29b55283c6ed87ca1a3f20182605d9063c5158eb57c92cfb0c6b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 15:19:39 GMT
Expires: Sat, 04 Feb 2023 15:19:38 GMT
Etag: "fcd3edeea200fe1a39bac26e8d61860d1446dd31"
Cache-Control: max-age=383653,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8b0bffb524-OSL
tgqd.tsmgsoce.com/imgf/hy.gif
188.114.97.1200 OK 801 kB URL HTTP/2 tgqd.tsmgsoce.com/imgf/hy.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 801 kB (800906 bytes)
Hash b67d8e3b2e6a17ef65cca5924479bcaf
170f0e54f86d9fe303bca99f7524cee878289a3f
2b6a9b53114e36c800d36b460001279b5b27d86ad0b0f79d71bd5157d7d2ba8c
GET /imgf/hy.gif HTTP/1.1
Host: tgqd.tsmgsoce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 04:35:24 GMT
content-type: image/gif
content-length: 800906
last-modified: Tue, 15 Nov 2022 04:20:27 GMT
etag: "6373138b-c388a"
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,DELETE,PATCH,OPTIONS
access-control-allow-headers: auth_token,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Range,User-Agent,X-CustomHeader,X-Mx-ReqToken,X-Requested-With
access-control-allow-credentials: true
access-control-max-age: 600
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jBVXxLNTEwBscqiMOfY3sQlUOa0JVdswI%2FGwIBTPLTHqdPAA4FGF7J2ZPYKBgg687LODPlRFoqd38BW8rVtIcPxH53A%2FEUOqEt9qDJZh%2FRjhn%2Fr9tCij1LAAD%2BeK8MP4a0cHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791fbd8b798cb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?71a181015cd087dce6fc3f1a27416d20
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?71a181015cd087dce6fc3f1a27416d20
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash c31a2c9f6751c6d572f8f5b4c679293c
b1f54eea72fb63d452fc623d1dbe0f976dab1a1e
6651d42664434105becaa77ed1cc9b98f6812f9b07ebb004042ec63a08f17151
GET /hm.js?71a181015cd087dce6fc3f1a27416d20 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: e274e7072b02e0944ad099ad9a48efb1
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: 8318fa38d2595d30f829a8aa054185fc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=21C90395F162829F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?8149876294d86d0ed1db82fd8e72baf2
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8149876294d86d0ed1db82fd8e72baf2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash 88784f288761b5f76d4a92f444e29fca
0d259f7ac457403f516940ddc876f47f1bbb8b84
e33d254f5b922a8298cb12e816690f69d6f96dcbc33af01b00b811a625eb6034
GET /hm.js?8149876294d86d0ed1db82fd8e72baf2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 98ad5ba35c05d183a91dfcd44bda5f18
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: b3f0129731685a4e037981b0b1fe6d18
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F2450AE08E0B6596; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?86961013e4dcc06728bf0416a5f4c506
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?86961013e4dcc06728bf0416a5f4c506
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 56edc64099697e6b594d74b50760cca4
03ed6c1a4eb7f0846c574026d563258925d4e9a4
cd1388ee5f78bb0f5f74b5981090a50dabd3e454b3536e5e708fb507b790ea95
GET /hm.js?86961013e4dcc06728bf0416a5f4c506 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 1d76727891fb56c98c0bd8ac9204b03f
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:23 GMT
Etag: 87144b00c2df3aae58934890b20a25f6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=110F47F05D78672F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 576967317a73096b9fc9c911816a0715
a62047f811ff0e926854b2b84be58d2623b3a379
f96035b9e54ee0e8ccae7a02083d788ff5162cf703016c0d7a5bf9c8e757ce1b
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 07:03:58 GMT
Expires: Sat, 04 Feb 2023 07:03:57 GMT
Etag: "a62047f811ff0e926854b2b84be58d2623b3a379"
Cache-Control: max-age=353912,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8b0c5fb517-OSL
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash b96d09fb6b6371b97418fd650fc9ea1c
5ac7c973dd02de7e84958922a3294dd6dae4fdf0
7f6c3cf8ea5c1ce8980f7442888c7992d621fc453729f4511f348af34efd8f47
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: d42afaea-d253-467d-8cc6-a46f9450c333
Content-Length: 1701
Date: Tue, 31 Jan 2023 04:35:24 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 98abe68b9ab82fe42f1f085913678384
dc6a17187230b8446c3cb54739fddb21503ce412
4881c398fce5598414e94d11e09640f34a11a186e3446ca720d8a85c6f03b261
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: d33575df-f200-4eb8-a733-43f8c0072bc2
Content-Length: 1701
Date: Tue, 31 Jan 2023 04:35:24 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f6c08c27cb2c561cd982e2de6e469410
8f95b4cb6ddd3cb64e9bebf4481b5acbd3de558a
4d966bafa7351797a9847d94885d6a98f113dd4621d53c8fb287900d406c704d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 04:41:26 GMT
Expires: Sun, 05 Feb 2023 04:41:25 GMT
Etag: "8f95b4cb6ddd3cb64e9bebf4481b5acbd3de558a"
Cache-Control: max-age=431760,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8b0b99b529-OSL
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 4ccd4488717342ca91f9f0b75e6927d5
ab3001746aaa3bc16117a16a0f8ab4901849f497
257dc1723e18b72273484e9c5e8dacf543add3cdedc933805f779e9ae3e0f9d6
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: e7d1a4ce-8e26-4d96-898c-05b613757f85
Content-Length: 1701
Date: Tue, 31 Jan 2023 04:35:24 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2134949848&si=fbb7e8b302a6ffdf7325d4958b51e7c7&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2134949848&si=fbb7e8b302a6ffdf7325d4958b51e7c7&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2134949848&si=fbb7e8b302a6ffdf7325d4958b51e7c7&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A49617DB897258C0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7218dd92c377c7a141b6aad16370a011
968e663864f149ea91fdb5697df59f40eb4d171b
9abd20da34b9f48983c9b91fe7201f691c554d97f83c35199df4a00d8b2cf991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ABD20DA34B9F48983C9B91FE7201F691C554D97F83C35199DF4A00D8B2CF991"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1810
Expires: Tue, 31 Jan 2023 05:05:34 GMT
Date: Tue, 31 Jan 2023 04:35:24 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=720538328&si=71ee2868d55df0e2975eb376098651cb&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=720538328&si=71ee2868d55df0e2975eb376098651cb&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=720538328&si=71ee2868d55df0e2975eb376098651cb&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=58A33378934BBBFF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1573706079&si=8808c453e04941cefdf86ca964a5377b&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1573706079&si=8808c453e04941cefdf86ca964a5377b&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1573706079&si=8808c453e04941cefdf86ca964a5377b&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7D6177A4C53975F7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=754473804&si=01c1fa948560a0c7e30f7858b732d8ec&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=754473804&si=01c1fa948560a0c7e30f7858b732d8ec&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=754473804&si=01c1fa948560a0c7e30f7858b732d8ec&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5320EA70232E86D6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash fd4a4ded8732c3cf65ca68f186556949
9da6f342853c395006b52245842bf42584799f56
d5b7566c23b01f5973553cc1a28d90ccc9a2485f9e5312d9a7a723df0e463ba4
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=789
Date: Tue, 31 Jan 2023 04:35:24 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash fd4a4ded8732c3cf65ca68f186556949
9da6f342853c395006b52245842bf42584799f56
d5b7566c23b01f5973553cc1a28d90ccc9a2485f9e5312d9a7a723df0e463ba4
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=789
Date: Tue, 31 Jan 2023 04:35:24 GMT
Connection: keep-alive
X-N: S
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f2263d888c7ccbc9b86c6429e4c22716
4cc87ed1db15f93b0b539466460516c857da2a49
04c56a09a5412b9ef4310c55293a57ede2b16232f41b2a318a21ccecf7523f66
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 23:43:04 GMT
Expires: Sun, 05 Feb 2023 23:43:03 GMT
Etag: "4cc87ed1db15f93b0b539466460516c857da2a49"
Cache-Control: max-age=500258,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8cac78b529-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1753791621&si=0b30f9881f6a871b43d6ef23ab7e401a&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1753791621&si=0b30f9881f6a871b43d6ef23ab7e401a&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1753791621&si=0b30f9881f6a871b43d6ef23ab7e401a&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CB854B9D8BB58D51; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2137864348&si=166e3ca93b3ec424128484b55f16cbeb&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2137864348&si=166e3ca93b3ec424128484b55f16cbeb&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=2137864348&si=166e3ca93b3ec424128484b55f16cbeb&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BF93388524F8F2EC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3321a01f05e04629f40593e7b885fd8f
da065e49ac9a969915a5e465e2e92614f8a6eb57
7e55c9a809bee2725026ebde818df2a8ea659aa7cb90a8b0ac7a51d13e655e2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1912
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 04:35:24 GMT
Last-Modified: Tue, 31 Jan 2023 04:03:32 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 727
p.qlogo.cn/qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hjaPMUYTLH6ByaU4OShgWmN8FEn2bfve1KXL1B9OCw5GU/0
43.154.254.32200 OK 7.5 kB URL HTTP/2 p.qlogo.cn/qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hjaPMUYTLH6ByaU4OShgWmN8FEn2bfve1KXL1B9OCw5GU/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 100 x 100\012- data
Hash 5cc58b8f4b2a6344ccc5f05242411e8b
340fe397c9445449b7814bc37fbcb23ab802d5bc
83fbf320526ed5036bd42ed44c12b6131c4b88a573cf6cca1ba2a46da323e8d7
GET /qqmail_head/EVPtJJ9TsHzH9flljZXyh4VZUKn6u1hjaPMUYTLH6ByaU4OShgWmN8FEn2bfve1KXL1B9OCw5GU/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 04:35:23 GMT
content-type: image/gif
content-length: 7484
vary: Accept,Origin
last-modified: Wed, 26 Oct 2022 13:16:05 GMT
cache-control: max-age=2592000
x-delay: 4688 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 7484
chid: 0
fid: 0
x-nws-log-uuid: fd93083d-fcf0-42a6-a5da-4a45ace2ceb2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3321a01f05e04629f40593e7b885fd8f
da065e49ac9a969915a5e465e2e92614f8a6eb57
7e55c9a809bee2725026ebde818df2a8ea659aa7cb90a8b0ac7a51d13e655e2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1912
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 04:35:24 GMT
Last-Modified: Tue, 31 Jan 2023 04:03:32 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 727
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 98fd0a4bb307148da661151f004c8a11
155236a02e64747553979bca964388c4029707a1
12f22f87038dc6afc7b0508229404b3981e04089de7c0386625cc9e28b900eb2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 20:55:54 GMT
Expires: Fri, 03 Feb 2023 20:55:53 GMT
Etag: "155236a02e64747553979bca964388c4029707a1"
Cache-Control: max-age=317428,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8c0822b4f3-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1375502321&si=b80522d91e8bac373bffa6d8507deed7&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1375502321&si=b80522d91e8bac373bffa6d8507deed7&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1375502321&si=b80522d91e8bac373bffa6d8507deed7&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B8EB5C3BF570309E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3321a01f05e04629f40593e7b885fd8f
da065e49ac9a969915a5e465e2e92614f8a6eb57
7e55c9a809bee2725026ebde818df2a8ea659aa7cb90a8b0ac7a51d13e655e2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1912
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 04:35:24 GMT
Last-Modified: Tue, 31 Jan 2023 04:03:32 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/6bd98810012e4de5828c0a8213e01106
47.246.44.227200 OK 440 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/6bd98810012e4de5828c0a8213e01106
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 440 kB (439790 bytes)
Hash 07ad6948d174b603a75e166a521bbb04
d08af2d0fc9693ce636e66cbb89277875d7954f4
40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b
GET /obj/tos-cn-i-dy/6bd98810012e4de5828c0a8213e01106 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 439790
date: Thu, 17 Nov 2022 18:16:26 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 13:55:37 GMT
nw-session-id: 2022111721553701020209215614C3258Aztxnb01dy
nw-session-trace: 2022-11-17T21:55:37.661222506+08:00 133
x-bdcdn-cache-status: TCP_HIT
x-length: 439790
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 21:55:37 GMT
x-tt-logid: 2022111721553701020209215614C3258A
via: n204-098-222, cache20.l2de2[0,0,206-0,H], cache16.l2de2[1,0], cache16.l2de2[2,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:26:318::66
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01fa06c219692a0bade3e36971b21a99cb5ae0e36b5ebd1e2fe9261124b9a3019f1c63ccfba3340bd5840dccac1af34cd08814d0aa9529f753b2964a5c0f170410f96790567b7570afa2cb694df408905d978efcdcbb7f6dab9e3f212c220517de
x-response-lb: image
ali-swift-global-savetime: 1668708987
age: 6430737
x-cache: HIT TCP_MEM_HIT dirn:4:75194885
x-swift-savetime: Mon, 21 Nov 2022 05:59:28 GMT
x-swift-cachetime: 31234619
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397243508834e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/96116c5b187b452d8a7ceae72d087e8f
47.246.44.227200 OK 13 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/96116c5b187b452d8a7ceae72d087e8f
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Hash c629670fb1e01dae101f66326c61b652
a4603c10f9ae33d366c8369ea13caf38300b40c9
158b54c1a79760e1caa291e68756b80660641906191eb20eaec77c2bedc782af
GET /obj/tos-cn-i-dy/96116c5b187b452d8a7ceae72d087e8f HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 13094
date: Sun, 08 Jan 2023 07:53:20 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 08 Jan 2023 07:41:40 GMT
nw-session-id: 2023010815414062DEDDEAE313FB566CB5zbj9202dy
nw-session-trace: 2023-01-08T15:41:40.673360136+08:00 54
x-bdcdn-cache-status: TCP_HIT
x-length: 13094
x-powered-by: ImageX
x-response-date: Sun, 08 Jan 2023 15:41:40 GMT
x-tt-logid: 2023010815414062DEDDEAE313FB566CB5
via: n132-082-085, cache26.l2de2[0,0,206-0,H], cache15.l2de2[1,0], cache15.l2de2[2,0], cache7.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c8cd9920d5b2dee88135f0fcfdadd3ecbb030b476f019112723fbb9acb51cd65297b982bba9f697c5b5e0b5be2cd3eec512c58eae7215282e60a18a7d3ac3459ef785f38b352a1694f67aa552c9e4bfb8af269d38555268ad206b011f8134795
x-response-lb: image
ali-swift-global-savetime: 1673164401
age: 1975323
x-cache: HIT TCP_MEM_HIT dirn:11:362194481
x-swift-savetime: Sun, 08 Jan 2023 08:18:03 GMT
x-swift-cachetime: 31534518
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397243938852e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/9758275ccbb9404887d9537125b38ea9
47.246.44.227200 OK 489 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/9758275ccbb9404887d9537125b38ea9
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /obj/tos-cn-i-dy/9758275ccbb9404887d9537125b38ea9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 488987
date: Sun, 08 Jan 2023 17:06:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 08 Jan 2023 17:06:30 GMT
nw-session-id: 20230109010630237CE87A1B921E9239855b2gs03dy
nw-session-trace: 2023-01-09T01:06:30.090734007+08:00 32
x-bdcdn-cache-status: TCP_HIT
x-length: 488987
x-powered-by: ImageX
x-response-date: Mon, 09 Jan 2023 01:06:30 GMT
x-tt-logid: 20230109010630237CE87A1B921E923985
via: n150-050-052, cache4.l2de2[0,0,206-0,H], cache17.l2de2[0,0], cache17.l2de2[1,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc02:20:277::30
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 016ce8fa9a4734806856c36302115b4d3b62e2f46a5e22340a9e0afd68f42535f61b40eb4c87b4eb4d08a76657d3a06f06c194c2fa0f2a8796bc9ed45e4b03583aa8472a5bf216acbaf65500914d0b34d0a0dc701fd8b2ff6e1948ab36c3d97f4f
x-response-lb: image
ali-swift-global-savetime: 1673197598
age: 1942126
x-cache: HIT TCP_MEM_HIT dirn:4:51830946
x-swift-savetime: Sun, 08 Jan 2023 17:16:00 GMT
x-swift-cachetime: 31535438
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397243708846e
X-Firefox-Spdy: h2
zhibo128x.xyz/18/960x60-01.gif
154.83.25.141200 OK 268 kB URL HTTP/1.1 zhibo128x.xyz/18/960x60-01.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 960 x 68\012- data
Size 268 kB (267610 bytes)
Hash 46085d414dd694aeecc2f7aa1df0a6d7
be9ab06f21cb545d344305bb84dd76b5ae9893f7
e0dc78f1c5403529e6592cac87d3297e5c79eb0ee7de476eb2b4e937a955c877
GET /18/960x60-01.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 04:32:43 GMT
Content-Type: image/gif
Content-Length: 267610
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 22:11:21 GMT
ETag: "63b4a809-4155a"
Expires: Thu, 02 Feb 2023 22:12:35 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
u22055.com/dfa3783e959dd180be6ac3461eaf6706.gif
13.227.254.44200 OK 17 kB URL HTTP/2 u22055.com/dfa3783e959dd180be6ac3461eaf6706.gif
IP 13.227.254.44:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash 29c7cef4c49cdd4d92efd4e5a3e7da79
2bb9a0bc5b23da62d81a138a00d14aab31f5e46b
1f1d736a41140b995c19ed76b46abf48710c036b6eb9d1c187c991907ae17001
GET /dfa3783e959dd180be6ac3461eaf6706.gif HTTP/1.1
Host: u22055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 16993
date: Tue, 10 Jan 2023 14:36:55 GMT
last-modified: Sat, 24 Dec 2022 11:10:18 GMT
etag: "29c7cef4c49cdd4d92efd4e5a3e7da79"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: b0OSPJFIml7SaQHUyOIf37cb2tp1Wz_p9SpGLERLN9BGsh3EqTvQRg==
age: 1778310
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash e0b129531c5d0c9ebab28d14eb44ccaa
df1a8eb39b2dd1da5992b5a559f5f715252b1e4a
9555ad8bf81bd62c2ae4868ba22b50997b29f1f42e5fc5337c957f337810826a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 11:20:27 GMT
Expires: Sun, 05 Feb 2023 11:20:26 GMT
Etag: "df1a8eb39b2dd1da5992b5a559f5f715252b1e4a"
Cache-Control: max-age=455701,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8d7e5db517-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/0c3d2cdaed96469f9d5774583186184e
47.246.44.227200 OK 320 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/0c3d2cdaed96469f9d5774583186184e
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Size 320 kB (320396 bytes)
Hash f1bd2e508413c6089ec9fcf6954b2196
b60c7b6b05a282a58ecde182ce2ac5a5a2ac087a
16df1f845970a1b49b6309d0af3dfabe40e54bb3a9bac381a2dac8ff1f9a6ff3
GET /obj/tos-cn-i-dy/0c3d2cdaed96469f9d5774583186184e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 320396
date: Mon, 09 Jan 2023 10:08:43 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 09 Jan 2023 07:08:17 GMT
nw-session-id: 202301091508176FA8411628FCE4CBEC53hfr7h02dy
nw-session-trace: 2023-01-09T15:08:17.16834519+08:00 59
x-bdcdn-cache-status: TCP_HIT
x-length: 320396
x-powered-by: ImageX
x-response-date: Mon, 09 Jan 2023 15:08:17 GMT
x-tt-logid: 202301091508176FA8411628FCE4CBEC53
via: n131-120-212, cache15.l2de2[193,193,206-0,M], cache3.l2de2[194,0], cache3.l2de2[194,0], cache1.se1[0,0,200-0,H], cache4.se1[0,0]
x-request-ip: fdbd:dc03:8:577::15
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=0
x-tt-trace-host: 010310055a616c7640b1adfd1df01d700f9720441faf0ff71ca062e2d09456afec5834e5463ff7a0a99756c58a3f3eed9fc19cb228d6532aa762056b2747f1565aa9785904b425a64e8d02e83e350f10f28a557088a272ebca70317e4d3821a3e6
x-response-lb: image
ali-swift-global-savetime: 1673258924
age: 1880800
x-cache: HIT TCP_MEM_HIT dirn:7:1447100207
x-swift-savetime: Mon, 09 Jan 2023 10:08:44 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397243768848e
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 408786ae559699451dabcad953cc8545
bdd572606f8ab12b57da58460e6e9a7f34bbdbc5
ba7628e67a7cf0c2147478eeaa6c956a3d17696032845bc96dbc1da3218518b6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 02:10:58 GMT
Expires: Mon, 06 Feb 2023 02:10:57 GMT
Etag: "bdd572606f8ab12b57da58460e6e9a7f34bbdbc5"
Cache-Control: max-age=509132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8cac99b524-OSL
hm.baidu.com/hm.js?79979f7a0b1b425ab0f7991fa490d994
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?79979f7a0b1b425ab0f7991fa490d994
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash d5ed76702b9cdc517a8f655e9ed6e820
6940552535ca9c97ec4e650744b0fe0ca44e588e
d05cf46b5108d40c1dd12bbf8598aca4323e00272c944caba9a7b23e8e6536ec
GET /hm.js?79979f7a0b1b425ab0f7991fa490d994 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 4597bb7df47b12ce8fd665330f1c8232
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 04:35:24 GMT
Etag: f923a2b6281ef28a058695fb7262f798
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D1AE7349ED0D0708; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
u22088.com/84bfbebcdad0296b623216802be82672.gif
13.227.254.92200 OK 15 kB URL HTTP/2 u22088.com/84bfbebcdad0296b623216802be82672.gif
IP 13.227.254.92:0
File type GIF image data, version 89a, 150 x 150\012- data
Hash 45937719da73b701bd554f3996019dff
f8dcb949811d925e68853455da0c9f663dc67413
869e12cacf70ec0ced9208a285ca779e2371a411df8e7b9d788da32344912e04
GET /84bfbebcdad0296b623216802be82672.gif HTTP/1.1
Host: u22088.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 15158
date: Mon, 16 Jan 2023 05:14:17 GMT
last-modified: Sat, 17 Dec 2022 11:45:02 GMT
etag: "45937719da73b701bd554f3996019dff"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 322d4a6b5dc93fed92dc98b4eacf25ca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 06pRDxzfPaxpr9AadNC7lQw_kTabbB8KV9B8Z4wJgmE7uM-tkSbbvQ==
age: 1293668
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=192595554&si=8149876294d86d0ed1db82fd8e72baf2&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=192595554&si=8149876294d86d0ed1db82fd8e72baf2&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=192595554&si=8149876294d86d0ed1db82fd8e72baf2&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=68EF92FF96C76A94; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
323823umv.com/12101e124fce4a7289b751c0f6b8b0e3.gif
103.170.15.84200 OK 30 kB URL HTTP/1.1 323823umv.com/12101e124fce4a7289b751c0f6b8b0e3.gif
IP 103.170.15.84:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 180 x 180\012- data
Hash c75065e9b2cdd6327ec4bcd5564139dd
942a4075f3561f09179d6a332eebfdca981601b0
2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c
Analyzer Verdict Alert quad9 Sinkholed
GET /12101e124fce4a7289b751c0f6b8b0e3.gif HTTP/1.1
Host: 323823umv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b92d4-748c"
Date: Sat, 14 Jan 2023 23:41:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:29:08 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-14
Content-Length: 29836
pic.picnewsss.com/tu-2022290039/120-120.gif
23.225.139.251200 OK 9.8 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/120-120.gif
IP 23.225.139.251:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash d5108c52b1e5111e1135c65b828ecddf
2b20ca658db1936d28a3315989e4c0622bb25741
38ce508a86be7215ec2c3b2c39512599b3259928e4206c4c062aadaa72cba6d3
GET /tu-2022290039/120-120.gif HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Mon, 30 Jan 2023 07:49:59 GMT
etag: "1675136814"
expires: Wed, 01 Mar 2023 07:49:59 GMT
last-modified: Tue, 31 Jan 2023 03:46:54 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 9820
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/e9ab02ac76324557bbde6db4ecbf8c99
47.246.44.227200 OK 442 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/e9ab02ac76324557bbde6db4ecbf8c99
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 442 kB (441628 bytes)
Hash ad421490469bba29d0cf1ad11a62196d
6cf37051e0dfc39334b8cfedf8d38835e100d06a
b371893f39b9acd96d043308c0dda4c1d3ca5aeba8562a3f922c7608359a6309
GET /obj/tos-cn-i-dy/e9ab02ac76324557bbde6db4ecbf8c99 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 441628
date: Sun, 18 Dec 2022 06:28:55 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 17 Dec 2022 11:05:17 GMT
nw-session-id: 20221217190517010158029097259F6A097pslr03dy
nw-session-trace: 2022-12-17T19:05:17.740044506+08:00 39
x-bdcdn-cache-status: TCP_HIT
x-length: 441628
x-powered-by: ImageX
x-response-date: Sat, 17 Dec 2022 19:05:17 GMT
x-tt-logid: 20221217190517010158029097259F6A09
via: n131-120-158, cache9.l2de2[0,0,206-0,H], cache15.l2de2[2,0], cache15.l2de2[2,0], cache2.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:4:166::71
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01637dd6300cff7523e5fed02614c37de91279521414760d1b5009803310c5258ea7f14fe5a65a8209d835c86a13f682dc4d6a6c19501ae384fdf18b654eef815f625b33acd1cfb3cef0af8f0b6e4464e0bacf64a2dd7446a4d7f9e43e6e7b0aa4
x-response-lb: image
ali-swift-global-savetime: 1671344935
age: 3794789
x-cache: HIT TCP_MEM_HIT dirn:6:160011028
x-swift-savetime: Sun, 18 Dec 2022 19:10:44 GMT
x-swift-cachetime: 31490291
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397245028901e
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=855079865&si=86961013e4dcc06728bf0416a5f4c506&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=855079865&si=86961013e4dcc06728bf0416a5f4c506&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=855079865&si=86961013e4dcc06728bf0416a5f4c506&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6878F1122733B6B4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=197518956&si=71a181015cd087dce6fc3f1a27416d20&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=197518956&si=71a181015cd087dce6fc3f1a27416d20&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=197518956&si=71a181015cd087dce6fc3f1a27416d20&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65139&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A02EACEC2322B72E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
pic.picnewsss.com/tu-2022290039/se-1.jpg
23.225.139.251200 OK 27 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/se-1.jpg
IP 23.225.139.251:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Hash d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e
GET /tu-2022290039/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Tue, 31 Jan 2023 03:33:55 GMT
etag: "1675137174"
expires: Thu, 02 Mar 2023 03:33:55 GMT
last-modified: Tue, 31 Jan 2023 03:52:54 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 26754
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/a985985b1ad549bfad87f5fbf439b637
47.246.44.227200 OK 274 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/a985985b1ad549bfad87f5fbf439b637
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Size 274 kB (273715 bytes)
Hash 861dfe01844a99e30fe199070510d06d
aca4c3d0899d413ebf1e3068a677b88de75339a7
0374e9aba033b4e4330adb7b81dd0a7663c9a85952f21a0e0d4fa6cd548218a6
GET /obj/tos-cn-i-dy/a985985b1ad549bfad87f5fbf439b637 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 273715
date: Thu, 15 Sep 2022 06:37:13 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 15 Sep 2022 06:22:25 GMT
nw-session-id: 2022091514222501021004914525741E544465r01dy
nw-session-trace: 2022-09-15T14:22:25.84893536+08:00 16
x-bdcdn-cache-status: TCP_HIT
x-length: 273715
x-powered-by: ImageX
x-response-date: Thu, 15 Sep 2022 14:22:25 GMT
x-tt-logid: 2022091514222501021004914525741E54
via: n204-098-222, cache20.l2de2[0,0,206-0,H], cache21.l2de2[2,0], cache21.l2de2[2,0], cache5.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:27:681::36
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01fe8538bf26489b235fc90d90b5963b5f889705ab1eaa0996020a921ad3764f74df83d6e44f3f05a96d2cd6b40b7b4827a723faa25b73bf9c66878ef998b9e89dccfde326a30c5aa5d9d3072503eeff91217299919619479f71f92fdbce318e54
x-response-lb: image
ali-swift-global-savetime: 1663223834
age: 11915890
x-cache: HIT TCP_MEM_HIT dirn:1:134283275
x-swift-savetime: Thu, 15 Sep 2022 18:42:02 GMT
x-swift-cachetime: 31492512
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397245618920e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b466580ca48edd198dd26594ca61cbb5
f3e63e81b0503fbe8f0518f91d1e13a9a00bd8ff
288aedc495dcaf32025f2364d1fafdf3b1a2cac97873f94ed6f434aae6be21a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96542
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 04:35:24 GMT
Etag: "63d770aa-118"
Expires: Wed, 01 Feb 2023 07:24:26 GMT
Last-Modified: Mon, 30 Jan 2023 07:24:26 GMT
Server: nginx
Content-Length: 280
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash e0b129531c5d0c9ebab28d14eb44ccaa
df1a8eb39b2dd1da5992b5a559f5f715252b1e4a
9555ad8bf81bd62c2ae4868ba22b50997b29f1f42e5fc5337c957f337810826a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 11:20:27 GMT
Expires: Sun, 05 Feb 2023 11:20:26 GMT
Etag: "df1a8eb39b2dd1da5992b5a559f5f715252b1e4a"
Cache-Control: max-age=455701,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8d894ab518-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d347561fe370e03263a2ba78a3a03459
9e8f8a9cbebfa7f54b011ead9ae76023c7a935d7
12e2f04c2e2d3d18c7199538c610feb4f42e0e1982ac7aa468edfdce9c02b725
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 01:26:55 GMT
Expires: Sun, 05 Feb 2023 01:26:54 GMT
Etag: "9e8f8a9cbebfa7f54b011ead9ae76023c7a935d7"
Cache-Control: max-age=420089,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8dad0ab529-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 3c74e0bfa8071fe3c7bed9add71f9bef
da0687adc4e4a0b4946a4c79c359b04f687aaf4f
c5f2a337beb1ddbd37efe61506d35a5061517a2bd248b13618a501d34e90d9fd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 05:12:56 GMT
Expires: Sun, 05 Feb 2023 05:12:55 GMT
Etag: "da0687adc4e4a0b4946a4c79c359b04f687aaf4f"
Cache-Control: max-age=433650,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8eeb64b509-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a43f04c2f145949b31205493e516f387
c0b28386610cbc0a850aa186d7ef8f31b5051a87
da2f287fc1d58348dcb2847e7066a09912e9b31f5db60b2008f7ab5e19e2a261
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 03:22:18 GMT
Expires: Tue, 07 Feb 2023 03:22:17 GMT
Etag: "c0b28386610cbc0a850aa186d7ef8f31b5051a87"
Cache-Control: max-age=599812,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8e28e4b4f3-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 23322a877a66f2590b48cfc09a136fce
d1067e1cca62521a00c69762630263a715cb8139
54c194e17586ed948d0842f6f855cb97c0f15972055fc585449e11f74637395b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 04:33:44 GMT
Expires: Sun, 05 Feb 2023 04:33:43 GMT
Etag: "d1067e1cca62521a00c69762630263a715cb8139"
Cache-Control: max-age=431298,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8e4d2db524-OSL
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 40ef2f3d9877578999d578831f1ef508
a6ecba77b22f7c12a8f1a1ec39bc8557487e3399
00616ec927bd0636a495112e0daad1b87e1743f49079c44b747e8e9c74ff0b9b
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 04:35:24 GMT
Etag: "63d6ede6-1d7"
Last-Modified: Tue, 31 Jan 2023 04:29:47 GMT
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QuPq6QK8SZLy1kITyy0mzRIm4-byj8BSa67StxHxbtWWIJb2SweXKQ==
Age: 337
828239sam.com/87375584e8ec44a9b8a2b5c863e13cf3.gif
45.61.212.60200 OK 21 kB URL HTTP/1.1 828239sam.com/87375584e8ec44a9b8a2b5c863e13cf3.gif
IP 45.61.212.60:0
File type GIF image data, version 89a, 180 x 180\012- data
Hash 07ccc0b877ff07608500e45e78915a0a
e9972b6f1517b3c5dadcde11212bcfd3a51c2abd
5623987f3399652066ac075bbf5ff8e116e13c846219fdafd4fb8d48e2b643ed
Analyzer Verdict Alert quad9 Sinkholed
GET /87375584e8ec44a9b8a2b5c863e13cf3.gif HTTP/1.1
Host: 828239sam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b8cb9-51df"
Date: Sat, 14 Jan 2023 13:04:43 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:03:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-30
Content-Length: 20959
kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
121.226.246.3200 OK 1.4 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.4 MB (1411145 bytes)
Hash 3e2a08c45f216f23995e08dc45ed0e86
c9390027ee4885cb509d8b2ad37d6daa9698631e
ffdceb96ee4670386b85d0e2389496569d7e5e9f16844c2f26e9656482a8f12f
GET /ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:23 GMT
content-type: image/gif
content-length: 1411145
cache-control: max-age=15552000
expires: Mon, 24 Jul 2023 10:02:15 GMT
last-modified: Sat, 26 Nov 2022 04:47:42 GMT
age: 498788
via: http/1.1 ORI-CLOUD-HUZ-MIX-15 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-15 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674640935378-0-0-0-40-40;200;200-1674964273070-0-0-0-4-4;200-1675139723279-0-0-0-1-1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 372e9325f57d98bfce3c3b2d1fa2eef1
304a5b0decc751777981b94e9499e5fb582bdc72
afd81845d3144021da8a46e58565bbd8d855a8bae454c4cda5bc1ccf02c31cc6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 09:55:23 GMT
Expires: Mon, 06 Feb 2023 09:55:22 GMT
Etag: "304a5b0decc751777981b94e9499e5fb582bdc72"
Cache-Control: max-age=536997,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd8eef881c02-OSL
pic.picnewsss.com/tu-2022290039/se-2.gif
23.225.139.251200 OK 89 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/se-2.gif
IP 23.225.139.251:0
File type GIF image data, version 89a, 267 x 160\012- data
Hash 482e725b00bf18359cae59cd413aea13
aaf8f22b9470066e250989a25a09a7486c3aaf28
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083
GET /tu-2022290039/se-2.gif HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Mon, 30 Jan 2023 19:38:23 GMT
etag: "1675138434"
expires: Wed, 01 Mar 2023 19:38:23 GMT
last-modified: Tue, 31 Jan 2023 04:13:54 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 89034
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 2076c97fdba55f5e5243026d1daee807
612ba7dd73e8ef05743e95f9ec345d0b9843f98b
e7a8e48be383d0b64bc87ed2f9afb59abf4ead1d21fe0134c1c682b1f824c6ae
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 04:35:24 GMT
Last-Modified: Tue, 31 Jan 2023 04:08:40 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XGwubarbSA4pLRhESIMyqo3RyDpL6TjsAkMOFv3GcszRpCmatrUkMg==
Age: 1604
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=834414470&si=79979f7a0b1b425ab0f7991fa490d994&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65140&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=834414470&si=79979f7a0b1b425ab0f7991fa490d994&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65140&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=834414470&si=79979f7a0b1b425ab0f7991fa490d994&su=http%3A%2F%2Fwww.cyshangji.com%2F&v=1.3.0&lv=1&sn=65140&r=0&ww=1268&u=https%3A%2F%2Fuumy1.bond%2F&tt=uutv-youyoutv HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 04:35:24 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0F59250CA9F17F07; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
u22088.com/27722623d7eddecb2833a5d3cf5e7ef3.gif
13.227.254.92200 OK 142 kB URL HTTP/2 u22088.com/27722623d7eddecb2833a5d3cf5e7ef3.gif
IP 13.227.254.92:0
File type GIF image data, version 89a, 235 x 125\012- data
Size 142 kB (141584 bytes)
Hash 1f86a71b6fe5931325fbbebb8128ac13
d9198d3472b9827a964adafd255614dd49f152ab
32f83a11ba2d5ae6e2168bafcc968c60d2ce50fa903b101beffd41dad95ee5c3
GET /27722623d7eddecb2833a5d3cf5e7ef3.gif HTTP/1.1
Host: u22088.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 141584
date: Mon, 16 Jan 2023 05:14:15 GMT
last-modified: Tue, 03 Jan 2023 08:05:02 GMT
etag: "1f86a71b6fe5931325fbbebb8128ac13"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 322d4a6b5dc93fed92dc98b4eacf25ca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NKPAczRf4RdN2v66mrl38dydwh9aNcHSssrlmTdQAYcmVwQlpaWpOg==
age: 1293670
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/de96f069f07e40a7b530905760805650
47.246.44.227200 OK 231 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/de96f069f07e40a7b530905760805650
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 320 x 190\012- data
Size 231 kB (230949 bytes)
Hash e1b5be3d220394367462c42864f01575
b8422d3712e64eca19071321752343a58284c8f9
96db091f8fb9cabdd44b6f2a1cf68827449ebb48c70ec8bb6c6d842957cb4129
GET /obj/tos-cn-i-dy/de96f069f07e40a7b530905760805650 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 230949
date: Fri, 21 Oct 2022 08:14:03 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:54:10 GMT
nw-session-id: 202210211454100101750890792635CD6Erg6p202dy
nw-session-trace: 2022-10-21T14:54:10.434208304+08:00 71
x-bdcdn-cache-status: TCP_HIT
x-length: 230949
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:54:10 GMT
x-tt-logid: 202210211454100101750890792635CD6E
via: n132-082-085, cache21.l2de2[0,0,206-0,H], cache16.l2de2[1,0], cache16.l2de2[1,0], cache2.se1[0,0,200-0,H], cache4.se1[4,0]
x-request-ip: fdbd:dc03:4:481::29
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=4
x-tt-trace-host: 01477cc639149ce33dae3abb200256c8a892a193664a1e3d91c252badb83b85a0d6c3526a7af863859383d122405adfb57fd90303a8d5dcf17b743fde9cb7a77b899a95b2b047359c65ed3a6eb7e58dcaf84cf3c3d2b6567192372b9e3b38bd801
x-response-lb: image
ali-swift-global-savetime: 1666340043
age: 8799681
x-cache: HIT TCP_MEM_HIT dirn:11:372244522
x-swift-savetime: Fri, 21 Oct 2022 09:07:23 GMT
x-swift-cachetime: 31532800
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397249151000e
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0
43.154.254.32200 OK 206 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 206 kB (205622 bytes)
Hash 8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 04:35:23 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Mon, 19 Dec 2022 06:54:31 GMT
cache-control: max-age=2592000
x-delay: 113 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: b5f2d008-1ad9-4fe3-9a2d-777101aafddc
X-Firefox-Spdy: h2
223969ufy.com/13489beb95e840629251f7c0f98cc843.gif
103.170.15.84200 OK 654 kB URL HTTP/1.1 223969ufy.com/13489beb95e840629251f7c0f98cc843.gif
IP 103.170.15.84:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 654 kB (653713 bytes)
Hash 6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
GET /13489beb95e840629251f7c0f98cc843.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b8da1-9f991"
Date: Tue, 24 Jan 2023 14:14:43 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:06:57 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-14
Content-Length: 653713
p.qlogo.cn/qqmail_head/PiajxSqBRaEIlyjp06XD3bzhydPqBicRZ6Db9SxLqxwzn8B6s2mxg3JUTNYa6ykryRCiaibvAyjPNuU/0
43.154.254.32200 OK 306 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaEIlyjp06XD3bzhydPqBicRZ6Db9SxLqxwzn8B6s2mxg3JUTNYa6ykryRCiaibvAyjPNuU/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 150 x 150\012- data
Size 306 kB (305659 bytes)
Hash b0f69ea36d49ae5252a848d77dc95101
3dfe14de1594892380fb6ef0b6845d1ff4ce50a2
59c96088fb0ebc455d105554f0635a8e773475384a9c178e9fc0ef062776c9af
GET /qqmail_head/PiajxSqBRaEIlyjp06XD3bzhydPqBicRZ6Db9SxLqxwzn8B6s2mxg3JUTNYa6ykryRCiaibvAyjPNuU/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 04:35:23 GMT
content-type: image/gif
content-length: 305659
vary: Accept,Origin
last-modified: Sat, 24 Dec 2022 12:24:04 GMT
cache-control: max-age=2592000
x-delay: 34521 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 305659
chid: 0
fid: 0
x-nws-log-uuid: 8129f59a-1860-45a9-afcc-1c50932513aa
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/yEFuiaD0UlKgFU6D70rZGGw15YPpEpO7T6fy2UP9fFHX8zpOwP1icGoxCYz7rqs3LtsajzYGYiaB3A/0
43.154.254.32200 OK 233 kB URL HTTP/2 p.qlogo.cn/qqmail_head/yEFuiaD0UlKgFU6D70rZGGw15YPpEpO7T6fy2UP9fFHX8zpOwP1icGoxCYz7rqs3LtsajzYGYiaB3A/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 120\012- data
Size 233 kB (232755 bytes)
Hash 5e515c37ad67a28aa64f01b2e15ac186
99d766961edd1993ac7bcd7f3b1fed1a73f6764b
226cc4d0e88c783ce9c10c19f341e972bf11fd5877bdbdeabfe72d0507efa9d1
GET /qqmail_head/yEFuiaD0UlKgFU6D70rZGGw15YPpEpO7T6fy2UP9fFHX8zpOwP1icGoxCYz7rqs3LtsajzYGYiaB3A/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 04:35:23 GMT
content-type: image/gif
content-length: 232755
vary: Accept,Origin
last-modified: Wed, 26 Oct 2022 13:06:21 GMT
cache-control: max-age=2592000
x-delay: 43633 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 232755
chid: 0
fid: 0
x-nws-log-uuid: 71f299d9-c7bc-4ca9-8352-7daf0f15cb1b
X-Firefox-Spdy: h2
323823umv.com/5e01c652101d4fddbb2baf2fcd1ea0bd.gif
103.170.15.84200 OK 553 kB URL HTTP/1.1 323823umv.com/5e01c652101d4fddbb2baf2fcd1ea0bd.gif
IP 103.170.15.84:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /5e01c652101d4fddbb2baf2fcd1ea0bd.gif HTTP/1.1
Host: 323823umv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9384-86f72"
Date: Sun, 29 Jan 2023 19:19:39 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:32:04 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-14
Content-Length: 552818
u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
13.227.254.44200 OK 288 kB URL HTTP/2 u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP 13.227.254.44:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 288 kB (288397 bytes)
Hash e17bb688cfdae836ea866c47e92a022a
d748bb7b13696141ba768280a21d3dac482e3a0c
cb9affdc029bd6deb908ab9786fad62113c4ba28d2e9a8926cbed0c5e2c2aa6a
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: u22055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 288397
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 24 Dec 2022 08:23:21 GMT
etag: "e17bb688cfdae836ea866c47e92a022a"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sYRe1SWvsTPoq1ho6nUb2fLPEUXjx9HXuv3l6ERiWXUmEvFyvhnJfQ==
age: 1802598
X-Firefox-Spdy: h2
u1010.com/b1e6e408f0284fb2aa93e1c6e9188fad.gif
103.170.15.70200 OK 32 kB URL HTTP/2 u1010.com/b1e6e408f0284fb2aa93e1c6e9188fad.gif
IP 103.170.15.70:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 300 x 174\012- data
Hash e291a6e249141715b5b299f10ffa683f
1364d05fb0a69980fa2434fd406b000f2e50ef10
3af003ca205dcd94bb3bf0ac44952bc500c10b733fbc47b1ed0c9f1438fd1a97
GET /b1e6e408f0284fb2aa93e1c6e9188fad.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63b54e41-7c6a"
server: nginx
date: Mon, 30 Jan 2023 03:15:04 GMT
content-type: image/gif
last-modified: Wed, 04 Jan 2023 10:00:33 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-60
content-length: 31850
X-Firefox-Spdy: h2
8499159.com/8499/zzxx/960x60.gif
162.209.128.163200 OK 291 kB URL HTTP/2 8499159.com/8499/zzxx/960x60.gif
IP 162.209.128.163:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 291 kB (290572 bytes)
Hash 57aeaeed8e55b2a1e23b348d9d73f9d5
381bc182c18210ba33ebe13cbf8f20f297d33c16
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
GET /8499/zzxx/960x60.gif HTTP/1.1
Host: 8499159.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 04:35:24 GMT
content-type: image/gif
content-length: 290572
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "46f0c-5f092cf097c3f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
13.227.254.117200 OK 393 kB URL HTTP/2 kzett.com/65e7e65f41ad1c2cb20bb39e08e6b041.gif
IP 13.227.254.117:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 393 kB (393378 bytes)
Hash a930de5ec6e818c397927d0c8e288eb4
5740c07c68ec2828cf3544a76afa1755077a6f57
e5a218bd1dc9bc6410f36069969a1c36a3f34f0d42079c4bd02ec8c19421bee0
GET /65e7e65f41ad1c2cb20bb39e08e6b041.gif HTTP/1.1
Host: kzett.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 393378
date: Mon, 30 Jan 2023 17:46:47 GMT
last-modified: Tue, 03 Jan 2023 03:28:21 GMT
etag: "a930de5ec6e818c397927d0c8e288eb4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: njvSuJVy4JP9M3IAFrqIFhGXLnqfPBzILCKwfCsWnNnth6-vKpptcw==
age: 38918
X-Firefox-Spdy: h2
93261587768.com/61020a6ed3c244eaba49a59d87ba2719.gif
45.61.212.220200 OK 113 kB URL HTTP/1.1 93261587768.com/61020a6ed3c244eaba49a59d87ba2719.gif
IP 45.61.212.220:0
File type GIF image data, version 89a, 320 x 185\012- data
Size 113 kB (113076 bytes)
Hash 293a0887f1ab0b9517c19b77d51626dd
74adbd76d248f6cfc5cffdfaaaaaf942b69b080b
e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb
Analyzer Verdict Alert quad9 Sinkholed
GET /61020a6ed3c244eaba49a59d87ba2719.gif HTTP/1.1
Host: 93261587768.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9417-1b9b4"
Date: Thu, 26 Jan 2023 22:21:51 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:34:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-20
Content-Length: 113076
935676yfc.com/fd8cde79c1bf40bba0b8ece5eb5f6a9f.gif
103.170.15.79200 OK 62 kB URL HTTP/1.1 935676yfc.com/fd8cde79c1bf40bba0b8ece5eb5f6a9f.gif
IP 103.170.15.79:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Hash 7cfb13637d1e588e912b2b4f12ce521b
997b714423aca2fb1b84af533573e6911760d65a
8ef7c8e8cacaf31d1d1b0fea3b73660f473daec3634d9fc7ad759abb59454803
GET /fd8cde79c1bf40bba0b8ece5eb5f6a9f.gif HTTP/1.1
Host: 935676yfc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c14684-f3f4"
Date: Fri, 13 Jan 2023 12:23:37 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 13 Jan 2023 11:54:44 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-09
Content-Length: 62452
99887aaa.com/a83a9ff20a894b22a573737da7b4fed8.gif
103.170.15.75200 OK 452 kB URL HTTP/1.1 99887aaa.com/a83a9ff20a894b22a573737da7b4fed8.gif
IP 103.170.15.75:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 180 x 180\012- data
Size 452 kB (451941 bytes)
Hash 5cbdcfd3919dbbe0d1ee147f8bdebd3f
7170588f41fedb825a74abbe855019e15d58526f
760612adaf9d4f3caf9b28fb0d5ccb02abfae04188f14c58c20b87c25e10cf50
GET /a83a9ff20a894b22a573737da7b4fed8.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c147dc-6e565"
Date: Sun, 22 Jan 2023 11:18:12 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 13 Jan 2023 12:00:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 451941
u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
13.227.254.92200 OK 396 kB URL HTTP/2 u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP 13.227.254.92:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 396 kB (395600 bytes)
Hash 5155d4f34bc2f7e77b9fe8e854d9e96f
408ed373dd26d934ee70f30b0e47a9dc8049983f
db9f393331e2d56fe7da37b7822590b82524e2dde508848299877daeae1df3be
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: u22088.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 322d4a6b5dc93fed92dc98b4eacf25ca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6YII2VXsJz6dMwee9yViVejWk4p_BuSjJHnpkY4magPIWOrlTS_nTQ==
age: 1802598
X-Firefox-Spdy: h2
8499136.com/8499/200x200.gif
162.209.128.162200 OK 166 kB URL HTTP/2 8499136.com/8499/200x200.gif
IP 162.209.128.162:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 166 kB (166259 bytes)
Hash 9fc0b7d64f735674a14a4db84e1b7284
06da074c05f5beaca6a3b610c72ddfecfa44ea5f
269b7a6d667098e8db5611e861c2160879f65c0e234f8c515b60bda77995f121
GET /8499/200x200.gif HTTP/1.1
Host: 8499136.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 04:35:24 GMT
content-type: image/gif
content-length: 166259
last-modified: Sun, 08 Jan 2023 05:09:54 GMT
etag: "28973-5f1b9a949cebf"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
99889aaa.com/07310d5371ff4969be613033dc288f15.gif
45.61.212.47200 OK 678 kB URL HTTP/1.1 99889aaa.com/07310d5371ff4969be613033dc288f15.gif
IP 45.61.212.47:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 678 kB (677934 bytes)
Hash 5cfbe5ccfb45fd3f080b6cc8966f3633
f70d25c4f3d6aad1ad8785ac878390e6fa290725
7fd5a884a941ec7debff6bf4eadd3bb579a6b83f9361eb5a6dcd978e9199d3d6
GET /07310d5371ff4969be613033dc288f15.gif HTTP/1.1
Host: 99889aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c14629-a582e"
Date: Thu, 26 Jan 2023 12:26:45 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 13 Jan 2023 11:53:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 677934
p3.douyinpic.com/obj/tos-cn-i-dy/5566bcc0a0004dd8bc024374f81013ab
47.246.44.227200 OK 378 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/5566bcc0a0004dd8bc024374f81013ab
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 500 x 289\012- data
Size 378 kB (377774 bytes)
Hash 05a33f508490be9f15ab09a6e74d3bf1
81a3b227aed55bc56bb4e0159aab2192397f6170
fc325d25a8fd24205aec4e163076e790893336562346402a13e3b200220d5203
GET /obj/tos-cn-i-dy/5566bcc0a0004dd8bc024374f81013ab HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 377774
date: Sat, 28 Jan 2023 09:48:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 28 Jan 2023 07:14:48 GMT
nw-session-id: 20230128151448633E53B05E78D728BBA4lh8lf02dy
nw-session-trace: 2023-01-28T15:14:48.354476146+08:00 27
x-bdcdn-cache-status: TCP_HIT
x-length: 377774
x-powered-by: ImageX
x-response-date: Sat, 28 Jan 2023 15:14:48 GMT
x-tt-logid: 20230128151448633E53B05E78D728BBA4
via: n131-120-073, cache8.l2de2[0,0,206-0,H], cache23.l2de2[1,0], cache23.l2de2[1,0], cache1.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:15:292::203
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01d7e1e7fba3066915b4223b77de8a487b053b94404f60c07654fc44b404883c67a879240250c80c7cd0e27e16366611f52ab293d7b04096464a0f74273e5c9a2bf35cdf748e6670a7fb61bad221d294233dc03770bc4ace78b5dd05822f32ed8e
x-response-lb: image
ali-swift-global-savetime: 1674899331
age: 240394
x-cache: HIT TCP_MEM_HIT dirn:2:102248912
x-swift-savetime: Sat, 28 Jan 2023 10:45:13 GMT
x-swift-cachetime: 31532618
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397252521099e
X-Firefox-Spdy: h2
uumy1.bond/
27.124.8.144200 OK 275 kB IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
Size 275 kB (274783 bytes)
Hash b5119a50e6924f9dc498172a6460fcaf
faaf9483c42179a10e9b42b057cec5435b47ba56
c7ddda4fe8fd067f5f93afdb251ac4d3ff72cabc7a6b3053444dc431dad38d3a
GET / HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cyshangji.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
47.246.44.227200 OK 415 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 80\012- data
Size 415 kB (414979 bytes)
Hash ecd0f421a231299ffaa9117a67c1e38a
6dd0678ee6c2a91eca8db2428d8743f607360d3a
dbd0423b88c8d785dd015e2e80105d0bcd41e677c3588acbf34cf1ca542565c9
GET /obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 414979
date: Mon, 05 Dec 2022 07:16:52 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 07:09:21 GMT
nw-session-id: 2022120515092101015013207630C082CC7t5wt01dy
nw-session-trace: 2022-12-05T15:09:21.716293741+08:00 48
x-bdcdn-cache-status: TCP_HIT
x-length: 414979
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 15:09:21 GMT
x-tt-logid: 2022120515092101015013207630C082CC
via: n204-100-053, cache12.l2de2[0,0,206-0,H], cache12.l2de2[2,0], cache12.l2de2[2,0], cache2.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:27:681::36
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c70dab46e58f2ac949ece2051ac89e2dd2773be35d3e5369524bf1f9f46f4ea066e23b5378fe9943c2f968c40c38ced9fa128ef7bf579b1467b9a779eb22ac0c37e53b062293a8a1e8061f8daaf0ff7b4e0f99e8da2482833909c1ebdc2d578e
x-response-lb: image
ali-swift-global-savetime: 1670224612
age: 4915113
x-cache: HIT TCP_MEM_HIT dirn:3:381945493
x-swift-savetime: Wed, 11 Jan 2023 02:43:53 GMT
x-swift-cachetime: 28355579
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397253211118e
X-Firefox-Spdy: h2
225962tyy.com/31f9ca44473f45bd906b344086e4002e.gif
103.170.15.84200 OK 88 kB URL HTTP/1.1 225962tyy.com/31f9ca44473f45bd906b344086e4002e.gif
IP 103.170.15.84:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Hash 8d00fbc4b81285815eb1358ff6562dee
3b35d424783d0c9f64bafbfa7e427949115a4e15
1a1af43abebdc6ae261953807be21deea00014561de8652a974e518c1958639e
Analyzer Verdict Alert quad9 Sinkholed
GET /31f9ca44473f45bd906b344086e4002e.gif HTTP/1.1
Host: 225962tyy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b921c-15974"
Date: Tue, 27 Dec 2022 11:45:29 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:26:04 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-14
Content-Length: 88436
p3.douyinpic.com/obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c
47.246.44.227200 OK 264 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 600 x 180\012- data
Size 264 kB (264457 bytes)
Hash 8007c032862a58981996db2a62e644b1
ee7ababa5a4baf364669f160b1d26601ac8d947a
f1171e7ede87b61f3470e61f48e759b3b6f46bb5162b614b93210801c0955d89
GET /obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 264457
date: Sat, 28 Jan 2023 12:03:13 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 28 Jan 2023 07:51:01 GMT
nw-session-id: 2023012815510134CB009BF39888F0DA5Bn2gsx02dy
nw-session-trace: 2023-01-28T15:51:01.922164306+08:00 30
x-bdcdn-cache-status: TCP_HIT
x-length: 264457
x-powered-by: ImageX
x-response-date: Sat, 28 Jan 2023 15:51:01 GMT
x-tt-logid: 2023012815510134CB009BF39888F0DA5B
via: n204-100-014, cache14.l2de2[0,0,206-0,H], cache11.l2de2[1,0], cache11.l2de2[2,0], cache2.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:27:155::141
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 010b79fb233ecc212f8111619c222eeff1af6dfb466b49c8e9e56a89a9bb51d72aaaf82342278e1f9f5108a02d8eab5692286ea162f1720f27ce1741edead5238fff55a0e71a01d87deedee66710d265c3cb95212175e3ec2c802d309e0581a703
x-response-lb: image
ali-swift-global-savetime: 1674907394
age: 232331
x-cache: HIT TCP_MEM_HIT dirn:11:38193722
x-swift-savetime: Sat, 28 Jan 2023 15:00:15 GMT
x-swift-cachetime: 31525379
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397253871137e
X-Firefox-Spdy: h2
8499136.com/8499/224x149.gif
162.209.128.162200 OK 279 kB URL HTTP/2 8499136.com/8499/224x149.gif
IP 162.209.128.162:0
File type GIF image data, version 89a, 224 x 149\012- data
Size 279 kB (279147 bytes)
Hash 1d03173a924ad6553b852ebdfbb14978
ea1bd6de5eb8a8546ff9969d2d10813232f97071
591c8e3869932bb09ca8939402df283830d45fcf2d7ee2c6b4c0f55fa4d0c2a8
GET /8499/224x149.gif HTTP/1.1
Host: 8499136.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 04:35:24 GMT
content-type: image/gif
content-length: 279147
last-modified: Sun, 18 Dec 2022 06:27:12 GMT
etag: "4426b-5f0144b102850"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/cde6206cda4c49fe84e88feaebbb339d
47.246.44.227200 OK 463 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/cde6206cda4c49fe84e88feaebbb339d
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 160\012- data
Size 463 kB (462949 bytes)
Hash b215c52b27fb5b6e6a2c031cb92bd84e
36ff0b6ac8bacdb0e3430c08b5530f5bcc5d1675
e2f1259b3dfd688071dfe5d1bd5cce322bf7ca7e56580850d28ed050b183fa5d
GET /obj/tos-cn-i-dy/cde6206cda4c49fe84e88feaebbb339d HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 462949
date: Fri, 21 Oct 2022 08:14:02 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:54:03 GMT
nw-session-id: 20221021145403010175088203133647BFg8x9501dy
nw-session-trace: 2022-10-21T14:54:03.925831916+08:00 46
x-bdcdn-cache-status: TCP_HIT
x-length: 462949
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:54:03 GMT
x-tt-logid: 20221021145403010175088203133647BF
via: n150-056-038, cache19.l2de2[0,0,206-0,H], cache21.l2de2[1,0], cache21.l2de2[1,0], cache5.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc02:22:48::233
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01477cc639149ce33dae3abb200256c8a8f78259b41dd33e8c08bfaa48eb0eb1b9c850c856e8517a40266491016e94a1a12c8b622770df3b92a3df767e1ec91d8d3a7594fbf8aa3248593b8b76d1e03d52b287f611d3f1d361aebe035dd775b94e
x-response-lb: image
ali-swift-global-savetime: 1666340042
age: 8799683
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 21 Oct 2022 08:28:00 GMT
x-swift-cachetime: 31535162
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816751397254261148e
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash bb5df7fc4544538e5a82acc05c268f77
3433f496a3c60b7a4b27587d716399e3d9e8b139
2a21f1783ee7180a1dfe81cfadd7d215b6ee2b2e6f47e1c69c013a2a45d67a21
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:25 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 15:43:06 GMT
Expires: Sat, 04 Feb 2023 15:43:05 GMT
Etag: "3433f496a3c60b7a4b27587d716399e3d9e8b139"
Cache-Control: max-age=385059,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd940c19b517-OSL
595tuchuang.com/960x80.gif
183.255.106.38200 OK 145 kB URL HTTP/1.1 595tuchuang.com/960x80.gif
IP 183.255.106.38:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 145 kB (144990 bytes)
Hash 9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:24 GMT
Content-Type: image/gif
Content-Length: 144990
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 13:28:21 GMT
ETag: "63a309f5-2365e"
Expires: Wed, 01 Mar 2023 06:45:41 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
u1011.com/c8d8d5e05001496ea770e08cee1b63aa.gif
103.170.15.70200 OK 463 kB URL HTTP/2 u1011.com/c8d8d5e05001496ea770e08cee1b63aa.gif
IP 103.170.15.70:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 980 x 90\012- data
Size 463 kB (462945 bytes)
Hash d0dc4ff7aca57fd46b717256af9934e3
6641e74addbfe98af57a0fe4a4acd77fdaa2cc1e
a8cc5173525f2266aa5026b51414ec1744ac658d432bd6b3887af56db591cf9e
GET /c8d8d5e05001496ea770e08cee1b63aa.gif HTTP/1.1
Host: u1011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63ca72a5-71061"
server: nginx
date: Thu, 26 Jan 2023 13:03:26 GMT
content-type: image/gif
last-modified: Fri, 20 Jan 2023 10:53:25 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-60
content-length: 462945
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/fonts/iconfont.woff
27.124.8.144200 OK 525 B URL HTTP/2 uumy1.bond/template/m1938pc/fonts/iconfont.woff
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
GET /template/m1938pc/fonts/iconfont.woff HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://uumy1.bond/template/m1938pc/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:23 GMT
content-type: font/woff
content-length: 525
last-modified: Wed, 09 Nov 2022 09:25:31 GMT
etag: "636b720b-20d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/images/video-play.png
27.124.8.144200 OK 1.6 kB URL HTTP/2 uumy1.bond/template/m1938pc/images/video-play.png
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:23 GMT
content-type: image/png
content-length: 1567
last-modified: Wed, 09 Nov 2022 09:25:47 GMT
etag: "636b721b-61f"
expires: Thu, 02 Mar 2023 04:35:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 21f19515c8c24b2afe25061d7d0affbf
aaa7858e6a6d54ed9c1acd95968cd8f28c4ee768
951679a2b61bae0abc63a2fbc634ad55ecf710827a2cb11e4e9951e65b3d6620
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 12:08:08 GMT
Expires: Sun, 05 Feb 2023 12:08:07 GMT
Etag: "aaa7858e6a6d54ed9c1acd95968cd8f28c4ee768"
Cache-Control: max-age=458561,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd93d839b529-OSL
u1099.com/09c41f1834594b05910b9dd3ef0ee1f7.png
45.61.212.141200 OK 50 kB URL HTTP/2 u1099.com/09c41f1834594b05910b9dd3ef0ee1f7.png
IP 45.61.212.141:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 97cc6988849502540b56f5ee80515f33
c4dc920b46f883c78aa349f57db666febc7f33d4
a54ecdafac52d98d03467b2abf9688027f71d6b93f89b3388c91302795b5ff9e
GET /09c41f1834594b05910b9dd3ef0ee1f7.png HTTP/1.1
Host: u1099.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63b54e38-c3ec"
server: nginx
date: Mon, 30 Jan 2023 17:32:10 GMT
content-type: image/png
last-modified: Wed, 04 Jan 2023 10:00:24 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-11
content-length: 50156
X-Firefox-Spdy: h2
img.2292a.com/images/63d4def41eff8f93601b039e.gif
3.36.126.81302 Found 503 B URL HTTP/2 img.2292a.com/images/63d4def41eff8f93601b039e.gif
IP 3.36.126.81:0
Hash 8f2103c6f6898ae32cd068fe76cf0f98
59704bc2ed07a645ec750310ac621b32149bcfd0
36c4af8babf9095391e50a22ca9c321f4091f5d31df8ab15e5beb306bc4bb7da
GET /images/63d4def41eff8f93601b039e.gif HTTP/1.1
Host: img.2292a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/77845bfb40024d2d8ff456c8b549e69c
X-Firefox-Spdy: h2
hnrtg.mryshl.com/v2/stats/11964/156935
23.224.88.99200 OK 0 B URL HTTP/2 hnrtg.mryshl.com/v2/stats/11964/156935
IP 23.224.88.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/stats/11964/156935 HTTP/1.1
Host: hnrtg.mryshl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 04:35:26 GMT
content-length: 0
x-cache: MISS
server: fang
x-cache-status: MISS
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1bd0e49050b7041ca986f5d98ace6137
0a2a68e1e539537760d0e7a39f92e88f42383fe7
88e97c3a7035a2ce5aa6d358df447eae9f515783ecb282077e015c6cb8ae2917
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 04:07:45 GMT
Expires: Tue, 07 Feb 2023 04:07:44 GMT
Etag: "0a2a68e1e539537760d0e7a39f92e88f42383fe7"
Cache-Control: max-age=602537,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd9b690cb509-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 1a6b641e580c65368944d4b5ef3014d5
3f03aec6f6af80e1f19b06f0e073f8c151b71493
ea916b1c350c4183bbcfa5fe133d06ab3618d7a551e7a19c99b4e740f979f071
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:26 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 08:49:43 GMT
Expires: Sat, 04 Feb 2023 08:49:42 GMT
Etag: "3f03aec6f6af80e1f19b06f0e073f8c151b71493"
Cache-Control: max-age=360255,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd9ccf8bb518-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 1a6b641e580c65368944d4b5ef3014d5
3f03aec6f6af80e1f19b06f0e073f8c151b71493
ea916b1c350c4183bbcfa5fe133d06ab3618d7a551e7a19c99b4e740f979f071
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 04:35:27 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 08:49:43 GMT
Expires: Sat, 04 Feb 2023 08:49:42 GMT
Etag: "3f03aec6f6af80e1f19b06f0e073f8c151b71493"
Cache-Control: max-age=360255,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791fbd9cdb79b517-OSL
img.2599u.com/images/635241fe5fe50f0585d3ef8b.gif
3.36.126.81302 Found 728 B URL HTTP/2 img.2599u.com/images/635241fe5fe50f0585d3ef8b.gif
IP 3.36.126.81:0
Hash 055702332280b9d90288ccfd01a3a4f8
c3841c640191b31f76eb29c007607b7942d6544e
5f8014ecebd6f4b43086b4f2d901dc14dd73b0e850e1eac3583096264708dffb
GET /images/635241fe5fe50f0585d3ef8b.gif HTTP/1.1
Host: img.2599u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/cde6206cda4c49fe84e88feaebbb339d
X-Firefox-Spdy: h2
kmr.mjnbrt.xyz/mnrt/kmrr.png
23.224.92.245200 OK 85 kB URL HTTP/1.1 kmr.mjnbrt.xyz/mnrt/kmrr.png
IP 23.224.92.245:0
File type PNG image data, 2084 x 2084, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c80359bedd35432aea1539a1edcd122
62b0eb9a7eef9b048ab55e3e8d8486a43d5ef8db
74df8ccb6d42d5ee40aaffccd0246978eca881c260c8505afb9f71f85fe17ee2
GET /mnrt/kmrr.png HTTP/1.1
Host: kmr.mjnbrt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 04:35:26 GMT
Content-Type: image/png
Content-Length: 84560
Last-Modified: Mon, 26 Dec 2022 07:36:05 GMT
Connection: keep-alive
ETag: "63a94ee5-14a50"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
uumy1.bond/template/m1938pc/fonts/iconfont.ttf
27.124.8.144200 OK 257 B URL HTTP/2 uumy1.bond/template/m1938pc/fonts/iconfont.ttf
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b6bf2659c287c7e192ff7c20853205e4
91087c59b4f1a108c0515d4daeb8d4cc49b62da5
a3cc4d1f67765644ce73654ad2d0a1e9f2b85553268d2f3e4d438da3bda75bb4
GET /template/m1938pc/fonts/iconfont.ttf HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/template/m1938pc/css/zui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:25 GMT
content-type: application/octet-stream
content-length: 257
last-modified: Wed, 09 Nov 2022 09:25:30 GMT
etag: "636b720a-101"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hnrtg.mryshl.com/j/156935
23.224.88.99200 OK 107 kB URL HTTP/2 hnrtg.mryshl.com/j/156935
IP 23.224.88.99:0
Size 107 kB (107059 bytes)
Hash d1a274714eeec19d31aa6caf3d852f9e
1d5c29dbf2478fceeba27af178d709c0e5158312
76e67f4e82a71182d63d2206f1aceb9a66e66b644c5be588016e23b5d19d42fb
GET /j/156935 HTTP/1.1
Host: hnrtg.mryshl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 04:35:26 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000
content-encoding: gzip
server: fang
x-cache-status: MISS
X-Firefox-Spdy: h2
img.999996.co/images/6322c0e7136c30cff133c82e.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.999996.co/images/6322c0e7136c30cff133c82e.gif
IP 3.36.126.81:0
GET /images/6322c0e7136c30cff133c82e.gif HTTP/1.1
Host: img.999996.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/a985985b1ad549bfad87f5fbf439b637
X-Firefox-Spdy: h2
img.u1119.com/images/6352420f5fe50f0585d3ef8c.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.u1119.com/images/6352420f5fe50f0585d3ef8c.gif
IP 3.36.126.81:0
GET /images/6352420f5fe50f0585d3ef8c.gif HTTP/1.1
Host: img.u1119.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/de96f069f07e40a7b530905760805650
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc//js/jquery.min.js
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc//js/jquery.min.js
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc//js/jquery.min.js HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2022 14:54:05 GMT
vary: Accept-Encoding
etag: W/"6372568d-1538f"
expires: Tue, 31 Jan 2023 16:35:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/html9/ads/91av.jpg
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/html9/ads/91av.jpg
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/html9/ads/91av.jpg HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: image/jpeg
content-length: 333171
last-modified: Tue, 10 Jan 2023 15:15:47 GMT
etag: "63bd8123-51573"
expires: Thu, 02 Mar 2023 04:35:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
link.imgapp.top/images/63ba73b0a92cd2097e833f93.gif
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/63ba73b0a92cd2097e833f93.gif
IP 3.36.126.81:0
GET /images/63ba73b0a92cd2097e833f93.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/0c3d2cdaed96469f9d5774583186184e
X-Firefox-Spdy: h2
img.1141555.com/images/63cf844238361bf95594a502.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1141555.com/images/63cf844238361bf95594a502.gif
IP 3.36.126.81:0
GET /images/63cf844238361bf95594a502.gif HTTP/1.1
Host: img.1141555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/e9ab02ac76324557bbde6db4ecbf8c99
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/html9/ads/pfdsp.gif
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/html9/ads/pfdsp.gif
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/html9/ads/pfdsp.gif HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: image/gif
content-length: 196951
last-modified: Wed, 09 Nov 2022 13:09:04 GMT
etag: "636ba670-30157"
expires: Thu, 02 Mar 2023 04:35:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/js/uu.js
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/js/uu.js
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/js/uu.js HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:22 GMT
content-type: application/javascript
last-modified: Mon, 02 Jan 2023 14:42:02 GMT
vary: Accept-Encoding
etag: W/"63b2ed3a-b76"
expires: Tue, 31 Jan 2023 16:35:22 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/css/ate.css
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/css/ate.css
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 09:25:25 GMT
vary: Accept-Encoding
etag: W/"636b7205-126e4"
expires: Tue, 31 Jan 2023 16:35:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
link.imgapp.top/images/63ba73b1a92cd2097e833f9d.gif
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/63ba73b1a92cd2097e833f9d.gif
IP 3.36.126.81:0
GET /images/63ba73b1a92cd2097e833f9d.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9758275ccbb9404887d9537125b38ea9
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/html9/ads/250.gif
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/html9/ads/250.gif
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/html9/ads/250.gif HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: image/gif
content-length: 524580
last-modified: Wed, 09 Nov 2022 13:40:10 GMT
etag: "636badba-80124"
expires: Thu, 02 Mar 2023 04:35:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.2897a.com/images/63a1a3277c2b41a439f0ec46.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.2897a.com/images/63a1a3277c2b41a439f0ec46.gif
IP 3.36.126.81:0
GET /images/63a1a3277c2b41a439f0ec46.gif HTTP/1.1
Host: img.2897a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/css/zui.css
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/css/zui.css
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: text/css
last-modified: Fri, 20 Jan 2023 16:13:35 GMT
vary: Accept-Encoding
etag: W/"63cabdaf-18c7c"
expires: Tue, 31 Jan 2023 16:35:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/css/seyuav-ui.css
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/css/seyuav-ui.css
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/css/seyuav-ui.css HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: text/css
last-modified: Fri, 20 Jan 2023 16:14:35 GMT
vary: Accept-Encoding
etag: W/"63cabdeb-8a77"
expires: Tue, 31 Jan 2023 16:35:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/html9/ads/wy120.gif
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/html9/ads/wy120.gif
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/html9/ads/wy120.gif HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: image/gif
content-length: 352508
last-modified: Mon, 02 Jan 2023 10:51:17 GMT
etag: "63b2b725-560fc"
expires: Thu, 02 Mar 2023 04:35:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.u1332.com/images/63763befb291370320619eb3.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.u1332.com/images/63763befb291370320619eb3.gif
IP 3.36.126.81:0
GET /images/63763befb291370320619eb3.gif HTTP/1.1
Host: img.u1332.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6bd98810012e4de5828c0a8213e01106
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/html9/ads/gbi.jpg
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/html9/ads/gbi.jpg
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/html9/ads/gbi.jpg HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:22 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Wed, 09 Nov 2022 14:38:12 GMT
etag: "636bbb54-23ce"
expires: Thu, 02 Mar 2023 04:35:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.5153a.com/images/63d4df171eff8f93601b039f.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.5153a.com/images/63d4df171eff8f93601b039f.gif
IP 3.36.126.81:0
GET /images/63d4df171eff8f93601b039f.gif HTTP/1.1
Host: img.5153a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5566bcc0a0004dd8bc024374f81013ab
X-Firefox-Spdy: h2
jmknler.kmmeopr.xyz/c.php?s=JnpvbmVpZD0xNTY5MzUmc2l0ZWlkPSZ1aWQ9MTE5NjQmYWRzaWQ9NTk2NzYwMCZwbGFuaWQ9MzA1ODcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRm10ZGguaHVpc2l4dWUuY29tJTJGNSUyRiZ2dGltZT0yMDIzLTAxLTMxIDEyOjM1OjI1JmlwPTkxLjkwLjQyLjE1NA==;4a6bdd76a9f6b2f882dedea0c368175e;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmN5c2hhbmdqaS5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnV1bXkxLmJvbmQlMkYmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PXV1dHYteW91eW91dHYmbD1lbi1VUyZjPTAmaD05Mjc=
192.151.200.34200 OK 0 B URL HTTP/2 jmknler.kmmeopr.xyz/c.php?s=JnpvbmVpZD0xNTY5MzUmc2l0ZWlkPSZ1aWQ9MTE5NjQmYWRzaWQ9NTk2NzYwMCZwbGFuaWQ9MzA1ODcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRm10ZGguaHVpc2l4dWUuY29tJTJGNSUyRiZ2dGltZT0yMDIzLTAxLTMxIDEyOjM1OjI1JmlwPTkxLjkwLjQyLjE1NA==;4a6bdd76a9f6b2f882dedea0c368175e;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmN5c2hhbmdqaS5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnV1bXkxLmJvbmQlMkYmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PXV1dHYteW91eW91dHYmbD1lbi1VUyZjPTAmaD05Mjc=
IP 192.151.200.34:0
GET /c.php?s=JnpvbmVpZD0xNTY5MzUmc2l0ZWlkPSZ1aWQ9MTE5NjQmYWRzaWQ9NTk2NzYwMCZwbGFuaWQ9MzA1ODcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRm10ZGguaHVpc2l4dWUuY29tJTJGNSUyRiZ2dGltZT0yMDIzLTAxLTMxIDEyOjM1OjI1JmlwPTkxLjkwLjQyLjE1NA==;4a6bdd76a9f6b2f882dedea0c368175e;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj1odHRwJTNBJTJGJTJGd3d3LmN5c2hhbmdqaS5jb20lMkYmeD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnV1bXkxLmJvbmQlMkYmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PXV1dHYteW91eW91dHYmbD1lbi1VUyZjPTAmaD05Mjc= HTTP/1.1
Host: jmknler.kmmeopr.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uumy1.bond/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 04:35:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS
set-cookie: region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Sun, 30-Jul-2023 04:35:27 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Tue, 07-Feb-2023 04:35:27 GMT; Max-Age=604800; path=/
11964_30587=re; expires=Tue, 31-Jan-2023 09:35:27 GMT; Max-Age=18000; path=/
do2click_30587=5967600%7C30587%7C11964%7C156935%7C; expires=Tue, 31-Jan-2023 07:35:27 GMT; Max-Age=10800; path=/
doEffect_30587=5967600%7C30587%7C11964%7C156935%7C; expires=Tue, 07-Feb-2023 04:35:27 GMT; Max-Age=604800; path=/
p3p: CP="Powered by Www.Zyiis.Com 2005-2016"
content-encoding: gzip
server: fang
x-cache-status: MISS
X-Firefox-Spdy: h2
uumy1.bond/template/m1938pc/html9/ads/tb5.gif
27.124.8.144200 OK 0 B URL HTTP/2 uumy1.bond/template/m1938pc/html9/ads/tb5.gif
IP 27.124.8.144:0
ASN #64050 BGPNET Global ASN
GET /template/m1938pc/html9/ads/tb5.gif HTTP/1.1
Host: uumy1.bond
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 04:35:21 GMT
content-type: image/gif
content-length: 192402
last-modified: Wed, 09 Nov 2022 13:12:06 GMT
etag: "636ba726-2ef92"
expires: Thu, 02 Mar 2023 04:35:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
link.imgapp.top/images/63ba73afa92cd2097e833f91.gif
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/63ba73afa92cd2097e833f91.gif
IP 3.36.126.81:0
GET /images/63ba73afa92cd2097e833f91.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/96116c5b187b452d8a7ceae72d087e8f
X-Firefox-Spdy: h2