cfileapi.gyaott.top/001/puppet.Txt?31914795
45.207.71.123 224 B URL cfileapi.gyaott.top/001/puppet.Txt?31914795
IP 45.207.71.123:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document, ASCII text, with CRLF line terminators
Hash 5abd17caff5ac9f16a562f6fd5eb4460
6423d820a668b08f45b2b7ca411ca3a87781b145
26d82981426ce33e8efceb49fc368223e48d977f6f75075710991ffa8876f57c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /001/puppet.Txt?31914795 HTTP/1.1
Host: cfileapi.gyaott.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:26:52 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
cfileapi.gyaott.top/gczx.html
45.207.71.123200 OK 5.8 kB URL User Request GET HTTP/1.1 cfileapi.gyaott.top/gczx.html
IP 45.207.71.123:80
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28637)
Hash 200f39af116ed54e6182f27605fe374a
b8bfefc65cb9fbefff48719c96969e78804427f2
27d9da24acf51e0547e5577fa3eec1269258af431fb598ce7c36127082e0c878
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /gczx.html HTTP/1.1
Host: cfileapi.gyaott.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cfileapi.gyaott.top/001/puppet.Txt?31914795
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:26:53 GMT
Content-Type: text/html
Last-Modified: Mon, 15 May 2023 15:00:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6462491c-789c"
Content-Encoding: gzip
cfileapi.gyaott.top/favicon.ico
45.207.71.123200 OK 224 B URL GET HTTP/1.1 cfileapi.gyaott.top/favicon.ico
IP 45.207.71.123:80
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
Requested by http://cfileapi.gyaott.top/gczx.html
File type HTML document, ASCII text, with CRLF line terminators
Hash 5abd17caff5ac9f16a562f6fd5eb4460
6423d820a668b08f45b2b7ca411ca3a87781b145
26d82981426ce33e8efceb49fc368223e48d977f6f75075710991ffa8876f57c
GET /favicon.ico HTTP/1.1
Host: cfileapi.gyaott.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cfileapi.gyaott.top/gczx.html
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:26:53 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.20.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.20.226:0
Hash 2ea96a57e8a648b0a327bf9409f11684
eb5337857e0410f0e37dcaba8298ebee7ad3f98b
74f577fd42d4369b119629e744c5335e7768f9c7d76dee5bcaf1edecb0ca0314
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:26:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Sun, 11 Jun 2023 05:11:26 GMT
ETag: "eb5337857e0410f0e37dcaba8298ebee7ad3f98b"
Last-Modified: Wed, 07 Jun 2023 05:11:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1052
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36d3810c59b51e-OSL
gczx666.oss-cn-shenzhen.aliyuncs.com/gczx.js
120.77.166.101 125 B URL gczx666.oss-cn-shenzhen.aliyuncs.com/gczx.js
IP 120.77.166.101:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash 0ff1ad5fc02d31edcb1f315d7d49172a
636631c6ebcc0766a27921cbec58dc71af4399c7
6cb30873cc1f45465e48eba72b4205007b7aab8b06a5713da9923841e5e14331
GET /gczx.js HTTP/1.1
Host: gczx666.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cfileapi.gyaott.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 07 Jun 2023 06:26:56 GMT
Content-Type: application/javascript
Content-Length: 125
Connection: keep-alive
x-oss-request-id: 64802330B977323330AFFBCC
Accept-Ranges: bytes
ETag: "0FF1AD5FC02D31EDCB1F315D7D49172A"
Last-Modified: Mon, 05 Jun 2023 04:56:31 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4246857114174384965
x-oss-storage-class: Standard
Content-MD5: D/GtX8AtMe3LHzFdfUkXKg==
x-oss-server-time: 1
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash 39543f26cf5c843a475c4188a1fceceb
77d3c1a59de8dbff7358ba63e8def840f7c654bf
71b340dd7944d5c4aef63ce1a14ec66f6a5952f6677833ee06971fab5a60406c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 06:10:33 GMT
Expires: Tue, 13 Jun 2023 06:10:32 GMT
Etag: "77d3c1a59de8dbff7358ba63e8def840f7c654bf"
Cache-Control: max-age=516811,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d36d3a5aa071c02-OSL
320213.com/static/css/9.e1799f90210d.css
20.205.104.140200 OK 927 B URL GET HTTP/2 320213.com/static/css/9.e1799f90210d.css
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 991052cbe2793dc3e29d599c0ecf3a90
f2e21c504953e04f90b450f36eb97ad561dd151c
12e233dd3af3af933aa6d0c79fdcb319978c79e255cc8c969bd33e76684d2650
GET /static/css/9.e1799f90210d.css HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:02 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-445"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 39937ea138c18d9ba301b5a9f10ca80b
765aad5be0a2f9b49ccf06c4d9155bfc85fa6634
49028e43916673428ad60ff5130e7a2633fb92101147da421911b397c16119e7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 11 Jun 2023 04:33:14 GMT
ETag: "765aad5be0a2f9b49ccf06c4d9155bfc85fa6634"
Last-Modified: Wed, 07 Jun 2023 04:33:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2486
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36d3bc6c59b51e-OSL
aeis.alicdn.com/AWSC/AWSC/awsc.js?_t=234183
104.110.21.4 3.9 kB URL aeis.alicdn.com/AWSC/AWSC/awsc.js?_t=234183
IP 104.110.21.4:0
File type ASCII text, with very long lines (11988), with no line terminators
Hash 05ccd82860f1ad63d32696b7b6c0ce14
52090b1208172ff8f4cec5f6454881c61f0e0a2f
bc6b428ea03ce9591b45c8cabfc9489db7e112c55b393c88868de0efe04ceb5a
GET /AWSC/AWSC/awsc.js?_t=234183 HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 3930
x-oss-request-id: 648003EB1995BC39352A70C2
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7512433114953199032
x-oss-storage-class: Standard
content-md5: BczYKGDxrWPTJpa3tsDOFA==
x-oss-server-time: 3
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1686111211
x-swift-savetime: Wed, 07 Jun 2023 04:39:45 GMT
x-swift-cachetime: 2026
eagleid: 2ff62c9716861127854358339e
cache-control: max-age=727, s-maxage=3600
expires: Wed, 07 Jun 2023 06:39:10 GMT
date: Wed, 07 Jun 2023 06:27:03 GMT
vary: Accept-Encoding
served-from: 23.36.77.199
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 104.110.21.4
X-Firefox-Spdy: h2
320213.com/v1/report/tenantReport/getAvgOptTime?t=1686119222577
20.205.104.140200 OK 26 kB URL GET HTTP/2 320213.com/v1/report/tenantReport/getAvgOptTime?t=1686119222577
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 5a01a28281e0f84caa9091a0e9d51857
b293125c59b40500286ae478b4645a1a7e8b201a
8965b359f2b4c7af20c232162f29b9e4ad004803028538b25c3c8452ba78a5ba
GET /v1/report/tenantReport/getAvgOptTime?t=1686119222577 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
images.ppa029sdfjshsjkdhksdhjhdu3.com/system/pc/login/loginBg.png
20.24.81.35 20 kB URL images.ppa029sdfjshsjkdhksdhjhdu3.com/system/pc/login/loginBg.png
IP 20.24.81.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 312 x 234, 8-bit/color RGBA, non-interlaced\012- data
Hash f14a9c8be2d83922e4ae691801825839
7198fc446609a5aea6e916a81c0895f1fc6c6f85
1a020a93ee5dbf562e6ad700e33935e156d1705d1cc42b6574dca17b1ec36e43
GET /system/pc/login/loginBg.png HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:03 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 18 Oct 2016 16:57:42 GMT
ETag: W/"0477fbd6029d21:0"
X-Powered-By: ASP.NET
Expires: Thu, 08 Jun 2023 06:27:03 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Cache-Control: max-age=86400, max-age=315360000000
X-Cache: HIT
Content-Encoding: gzip
aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js
104.110.21.4200 OK 77 kB URL GET HTTP/2 aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js
IP 104.110.21.4:443
Requested by https://320213.com/register?id=32483556
Certificate IssuerDigiCert Inc
Subjectru.aliexpress.com
FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F
ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash a4cff78229e56fde5f28d1999679a1d1
8d8f89aa7d26569337192dce8a12daaa1867bcd4
4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0
GET /AWSC/WebUMID/1.93.0/um.js HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 77333
x-oss-request-id: 6468E5E961623D31397B5535
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2332966527039349753
x-oss-storage-class: Standard
content-md5: pM/3ginlb95fKNGZlnmh0Q==
x-oss-server-time: 20
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1684596201
x-swift-savetime: Sat, 20 May 2023 15:23:29 GMT
x-swift-cachetime: 86392
eagleid: 2ff62c9716845962097947285e
served-from: 47.246.44.230
cache-control: max-age=1069055, s-maxage=86400
expires: Mon, 19 Jun 2023 15:24:39 GMT
date: Wed, 07 Jun 2023 06:27:04 GMT
vary: Accept-Encoding
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 104.110.21.4
X-Firefox-Spdy: h2
320213.com/favicon.ico
20.205.104.140 179 kB IP 20.205.104.140:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (32085), with CRLF, LF line terminators
Size 179 kB (179112 bytes)
Hash da16328d6c716d6d325162e99b06bcfa
d4a958c57ab7ab1b6af748763cb966b881c0c973
b871684c4a5f3fb24d18dbda9ee2626976456f954e4cdd1ec46e634e7a28b2b1
GET /favicon.ico HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:01 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2
320213.com/v1/betting/getServerTimeMillisecond?t=1686119222332
20.205.104.140200 OK 3.4 kB URL GET HTTP/2 320213.com/v1/betting/getServerTimeMillisecond?t=1686119222332
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash affb46bf253dae107cfb0d484c2ed673
0153b25630689db32f3540b3731ef63bf4710131
fe71b78e6fbcbcf7b10ed1bac1ee5303d4e5d66e3e3eb132d2c91a82ebe9958e
GET /v1/betting/getServerTimeMillisecond?t=1686119222332 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
320213.com/static/js/initws.js
20.205.104.140 24 kB URL 320213.com/static/js/initws.js
IP 20.205.104.140:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
Hash f3d1f0195bb6b71bd913d74354a25b23
12046183d2ded57af974c00037d11ffe4bc456fe
466d73f2c07d1fbb7951d6208361c1ce5c59839617df193f4959100147887317
GET /static/js/initws.js HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:00 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-234a"
content-encoding: gzip
X-Firefox-Spdy: h2
images.ppa029sdfjshsjkdhksdhjhdu3.com/game/1578637842482.png
20.24.81.35 371 kB URL images.ppa029sdfjshsjkdhksdhjhdu3.com/game/1578637842482.png
IP 20.24.81.35:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 2990 x 566, 8-bit colormap, non-interlaced\012- data
Size 371 kB (370952 bytes)
Hash a366792ce69457744b882318850cefe2
5b078849d41e40f9d2c6dba6b821a04a9c0c35b9
faa00bbd3a46b12e4205da06089f1f4d489f01ab874caee4cd5d6c9c37203842
GET /game/1578637842482.png HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:03 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 27 Jan 2020 07:29:14 GMT
ETag: W/"0819879e3d4d51:0"
X-Powered-By: ASP.NET
Expires: Thu, 08 Jun 2023 06:27:03 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Cache-Control: max-age=86400, max-age=315360000000
X-Cache: HIT
Content-Encoding: gzip
static.ppa029sdfjshsjkdhksdhjhdu3.com/ico/zghcp.ico
13.75.115.235 1.6 kB URL static.ppa029sdfjshsjkdhksdhjhdu3.com/ico/zghcp.ico
IP 13.75.115.235:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash fbab93a333ba620cc0c53190540c3ae8
ebd68313eac25954b431492428976ae4cb2788ae
d1e12df4932ef28e4bf59ffdfd447abd80501dc9ab2db137d5d1ebe02f449367
GET /ico/zghcp.ico HTTP/1.1
Host: static.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:05 GMT
Content-Type: image/x-icon
Content-Length: 1612
Last-Modified: Wed, 01 Feb 2023 10:29:11 GMT
Connection: keep-alive
ETag: "63da3ef7-64c"
Expires: Fri, 07 Jul 2023 06:27:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
320213.com/static/js/9.980024635cbdb3d7060a.js
20.205.104.140200 OK 21 kB URL GET HTTP/2 320213.com/static/js/9.980024635cbdb3d7060a.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/9.980024635cbdb3d7060a.js HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:02 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-50ce"
content-encoding: gzip
X-Firefox-Spdy: h2
320213.com/v1/management/tenant/getTenantConfig?t=1686119222304
20.205.104.140200 OK 1.7 kB URL GET HTTP/2 320213.com/v1/management/tenant/getTenantConfig?t=1686119222304
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1783), with no line terminators
Hash b8d0e267ea74be8364ab3224d5762e9c
c0272e1ae2890d6a60e1a6bc685987d31cf4cea0
6756aee30e9e82486cf64dfc9a634a51ddb7ff8394c69c0c27638ed7f1ce6958
GET /v1/management/tenant/getTenantConfig?t=1686119222304 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
320213.com/v1/management/content/getIntroductionList?t=1686119222574
20.205.104.140200 OK 815 B URL GET HTTP/2 320213.com/v1/management/content/getIntroductionList?t=1686119222574
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (895), with no line terminators
Hash 4226f01978c327448a1e75a2ffd7d4d8
6c130d82d7845b1066514c836053360b5f487535
7990226ccfcba97419496f59fe5a73b62861427e61d787036b8f6ca9edfd9f92
GET /v1/management/content/getIntroductionList?t=1686119222574 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
320213.com/static/public/layer.m.js
20.205.104.140200 OK 3.1 kB URL GET HTTP/2 320213.com/static/public/layer.m.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (3208), with no line terminators
Hash 38b405624adacadff4fd9955b0248871
11747a1c224e318ad5c0ff75b1a834c362ff471b
7c394e10425cccb4266d17a22fc5e5e783020d64c0c0c1824c283ca7a12969a8
GET /static/public/layer.m.js HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:01 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-c18"
content-encoding: gzip
X-Firefox-Spdy: h2
320213.com/v1/users/announcement/list?t=1686119222575&pageSize=20&pageNum=1
20.205.104.140200 OK 671 B URL GET HTTP/2 320213.com/v1/users/announcement/list?t=1686119222575&pageSize=20&pageNum=1
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (723), with no line terminators
Hash d12435bf2dc0894f60d842e26dc094b3
700c29c3914d32658b010febb2f9ee6d908b7831
2fdfde2ec146585c44024ccc0f278f78e2fe387ea8a568e00e1e171368caba16
GET /v1/users/announcement/list?t=1686119222575&pageSize=20&pageNum=1 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
at.alicdn.com/t/font_2430878_tju82v96qxe.woff2
47.246.44.252200 OK 26 kB URL GET HTTP/2 at.alicdn.com/t/font_2430878_tju82v96qxe.woff2
IP 47.246.44.252:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://320213.com/register?id=32483556
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1
ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 25988, version 1.0\012- data
Hash 3d929f77d857dddcd6066bad750bb277
259fd1976fdb8f8e8d354d32b5e7681e3db01341
92edafbe3372b0e72089ee25f8665470b7ee8d4df2250cb96c159d6c1153dbdd
GET /t/font_2430878_tju82v96qxe.woff2 HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://320213.com
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 25988
date: Sun, 04 Jun 2023 17:15:27 GMT
x-oss-request-id: 647CC6AF59DE0D3933242EE5
vary: Origin
accept-ranges: bytes
etag: "3D929F77D857DDDCD6066BAD750BB277"
last-modified: Fri, 24 Dec 2021 22:12:00 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7241217540761008470
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: PZKfd9hX3dzWBmutdQuydw==
x-oss-server-time: 1
ali-swift-global-savetime: 1685898927
via: cache24.l2us1[0,0,200-0,H], cache3.l2us1[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0]
age: 220296
x-cache: HIT TCP_MEM_HIT dirn:11:309902367
x-swift-savetime: Mon, 05 Jun 2023 07:11:41 GMT
x-swift-cachetime: 31053826
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9c16861192237634913e
X-Firefox-Spdy: h2
320213.com/static/spine-webgl.js
20.205.104.140200 OK 369 kB URL GET HTTP/2 320213.com/static/spine-webgl.js
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
Size 369 kB (368805 bytes)
Hash 5200130e3b8970af6c19b8587f46663b
56f9307ce28cb0a1c0150d92b095760936e83618
ffafc28590239f5f3f134c8bc83753f6c2e5d4ff2d3c775c2ff50afc2a608c13
GET /static/spine-webgl.js HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:01 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-5a0a5"
content-encoding: gzip
X-Firefox-Spdy: h2
320213.com/static/css/app.7df8101d7996.css
20.205.104.140200 OK 164 kB URL GET HTTP/2 320213.com/static/css/app.7df8101d7996.css
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
Size 164 kB (164394 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/css/app.7df8101d7996.css HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:01 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-2822a"
content-encoding: gzip
X-Firefox-Spdy: h2
320213.com/v1/users/announcement/content?t=1686119222892&id=117746
20.205.104.140200 OK 897 B URL GET HTTP/2 320213.com/v1/users/announcement/content?t=1686119222892&id=117746
IP 20.205.104.140:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (803), with no line terminators
Hash c24daa5ed600b98ad26fe8093c0f2a89
4108f7fa6ee629722ff9e494a29cf1165b476e30
11ae9ba8e6cc80c3a44e7e898a8b6c2343a2a8f4757b8a6439c4da5d2a5dc4be
GET /v1/users/announcement/content?t=1686119222892&id=117746 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token:
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2
images.ppa029sdfjshsjkdhksdhjhdu3.com/pro-management/zghcp/1675256697589.png?349677
20.24.81.35200 OK 3.3 kB URL GET HTTP/1.1 images.ppa029sdfjshsjkdhksdhjhdu3.com/pro-management/zghcp/1675256697589.png?349677
IP 20.24.81.35:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://320213.com/register?id=32483556
Certificate IssuerSectigo Limited
Subject*.ppa022cjklwmkksldjuhnb3llc.com
Fingerprint5E:84:56:51:5C:A7:35:6E:52:FF:61:41:60:CB:2C:13:95:97:9F:00
ValidityWed, 07 Sep 2022 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT
File type PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash e073d651a77c0ac5870b927ecd25619e
59696d9aed4351bb0d839201bd188ff65392caf9
01c07b10e80f6a81f0c7c9aa4a6f71a40215cbf5addf3a1522b58bb8f7ee0446
GET /pro-management/zghcp/1675256697589.png?349677 HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:04 GMT
Content-Type: application/octet-stream
Content-Length: 3322
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Wed, 01 Feb 2023 13:01:05 GMT
ETag: "e073d651a77c0ac5870b927ecd25619e"
x-amz-request-id: tx00000000000018d511037-0064802185-10b0-default
Cache-Control: max-age=600