38.173.90.56 369 B IP 38.173.90.56:0
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 037349014eca3b55d0ec7945015e3291
426cc6472132f8cac0497988af6e728e93bbb31a
69c255e8fc6e97f7f2a0ecae27a821cf8e348a4afbc4f42a5f7227056ed3cbd4
GET /new/3.exe HTTP/1.1
Host: www.18dd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 22:03:27 GMT
Content-Type: text/html
Content-Length: 369
Connection: keep-alive
www.18dd.net/tj.js
38.173.90.56200 OK 258 B IP 38.173.90.56:80
Requested by http://www.18dd.net/new/3.exe
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 8b64d7f1101a038da057d91d76e7c399
cb0bf5f00b9cab9e22c40e72e205e95d8ebae4f5
05c8880951777257ff152b12d45a4e5ee89c2ecb4612cd8d4dfea5ce14d3a936
GET /tj.js HTTP/1.1
Host: www.18dd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/new/3.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 22:03:27 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.18dd.net/favicon.ico
38.173.90.56200 OK 1.2 kB IP 38.173.90.56:80
Requested by http://www.18dd.net/new/3.exe
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.18dd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/new/3.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 22:03:28 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 12 May 2024 22:03:28 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
0b30a3.com/index.php
38.12.231.97200 OK 1.7 kB IP 38.12.231.97:443
Requested by http://www.18dd.net/new/3.exe
Certificate IssuerLet's Encrypt
Subject0a12a2.com
FingerprintEC:C8:FA:DE:DB:6A:D2:5C:F9:BA:69:57:34:DF:58:07:25:A4:2A:D9
ValidityThu, 11 Apr 2024 15:21:02 GMT - Wed, 10 Jul 2024 15:21:01 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (1817)
Hash 5517124db9c4dc285429607a4cc2d8c8
796a56b25500a6c553fb5cb2b6906b5ba4d1f2c1
864c9022df8c0415174ad45d331418c08d482be9daede4d87f96a39dffae93bf
GET /index.php HTTP/1.1
Host: 0b30a3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 22:03:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
hm.baidu.com/hm.js?bc574eeaf3496a6ecd996d09b14f4533
14.215.183.79200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?bc574eeaf3496a6ecd996d09b14f4533
IP 14.215.183.79:443
Requested by http://www.18dd.net/new/3.exe
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (628)
Hash a5e346579f5ecd2487fc579ff5d5a52d
96e17f590a882e897a1ea7332a0962cc026e965a
be5622d3d2c86874c82a0dac3674e0fac039f2dc875477fba3330d131f4e65e2
GET /hm.js?bc574eeaf3496a6ecd996d09b14f4533 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11266
Content-Type: application/javascript
Date: Tue, 07 May 2024 22:03:28 GMT
Etag: 69e5bc8632afd3ceb5bb587d4a2035f2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8C5C2F771814D4AE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ebd9eb6eb74c869329e88d370899aa4e
14.215.183.79 11 kB URL hm.baidu.com/hm.js?ebd9eb6eb74c869329e88d370899aa4e
IP 14.215.183.79:0
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (623)
Hash 6d26d1450ed7e7ac01c3fc65db4243d8
a12ca6e309e54a856eb9b5cd24b5b04460f09132
6bdf26bb6dee48ba20cdca78807b2147d03fdea94c3cbed4d942ac5c58c11a47
GET /hm.js?ebd9eb6eb74c869329e88d370899aa4e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0b30a3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11261
Content-Type: application/javascript
Date: Tue, 07 May 2024 22:03:29 GMT
Etag: 7691566005f1f56d5ffc5ef0f81600bb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=078A51944FA73341; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=806534082&si=ebd9eb6eb74c869329e88d370899aa4e&su=http%3A%2F%2Fwww.18dd.net%2F&v=1.3.0&lv=1&sn=2924&r=0&ww=1280&u=https%3A%2F%2F0b30a3.com%2Findex.php&tt=%E7%B2%BE%E5%BD%A9%E5%86%85%E5%AE%B9%E5%8D%B3%E5%B0%86%E5%91%88%E7%8E%B0
14.215.183.79 43 B URL hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=806534082&si=ebd9eb6eb74c869329e88d370899aa4e&su=http%3A%2F%2Fwww.18dd.net%2F&v=1.3.0&lv=1&sn=2924&r=0&ww=1280&u=https%3A%2F%2F0b30a3.com%2Findex.php&tt=%E7%B2%BE%E5%BD%A9%E5%86%85%E5%AE%B9%E5%8D%B3%E5%B0%86%E5%91%88%E7%8E%B0
IP 14.215.183.79:0
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=806534082&si=ebd9eb6eb74c869329e88d370899aa4e&su=http%3A%2F%2Fwww.18dd.net%2F&v=1.3.0&lv=1&sn=2924&r=0&ww=1280&u=https%3A%2F%2F0b30a3.com%2Findex.php&tt=%E7%B2%BE%E5%BD%A9%E5%86%85%E5%AE%B9%E5%8D%B3%E5%B0%86%E5%91%88%E7%8E%B0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0b30a3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 22:03:29 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2D68D08FDF9F167C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=720204191&si=bc574eeaf3496a6ecd996d09b14f4533&v=1.3.0&lv=1&sn=2924&r=0&ww=1280&u=http%3A%2F%2Fwww.18dd.net%2Fnew%2F3.exe&tt=%E8%AF%B7%E7%89%A2%E8%AE%B0%E5%9F%9F%E5%90%8D%E6%B0%B8%E4%B8%8D%E5%A4%B1%E8%81%94
14.215.183.79200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=720204191&si=bc574eeaf3496a6ecd996d09b14f4533&v=1.3.0&lv=1&sn=2924&r=0&ww=1280&u=http%3A%2F%2Fwww.18dd.net%2Fnew%2F3.exe&tt=%E8%AF%B7%E7%89%A2%E8%AE%B0%E5%9F%9F%E5%90%8D%E6%B0%B8%E4%B8%8D%E5%A4%B1%E8%81%94
IP 14.215.183.79:443
Requested by http://www.18dd.net/new/3.exe
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=720204191&si=bc574eeaf3496a6ecd996d09b14f4533&v=1.3.0&lv=1&sn=2924&r=0&ww=1280&u=http%3A%2F%2Fwww.18dd.net%2Fnew%2F3.exe&tt=%E8%AF%B7%E7%89%A2%E8%AE%B0%E5%9F%9F%E5%90%8D%E6%B0%B8%E4%B8%8D%E5%A4%B1%E8%81%94 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 22:03:29 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1B0B77CE03CF97E5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/js/main.js
47.246.2.227200 OK 4.8 kB URL GET HTTP/2 registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/js/main.js
IP 47.246.2.227:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (7252)
Hash c2ee3e5a3ce4db356229b65f185d01f6
9eb674cc37fa4e0d07f77c175f20369eadb0faa9
bd732bf712ca47669a4e634520b8fcfdfc2feacb8903fd3b18d9675099c7aaa3
GET /htmxskyjs/1.0.54/files/editors/web2/js/main.js HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
content-length: 4769
strict-transport-security: max-age=5184000
date: Tue, 30 Apr 2024 16:19:28 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 6b404c80-070d-11ef-b13c-1b7e5fe1e44d
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 54.763
via: ru3.l1, cache16.ru3, l2de2.l2, cache8.l2de2, registry.npmmirror.com-06, cache8.l2de2[254,254,200-0,M], cache20.l2de2[255,0], cache16.ru3[0,0,200-0,H], cache9.ru3[0,0]
content-encoding: gzip
ali-swift-global-savetime: 1714493968
age: 625443
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 30 Apr 2024 16:19:28 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029d17151194112338677e
X-Firefox-Spdy: h2
h3jq20.lgl1zec3vybtu2cbekez.top/home.html
173.214.24.194200 OK 25 kB URL GET HTTP/2 h3jq20.lgl1zec3vybtu2cbekez.top/home.html
IP 173.214.24.194:443
ASN #4213 EVOCATIVE-GLOBAL
Requested by http://www.18dd.net/new/3.exe
Certificate IssuerLet's Encrypt
Subjectlj5soskg9vlgooc0y5dy.top
Fingerprint48:07:83:BD:56:7B:23:7D:7E:52:39:B9:38:5B:39:15:92:5F:AD:82
ValidityThu, 07 Mar 2024 23:18:35 GMT - Wed, 05 Jun 2024 23:18:34 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (63693)
Hash 6004eafcaa9cd4ee0fe6550e188de321
4c8840757f7d2a068f869a11a47acd615079f0d1
6515c933b6a81b0b0698db05f8012f9c96ab90937220f5318d5e4b690e86b4e9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /home.html HTTP/1.1
Host: h3jq20.lgl1zec3vybtu2cbekez.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:30 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
bytedace: PaoPao
vary: Accept-Encoding
cache-control: public, max-age=3600
content-encoding: gzip
server: nginx
x-cache-status: HIT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 1728000
X-Firefox-Spdy: h2
registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/css/icon.css
47.246.2.227200 OK 7.9 kB URL GET HTTP/2 registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/css/icon.css
IP 47.246.2.227:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (14170)
Hash 07054d1ac5f3df37363a4628b1469f30
42aad1bd6c35cc21440daf82afc04eecd8ce6213
af85fcdc0ffe18f2b68d0f0188d8122ee6e2cb8e81fa4247d7f9f4bdf9ca6e29
GET /htmxskyjs/1.0.54/files/editors/web2/css/icon.css HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/css; charset=utf-8
content-length: 7924
strict-transport-security: max-age=5184000
date: Mon, 06 May 2024 10:07:11 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 67941990-0b90-11ef-be7f-e98b71c7478d
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 40.066
via: ru3.l1, cache1.ru3, l2fr1.l2, cache19.l2fr1, npmmirror-x86-2022012802002, cache19.l2fr1[0,0,200-0,H], cache26.l2fr1[1,0], cache9.ru3[0,0,200-0,H], cache9.ru3[0,0]
content-encoding: gzip
ali-swift-global-savetime: 1714990031
age: 129380
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 06 May 2024 12:12:38 GMT
x-swift-cachetime: 31528473
timing-allow-origin: *
eagleid: 2ff6029d17151194113438951e
X-Firefox-Spdy: h2
registry.npmmirror.com/validaterick/1.0.21/files/logo/lw_logo.png
47.246.2.227200 OK 6.5 kB URL GET HTTP/2 registry.npmmirror.com/validaterick/1.0.21/files/logo/lw_logo.png
IP 47.246.2.227:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Hash 41acf7923e620b2c6e21b6f151689738
31550409c03a85cf7e34688cb640d6fcc805b976
728917af9454072bdbfd1213dcd3f2ae8d5b1969f37f3227bb3ab3e07114a05f
GET /validaterick/1.0.21/files/logo/lw_logo.png HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 6478
strict-transport-security: max-age=5184000
date: Tue, 23 Apr 2024 17:49:40 GMT
vary: Origin, Accept, Accept-Encoding
request-id: dbf56010-0199-11ef-be7f-e98b71c7478d
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 64.276
via: ru3.l1, cache13.ru3, l2de2.l2, cache5.l2de2, npmmirror-x86-2022012802002, cache5.l2de2[247,246,200-0,M], cache19.l2de2[249,0], cache13.ru3[0,0,200-0,H], cache9.ru3[22,0]
ali-swift-global-savetime: 1713894580
age: 1224831
x-cache: HIT TCP_HIT dirn:9:407182924
x-swift-savetime: Tue, 23 Apr 2024 17:49:40 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029d17151194115641404e
X-Firefox-Spdy: h2
registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/js/index.js
47.246.2.227200 OK 1.2 kB URL GET HTTP/2 registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/js/index.js
IP 47.246.2.227:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (3274), with no line terminators
Hash d88b09cfdfb50f1d610f99e29f29b4f5
af7ba9c6685658946a056dfd7c71e31c10bf1d8d
f3fa47d90201ed6b5db62ffe7315616b16032476c8cedb863f5c065a5275bac1
GET /htmxskyjs/1.0.54/files/editors/web2/js/index.js HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
content-length: 1231
strict-transport-security: max-age=5184000
date: Tue, 30 Apr 2024 16:53:05 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 1d4d84c0-0712-11ef-9a51-b7663878c13f
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 54.324
via: ru3.l1, cache18.ru3, l2de2.l2, cache20.l2de2, npmmirror-x86-2022012802002, cache20.l2de2[0,0,200-0,H], cache15.l2de2[1,0], cache8.ru3[0,0,200-0,H], cache9.ru3[22,0]
content-encoding: gzip
ali-swift-global-savetime: 1714495985
age: 623426
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 06 May 2024 09:54:44 GMT
x-swift-cachetime: 31042701
timing-allow-origin: *
eagleid: 2ff6029d17151194115641408e
X-Firefox-Spdy: h2
registry.npmmirror.com/pickadatejs/1.0.7/files/lib/static/sexygirl.gif
47.246.2.227200 OK 15 kB URL GET HTTP/2 registry.npmmirror.com/pickadatejs/1.0.7/files/lib/static/sexygirl.gif
IP 47.246.2.227:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type GIF image data, version 89a, 90 x 107
Hash 08cd02b15e6b509430265d6b2d524b33
0aac054ce3169c2ee96647354b3f3f3c4cc749de
34548ea196b54a72899bbedf294bcc3b0ac732ad983a35d0748366a2d7d8cea5
GET /pickadatejs/1.0.7/files/lib/static/sexygirl.gif HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 14773
strict-transport-security: max-age=5184000
date: Tue, 07 May 2024 03:06:23 GMT
vary: Origin, Accept, Accept-Encoding
request-id: c8fcaf10-0c1e-11ef-88b9-039fe19a3c34
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 81.99
via: ru3.l1, cache14.ru3, l2de2.l2, cache12.l2de2, registry.npmmirror.com-07, cache12.l2de2[290,290,200-0,M], cache2.l2de2[292,0], cache14.ru3[0,0,200-0,H], cache9.ru3[21,0]
ali-swift-global-savetime: 1715051183
age: 68228
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 07 May 2024 03:06:23 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029d17151194115651412e
X-Firefox-Spdy: h2
registry.npmmirror.com/validaterick/1.0.18/files/logo/cg_logo.png
47.246.2.227200 OK 8.2 kB URL GET HTTP/2 registry.npmmirror.com/validaterick/1.0.18/files/logo/cg_logo.png
IP 47.246.2.227:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Hash a72d1f0779d96ac3546b2896279230c7
8881150c2ae7804b077364f2c873ec9346164107
7f8aa268ad52a15b2539d1322bb2952395fc239458113f28311baf3a55847fa6
GET /validaterick/1.0.18/files/logo/cg_logo.png HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 8242
strict-transport-security: max-age=5184000
date: Tue, 07 May 2024 03:06:24 GMT
vary: Origin, Accept, Accept-Encoding
request-id: c9834430-0c1e-11ef-be49-9b6c029abc1e
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 51.497
via: ru3.l1, cache2.ru3, l2de2.l2, cache26.l2de2, npmmirror-x86-20220823001, cache26.l2de2[251,251,200-0,M], cache12.l2de2[253,0], cache2.ru3[0,0,200-0,H], cache9.ru3[0,0]
ali-swift-global-savetime: 1715051184
age: 68227
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 07 May 2024 03:06:24 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029d17151194116461634e
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003416OZXA.webp
198.41.219.53200 OK 62 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003416OZXA.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a671e7e10cf82155a1e250125d240df3
adb578dbd2f7905e938b3622b6bdc6a779e29697
a0ed1972088f7910dfeff5c1089d6b0136d6e296b430e074c9e8d60365ef7efe
GET /vod/240326/VR2024032607003416OZXA.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 62214
last-modified: Tue, 26 Mar 2024 16:30:37 GMT
etag: "6602f82d-f306"
expires: Wed, 05 Jun 2024 00:43:12 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 163219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDJJC4cJqFaA1QrEWg1ghDy6Xh%2BuiTq8v48RscI6XUJ73XBXGftufGngMrQhk5d4uOQvQ%2BnkCM7XfNTg8qBxJsAICuqOIPxCZ6n85ItE3vUlq3lBxUOctW4GOpIH%2FLRAvCO7HUGRfk0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880480236e6443f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
registry.npmmirror.com/validaterick/1.0.10/files/bower/1334adb7007e8648bbd4bf39f1edc15b
47.246.2.227200 OK 311 kB URL GET HTTP/2 registry.npmmirror.com/validaterick/1.0.10/files/bower/1334adb7007e8648bbd4bf39f1edc15b
IP 47.246.2.227:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image
Size 311 kB (311104 bytes)
Hash 350360a3ba5bed1914c36f5ace66c97d
56096ebb7388117bc7e59a604040949486759209
93553374255807e1ed0d57e33afa739c40f14b9752e94ab511b6c4a3e00bd8ec
GET /validaterick/1.0.10/files/bower/1334adb7007e8648bbd4bf39f1edc15b HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/octet-stream
content-length: 311104
strict-transport-security: max-age=5184000
date: Tue, 07 May 2024 03:06:24 GMT
vary: Origin, Accept, Accept-Encoding
request-id: c9b577c0-0c1e-11ef-ac2a-112cfc691e0b
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 56.054
via: ru3.l1, cache10.ru3, l2de2.l2, cache9.l2de2, npmmirror-x86-20220823002, cache9.l2de2[0,11,200-0,H], cache19.l2de2[14,0], cache6.ru3[0,0,200-0,H], cache9.ru3[1,0]
ali-swift-global-savetime: 1715051184
age: 68227
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 07 May 2024 22:03:13 GMT
x-swift-cachetime: 31467791
timing-allow-origin: *
eagleid: 2ff6029d17151194117131780e
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?8530c8009899ef1d6dacdbe5d10ac89c
14.215.183.79200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?8530c8009899ef1d6dacdbe5d10ac89c
IP 14.215.183.79:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (616)
Hash 32507d7e8c4f3b40e4e94c81b00066b9
33f814c715967332434e0ab37c8d1e70bcdccf13
e075cffccb9e1339e1dd44f259b04872d6d130a1ee8f04f3567e6fed52b993b0
GET /hm.js?8530c8009899ef1d6dacdbe5d10ac89c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 07 May 2024 22:03:31 GMT
Etag: 2226bf2e0300943efa9b5310422f145d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D0E3490D7A0FF189; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
y4video.bytedance.sbs/vod/240501/VR2024050115001001FuQ7.webp
198.41.219.53200 OK 14 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240501/VR2024050115001001FuQ7.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 472x319, components 3
Hash ce4d203dbe258a2d109b074127486d8c
70e499233fc00dbe309b735aa761de9843e84c3a
aaf7fc6a1a66ace82087dbd3e1474791c4d86833af39a0b40a91728bf88bc548
GET /vod/240501/VR2024050115001001FuQ7.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 13641
last-modified: Wed, 01 May 2024 07:03:05 GMT
etag: "6631e929-3549"
expires: Fri, 31 May 2024 08:12:41 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 568250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHcYev4cIFShLvs1wWmUChdCJb4YWnU%2BDZSGLEFxLmavuKoHIgZpk2hAB6pkTOrdxBoYsi9QCEsP8zTnt6AnxqnOkwbsrylAFBgtEmVwAhW2LAMJu2dROuDHa0Yb%2BQhY5287VSJCvUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880480236e6143f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
registry.npmmirror.com/validaterick/1.0.10/files/bower/c0da9354f744e68da3dfefa70f0881da
47.246.2.227200 OK 627 kB URL GET HTTP/2 registry.npmmirror.com/validaterick/1.0.10/files/bower/c0da9354f744e68da3dfefa70f0881da
IP 47.246.2.227:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image
Size 627 kB (627070 bytes)
Hash 068e67a00fdff0946e1c1c6b253cd08c
31640ca9515f6b2689f7141d3a98f0cbe43dbbc2
98e34e03cc3380defd4bdbd450a8e72c81f973fa94a59619cead67831f0e1b9c
GET /validaterick/1.0.10/files/bower/c0da9354f744e68da3dfefa70f0881da HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/octet-stream
content-length: 627070
strict-transport-security: max-age=5184000
date: Fri, 12 Apr 2024 14:00:35 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 089837a0-f8d5-11ee-bd63-8b5209de93d2
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 65.433
via: ru3.l1, cache10.ru3, l2de2.l2, cache15.l2de2, npmmirror-x86-20220823001, cache15.l2de2[0,19,200-0,H], cache23.l2de2[21,0], cache16.ru3[0,0,200-0,H], cache9.ru3[1,0]
ali-swift-global-savetime: 1712930435
age: 2188976
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 15 Apr 2024 01:54:59 GMT
x-swift-cachetime: 31320336
timing-allow-origin: *
eagleid: 2ff6029d17151194117141782e
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240408/VR20240408010009622KgR.webp
198.41.219.53200 OK 16 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240408/VR20240408010009622KgR.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 511x292, components 3
Hash 678bf9e1ba4209193470d9f2bc4544dd
f178ec5902c5c88736211187f1a3b1baf3e26064
e6a940eb6e08ecda734a5c38b8b169c140bc71d7f1ca6b308d9fc5c06f083058
GET /vod/240408/VR20240408010009622KgR.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 15536
last-modified: Sun, 07 Apr 2024 17:03:04 GMT
etag: "6612d1c8-3cb0"
expires: Wed, 08 May 2024 00:46:00 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2582251
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FpuqT8edD%2FZ4m4SVa5wn6gjSJTjrAdqXYZZps7swYHFj9bfTlvIonII0XFFBk3O2Ab2wAfDmYNy3OtS2LCiFBEBc3HlaoRVcuqMpjiRJiHkE6JeJxZ04zoP%2FcCj74lXqk3XhJ9U7QHc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff0943f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240501/VR2024050115000875icFU.webp
198.41.219.53200 OK 14 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240501/VR2024050115000875icFU.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 508x265, components 3
Hash 40d2cce4a54568c74b1cd1160b9488d9
cbb8c5be7089cceaf7f9a20efffb04df51770651
bc48e325e247aa55581839c16c8e3c7bea14eb3074c30bdf3b5a5915ed1ff653
GET /vod/240501/VR2024050115000875icFU.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 14075
last-modified: Wed, 01 May 2024 07:03:04 GMT
etag: "6631e928-36fb"
expires: Fri, 31 May 2024 08:12:41 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 568250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gr1tc0Ow0n8bKKuylxtOi%2FGFyoGSsrG0ktxMFknQbS2F0WZjqO7PAbEAADx74CyTKwJ3Ho61ihEmtl8KwNVl23CHDCyNbaEu4MXXdDIZ1hAr8RORNVO6gqJ5CN55x47ib4oItzBl2hw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff1143f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240408/VR20240408010009505YjA.webp
198.41.219.53200 OK 19 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240408/VR20240408010009505YjA.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 510x341, components 3
Hash a94674728b593142a3ac9f5690794848
d4e50418e4cbc5de50168d18d7fea4232ed5b754
ba142bb98e60f3b4db9ba3e2b74992792f508aa8abf6b48196f6711634687b0d
GET /vod/240408/VR20240408010009505YjA.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 18607
last-modified: Sun, 07 Apr 2024 17:03:04 GMT
etag: "6612d1c8-48af"
expires: Wed, 08 May 2024 00:46:00 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2582251
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5z5FW0inN65OxcqkFov%2FSErZMVzEGid1wOfbTl1%2FZOlIt1cVUtLHlKkLMAWA7qYtMQJfTW6f4%2FgVeE5XeOAtToMdJyY22R0o0n%2BPkXqVm3gNykOPV3fcFz3LDQBxIqfwN3zLAgyHYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff0e43f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003458NGbL.webp
198.41.219.53200 OK 8.3 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003458NGbL.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 509x354, Scaling: [none]x[none], YUV color, decoders should clamp
Hash f3432c34f882b55bc9c478286c9a0c20
8c4d617f5046f9df55cca0f2456c1cc380d4fdc0
966cdccfa6bde245946947cff6b44bf4c8ffad738517bc4a76cd5dd9d0729b8f
GET /vod/240326/VR2024032607003458NGbL.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 8302
last-modified: Tue, 26 Mar 2024 16:30:35 GMT
etag: "6602f82b-206e"
expires: Wed, 05 Jun 2024 00:43:12 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 163219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PE2xhL56ga2WQXe2tdPSiQ3VHEXbnBbe1k4vDoYoTAaYvwQ9%2FfiIlknN%2FvMl5vn1nr1PqdKWamCo%2BezjwvjNmwOaBGk2i99%2BH03WF%2FHfcDtZWhfCmnqZS3XW%2BUCGB7A%2BZg6GsjUOEfk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff0543f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240501/VR2024050115000971ePVy.webp
198.41.219.53200 OK 19 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240501/VR2024050115000971ePVy.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 495x267, components 3
Hash 5f38b14655bde3598f78c738654f5ab6
4bf1f21121f53ba49bdd7e96816d661ac0ecc8c1
ad124ef48090b1336bce3593a02f885e0cc49d7041cbd2c2f20f33ce19839d05
GET /vod/240501/VR2024050115000971ePVy.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 19437
last-modified: Wed, 01 May 2024 07:03:04 GMT
etag: "6631e928-4bed"
expires: Fri, 31 May 2024 08:12:41 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 568250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1Mcu81ZuWuNvRd%2FqZfF0VfRtZRbAjBNLOIE7aUQmlQ%2BdZs4H%2F28LxiTDaE4lSFSgZgviT%2FlvFQDxWJ2FTKyvgvWiQeoEFE5bQ1JutbpvKSVojc1cKKffdScDyaDvA%2FrkYRutHFSIt4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff1443f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240407/VR2024040701000980ONLj.webp
198.41.219.53200 OK 18 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240407/VR2024040701000980ONLj.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 474x300, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 0db25075e6b9b25282bbb308f31154e4
c86d1bd250e5c5bb44b24c58cc9ab613fa588d76
1d78e82f1cf8c774a192be46e8c1afcfca6bd004afcda80ebb6361a20ee4cb19
GET /vod/240407/VR2024040701000980ONLj.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 18534
last-modified: Sun, 07 Apr 2024 16:30:02 GMT
etag: "6612ca0a-4866"
expires: Wed, 05 Jun 2024 19:41:58 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 94893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pw7OQbHg7eCYbjoZvy7yOi0ZBI4PaDTJX%2B4KPOgF2k0ty3%2F6fKfXxPs3nhLYL6ERwQXWhiU370UMayLPcS5P1221pw98QJ9EgvVnkTtfSUWW4cHKVUgIyGW2y42IOpTeJzC1gNnEIE4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff0d43f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003498Rxpf.webp
198.41.219.53200 OK 62 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003498Rxpf.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1371x792, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 81deaaf0f8cb24348d997ceef7799ae8
51f3f365ff30d97485fbe8ebdfd006ebcbbde10e
831813e3b126c2a5aca6ef6630ab4565ff12b7000fae3601d52c32f65ae0275a
GET /vod/240326/VR2024032607003498Rxpf.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 61682
last-modified: Tue, 26 Mar 2024 16:30:36 GMT
etag: "6602f82c-f0f2"
expires: Wed, 05 Jun 2024 00:43:12 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 163219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VeucaL%2FVoesV3MoEMwq4kdz8gL3KdYi8KuEJm3vH%2FkS%2BlmgaRngkXu%2ByWJowOP052g5OlT4bBN7bNnNRgfOHo4WTrusbfcdwiqv9GtoWJS%2BxBW58EkJVBSHwPAulSY4pHhSksTXykqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880480236e6343f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003449lqtQ.webp
198.41.219.53200 OK 56 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003449lqtQ.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x800, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a27d687c0b17bc7c9f747781dad5338c
3c4a270335d545f312130d7ae79df8bc7e8657d3
77c160b0ed95a3d763b5f6f3744d8380ed4a8bc8c7752c557b432b7a389d42e2
GET /vod/240326/VR2024032607003449lqtQ.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 56028
last-modified: Tue, 26 Mar 2024 16:30:36 GMT
etag: "6602f82c-dadc"
expires: Wed, 05 Jun 2024 00:43:12 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 163219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mQA6bCXXq2iiqipn3xC6Qa67XokG2qswX3ZYtjx1un%2FkHjjbEKDfb5mfVLu4wlF9Qb6ZUFqsVJi0ZuXW%2FjYgHaBqBRTl3KY99EE6NpzCRnbYAIgCg5D1fgvybWBiRwrZvUPcQxhoA%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880480236e6943f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003312BNQC.webp
198.41.219.53200 OK 56 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003312BNQC.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x800, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 065876f1068aac969babdb1afa0513e7
75a7fa2decbac0dd20472a9876f013e9b731445b
9f9376d01296dbfaa54a2a7a0a1aaa82d3f55f4616076728196d0f760acc84e4
GET /vod/240326/VR2024032607003312BNQC.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 56098
last-modified: Tue, 26 Mar 2024 16:30:32 GMT
etag: "6602f828-db22"
expires: Wed, 05 Jun 2024 00:43:12 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 163219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSNbx9sfzxfVH7KDp1yf6Na%2By1fPT8yeFr3HRCODp03%2FN2VC4HcesWf3hgXiuRKV6fomYM5%2B6N%2Fnwq22SZ1HF1YlZq%2FQ8rlyiST%2Fy1W263tD5vUCJoWscbpjesiZCeCIHi3Xw7%2FGjUM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880480237e6a43f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR20240326070033268vkI.webp
198.41.219.53200 OK 51 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR20240326070033268vkI.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 0074ae464572bd4f0d91064792e055ce
b413ed9482fb51fd971ce24b7b16eea4693f2d3a
9196940c4caf81892d4a059a598b28759c3b82e4161674c214c0ddcb8ab007d6
GET /vod/240326/VR20240326070033268vkI.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 51438
last-modified: Tue, 26 Mar 2024 16:30:33 GMT
etag: "6602f829-c8ee"
expires: Thu, 16 May 2024 02:58:31 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1883100
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eI0JIucjGLvA4gawR6Rat59QPFeNmoaO1w1kDZHVxDjz2QcK2OgvfNjzax4i%2BctcYAChfZqBdKEtSGl9Ft%2F0PqurmGB4a1dSTTphm4bZdnBXwApyILs4EGjCVjYWBmX01iSKt0Tl%2B6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff0743f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003413C0Qj.webp
198.41.219.53200 OK 67 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003413C0Qj.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x800, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 7cb8b5e29b6a3357a83f5c0fa6939948
911f3d525689f1c07a2b54604866870c3384b4b8
b01f056af0e940bc93880eff756fefeba34bb5e5f03a3c6e91c8b30bac7693fe
GET /vod/240326/VR2024032607003413C0Qj.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 66744
last-modified: Tue, 26 Mar 2024 16:30:32 GMT
etag: "6602f828-104b8"
expires: Wed, 05 Jun 2024 00:43:12 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 163219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BY8gwmNf9iVDT%2F6LLu2dkoGIX858hyS%2FrqExwvsr953O6vvoy4zhAiWFZnK885p74kZu6JVMtYYTleozesL1nVn7cWWpTGB%2FNn5Y004PNQY3CKtENjiJgY2iTAd%2F5OKO0XcPqtHWg08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff0643f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240502/VR2024050206001575LzYF.webp
198.41.219.53200 OK 68 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240502/VR2024050206001575LzYF.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 795x697, components 3
Hash 0f596d426763beb91530a9c6a8c5c321
5034141c64689db19a328b383dedf770cf0b7e33
f7bf440f0e3758829a7b15d6edae5f52a1bc4bec612cbd174bbea4a20050ef51
GET /vod/240502/VR2024050206001575LzYF.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 67794
last-modified: Wed, 01 May 2024 22:03:03 GMT
etag: "6632bc17-108d2"
expires: Fri, 31 May 2024 23:20:46 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 513765
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JohyW%2F8Ayb%2Bcy4spnDUBXcqVbeUBcSf%2FLd4dm9Crh5FZzkXFWH67u5zBEyQ9r4%2F0iws66MlrJRABDOy36MuCYo6koP9TISnw%2By0Tzjb1oJb1erCPpG9p%2F%2BlI7h9f3xVt8IFhTSZ2l5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff0f43f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240504/VR2024050414000832nexD.webp
198.41.219.53200 OK 78 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240504/VR2024050414000832nexD.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 938x628, components 3
Hash 0515faa61f1a3e74c6e7b2c1cc5ebb7e
56240469e7d47cfbe45c39c6b014851d8308e954
52ddfffe02302e886cac9953c772c69f5d5456bb6ad7ea17a9df6346f3a6c4ec
GET /vod/240504/VR2024050414000832nexD.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 78185
last-modified: Sat, 04 May 2024 06:03:04 GMT
etag: "6635cf98-13169"
expires: Mon, 03 Jun 2024 07:15:48 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 312463
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQZ0Gsl4rUxyq5A4FOX%2F%2Fs%2BM%2B0e7oiNxsfMhXMIDClkDiBnlb4tgx1%2B7kaCJioZFLKWKSuTDsU4nVRDd4c7lID3ZA%2Fooick8r0BfF%2Fp3oa8eoknHK0Bis%2BYGR2XdS5xgNvmV%2FkN%2F4%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff1543f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003620tV14.webp
198.41.219.53200 OK 68 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003620tV14.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ec474652318ac543754d86c134a8aabf
814c76ef7d7efa978df3c46620346d13e44da6ad
7563be1dd63296956ea9ea9072a952e7afc846e96dd5fa748726223d63b7114a
GET /vod/240326/VR2024032607003620tV14.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 68464
last-modified: Tue, 26 Mar 2024 16:30:23 GMT
etag: "6602f81f-10b70"
expires: Wed, 05 Jun 2024 00:46:32 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 163019
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cLGpmcz0RZJACpcqOakJ7l1tYlExo%2F3odiJ6v3ousmpA18iFaeH%2FFVUBBRXxVpZ%2Be03lSnc9FUVnQhQroPoGBlEOO3f5uwYEjoPzScIbhi497z2m4Aae0dM%2BPcGMzFGxNxhBlqNR0Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff0b43f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240502/VR2024050218000922b3oQ.webp
198.41.219.53200 OK 120 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240502/VR2024050218000922b3oQ.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 912x513, components 3
Size 120 kB (120045 bytes)
Hash be47a22117e44113d676d19e6f169f92
d4f8b502ad4616068476050aff1fb0d948e5aed6
172535d913ca21a7ab84409d5a68afe77e968adbdf8feee1870763be87057f9a
GET /vod/240502/VR2024050218000922b3oQ.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 120045
last-modified: Thu, 02 May 2024 10:03:04 GMT
etag: "663364d8-1d4ed"
expires: Sat, 01 Jun 2024 12:06:47 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 467804
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xfq1LyH1VN7L%2BY7Sl6vQOjt3Bou9YKXAEwemAM3W7H5c0RFKne52HQGfYd01V2ppShjinOy%2F12ZCdYhV1eb8TdOZl5m8%2BqmdIk49L9KXk6Mmjc5nN3GmAbnxchEgQrzzfT5PUqQIdL8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88048023ff1343f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240501/VR2024050115000761WJ80.webp
198.41.219.53200 OK 15 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240501/VR2024050115000761WJ80.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 458x248, components 3
Hash 3d184ad85ef07265159772eaf0959b36
30325fbfc3e742ca3fb1c3203771f9ffbda38535
ffdd7ffae691f83fcead5acd757f7e13d9ef4fb2951680930f3becdf98db7b75
GET /vod/240501/VR2024050115000761WJ80.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 15282
last-modified: Wed, 01 May 2024 07:03:04 GMT
etag: "6631e928-3bb2"
expires: Fri, 31 May 2024 08:12:41 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 568250
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5kqpPmDa9dJovU1AQGtlZOqzZq5OvGhD31y3gRNkmS9Elb9qG6OvbvM2ul0gBakjAmYIRKbSbrcuJd9QJCFUbAMdrIpD8w3qHY3PhRzUMXntv4Wjxqn11mNwbGKb%2Fj6OOSG15FSqZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880480236e5e43f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240503/VR2024050310001297KzHS.webp
198.41.219.53200 OK 206 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240503/VR2024050310001297KzHS.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 1071x773, components 3
Size 206 kB (205909 bytes)
Hash b024170b936cc9712b75182ef69b721f
61774cdcefb35eb42db8a98e12f5f86fb8a43b82
452b1f1bd973c01023876156c305be59aebd8dae235a6b524c34a703a62f80ea
GET /vod/240503/VR2024050310001297KzHS.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 205909
last-modified: Fri, 03 May 2024 02:03:04 GMT
etag: "663445d8-32455"
expires: Sun, 02 Jun 2024 03:27:16 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 412575
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLj3vGepCbPnYokgePJtYlCQ7aBiLG85qrMpILDs4fbbuzdZ73%2FzPtNiz4MljnOU2aXMt%2BXKB433YXgaqBRQxSx792SEGut90132qqNYJbZuPxe4T8fCE6j5ma3jKFqBYW6Sj0fkEGw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880480236e6043f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240422/VR2024042201000515PloB.webp
198.41.219.53200 OK 276 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240422/VR2024042201000515PloB.webp
IP 198.41.219.53:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x1080, components 3
Size 276 kB (276504 bytes)
Hash 48c104489be3f401a04b8a14cd0a8d2c
edbbd543aa14ae98d721d92f59c1408278df13a9
6db0e514e5e138e814af81d26fd200ee469cb6f2070bec4229af51b75526f0fa
GET /vod/240422/VR2024042201000515PloB.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 22:03:31 GMT
content-type: image/webp
content-length: 276504
last-modified: Sun, 21 Apr 2024 21:12:04 GMT
etag: "66258124-43818"
expires: Tue, 21 May 2024 23:00:00 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1379011
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sHMHIBJEO97JxRrI7T3P6XfY2jp5aCFSLcmxD94El0bzTKauthP9OZqbAe1iQUr6rjdXOwDITaHoV%2BUoq9nUkkS9puM8ZToNAN1yxA5x8Ac7y1xOn3Mh6lpsM4zqbI0K1yfOPZgB04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880480236e6643f3-EWR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=1887949225&si=8530c8009899ef1d6dacdbe5d10ac89c&v=1.3.0&lv=1&sn=2927&r=0&ww=1280&u=https%3A%2F%2Fh3jq20.lgl1zec3vybtu2cbekez.top%2Fhome.html&tt=%E4%B8%BB%E9%A1%B5%20-%20%E8%80%81%E7%8E%8B%E8%A7%86%E9%A2%91
14.215.183.79200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=1887949225&si=8530c8009899ef1d6dacdbe5d10ac89c&v=1.3.0&lv=1&sn=2927&r=0&ww=1280&u=https%3A%2F%2Fh3jq20.lgl1zec3vybtu2cbekez.top%2Fhome.html&tt=%E4%B8%BB%E9%A1%B5%20-%20%E8%80%81%E7%8E%8B%E8%A7%86%E9%A2%91
IP 14.215.183.79:443
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=1887949225&si=8530c8009899ef1d6dacdbe5d10ac89c&v=1.3.0&lv=1&sn=2927&r=0&ww=1280&u=https%3A%2F%2Fh3jq20.lgl1zec3vybtu2cbekez.top%2Fhome.html&tt=%E4%B8%BB%E9%A1%B5%20-%20%E8%80%81%E7%8E%8B%E8%A7%86%E9%A2%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 22:03:32 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F8CA829F16FF80BD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/css/style.css
47.246.2.227200 OK 23 kB URL GET HTTP/2 registry.npmmirror.com/htmxskyjs/1.0.54/files/editors/web2/css/style.css
IP 47.246.2.227:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://h3jq20.lgl1zec3vybtu2cbekez.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (23054)
Hash 581e19ae5009774a82d34da33582a621
e64d6a4527851b343e44ca5db4192f3963decea9
c1f9f3cfe223533082faf3184767922d1d40a1f9799d7e76b1375c5f13286dec
GET /htmxskyjs/1.0.54/files/editors/web2/css/style.css HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3jq20.lgl1zec3vybtu2cbekez.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: text/css; charset=utf-8
content-length: 5631
strict-transport-security: max-age=5184000
date: Mon, 06 May 2024 12:12:37 GMT
vary: Origin, Accept, Accept-Encoding
request-id: edb4e430-0ba1-11ef-9eb5-57d4da855be4
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 224.711
via: ru3.l1, cache14.ru3, l2fr1.l2, cache7.l2fr1, registry.npmmirror.com-06, cache7.l2fr1[492,491,200-0,M], cache17.l2fr1[494,0], cache14.ru3[0,0,200-0,H], cache9.ru3[1,0]
content-encoding: gzip
ali-swift-global-savetime: 1714997558
age: 121853
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 06 May 2024 12:12:38 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029d17151194112988839e
X-Firefox-Spdy: h2