r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8052
Expires: Tue, 06 Sep 2022 15:07:24 GMT
Date: Tue, 06 Sep 2022 12:53:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 12:04:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hg4cIRosQFrKH97LXyeCremDb1VlAOPQN2WIrAMq9g74yZG-9ww5HQ==
Age: 2934
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LODFJ12tjgmtwwJudEEXPNl6TuCm5elha3amsErxMhyMTLeUA2NdBw==
age: 41875
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:53:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mtuxphhtr.gzasyz.com/
168.76.73.171200 OK 11 kB IP 168.76.73.171:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26495), with no line terminators
Hash 0568eb43cf018406b83e2806601ce8f8
414ba92c2fb36ae54756ba9ecc185c463d844bf1
59d40d12a23931aaa475bc10da2a2904445fc4fdc65974beb205c31056327696
GET / HTTP/1.1
Host: mtuxphhtr.gzasyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:53:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 12:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 12:38:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q8zB1LRw68DAB_0XtKAGToAmx16sbNLecM_vCaGPTRCkkpofqJ_Svg==
Age: 895
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4785
Cache-Control: max-age=160395
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:53:13 GMT
Etag: "6316ff94-1d7"
Expires: Thu, 08 Sep 2022 09:26:28 GMT
Last-Modified: Tue, 06 Sep 2022 08:06:44 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
mtuxphhtr.gzasyz.com/styles/hmseo/css.css
168.76.73.171200 OK 2.3 kB URL HTTP/1.1 mtuxphhtr.gzasyz.com/styles/hmseo/css.css
IP 168.76.73.171:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash b87b90fe6fa3501b7f3fb7c737888275
7abdecda2de17098dd10a6d3e45358b60c41d86c
9db5c6d434f6edd36f286961330ae8050e7c2e358051f8c301ecd157c842e53d
GET /styles/hmseo/css.css HTTP/1.1
Host: mtuxphhtr.gzasyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:53:13 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.dcocsp.cn/
47.246.44.231200 OK 471 B IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 5524faee2c375fccd368e4a0f6acd062
b1bfe53663e4528a1f6cca588ed1e9a8e138fe4b
6fddbf927fcd3b8223f9058f138367b1d93bfaa63e152ba840b75fb41648000e
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 06 Sep 2022 11:54:25 GMT
Ali-Swift-Global-Savetime: 1662465265
Via: cache21.l2de2[0,0,200-0,H], cache21.l2de2[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0]
Age: 3528
X-Cache: HIT TCP_MEM_HIT dirn:11:316707075
X-Swift-SaveTime: Tue, 06 Sep 2022 11:55:49 GMT
X-Swift-CacheTime: 3516
Timing-Allow-Origin: *
EagleId: 2ff62c9c16624687934206002e
push.services.mozilla.com/
44.240.140.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.140.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xYJE/PAVRTOQofOsuDdGgw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: euUyrVGZWFmactvDc23rlruj7cI=
mtuxphhtr.gzasyz.com/styles/hmseo/fhtop.png
168.76.73.171200 OK 777 B URL HTTP/1.1 mtuxphhtr.gzasyz.com/styles/hmseo/fhtop.png
IP 168.76.73.171:0
ASN #137951 Clayer Limited
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash b9840a0c8f7b649fbf6d1d4d4c5ffd1e
959cab9eddc5fb63ecb8db5eae49582cc3a8232a
11c4a7908e01f0c57eb825fbb3142dee424436b2032906930f0f684ff741db22
GET /styles/hmseo/fhtop.png HTTP/1.1
Host: mtuxphhtr.gzasyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:53:13 GMT
Content-Type: image/jpg
Transfer-Encoding: chunked
Connection: keep-alive
mtuxphhtr.gzasyz.com/styles/hmseo/logo9.png
168.76.73.171200 OK 4.6 kB URL HTTP/1.1 mtuxphhtr.gzasyz.com/styles/hmseo/logo9.png
IP 168.76.73.171:0
ASN #137951 Clayer Limited
File type PNG image data, 167 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash ba06c9902fce301e1d17ccf305605aca
074a0d4649a423d341eb5814aeda1bf5467f036a
6734d0f5c4419e0f3f1ed536562e20ce7620814c3154ce7bb067581ab3c90d99
GET /styles/hmseo/logo9.png HTTP/1.1
Host: mtuxphhtr.gzasyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:53:13 GMT
Content-Type: image/jpg
Transfer-Encoding: chunked
Connection: keep-alive
www.paratidesigns.com/js/js.js
154.215.20.194200 OK 658 B URL HTTP/1.1 www.paratidesigns.com/js/js.js
IP 154.215.20.194:0
ASN #139471 HWA CENT TELECOMMUNICATIONS LIMITED
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2cbd7aba58d52ffb5b8436d0155637dc
24abb2f1a3eba153be26d6ff790a0f890666b967
15eb278b5dd492f19c05336ff7e70c11aa860af223a52c1dee4b2d50da46525a
GET /js/js.js HTTP/1.1
Host: www.paratidesigns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:53:13 GMT
Content-Type: application/javascript
Last-Modified: Tue, 30 Aug 2022 10:44:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"630dea22-53e"
Expires: Wed, 07 Sep 2022 00:53:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
p2.itc.cn/q_70/image%E6%A8%B1%E8%8A%B1%E7%BD%91%E7%AB%99%E5%85%A5%E5%8F%A3%E5%A4%A7%E8%B1%A1%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B-%E6%A8%B1%E8%8A%B1%E7%BD%91%E7%AB%99%E5%85%A5%E5%8F%A3%E5%A4%A7%E8%B1%A1...s03/20220827/97f51cb8848f4051925d8ff657f2b918.jpeg
47.246.44.226404 Not Found 0 B URL HTTP/2 p2.itc.cn/q_70/image%E6%A8%B1%E8%8A%B1%E7%BD%91%E7%AB%99%E5%85%A5%E5%8F%A3%E5%A4%A7%E8%B1%A1%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B-%E6%A8%B1%E8%8A%B1%E7%BD%91%E7%AB%99%E5%85%A5%E5%8F%A3%E5%A4%A7%E8%B1%A1...s03/20220827/97f51cb8848f4051925d8ff657f2b918.jpeg
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /q_70/image%E6%A8%B1%E8%8A%B1%E7%BD%91%E7%AB%99%E5%85%A5%E5%8F%A3%E5%A4%A7%E8%B1%A1%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B-%E6%A8%B1%E8%8A%B1%E7%BD%91%E7%AB%99%E5%85%A5%E5%8F%A3%E5%A4%A7%E8%B1%A1...s03/20220827/97f51cb8848f4051925d8ff657f2b918.jpeg HTTP/1.1
Host: p2.itc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Tengine
content-type: image/jpeg
content-length: 0
date: Tue, 06 Sep 2022 12:53:13 GMT
access-control-allow-origin: *
x-error-code: 404
x-error-message: object [image%E6%A8%B1%E8%8A%B1%E7%BD%91%E7%AB%99%E5%85%A5%E5%8F%A3%E5%A4%A7%E8%B1%A1%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B-%E6%A8%B1%E8%8A%B1%E7%BD%91%E7%AB%99%E5%85%A5%E5%8F%A3%E5%A4%A7%E8%B1%A1...s03/20220827/97f51cb8848f4051925d8ff657f2b918.jpeg] not exist in bucket [mptc-mp-platform]
ali-swift-global-savetime: 1662468793
via: cache14.l2de2[497,497,404-1280,M], cache8.l2de2[498,0], cache4.se1[522,522,404-1280,M], cache5.se1[524,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Tue, 06 Sep 2022 12:53:13 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: 2ff62c9916624687934351961e
X-Firefox-Spdy: h2
mtuxphhtr.gzasyz.com/styles/hmseo/bg03.png
168.76.73.171200 OK 7.6 kB URL HTTP/1.1 mtuxphhtr.gzasyz.com/styles/hmseo/bg03.png
IP 168.76.73.171:0
ASN #137951 Clayer Limited
File type PNG image data, 560 x 100, 8-bit gray+alpha, non-interlaced\012- data
Hash 9c8fd3e2242d3949b59ba4153db9b2a2
82430e98111362554d2e2c90693966b31c12d5d2
a35cfe59ba5213a5cd9885689a3cc957dab5f879ca961b7df27519b73453a130
GET /styles/hmseo/bg03.png HTTP/1.1
Host: mtuxphhtr.gzasyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/styles/hmseo/css.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:53:13 GMT
Content-Type: image/jpg
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash a2aedc658a79c549582a606bc03948b2
cfb045cb74d0cdba20fd6f982881cf18028c82b2
5d870df9ea882327652359167043833e6c546522a474d8ccd57780f932376f2d
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 12:53:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Sep 2022 10:34:14 GMT
ETag: "cfb045cb74d0cdba20fd6f982881cf18028c82b2"
Last-Modified: Tue, 06 Sep 2022 10:34:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2577
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746758ab2d56b50c-OSL
sdk.51.la/js-sdk-pro.min.js?id=JdYrTe4g4BiGXXYz&ck=JdYrTe4g4BiGXXYz
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js?id=JdYrTe4g4BiGXXYz&ck=JdYrTe4g4BiGXXYz
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js?id=JdYrTe4g4BiGXXYz&ck=JdYrTe4g4BiGXXYz HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 06 Sep 2022 12:53:14 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 06 Sep 2022 12:53:14 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 2fe00ee12d598312a484b5b32a5a08a0
3f2cbd7aa5ec2a730e842f7affa76cbd2683df11
093738d287ab110e0c607581c127dee81d87bec8781a82bde05cffc97a9e128a
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 12:53:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Sep 2022 11:09:19 GMT
ETag: "3f2cbd7aa5ec2a730e842f7affa76cbd2683df11"
Last-Modified: Tue, 06 Sep 2022 11:09:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3549
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746758adb983b50c-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash dd11c9a8e9ee9f019e2419737fd45a39
19679ca10bcc51653ee34af070e55e8753ee7fe3
5aa23ec87e96cf709f0aa3532c14b5f399678ced0577f487fa5e5e4dcbece26d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 12:53:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Sep 2022 10:14:07 GMT
ETag: "19679ca10bcc51653ee34af070e55e8753ee7fe3"
Last-Modified: Tue, 06 Sep 2022 10:14:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1828
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746758ade9afb50c-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:53:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:53:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:53:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:06 GMT
age: 54308
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 53594
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:42 GMT
age: 54452
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 29782
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ydycon.com/js-spark-md5.js
172.67.208.60200 OK 14 kB URL HTTP/2 www.ydycon.com/js-spark-md5.js
IP 172.67.208.60:0
File type ASCII text, with very long lines (10157)
Hash a9036e72c4c5bb03b75ef07763f7955a
a97a294b3db0f547235376453fac40baf6fefc34
80df4a504d0d2713cba6a79a787c266efe801e5c0d37add7b8712dd939a5924d
GET /js-spark-md5.js HTTP/1.1
Host: www.ydycon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:53:14 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 04:14:36 GMT
etag: W/"630848ac-27ae"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZzsdT1FVj48riIpABpd1WMzLX%2BVnvEAxHky6zBv6W%2BMi2d29C2lOCVBcxtRh3BxH0Obm0FYD9U%2BTrrHKdvnlE4M0n61Fh%2BA8rEzWt0JyQZwp6LihEIHmSaSTFKuG0wWuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746758ac59de0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:09:25 GMT
age: 67429
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.users.51.la/21245695.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21245695.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 063fb950a88a40e0c26a147e45034136
50db194611cce626996bdebfa4abde538e5b14fc
8181a015b156f0898a90b42d419ed4379957ac00078fb946a6c1e549bb6924e9
Analyzer Verdict Alert fortinet Malware
GET /21245695.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Tue, 06 Sep 2022 12:53:14 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=ae8807c0fd385987f4a; path=/
HWWAFSESTIME=1662468790423; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 4363bb94f6b757c3792510a967815e17
6d28ce3109a09f76e5c564a8177026a538cb0c54
8be929ba99ff78c65ab7fc92553590a8672bf611fb8bb91e7dee7983cb16e76a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 12:53:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Sep 2022 11:35:28 GMT
ETag: "6d28ce3109a09f76e5c564a8177026a538cb0c54"
Last-Modified: Tue, 06 Sep 2022 11:35:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1054
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746758b16ba9fac8-OSL
hm.baidu.com/hm.js?b10104df3570b2e347ff14762ff52b0
103.235.46.191200 OK 0 B URL HTTP/1.1 hm.baidu.com/hm.js?b10104df3570b2e347ff14762ff52b0
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hm.js?b10104df3570b2e347ff14762ff52b0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Date: Tue, 06 Sep 2022 12:53:15 GMT
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: text/plain; charset=utf-8
ia.51.la/go1?id=21245695&rt=1662468789437&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B-%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1...%25E5%258E%259F%25E5%2589%25AF%25E6%25A0%2587%25E9%25A2%2598%25EF%25BC%259A9&ing=1&ekc=&sid=1662468789437&tt=%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B-%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1...&kw=%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B-%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1...&cu=http%253A%252F%252Fmtuxphhtr.gzasyz.com%252F&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21245695&rt=1662468789437&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B-%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1...%25E5%258E%259F%25E5%2589%25AF%25E6%25A0%2587%25E9%25A2%2598%25EF%25BC%259A9&ing=1&ekc=&sid=1662468789437&tt=%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B-%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1...&kw=%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B-%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1...&cu=http%253A%252F%252Fmtuxphhtr.gzasyz.com%252F&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21245695&rt=1662468789437&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B-%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1...%25E5%258E%259F%25E5%2589%25AF%25E6%25A0%2587%25E9%25A2%2598%25EF%25BC%259A9&ing=1&ekc=&sid=1662468789437&tt=%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B-%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1...&kw=%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582%25E7%259C%258B-%25E6%25A8%25B1%25E8%258A%25B1%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25A5%25E5%258F%25A3%25E5%25A4%25A7%25E8%25B1%25A1...&cu=http%253A%252F%252Fmtuxphhtr.gzasyz.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
HTTP/1.1 200
Server: CloudWAF
Date: Tue, 06 Sep 2022 12:53:15 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=cda5b4e1e8ea135a784; path=/
HWWAFSESTIME=1662468793643; path=/
s4.cnzz.com/z_stat.php?id=1281142714&web_id=1281142714
220.185.164.250200 OK 4.1 kB URL HTTP/2 s4.cnzz.com/z_stat.php?id=1281142714&web_id=1281142714
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type ASCII text, with very long lines (11743), with no line terminators
Hash bcb268ca917a8f3567f3208b60dc17ef
d95c3a986651e96d783e1e51690cceea968ef0c2
167c8e43f55994ccd7880c5fd1d833fc9c056fee6be1cb34403308a0a774c971
GET /z_stat.php?id=1281142714&web_id=1281142714 HTTP/1.1
Host: s4.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 4050
date: Tue, 06 Sep 2022 12:44:33 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:44:33 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1662468273
via: cache10.l2ea120-8[276,275,200-0,M], cache78.l2ea120-8[277,0], cache20.cn4100[0,0,200-0,H], cache11.cn4100[1,0]
age: 522
x-cache: HIT TCP_MEM_HIT dirn:13:160434705
x-swift-savetime: Tue, 06 Sep 2022 12:44:33 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: dcb9a49f16624687954472545e
X-Firefox-Spdy: h2
s4.cnzz.com/z_stat.php?id=1281142707&web_id=1281142707
220.185.164.250200 OK 4.1 kB URL HTTP/2 s4.cnzz.com/z_stat.php?id=1281142707&web_id=1281142707
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type ASCII text, with very long lines (11743), with no line terminators
Hash 074ab7dd5d09bac2b2ac406a0207e10e
8189aa68a3de7b4663a20216fca863f6daeaef37
1be8d164c80bc11475b044dfee20a9ab6c7a3ab5dcb69a9dcf5aa8f14c984629
GET /z_stat.php?id=1281142707&web_id=1281142707 HTTP/1.1
Host: s4.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 4050
date: Tue, 06 Sep 2022 12:03:25 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:03:25 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1662465805
via: cache22.l2ea120-8[0,0,200-0,H], cache72.l2ea120-8[0,0], cache20.cn4100[0,0,200-0,H], cache11.cn4100[1,0]
age: 2990
x-cache: HIT TCP_MEM_HIT dirn:1:158711157
x-swift-savetime: Tue, 06 Sep 2022 12:29:47 GMT
x-swift-cachetime: 2018
timing-allow-origin: *
eagleid: dcb9a49f16624687955022835e
X-Firefox-Spdy: h2
s4.cnzz.com/z_stat.php?id=1281139390&web_id=1281139390
220.185.164.250200 OK 4.0 kB URL HTTP/2 s4.cnzz.com/z_stat.php?id=1281139390&web_id=1281139390
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type ASCII text, with very long lines (11743), with no line terminators
Hash 80654a599275a3305d4f29610a629ab5
69433048fd8b5078561d3265e69e88862d6aaed6
72f212639aa268177ff6cc0f031a8c1647f563d145e8ffbe34fee730c34d70ab
GET /z_stat.php?id=1281139390&web_id=1281139390 HTTP/1.1
Host: s4.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 4049
date: Tue, 06 Sep 2022 12:11:29 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:11:29 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1662466289
via: cache6.l2ea120-8[0,0,200-0,H], cache9.l2ea120-8[1,0], cache6.cn4100[0,0,200-0,H], cache11.cn4100[1,0]
age: 2506
x-cache: HIT TCP_MEM_HIT dirn:14:15723306
x-swift-savetime: Tue, 06 Sep 2022 12:40:14 GMT
x-swift-cachetime: 1875
timing-allow-origin: *
eagleid: dcb9a49f16624687955142893e
X-Firefox-Spdy: h2
s9.cnzz.com/z_stat.php?id=1281142713&web_id=1281142713
220.185.164.250200 OK 4.0 kB URL HTTP/2 s9.cnzz.com/z_stat.php?id=1281142713&web_id=1281142713
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type ASCII text, with very long lines (11744), with no line terminators
Hash 84b6a31ce0568de13a093a8e3846c5b5
4328a499d7aeb9e2a549775b4de62d43f3d11dba
41f4a66a38197031a95329045bf6e13c3b9c0be042acf4ac9f10dcff55cf7422
GET /z_stat.php?id=1281142713&web_id=1281142713 HTTP/1.1
Host: s9.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 4048
date: Tue, 06 Sep 2022 12:15:13 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:15:13 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1662466513
via: cache30.l2ea120-8[0,0,200-0,H], cache17.l2ea120-8[0,0], cache16.cn4100[0,0,200-0,H], cache11.cn4100[0,0]
age: 2282
x-cache: HIT TCP_MEM_HIT dirn:6:264628450
x-swift-savetime: Tue, 06 Sep 2022 12:38:29 GMT
x-swift-cachetime: 2204
timing-allow-origin: *
eagleid: dcb9a49f16624687955152896e
X-Firefox-Spdy: h2
s9.cnzz.com/z_stat.php?id=1281137534&web_id=1281137534
220.185.164.250200 OK 4.1 kB URL HTTP/2 s9.cnzz.com/z_stat.php?id=1281137534&web_id=1281137534
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type ASCII text, with very long lines (11744), with no line terminators
Hash b4fa838e15b3c70028622c3cb5884bee
cb9fe021b2ddffa36efd509390a59b951af7a25b
24b40d44cfc34114e36509e6673bcbf3eb2eab7b94afee90b94dc40b4b6c21be
GET /z_stat.php?id=1281137534&web_id=1281137534 HTTP/1.1
Host: s9.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 4051
date: Tue, 06 Sep 2022 12:44:56 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:44:56 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1662468296
via: cache17.l2ea120-8[35,34,200-0,M], cache57.l2ea120-8[35,0], cache10.cn4100[0,0,200-0,H], cache11.cn4100[1,0]
age: 499
x-cache: HIT TCP_MEM_HIT dirn:7:179547110
x-swift-savetime: Tue, 06 Sep 2022 12:44:56 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: dcb9a49f16624687955322962e
X-Firefox-Spdy: h2
v1.cnzz.com/z_stat.php?id=1281136849&web_id=1281136849
220.185.164.250200 OK 4.1 kB URL HTTP/2 v1.cnzz.com/z_stat.php?id=1281136849&web_id=1281136849
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type ASCII text, with very long lines (11743), with no line terminators
Hash adcabe6823c922287e2fc9385abed825
1c4a78f2d06a852edc1b1a5d12d18f61bc62258f
a3a7cfa13d9416f182cb64a91b5147149fe15f1d5f4e54d856c66d80bf049dd3
GET /z_stat.php?id=1281136849&web_id=1281136849 HTTP/1.1
Host: v1.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 4050
date: Tue, 06 Sep 2022 12:11:45 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:11:45 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1662466305
via: cache47.l2ea120-8[0,0,200-0,H], cache64.l2ea120-8[0,0], cache10.cn4100[0,0,200-0,H], cache11.cn4100[1,0]
age: 2490
x-cache: HIT TCP_MEM_HIT dirn:1:178643397
x-swift-savetime: Tue, 06 Sep 2022 12:37:07 GMT
x-swift-cachetime: 2078
timing-allow-origin: *
eagleid: dcb9a49f16624687955513033e
X-Firefox-Spdy: h2
v1.cnzz.com/z_stat.php?id=1281142710&web_id=1281142710
220.185.164.250200 OK 4.0 kB URL HTTP/2 v1.cnzz.com/z_stat.php?id=1281142710&web_id=1281142710
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type ASCII text, with very long lines (11743), with no line terminators
Hash 6546f217b1fea6c9b283a9bac9860437
fd0a28824e2faf1abd6641a47b3f95fc0b4f5dd9
e77b5f391514e353ec4200a6c4780c5ced41afa232070d2bc9f7166d7849b899
GET /z_stat.php?id=1281142710&web_id=1281142710 HTTP/1.1
Host: v1.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 4048
date: Tue, 06 Sep 2022 12:11:55 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:11:55 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1662466315
via: cache59.l2ea120-8[0,0,200-0,H], cache75.l2ea120-8[1,0], cache20.cn4100[0,0,200-0,H], cache11.cn4100[0,0]
age: 2480
x-cache: HIT TCP_MEM_HIT dirn:13:159941124
x-swift-savetime: Tue, 06 Sep 2022 12:29:02 GMT
x-swift-cachetime: 2573
timing-allow-origin: *
eagleid: dcb9a49f16624687956603556e
X-Firefox-Spdy: h2
c.cnzz.com/core.php?web_id=1281142707&t=z
220.185.164.250200 OK 620 B URL HTTP/2 c.cnzz.com/core.php?web_id=1281142707&t=z
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type HTML document, ASCII text, with very long lines (969), with no line terminators
Hash 8cfa1ee5bfff2f0ad41491f544e0093a
88bdd2970606215e5fe91c4c1d6de0889d74e88b
dc80f23fbe228ab4f048db5ce8484b33703692d8d4f486eea15a6f312ab344fa
GET /core.php?web_id=1281142707&t=z HTTP/1.1
Host: c.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 620
date: Tue, 06 Sep 2022 12:48:20 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:48:20 GMT
expires: Tue, 06 Sep 2022 13:03:20 GMT
content-encoding: gzip
ali-swift-global-savetime: 1662468500
via: cache37.l2ea120-8[85,84,200-0,M], cache40.l2ea120-8[85,0], cache12.cn4100[0,0,200-0,H], cache11.cn4100[1,0]
age: 295
x-cache: HIT TCP_MEM_HIT dirn:13:432887505
x-swift-savetime: Tue, 06 Sep 2022 12:48:20 GMT
x-swift-cachetime: 900
timing-allow-origin: *
eagleid: dcb9a49f16624687957894201e
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
103.143.19.103403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 278
Origin: https://www.ydycon.com
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403
Server: CloudWAF
Date: Tue, 06 Sep 2022 12:53:16 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=dc7e43df6e0bb428501; path=/
HWWAFSESTIME=1662468795052; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.ydycon.com
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
103.143.19.103403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 282
Origin: https://www.ydycon.com
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403
Server: CloudWAF
Date: Tue, 06 Sep 2022 12:53:16 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=dc7e447e6e0bb428501; path=/
HWWAFSESTIME=1662468795052; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.ydycon.com
Access-Control-Allow-Credentials: true
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 73b3845d249ecc34bd3eb9e56c6a7bf6
6893be355066cd469b85696f0b861de77b4eb8bc
1f353529536ca53f2fc7a42bef9370db1001ba38e725694f640d0b866ec76896
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 12:53:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Sep 2022 12:00:47 GMT
ETag: "6893be355066cd469b85696f0b861de77b4eb8bc"
Last-Modified: Tue, 06 Sep 2022 12:00:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 315
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746758ba1a96fac8-OSL
collect-v6.51.la/v6/collect?dt=4
103.143.19.103403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 284
Origin: https://www.ydycon.com
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403
Server: CloudWAF
Date: Tue, 06 Sep 2022 12:53:16 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=dc7e45146e0bb428501; path=/
HWWAFSESTIME=1662468795052; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.ydycon.com
Access-Control-Allow-Credentials: true
c.cnzz.com/core.php?web_id=1281136849&t=z
220.185.164.250200 OK 620 B URL HTTP/2 c.cnzz.com/core.php?web_id=1281136849&t=z
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type HTML document, ASCII text, with very long lines (969), with no line terminators
Hash 846c0755e25ed8ee50590297151b1ee8
96e15f64f09ee6ae0ef1f4c3830ac574e2dc838b
b953ed70e5a8a0e239ae9c0cc32144c0d8137d68e06cb8ddbc7157d0f524d30f
GET /core.php?web_id=1281136849&t=z HTTP/1.1
Host: c.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 620
date: Tue, 06 Sep 2022 12:48:20 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:48:20 GMT
expires: Tue, 06 Sep 2022 13:03:20 GMT
content-encoding: gzip
ali-swift-global-savetime: 1662468500
via: cache25.l2ea120-8[50,50,200-0,M], cache47.l2ea120-8[52,0], cache4.cn4100[0,0,200-0,H], cache11.cn4100[1,0]
age: 296
x-cache: HIT TCP_MEM_HIT dirn:16:6823396
x-swift-savetime: Tue, 06 Sep 2022 12:48:20 GMT
x-swift-cachetime: 900
timing-allow-origin: *
eagleid: dcb9a49f16624687965617725e
X-Firefox-Spdy: h2
c.cnzz.com/core.php?web_id=1281137534&t=z
220.185.164.250200 OK 621 B URL HTTP/2 c.cnzz.com/core.php?web_id=1281137534&t=z
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type HTML document, ASCII text, with very long lines (970), with no line terminators
Hash 89a73ac6d6e889ac2e23e03e26830120
eba5ae58f4df58d7cc4d96a2ddf1111a0698d100
ba6dcfb91941b15a2a5a8d3904a72809540670e9748d36f498ba7631300de890
GET /core.php?web_id=1281137534&t=z HTTP/1.1
Host: c.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 621
date: Tue, 06 Sep 2022 12:48:21 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:48:21 GMT
expires: Tue, 06 Sep 2022 13:03:21 GMT
content-encoding: gzip
ali-swift-global-savetime: 1662468501
via: cache34.l2ea120-8[51,50,200-0,M], cache34.l2ea120-8[51,0], cache3.cn4100[0,0,200-0,H], cache11.cn4100[18,0]
age: 295
x-cache: HIT TCP_MEM_HIT dirn:5:414355262
x-swift-savetime: Tue, 06 Sep 2022 12:48:21 GMT
x-swift-cachetime: 900
timing-allow-origin: *
eagleid: dcb9a49f16624687968288936e
X-Firefox-Spdy: h2
cnzz.mmstat.com/9.gif?abc=1&rnd=272061625
59.82.33.226200 OK 43 B URL HTTP/2 cnzz.mmstat.com/9.gif?abc=1&rnd=272061625
IP 59.82.33.226:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /9.gif?abc=1&rnd=272061625 HTTP/1.1
Host: cnzz.mmstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:53:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cross-origin-resource-policy: cross-origin
set-cookie: cna=vDCeGwv70g4CAVtaKprrHiPK; expires=Fri, 03-Sep-32 12:53:16 GMT; path=/; domain=.mmstat.com;
sca=9687b6fb; path=/; domain=.cnzz.mmstat.com
atpsida=eb443242df3c336822e07952_1662468796_1; path=/; domain=.cnzz.mmstat.com
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
cnzz.mmstat.com/9.gif?abc=1&rnd=790434048
59.82.33.226200 OK 43 B URL HTTP/2 cnzz.mmstat.com/9.gif?abc=1&rnd=790434048
IP 59.82.33.226:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /9.gif?abc=1&rnd=790434048 HTTP/1.1
Host: cnzz.mmstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:53:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cross-origin-resource-policy: cross-origin
set-cookie: cna=vDCeG84b3ksCAVtaKpqxnpO2; expires=Fri, 03-Sep-32 12:53:16 GMT; path=/; domain=.mmstat.com;
sca=148429bc; path=/; domain=.cnzz.mmstat.com
atpsida=5db762eb4ebe966fe77492ec_1662468796_1; path=/; domain=.cnzz.mmstat.com
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
c.cnzz.com/core.php?web_id=1281139390&t=z
220.185.164.250200 OK 620 B URL HTTP/2 c.cnzz.com/core.php?web_id=1281139390&t=z
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type HTML document, ASCII text, with very long lines (969), with no line terminators
Hash 74979dedcf6f35bbbeda56408c2f2ddb
8605ba571f598e1afe44ea77b53adf451a367b05
a1010a80fe78e9e5a490de67acc161fb1ded464d84fbd9467e44e280ecc9d4e8
GET /core.php?web_id=1281139390&t=z HTTP/1.1
Host: c.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 620
date: Tue, 06 Sep 2022 12:48:21 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:48:21 GMT
expires: Tue, 06 Sep 2022 13:03:21 GMT
content-encoding: gzip
ali-swift-global-savetime: 1662468501
via: cache47.l2ea120-8[26,26,200-0,M], cache64.l2ea120-8[27,0], cache17.cn4100[0,0,200-0,H], cache11.cn4100[2,0]
age: 296
x-cache: HIT TCP_MEM_HIT dirn:10:248272497
x-swift-savetime: Tue, 06 Sep 2022 12:48:21 GMT
x-swift-cachetime: 900
timing-allow-origin: *
eagleid: dcb9a49f16624687970782194e
X-Firefox-Spdy: h2
cnzz.mmstat.com/9.gif?abc=1&rnd=734093563
59.82.33.226200 OK 43 B URL HTTP/2 cnzz.mmstat.com/9.gif?abc=1&rnd=734093563
IP 59.82.33.226:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /9.gif?abc=1&rnd=734093563 HTTP/1.1
Host: cnzz.mmstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:53:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cross-origin-resource-policy: cross-origin
set-cookie: cna=vTCeG4vrj0ACAVtaKppx+4tZ; expires=Fri, 03-Sep-32 12:53:17 GMT; path=/; domain=.mmstat.com;
sca=5365891f; path=/; domain=.cnzz.mmstat.com
atpsida=3645d6fb2e9e0b86d01c70b1_1662468797_1; path=/; domain=.cnzz.mmstat.com
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
c.cnzz.com/core.php?web_id=1281142710&t=z
220.185.164.250200 OK 618 B URL HTTP/2 c.cnzz.com/core.php?web_id=1281142710&t=z
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type HTML document, ASCII text, with very long lines (969), with no line terminators
Hash 53d9c6d99f713e4f885c8a82142cd15f
0af02d06b2c410c486fd40ce187c3107338ae995
598adf999dcb2e9ba568e66def07b052091567945cbfdfbdfdc96536b6e0cb80
GET /core.php?web_id=1281142710&t=z HTTP/1.1
Host: c.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 618
date: Tue, 06 Sep 2022 12:48:21 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:48:21 GMT
expires: Tue, 06 Sep 2022 13:03:21 GMT
content-encoding: gzip
ali-swift-global-savetime: 1662468501
via: cache21.l2ea120-8[53,53,200-0,M], cache80.l2ea120-8[54,0], cache6.cn4100[0,0,200-0,H], cache11.cn4100[0,0]
age: 296
x-cache: HIT TCP_MEM_HIT dirn:1:17371928
x-swift-savetime: Tue, 06 Sep 2022 12:48:21 GMT
x-swift-cachetime: 900
timing-allow-origin: *
eagleid: dcb9a49f16624687973143277e
X-Firefox-Spdy: h2
cnzz.mmstat.com/9.gif?abc=1&rnd=116487302
59.82.33.226200 OK 43 B URL HTTP/2 cnzz.mmstat.com/9.gif?abc=1&rnd=116487302
IP 59.82.33.226:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /9.gif?abc=1&rnd=116487302 HTTP/1.1
Host: cnzz.mmstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:53:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cross-origin-resource-policy: cross-origin
set-cookie: cna=vTCeGyMz/XkCAVtaKpoxIN3F; expires=Fri, 03-Sep-32 12:53:17 GMT; path=/; domain=.mmstat.com;
sca=f68b030d; path=/; domain=.cnzz.mmstat.com
atpsida=c8d13ddfb2f0b89e67231336_1662468797_1; path=/; domain=.cnzz.mmstat.com
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
c.cnzz.com/core.php?web_id=1281142713&t=z
220.185.164.250200 OK 619 B URL HTTP/2 c.cnzz.com/core.php?web_id=1281142713&t=z
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type HTML document, ASCII text, with very long lines (970), with no line terminators
Hash 5a74077bfc482c3a7b75f1b67bc1fb02
1693b903720553a80f8624f678fbf5aa65ad27c6
0d2e555e0582ecde2d4d432eed862e2617ff124637341a24d9870149206cdb1b
GET /core.php?web_id=1281142713&t=z HTTP/1.1
Host: c.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 619
date: Tue, 06 Sep 2022 12:48:22 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:48:22 GMT
expires: Tue, 06 Sep 2022 13:03:22 GMT
content-encoding: gzip
ali-swift-global-savetime: 1662468502
via: cache37.l2ea120-8[24,23,200-0,M], cache34.l2ea120-8[25,0], cache3.cn4100[0,0,200-0,H], cache11.cn4100[0,0]
age: 295
x-cache: HIT TCP_MEM_HIT dirn:10:414885998
x-swift-savetime: Tue, 06 Sep 2022 12:48:22 GMT
x-swift-cachetime: 900
timing-allow-origin: *
eagleid: dcb9a49f16624687975454438e
X-Firefox-Spdy: h2
cnzz.mmstat.com/9.gif?abc=1&rnd=1074911281
59.82.33.226200 OK 43 B URL HTTP/2 cnzz.mmstat.com/9.gif?abc=1&rnd=1074911281
IP 59.82.33.226:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /9.gif?abc=1&rnd=1074911281 HTTP/1.1
Host: cnzz.mmstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:53:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cross-origin-resource-policy: cross-origin
set-cookie: cna=vTCeG+cLSQ8CAVtaKprAF4ys; expires=Fri, 03-Sep-32 12:53:17 GMT; path=/; domain=.mmstat.com;
sca=1c73ec98; path=/; domain=.cnzz.mmstat.com
atpsida=f18467b6cdae7849f2c225fb_1662468797_1; path=/; domain=.cnzz.mmstat.com
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
c.cnzz.com/core.php?web_id=1281142714&t=z
220.185.164.250200 OK 619 B URL HTTP/2 c.cnzz.com/core.php?web_id=1281142714&t=z
IP 220.185.164.250:0
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type HTML document, ASCII text, with very long lines (969), with no line terminators
Hash 04d33db1fb078aeca9d731b0eb2c6526
20c4f35d1115ac1a4d6ecdaae72f2f5dce15613a
fa8317d4f4357291b70bb33c914f16a87f6d31ec897b564e60af342d09970a6b
GET /core.php?web_id=1281142714&t=z HTTP/1.1
Host: c.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 619
date: Tue, 06 Sep 2022 12:48:22 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Tue, 06 Sep 2022 12:48:22 GMT
expires: Tue, 06 Sep 2022 13:03:22 GMT
content-encoding: gzip
ali-swift-global-savetime: 1662468502
via: cache73.l2ea120-8[50,50,200-0,M], cache57.l2ea120-8[52,0], cache8.cn4100[0,0,200-0,H], cache11.cn4100[0,0]
age: 295
x-cache: HIT TCP_MEM_HIT dirn:7:266114589
x-swift-savetime: Tue, 06 Sep 2022 12:48:22 GMT
x-swift-cachetime: 900
timing-allow-origin: *
eagleid: dcb9a49f16624687977775455e
X-Firefox-Spdy: h2
cnzz.mmstat.com/9.gif?abc=1&rnd=486262584
59.82.33.226200 OK 43 B URL HTTP/2 cnzz.mmstat.com/9.gif?abc=1&rnd=486262584
IP 59.82.33.226:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /9.gif?abc=1&rnd=486262584 HTTP/1.1
Host: cnzz.mmstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:53:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cross-origin-resource-policy: cross-origin
set-cookie: cna=vTCeG7KzLCICAVtaKpoYiNxF; expires=Fri, 03-Sep-32 12:53:17 GMT; path=/; domain=.mmstat.com;
sca=83705411; path=/; domain=.cnzz.mmstat.com
atpsida=64955e686927354483d8b319_1662468797_1; path=/; domain=.cnzz.mmstat.com
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
103.143.19.103403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 282
Origin: https://www.ydycon.com
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403
Server: CloudWAF
Date: Tue, 06 Sep 2022 12:53:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=dc7e4a3c6e0bb428501; path=/
HWWAFSESTIME=1662468795052; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.ydycon.com
Access-Control-Allow-Credentials: true
cnzz.mmstat.com/9.gif?abc=1&rnd=705917588
59.82.33.226200 OK 43 B URL HTTP/2 cnzz.mmstat.com/9.gif?abc=1&rnd=705917588
IP 59.82.33.226:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /9.gif?abc=1&rnd=705917588 HTTP/1.1
Host: cnzz.mmstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:53:18 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cross-origin-resource-policy: cross-origin
set-cookie: cna=vjCeG6DsiT8CAVtaKpo69nKP; expires=Fri, 03-Sep-32 12:53:18 GMT; path=/; domain=.mmstat.com;
sca=16639f0e; path=/; domain=.cnzz.mmstat.com
atpsida=13dfffd5ddfd4925b3fd945a_1662468798_1; path=/; domain=.cnzz.mmstat.com
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
mtuxphhtr.gzasyz.com/favicon.ico
168.76.73.171200 OK 11 kB URL HTTP/1.1 mtuxphhtr.gzasyz.com/favicon.ico
IP 168.76.73.171:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26804), with no line terminators
Hash 8da6693ca904ecbeeaaf3643fdd9e4a5
311c1b93467a8ecdebc37a1a2f52cb64a2ceb992
7c48cf73911b191139b45e2c46dd55ec041ae76d737b5e037de8481228f4d16a
GET /favicon.ico HTTP/1.1
Host: mtuxphhtr.gzasyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
Cookie: __tins__21245695=%7B%22sid%22%3A%201662468789437%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201662470589437%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 12:53:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.ydycon.com/static/css/index.cf45bb12.css
172.67.208.60200 OK 81 kB URL HTTP/2 www.ydycon.com/static/css/index.cf45bb12.css
IP 172.67.208.60:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 97e41feec398e08f2421805650dc6872
ddd7216296751e9011f61c9bbdafa29e7ee90963
81ae5145e303b739f46f56078630da7d5564488abb62bfbcd448e42e4d75f161
GET /static/css/index.cf45bb12.css HTTP/1.1
Host: www.ydycon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:53:15 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2022 04:14:36 GMT
vary: Accept-Encoding
etag: W/"630848ac-5462e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8cWhlzGG89evR4a2Yxb%2BmMXJLWIHnKVI7noQt0NnvrWWV9wznlGkbEgcEyc0dzlxXYsKDKUby%2BYQ9Ytbocy6TJVSrDUKf9zC5SyIvQUZ7k3JiS1BX5tWLeSjHyYZNv80Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746758ac59e80af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ydycon.com/mobile-detect.js
172.67.208.60200 OK 0 B URL HTTP/2 www.ydycon.com/mobile-detect.js
IP 172.67.208.60:0
GET /mobile-detect.js HTTP/1.1
Host: www.ydycon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:53:15 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 04:14:36 GMT
etag: W/"630848ac-11c7f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1meZnl46Htbx6duYygZXfA6dPqDhM6r7fVQFEvcAVGduZKyJ4yIkkg60%2BXhBBNi9cwfu9nW8q7KzVkPvsU2dE2LtGO7TEd3VvER96AB%2BSiJ%2BxakS3hC2F4yEXChxpPLO8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746758ac59e40af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xjts.hnhsysy.com/videos/20220524/index01.mp4
218.12.76.152206 Partial Content 0 B URL HTTP/1.1 xjts.hnhsysy.com/videos/20220524/index01.mp4
IP 218.12.76.152:0
ASN #4837 CHINA UNICOM China169 Backbone
GET /videos/20220524/index01.mp4 HTTP/1.1
Host: xjts.hnhsysy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Tue, 06 Sep 2022 12:53:20 GMT
Content-Type: video/mp4
Content-Length: 2686231
Connection: keep-alive
Server: openresty
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Age: 9081308
ETag: "628cb09e-28fd17"
Last-Modified: Tue, 24 May 2022 10:17:02 GMT
X-CCDN-CacheTTL: 25920000
nginx-hit: 1
via: CHN-HEshijiazhuang-AREACUCC1-CACHE3[6],CHN-HEshijiazhuang-AREACUCC1-CACHE37[0,TCP_HIT,3],CHN-TJ-GLOBAL1-CACHE114[467],CHN-TJ-GLOBAL1-CACHE98[307,TCP_MISS,465]
x-hcs-proxy-type: 1
X-CCDN-Expires: 16838695
Content-Range: bytes 0-2686230/2686231
Access-Control-Allow-Origin: *
www.ydycon.com/static/js/index.22ed50f0.js
172.67.208.60200 OK 0 B URL HTTP/2 www.ydycon.com/static/js/index.22ed50f0.js
IP 172.67.208.60:0
GET /static/js/index.22ed50f0.js HTTP/1.1
Host: www.ydycon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:53:16 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 04:14:36 GMT
etag: W/"630848ac-10069c"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sREnZQEV%2BPeIGi6vIZZxH6DKZ4lOwLpIGUFwjYX6NOKVSuzQx0gnJ0jWPvYMuwawvsudSLvv2nSlKq%2F8Nh4Iik6sWOaqZohQPN5mHw1RBBovhc%2F%2Fs7XxLGZufjZNfTziIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746758ac59f10af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z6.cnzz.com/stat.htm?id=1281136849&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9868d5-036fcefae0205d-306d464a-140000-18312dc98693e5&h=1&rnd=519077413
36.156.202.70200 OK 0 B URL HTTP/2 z6.cnzz.com/stat.htm?id=1281136849&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9868d5-036fcefae0205d-306d464a-140000-18312dc98693e5&h=1&rnd=519077413
IP 36.156.202.70:0
ASN #56046 China Mobile communications corporation
GET /stat.htm?id=1281136849&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9868d5-036fcefae0205d-306d464a-140000-18312dc98693e5&h=1&rnd=519077413 HTTP/1.1
Host: z6.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
date: Tue, 06 Sep 2022 12:53:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
z3.cnzz.com/stat.htm?id=1281139390&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9c88322-05c98bbd3170f48-306d464a-140000-18312dc9c894&h=1&rnd=2087784449
36.156.202.70200 OK 0 B URL HTTP/2 z3.cnzz.com/stat.htm?id=1281139390&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9c88322-05c98bbd3170f48-306d464a-140000-18312dc9c894&h=1&rnd=2087784449
IP 36.156.202.70:0
ASN #56046 China Mobile communications corporation
GET /stat.htm?id=1281139390&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9c88322-05c98bbd3170f48-306d464a-140000-18312dc9c894&h=1&rnd=2087784449 HTTP/1.1
Host: z3.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
date: Tue, 06 Sep 2022 12:53:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.ydycon.com/
172.67.208.60200 OK 0 B IP 172.67.208.60:0
GET / HTTP/1.1
Host: www.ydycon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mtuxphhtr.gzasyz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:53:14 GMT
content-type: text/html
last-modified: Fri, 26 Aug 2022 04:14:36 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGr28aelnQWG4gVVb49Eafweo4iA7m5P6GlRfVwT9wN%2FHa%2BbspChr%2Fu7aBo0pLpMHbRPR0%2BVXUJ8DReULlc2d6Dfi3%2Bm%2B4AbSJO7bShI6vuz6C5wXMXxcRSOkhFHXHkoeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746758a9dea70af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z12.cnzz.com/stat.htm?id=1281137534&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9b6a62-0a240384a6200b-306d464a-140000-18312dc9b6c686&h=1&rnd=106292005
36.156.202.70200 OK 0 B URL HTTP/2 z12.cnzz.com/stat.htm?id=1281137534&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9b6a62-0a240384a6200b-306d464a-140000-18312dc9b6c686&h=1&rnd=106292005
IP 36.156.202.70:0
ASN #56046 China Mobile communications corporation
GET /stat.htm?id=1281137534&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9b6a62-0a240384a6200b-306d464a-140000-18312dc9b6c686&h=1&rnd=106292005 HTTP/1.1
Host: z12.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
date: Tue, 06 Sep 2022 12:53:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
z3.cnzz.com/stat.htm?id=1281142714&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9f432e4-0278f073f104898-306d464a-140000-18312dc9f442ff&h=1&rnd=1820725247
36.156.202.70200 OK 0 B URL HTTP/2 z3.cnzz.com/stat.htm?id=1281142714&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9f432e4-0278f073f104898-306d464a-140000-18312dc9f442ff&h=1&rnd=1820725247
IP 36.156.202.70:0
ASN #56046 China Mobile communications corporation
GET /stat.htm?id=1281142714&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9f432e4-0278f073f104898-306d464a-140000-18312dc9f442ff&h=1&rnd=1820725247 HTTP/1.1
Host: z3.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
date: Tue, 06 Sep 2022 12:53:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
z6.cnzz.com/stat.htm?id=1281142710&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9d722d9-06017c9c281f45-306d464a-140000-18312dc9d73454&h=1&rnd=767832200
36.156.202.70200 OK 0 B URL HTTP/2 z6.cnzz.com/stat.htm?id=1281142710&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9d722d9-06017c9c281f45-306d464a-140000-18312dc9d73454&h=1&rnd=767832200
IP 36.156.202.70:0
ASN #56046 China Mobile communications corporation
GET /stat.htm?id=1281142710&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9d722d9-06017c9c281f45-306d464a-140000-18312dc9d73454&h=1&rnd=767832200 HTTP/1.1
Host: z6.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
date: Tue, 06 Sep 2022 12:53:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
z12.cnzz.com/stat.htm?id=1281142713&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9e5c555-0c20c7e3458f5c8-306d464a-140000-18312dc9e5d453&h=1&rnd=1997679497
36.156.202.70200 OK 0 B URL HTTP/2 z12.cnzz.com/stat.htm?id=1281142713&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9e5c555-0c20c7e3458f5c8-306d464a-140000-18312dc9e5d453&h=1&rnd=1997679497
IP 36.156.202.70:0
ASN #56046 China Mobile communications corporation
GET /stat.htm?id=1281142713&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc9e5c555-0c20c7e3458f5c8-306d464a-140000-18312dc9e5d453&h=1&rnd=1997679497 HTTP/1.1
Host: z12.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
date: Tue, 06 Sep 2022 12:53:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
z3.cnzz.com/stat.htm?id=1281142707&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc974a420-0022a1243ced938-306d464a-140000-18312dc974b692&h=1&rnd=512740703
36.156.202.70200 OK 0 B URL HTTP/2 z3.cnzz.com/stat.htm?id=1281142707&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc974a420-0022a1243ced938-306d464a-140000-18312dc974b692&h=1&rnd=512740703
IP 36.156.202.70:0
ASN #56046 China Mobile communications corporation
GET /stat.htm?id=1281142707&r=http%3A%2F%2Fmtuxphhtr.gzasyz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1280x1024&p=https%3A%2F%2Fwww.ydycon.com%2F&t=%E4%BC%8A%E7%94%B8%E5%9B%AD&umuuid=18312dc974a420-0022a1243ced938-306d464a-140000-18312dc974b692&h=1&rnd=512740703 HTTP/1.1
Host: z3.cnzz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ydycon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
date: Tue, 06 Sep 2022 12:53:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2