38.173.90.56200 OK 369 B URL User Request GET HTTP/1.1 IP 38.173.90.56:80
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 037349014eca3b55d0ec7945015e3291
426cc6472132f8cac0497988af6e728e93bbb31a
69c255e8fc6e97f7f2a0ecae27a821cf8e348a4afbc4f42a5f7227056ed3cbd4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
NIDS Severity Alert suricata high ET MALWARE Single char EXE direct download likely trojan (multiple families)
GET /new/9.exe HTTP/1.1
Host: www.18dd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 09:39:48 GMT
Content-Type: text/html
Content-Length: 369
Connection: keep-alive
www.18dd.net/tj.js
38.173.90.56200 OK 258 B IP 38.173.90.56:80
Requested by http://www.18dd.net/new/9.exe
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 8b64d7f1101a038da057d91d76e7c399
cb0bf5f00b9cab9e22c40e72e205e95d8ebae4f5
05c8880951777257ff152b12d45a4e5ee89c2ecb4612cd8d4dfea5ce14d3a936
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tj.js HTTP/1.1
Host: www.18dd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/new/9.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 09:39:48 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.18dd.net/favicon.ico
38.173.90.56200 OK 1.2 kB IP 38.173.90.56:80
Requested by http://www.18dd.net/new/9.exe
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.18dd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/new/9.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 09:39:48 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 24 Apr 2024 09:39:48 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
hm.baidu.com/hm.js?bc574eeaf3496a6ecd996d09b14f4533
111.45.11.83200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?bc574eeaf3496a6ecd996d09b14f4533
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by http://www.18dd.net/new/9.exe
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (628)
Hash 711d8e55883c98f69e25ecf8872549f6
0fc550944d1c1bf0cc2c76888290d5a14c09d0f7
0887c61886460d48c19b2da0806b29b6ba9bcae9489c015ccf6de356f65112c4
GET /hm.js?bc574eeaf3496a6ecd996d09b14f4533 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11266
Content-Type: application/javascript
Date: Fri, 19 Apr 2024 09:39:49 GMT
Etag: b858458a37ce76f65ecdd47ab692f57d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DED56216C2523444; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=698683099&si=bc574eeaf3496a6ecd996d09b14f4533&v=1.3.0&lv=1&sn=41480&r=0&ww=1280&u=http%3A%2F%2Fwww.18dd.net%2Fnew%2F9.exe&tt=%E8%AF%B7%E7%89%A2%E8%AE%B0%E5%9F%9F%E5%90%8D%E6%B0%B8%E4%B8%8D%E5%A4%B1%E8%81%94
111.45.11.83200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=698683099&si=bc574eeaf3496a6ecd996d09b14f4533&v=1.3.0&lv=1&sn=41480&r=0&ww=1280&u=http%3A%2F%2Fwww.18dd.net%2Fnew%2F9.exe&tt=%E8%AF%B7%E7%89%A2%E8%AE%B0%E5%9F%9F%E5%90%8D%E6%B0%B8%E4%B8%8D%E5%A4%B1%E8%81%94
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by http://www.18dd.net/new/9.exe
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=698683099&si=bc574eeaf3496a6ecd996d09b14f4533&v=1.3.0&lv=1&sn=41480&r=0&ww=1280&u=http%3A%2F%2Fwww.18dd.net%2Fnew%2F9.exe&tt=%E8%AF%B7%E7%89%A2%E8%AE%B0%E5%9F%9F%E5%90%8D%E6%B0%B8%E4%B8%8D%E5%A4%B1%E8%81%94 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 19 Apr 2024 09:39:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=AFEFB8C98BABC5DD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
0b30a3.com/index.php
107.148.61.106200 OK 1.7 kB IP 107.148.61.106:443
Requested by http://www.18dd.net/new/9.exe
Certificate IssuerLet's Encrypt
Subject0a12a2.com
FingerprintEC:C8:FA:DE:DB:6A:D2:5C:F9:BA:69:57:34:DF:58:07:25:A4:2A:D9
ValidityThu, 11 Apr 2024 15:21:02 GMT - Wed, 10 Jul 2024 15:21:01 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (1817)
Hash 3173c587bdca91c274e1216a32b00171
436740d5fdb2bcf0aeaaf0e80b6ebc16d79af01d
db175599e138eb86023c079472533f5fe223b345a3fb6aabaf151146c261e53c
GET /index.php HTTP/1.1
Host: 0b30a3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.18dd.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 09:39:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
hm.baidu.com/hm.js?a13485c049909ae60655b637310a7c53
111.45.11.83 11 kB URL hm.baidu.com/hm.js?a13485c049909ae60655b637310a7c53
IP 111.45.11.83:0
ASN #56040 China Mobile communications corporation
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (619)
Hash 9ee536b31e96cb111e9db21e402f7523
7bea7506a08082a04d4ead6c501c3d194088566d
8dee6f87c4001ebba66bc9427da924ae024d3e7e4e02fb288c68ac723b818f17
GET /hm.js?a13485c049909ae60655b637310a7c53 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0b30a3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 19 Apr 2024 09:39:50 GMT
Etag: d670aabecd1dbfffa0922d904e82f7ad
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0756E0EFCE3D3FA7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=94459807&si=a13485c049909ae60655b637310a7c53&su=http%3A%2F%2Fwww.18dd.net%2F&v=1.3.0&lv=1&sn=41481&r=0&ww=1280&u=https%3A%2F%2F0b30a3.com%2Findex.php&tt=%E7%B2%BE%E5%BD%A9%E5%86%85%E5%AE%B9%E5%8D%B3%E5%B0%86%E5%91%88%E7%8E%B0
111.45.11.83 43 B URL hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=94459807&si=a13485c049909ae60655b637310a7c53&su=http%3A%2F%2Fwww.18dd.net%2F&v=1.3.0&lv=1&sn=41481&r=0&ww=1280&u=https%3A%2F%2F0b30a3.com%2Findex.php&tt=%E7%B2%BE%E5%BD%A9%E5%86%85%E5%AE%B9%E5%8D%B3%E5%B0%86%E5%91%88%E7%8E%B0
IP 111.45.11.83:0
ASN #56040 China Mobile communications corporation
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=94459807&si=a13485c049909ae60655b637310a7c53&su=http%3A%2F%2Fwww.18dd.net%2F&v=1.3.0&lv=1&sn=41481&r=0&ww=1280&u=https%3A%2F%2F0b30a3.com%2Findex.php&tt=%E7%B2%BE%E5%BD%A9%E5%86%85%E5%AE%B9%E5%8D%B3%E5%B0%86%E5%91%88%E7%8E%B0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0b30a3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 19 Apr 2024 09:39:51 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=177D1974E8189F32; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/css/style.css
47.246.2.226200 OK 5.6 kB URL GET HTTP/2 registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/css/style.css
IP 47.246.2.226:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (23054)
Hash 581e19ae5009774a82d34da33582a621
e64d6a4527851b343e44ca5db4192f3963decea9
c1f9f3cfe223533082faf3184767922d1d40a1f9799d7e76b1375c5f13286dec
GET /htmxskyjs/1.0.52/files/editors/web2/css/style.css HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: text/css; charset=utf-8
content-length: 5631
strict-transport-security: max-age=5184000
date: Fri, 19 Apr 2024 04:43:42 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 65b98fb0-fe07-11ee-865c-710f04ecfd97
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 67.486
via: ru3.l1, cache7.ru3, l2de2.l2, cache8.l2de2, npmmirror-x86-2022012802003, cache8.l2de2[866,866,200-0,M], cache21.l2de2[868,0], cache7.ru3[0,0,200-0,H], cache5.ru3[1,0]
content-encoding: gzip
ali-swift-global-savetime: 1713501822
age: 17771
x-cache: HIT TCP_MEM_HIT dirn:10:327353812
x-swift-savetime: Fri, 19 Apr 2024 04:43:42 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029917135195930532191e
X-Firefox-Spdy: h2
registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/js/main.js
47.246.2.226200 OK 4.8 kB URL GET HTTP/2 registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/js/main.js
IP 47.246.2.226:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (7234)
Hash dd58f6728ed059921c19dacabb9dfa9b
632b3575fdcb11f1ad899f73f482eafe17b3c1ba
db795e95c1f8005e0ddb09270fac54d28739def33e123a3988fa543973e4e5b5
GET /htmxskyjs/1.0.52/files/editors/web2/js/main.js HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
content-length: 4761
strict-transport-security: max-age=5184000
date: Wed, 17 Apr 2024 20:54:23 GMT
vary: Origin, Accept, Accept-Encoding
request-id: ab4a1060-fcfc-11ee-865c-710f04ecfd97
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 46.846
via: ru3.l1, cache9.ru3, l2us1.l2, cache21.l2us1, npmmirror-x86-2022012802003, cache21.l2us1[355,355,200-0,M], cache26.l2us1[357,0], cache9.ru3[0,0,200-0,H], cache5.ru3[1,0]
content-encoding: gzip
ali-swift-global-savetime: 1713387263
age: 132330
x-cache: HIT TCP_MEM_HIT dirn:9:294758157
x-swift-savetime: Wed, 17 Apr 2024 20:54:23 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029917135195930562197e
X-Firefox-Spdy: h2
registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/css/icon.css
47.246.2.226200 OK 7.9 kB URL GET HTTP/2 registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/css/icon.css
IP 47.246.2.226:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (14170)
Hash 07054d1ac5f3df37363a4628b1469f30
42aad1bd6c35cc21440daf82afc04eecd8ce6213
af85fcdc0ffe18f2b68d0f0188d8122ee6e2cb8e81fa4247d7f9f4bdf9ca6e29
GET /htmxskyjs/1.0.52/files/editors/web2/css/icon.css HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/css; charset=utf-8
content-length: 7924
strict-transport-security: max-age=5184000
date: Wed, 17 Apr 2024 20:54:24 GMT
vary: Origin, Accept, Accept-Encoding
request-id: abd2a150-fcfc-11ee-ae38-f7421f58ed4d
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 38.836
via: ru3.l1, cache6.ru3, l2us1.l2, cache29.l2us1, registry.npmmirror.com-07, cache29.l2us1[332,332,200-0,M], cache37.l2us1[334,0], cache6.ru3[0,0,200-0,H], cache5.ru3[0,0]
content-encoding: gzip
ali-swift-global-savetime: 1713387264
age: 132329
x-cache: HIT TCP_MEM_HIT dirn:9:118592544
x-swift-savetime: Wed, 17 Apr 2024 20:54:24 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029917135195931142315e
X-Firefox-Spdy: h2
registry.npmmirror.com/validaterick/1.0.21/files/logo/kt_logo.png
47.246.2.226200 OK 7.2 kB URL GET HTTP/2 registry.npmmirror.com/validaterick/1.0.21/files/logo/kt_logo.png
IP 47.246.2.226:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Hash 34bd0caf56ca2261a6a583885c4b1fd2
f91c8d2c0d087fc62f71b06e7ebc63d04bb3598c
44e1f5564119bfe2680e7fa91dabe1d7b22cd19fc25d4d14f421d60a8704d2db
GET /validaterick/1.0.21/files/logo/kt_logo.png HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 7162
strict-transport-security: max-age=5184000
date: Thu, 18 Apr 2024 02:35:19 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 4c4b0f80-fd2c-11ee-bd63-8b5209de93d2
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 43.733
via: ru3.l1, cache2.ru3, l2de2.l2, cache9.l2de2, npmmirror-x86-20220823001, cache9.l2de2[237,236,200-0,M], cache12.l2de2[239,0], cache2.ru3[0,0,200-0,H], cache5.ru3[1,0]
ali-swift-global-savetime: 1713407719
age: 111874
x-cache: HIT TCP_HIT dirn:10:157685830
x-swift-savetime: Thu, 18 Apr 2024 02:35:19 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029917135195931742443e
X-Firefox-Spdy: h2
registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/js/index.js
47.246.2.226200 OK 1.2 kB URL GET HTTP/2 registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/js/index.js
IP 47.246.2.226:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (3274), with no line terminators
Hash d88b09cfdfb50f1d610f99e29f29b4f5
af7ba9c6685658946a056dfd7c71e31c10bf1d8d
f3fa47d90201ed6b5db62ffe7315616b16032476c8cedb863f5c065a5275bac1
GET /htmxskyjs/1.0.52/files/editors/web2/js/index.js HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
content-length: 1231
strict-transport-security: max-age=5184000
date: Wed, 17 Apr 2024 21:09:59 GMT
vary: Origin, Accept, Accept-Encoding
request-id: d962af00-fcfe-11ee-abec-d5c7b78dfcc6
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 21.184
via: ru3.l1, cache6.ru3, l2fr1.l2, cache8.l2fr1, npmmirror-x86-20220823001, cache8.l2fr1[267,267,200-0,M], cache12.l2fr1[268,0], cache6.ru3[0,0,200-0,H], cache5.ru3[0,0]
content-encoding: gzip
ali-swift-global-savetime: 1713388199
age: 131394
x-cache: HIT TCP_MEM_HIT dirn:9:121774498
x-swift-savetime: Wed, 17 Apr 2024 21:09:59 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029917135195931802450e
X-Firefox-Spdy: h2
registry.npmmirror.com/pickadatejs/1.0.7/files/lib/static/sexygirl.gif
47.246.2.226200 OK 15 kB URL GET HTTP/2 registry.npmmirror.com/pickadatejs/1.0.7/files/lib/static/sexygirl.gif
IP 47.246.2.226:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type GIF image data, version 89a, 90 x 107
Hash 08cd02b15e6b509430265d6b2d524b33
0aac054ce3169c2ee96647354b3f3f3c4cc749de
34548ea196b54a72899bbedf294bcc3b0ac732ad983a35d0748366a2d7d8cea5
GET /pickadatejs/1.0.7/files/lib/static/sexygirl.gif HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://registry.npmmirror.com/htmxskyjs/1.0.52/files/editors/web2/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 14773
strict-transport-security: max-age=5184000
date: Fri, 12 Apr 2024 14:00:35 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 08af6920-f8d5-11ee-9905-c105ec2207aa
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 68.825
via: ru3.l1, cache15.ru3, l2de2.l2, cache12.l2de2, registry.npmmirror.com-07, cache12.l2de2[881,881,200-0,M], cache23.l2de2[883,0], cache15.ru3[0,0,200-0,H], cache5.ru3[3,0]
ali-swift-global-savetime: 1712930435
age: 589158
x-cache: HIT TCP_HIT dirn:10:419168100
x-swift-savetime: Fri, 12 Apr 2024 14:00:35 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029917135195931952487e
X-Firefox-Spdy: h2
registry.npmmirror.com/validaterick/1.0.18/files/logo/cg_logo.png
47.246.2.226200 OK 8.2 kB URL GET HTTP/2 registry.npmmirror.com/validaterick/1.0.18/files/logo/cg_logo.png
IP 47.246.2.226:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Hash a72d1f0779d96ac3546b2896279230c7
8881150c2ae7804b077364f2c873ec9346164107
7f8aa268ad52a15b2539d1322bb2952395fc239458113f28311baf3a55847fa6
GET /validaterick/1.0.18/files/logo/cg_logo.png HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 8242
strict-transport-security: max-age=5184000
date: Fri, 12 Apr 2024 14:00:35 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 089614c0-f8d5-11ee-9905-c105ec2207aa
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 37.384
via: ru3.l1, cache2.ru3, l2de2.l2, cache26.l2de2, registry.npmmirror.com-07, cache26.l2de2[241,241,200-0,M], cache11.l2de2[244,0], cache2.ru3[0,0,200-0,H], cache5.ru3[1,0]
ali-swift-global-savetime: 1712930435
age: 589158
x-cache: HIT TCP_HIT dirn:10:327655482
x-swift-savetime: Fri, 12 Apr 2024 14:00:35 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029917135195932542634e
X-Firefox-Spdy: h2
registry.npmmirror.com/validaterick/1.0.10/files/bower/1334adb7007e8648bbd4bf39f1edc15b
47.246.2.226200 OK 311 kB URL GET HTTP/2 registry.npmmirror.com/validaterick/1.0.10/files/bower/1334adb7007e8648bbd4bf39f1edc15b
IP 47.246.2.226:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image
Size 311 kB (311104 bytes)
Hash 350360a3ba5bed1914c36f5ace66c97d
56096ebb7388117bc7e59a604040949486759209
93553374255807e1ed0d57e33afa739c40f14b9752e94ab511b6c4a3e00bd8ec
GET /validaterick/1.0.10/files/bower/1334adb7007e8648bbd4bf39f1edc15b HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/octet-stream
content-length: 311104
strict-transport-security: max-age=5184000
date: Fri, 12 Apr 2024 14:00:35 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 089e5220-f8d5-11ee-8c14-2901f4c3e4d3
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 98.538
via: ru3.l1, cache15.ru3, l2de2.l2, cache9.l2de2, npmmirror-x86-20220823002, cache9.l2de2[406,405,200-0,M], cache12.l2de2[408,0], cache15.ru3[0,2,200-0,H], cache5.ru3[4,0]
ali-swift-global-savetime: 1712930435
age: 589158
x-cache: HIT TCP_HIT dirn:11:61951167
x-swift-savetime: Fri, 12 Apr 2024 14:00:35 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *
eagleid: 2ff6029917135195933422836e
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?616275f8a80b7b81aba0289de0eff3d9
111.45.11.83200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?616275f8a80b7b81aba0289de0eff3d9
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (617)
Hash 4d6489e1c5153bef163bdbd437fad215
bbf009e51e1af1a1e3c10e770a7de3b5d8464ee9
02a58f9ca758bd114612b3df9817878d6cf463d2551fff65e6040c7adb2f59c3
GET /hm.js?616275f8a80b7b81aba0289de0eff3d9 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 19 Apr 2024 09:39:53 GMT
Etag: ccf8c581371571396bcaa6149bba76fd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A3DA34B4E366EA62; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
registry.npmmirror.com/validaterick/1.0.10/files/bower/c0da9354f744e68da3dfefa70f0881da
47.246.2.226200 OK 627 kB URL GET HTTP/2 registry.npmmirror.com/validaterick/1.0.10/files/bower/c0da9354f744e68da3dfefa70f0881da
IP 47.246.2.226:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerDigiCert Inc
Subjectregistry.npmmirror.com
Fingerprint0A:37:35:78:AE:E7:18:6C:F6:F9:63:3A:1A:75:61:7C:00:4E:E4:9F
ValidityThu, 14 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image
Size 627 kB (627070 bytes)
Hash 068e67a00fdff0946e1c1c6b253cd08c
31640ca9515f6b2689f7141d3a98f0cbe43dbbc2
98e34e03cc3380defd4bdbd450a8e72c81f973fa94a59619cead67831f0e1b9c
GET /validaterick/1.0.10/files/bower/c0da9354f744e68da3dfefa70f0881da HTTP/1.1
Host: registry.npmmirror.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/octet-stream
content-length: 627070
strict-transport-security: max-age=5184000
date: Fri, 12 Apr 2024 14:00:35 GMT
vary: Origin, Accept, Accept-Encoding
request-id: 089837a0-f8d5-11ee-bd63-8b5209de93d2
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 65.433
via: ru3.l1, cache10.ru3, l2de2.l2, cache15.l2de2, npmmirror-x86-20220823001, cache15.l2de2[0,19,200-0,H], cache23.l2de2[21,0], cache16.ru3[0,1,200-0,H], cache5.ru3[3,0]
ali-swift-global-savetime: 1712930435
age: 589158
x-cache: HIT TCP_HIT dirn:10:172447485
x-swift-savetime: Mon, 15 Apr 2024 01:54:59 GMT
x-swift-cachetime: 31320336
timing-allow-origin: *
eagleid: 2ff6029917135195933432838e
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240416/VR20240416140005496VOZ.webp
188.114.99.132200 OK 36 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240416/VR20240416140005496VOZ.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 917x516, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 836f35d7f5781d2ad59623e5bb9ea45e
eeba4cc4694245e95eae23ca509a91ad50eb9b8a
7f8caf262744e6f2564748902b927d75c93c8940f56c2dfdd16ee2c73bbc2b0f
GET /vod/240416/VR20240416140005496VOZ.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 35480
last-modified: Tue, 16 Apr 2024 16:30:03 GMT
etag: "661ea78b-8a98"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHIgw%2FdTfHig4XRoitDgS1UAlO4XW7hFTooLBeW%2FLFud6liEnohloylO5V%2BENSJ2AlKCzjt9zP%2BRrr2ujali%2Fd1lu9OTiPS53BuOH4zkwRWomNsfdAoMCf6BAWTL%2FnEQNiX3v%2FQBvlU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5056a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003498Rxpf.webp
188.114.99.132200 OK 62 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003498Rxpf.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1371x792, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 81deaaf0f8cb24348d997ceef7799ae8
51f3f365ff30d97485fbe8ebdfd006ebcbbde10e
831813e3b126c2a5aca6ef6630ab4565ff12b7000fae3601d52c32f65ae0275a
GET /vod/240326/VR2024032607003498Rxpf.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 61682
last-modified: Tue, 26 Mar 2024 16:30:36 GMT
etag: "6602f82c-f0f2"
expires: Fri, 10 May 2024 08:34:05 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 781548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzsIkNjzjdNUiBD%2FqRlh74LHCmpZgreqVZesSiXWH9%2FiblTDmoh3KwgXrTN%2BwW6301JRod7cK1cYJnNkuAJCovi3qmCZQ0Sb6QZmkd3gLYTzBEaNIrsNJ2QjsK8lBTPRX3HqpLCUXI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5456a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003416OZXA.webp
188.114.99.132200 OK 62 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003416OZXA.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a671e7e10cf82155a1e250125d240df3
adb578dbd2f7905e938b3622b6bdc6a779e29697
a0ed1972088f7910dfeff5c1089d6b0136d6e296b430e074c9e8d60365ef7efe
GET /vod/240326/VR2024032607003416OZXA.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 62214
last-modified: Tue, 26 Mar 2024 16:30:37 GMT
etag: "6602f82d-f306"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvtO%2BXcG2qUDdKEL3i9FGPRN%2BACIoOl1ag9t8McsGEBODTXHnpkXvYnTEfdJMFag45qzepH6JD1ZsYfC0cswYk81QN3R3A64n0yMBgGAhiXCi9EBhcTWZjZb8%2Fl7P%2B8AsFx9iGv%2F02M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5256a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003413C0Qj.webp
188.114.99.132200 OK 67 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003413C0Qj.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x800, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 7cb8b5e29b6a3357a83f5c0fa6939948
911f3d525689f1c07a2b54604866870c3384b4b8
b01f056af0e940bc93880eff756fefeba34bb5e5f03a3c6e91c8b30bac7693fe
GET /vod/240326/VR2024032607003413C0Qj.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 66744
last-modified: Tue, 26 Mar 2024 16:30:32 GMT
etag: "6602f828-104b8"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jzHfJJrVglSuBYZx0mkGxdrpo3GJkCjwSwzQH1K%2F3ECTjNJJSMjYONW3qTpvjKtbwtmVmszhOrpaw%2Fj7uc3N0gNGkIpCj2GkzuWjQDeuHTKJ3xc91bEqSqv9zMZ6hNTjZbDltn32KIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5156a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003553in6v.webp
188.114.99.132200 OK 13 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003553in6v.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 906x687, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 4cc40deffcf3538cc437efc584459669
84c241d62993d2b8a5420292c614ffb52fda7e2f
3b2636357fdbac35d6c0739bf89a8c63de1412ac897fe68b2566b20ef562b6f0
GET /vod/240326/VR2024032607003553in6v.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 13266
last-modified: Tue, 26 Mar 2024 16:30:38 GMT
etag: "6602f82e-33d2"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6ZQSbdNTDJq74e4Yl42m0CN7d8RuCE2uFJWJSEDD5oPQ8LF35WL5IQPs9TeYQYGHF84YfnxvfaJ0czoZUQX1j7GKViEJ0%2BLGfXyWpkIIkkCVhA5BZ1IbG7ipcn9z7g3uo7rm0MzihE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5956a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003312BNQC.webp
188.114.99.132200 OK 56 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003312BNQC.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x800, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 065876f1068aac969babdb1afa0513e7
75a7fa2decbac0dd20472a9876f013e9b731445b
9f9376d01296dbfaa54a2a7a0a1aaa82d3f55f4616076728196d0f760acc84e4
GET /vod/240326/VR2024032607003312BNQC.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 56098
last-modified: Tue, 26 Mar 2024 16:30:32 GMT
etag: "6602f828-db22"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CD3Ny6ti2mHyukSu3qocoYfi5THkLTsWA49l8Uv30kZEkr%2Br5mDYqcJxEAzQi3iPU5h8MoEQmwVXsgcreQbcCcDgpdhDuIgcjCQAwi3pt5fUJUVbUBIQqumVge2ykPAZfxTWQQAxxC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5356a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003449lqtQ.webp
188.114.99.132200 OK 56 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003449lqtQ.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x800, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a27d687c0b17bc7c9f747781dad5338c
3c4a270335d545f312130d7ae79df8bc7e8657d3
77c160b0ed95a3d763b5f6f3744d8380ed4a8bc8c7752c557b432b7a389d42e2
GET /vod/240326/VR2024032607003449lqtQ.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 56028
last-modified: Tue, 26 Mar 2024 16:30:36 GMT
etag: "6602f82c-dadc"
expires: Mon, 06 May 2024 15:00:08 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1103984
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=seDLLblB3VpteknztelvXDWJagx8GWjFnqdHT79X2%2Bn50Pg00v%2FSUrKYEgJ%2BV%2FU%2B60kP5QcaRc5qsB6Z3QlgiZraibnA2VyRgXsB33XikqTaSjEX%2Buw66%2Fye5xIQ8SR3836P8tKpQUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5656a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240412/VR2024041217001159gyV4.webp
188.114.99.132200 OK 6.1 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240412/VR2024041217001159gyV4.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 554x261, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 69b3aa139ed84024ccb5780582b827c9
cb8c0a2ed71fa5c07f1f4f0b33b528092d2c7562
7f1b6f29f605d84577843ebdb3b916c26c7739d1a6c90e8ec3efba5ef33568a1
GET /vod/240412/VR2024041217001159gyV4.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 6118
last-modified: Fri, 12 Apr 2024 16:30:05 GMT
etag: "6619618d-17e6"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gDxBSA4heznjHqIlTUFLn05KqdaCDj3bEXkCZzVlr7flJKYkpZQh5yfulh1dJnEk8xNFA9cX9fRJ56qfik9KntOl4XGtFwc64%2FtjWAiGeb5qIqGcyOlbUUsf%2FHvAn1jox0COKhOZyxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5f56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240419/VR2024041906000433UZ9E.webp
188.114.99.132200 OK 242 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240419/VR2024041906000433UZ9E.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 1076x852, components 3
Size 242 kB (242470 bytes)
Hash fcdc7c224819c0092ef6d5b04db1aabe
55702db7e18c0628b875581710816fd990c406fe
a6f901d277efc6dd80b104c5690882e1b0c9665cd7213ab12fd9ec30344d26d4
GET /vod/240419/VR2024041906000433UZ9E.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 242470
last-modified: Thu, 18 Apr 2024 22:03:03 GMT
etag: "66219897-3b326"
expires: Sun, 19 May 2024 02:47:45 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 24727
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fcwj1wdyPnP0ReeSII%2FZGyV3tjrjV3n3QM8i%2FNfvLCc2ZUyUH7rOvKaWui1A%2BFHz73QJhmkvVDsGAiHpR3OeZjKIQbX51lRR6Gd%2FEkn9%2FVU7Ri0eaHTtvGj31ial6JCpLnuCbRn158U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e4c56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR2024032607003458NGbL.webp
188.114.99.132200 OK 8.3 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR2024032607003458NGbL.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 509x354, Scaling: [none]x[none], YUV color, decoders should clamp
Hash f3432c34f882b55bc9c478286c9a0c20
8c4d617f5046f9df55cca0f2456c1cc380d4fdc0
966cdccfa6bde245946947cff6b44bf4c8ffad738517bc4a76cd5dd9d0729b8f
GET /vod/240326/VR2024032607003458NGbL.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 8302
last-modified: Tue, 26 Mar 2024 16:30:35 GMT
etag: "6602f82b-206e"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8DjHSbQIA9x7e%2FonzYM1CCOjm8rYu59bji6vo5pcd386ejlY6zAPK5L1YzynS%2F2sLJWzdq5ShiWq0BD0L6JdvlvOsBO1LTz18z5v9nhoY8hdsSnPTTCQ9tlXpOQbPEu7eF%2Fx%2F7jhio%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5a56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240326/VR20240326070033268vkI.webp
188.114.99.132200 OK 51 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240326/VR20240326070033268vkI.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 0074ae464572bd4f0d91064792e055ce
b413ed9482fb51fd971ce24b7b16eea4693f2d3a
9196940c4caf81892d4a059a598b28759c3b82e4161674c214c0ddcb8ab007d6
GET /vod/240326/VR20240326070033268vkI.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 51438
last-modified: Tue, 26 Mar 2024 16:30:33 GMT
etag: "6602f829-c8ee"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WzGK1rVpsH1sCkUL4leJGNS7VYkKnVtgwHkW1X0ncATc5B1sh4XQirI5TgENgo%2FQZ0oPWhh%2FI8Q0mUFo%2FUHjNqB4IHVDfGOB84SfGMSOaKIsgSuomSMaBQMWDbxfKYW%2BNEksUd8bflw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e5e56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240412/VR2024041217001061VNsO.webp
188.114.99.132200 OK 11 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240412/VR2024041217001061VNsO.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 487x292, Scaling: [none]x[none], YUV color, decoders should clamp
Hash f67238280ed0a7c08fdc0f0062808dbc
b7d732fda10b04a126fc7aa55349c5643e732b3a
cd2e92536265cf1eea5546b09b69fd196ed68469cd2aa84732cbb95fad956fc7
GET /vod/240412/VR2024041217001061VNsO.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 10750
last-modified: Fri, 12 Apr 2024 16:30:05 GMT
etag: "6619618d-29fe"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2FKHtElaRn6wVuYa0Nv7Ed%2FHDGj8Q8mlMf%2BUVDqcF4YhIc3DkShuC58CzG9A5gNhpBKYY9vhIrkE%2B405eLZOxkenmINs03crWNAZC3oqb4OG%2BrTf6qUXfLDzxsiokQ8pkAzR%2BcfOPmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e6956a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240412/VR2024041217001030abPD.webp
188.114.99.132200 OK 12 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240412/VR2024041217001030abPD.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 458x303, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ffe8c54b24a501af5a5ce62079b7803c
b0a435b223314d8bdfbab4ec23d7c36ab35327a6
bac94c95c678c639c39c0d433f8d901b70beeca38d10134848d25defc6d60173
GET /vod/240412/VR2024041217001030abPD.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 11898
last-modified: Fri, 12 Apr 2024 16:30:05 GMT
etag: "6619618d-2e7a"
expires: Mon, 13 May 2024 13:25:43 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 504850
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ed8LQbis8Om6%2BkxYx6lpxXDQrAdJI%2Bu0ifRjuJTTRjb5tAoD3THZQKWIoUQmURdo7%2BOlDvlYbHbxA4u59jq8K%2BMxJdsQ%2BBgNXQFVXqctoWeykWBuv6fui0%2F5RpYXKSmPKXMl%2F1vWV88%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e6256a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240416/VR2024041614000636OSyh.webp
188.114.99.132200 OK 34 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240416/VR2024041614000636OSyh.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 910x514, Scaling: [none]x[none], YUV color, decoders should clamp
Hash d05759f471187e82b5327d48aac707f1
b698864ea5eed9920c5aa79836d4eaa93f5d4ab9
27a07764ef420006206c1e29b268549b66b1ef94420d6ffd9d34c18fe2f18716
GET /vod/240416/VR2024041614000636OSyh.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:53 GMT
content-type: image/webp
content-length: 34466
last-modified: Tue, 16 Apr 2024 16:30:03 GMT
etag: "661ea78b-86a2"
expires: Thu, 16 May 2024 22:41:30 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 212303
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CmyifT06Oa9iMlnT7LWigPrMywX4ICVw%2FTP9sTB3ypI1o2X97myJIvGd2SVFzcRaMLEn6P8CS%2F4VvUfgERkRKr0nFsr%2BF7qCOKgPmxZLIlWKP9LnZjPyCpgZVSlfqcDDZhY%2FLC8WWoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee14ae6b56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=537319401&si=616275f8a80b7b81aba0289de0eff3d9&v=1.3.0&lv=1&sn=41484&r=0&ww=1280&u=https%3A%2F%2Fx8uvb69.tvy5jtqjwu5re6iueve4.top%2Fhome.html&tt=%E9%A6%96%E9%A1%B5%20-%20%E7%9C%8B%E5%A5%B9%E7%A4%BE%E5%8C%BA
111.45.11.83200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=537319401&si=616275f8a80b7b81aba0289de0eff3d9&v=1.3.0&lv=1&sn=41484&r=0&ww=1280&u=https%3A%2F%2Fx8uvb69.tvy5jtqjwu5re6iueve4.top%2Fhome.html&tt=%E9%A6%96%E9%A1%B5%20-%20%E7%9C%8B%E5%A5%B9%E7%A4%BE%E5%8C%BA
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=23400&et=0&ja=0&ln=en-us&lo=0&rnd=537319401&si=616275f8a80b7b81aba0289de0eff3d9&v=1.3.0&lv=1&sn=41484&r=0&ww=1280&u=https%3A%2F%2Fx8uvb69.tvy5jtqjwu5re6iueve4.top%2Fhome.html&tt=%E9%A6%96%E9%A1%B5%20-%20%E7%9C%8B%E5%A5%B9%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 19 Apr 2024 09:39:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=869557D496D04D46; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
y4video.bytedance.sbs/vod/240419/VR2024041914000759tIp3.webp
188.114.99.132200 OK 23 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240419/VR2024041914000759tIp3.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 436x283, components 3
Hash ca956ddd319f42e37acec5b8c1993353
1eb06437e3f8a39c6baee152508d4ad871ac4059
00f1a853447e777b80b816bc4905bf30aef9c06e0a80c7be09763214f61edc6b
GET /vod/240419/VR2024041914000759tIp3.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:54 GMT
content-type: image/webp
content-length: 22824
last-modified: Fri, 19 Apr 2024 06:03:04 GMT
etag: "66220918-5928"
expires: Sun, 19 May 2024 09:39:53 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMl42LPZWiOvbOqwUTGy1MmwlxuwbYqZIyKF0kEqPviOSImlp3xZnbLEcNHLNcGuWxkpsZTwhXf%2F18mxfSBd8Qf3yG7%2FgFBMEfhR%2F9dKuDMnh69%2BakswS5IjBCE2rMVHS6cQwirLp4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e4f56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
y4video.bytedance.sbs/vod/240419/VR2024041914000657rexS.webp
188.114.99.132200 OK 19 kB URL GET HTTP/2 y4video.bytedance.sbs/vod/240419/VR2024041914000657rexS.webp
IP 188.114.99.132:443
Requested by https://x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
Certificate IssuerGoogle Trust Services LLC
Subjecty4video.bytedance.sbs
Fingerprint87:43:77:C8:E6:6A:6C:4F:AE:E2:5D:3F:0C:A8:05:7E:88:10:80:20
ValidityThu, 04 Apr 2024 20:22:23 GMT - Wed, 03 Jul 2024 20:22:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Generated by Snipaste", baseline, precision 8, 463x282, components 3
Hash 4e0763fc9d3ed060e8145c0ade06c2fa
e9489dfc9b9e497b8e6b7a4affc439f35fea60f4
d7043fc4d70d7c05c3413f22a4f8f0bd62443330346c45c1586894b0b0607f79
GET /vod/240419/VR2024041914000657rexS.webp HTTP/1.1
Host: y4video.bytedance.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://x8uvb69.tvy5jtqjwu5re6iueve4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:54 GMT
content-type: image/webp
content-length: 18709
last-modified: Fri, 19 Apr 2024 06:03:04 GMT
etag: "66220918-4915"
expires: Sun, 19 May 2024 09:39:53 GMT
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFsFbdKAoZuMMnrbrNJukc09no2ifJHdzbrhQbiQPAgqg81mC3ivBnslToIdMAM8RuPZu2dSOl06ei68T1sNE3XURkF3w222wS8qsehwq5FgMwvEXvc32gpjIpkpRoOnn7EA%2BI0LqC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876bee149e6456a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
98.126.229.98200 OK 104 kB URL GET HTTP/2 x8uvb69.tvy5jtqjwu5re6iueve4.top/home.html
IP 98.126.229.98:443
Requested by http://www.18dd.net/new/9.exe
Certificate IssuerLet's Encrypt
Subjecttk6dcplyjurc6fteip5g.top
Fingerprint62:9E:BC:22:4F:94:A8:4A:B7:C9:10:EC:A2:8A:F3:C4:80:65:0D:FD
ValidityFri, 08 Mar 2024 02:23:09 GMT - Thu, 06 Jun 2024 02:23:08 GMT
Size 104 kB (104003 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /home.html HTTP/1.1
Host: x8uvb69.tvy5jtqjwu5re6iueve4.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 09:39:52 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
bytedace: PaoPao
vary: Accept-Encoding
cache-control: public, max-age=3600
content-encoding: gzip
server: nginx
x-cache-status: HIT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 1728000
X-Firefox-Spdy: h2