r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11839
Expires: Sat, 28 Jan 2023 07:50:28 GMT
Date: Sat, 28 Jan 2023 04:33:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5487
Expires: Sat, 28 Jan 2023 06:04:36 GMT
Date: Sat, 28 Jan 2023 04:33:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2803
Expires: Sat, 28 Jan 2023 05:19:52 GMT
Date: Sat, 28 Jan 2023 04:33:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 03:35:27 GMT
content-type: application/json
age: 3462
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QsRIKJlttZSlTLP4UiMYlNdGXB1QeZFZjeKxcAjhMPph3mkhYNscaUN/if6Dwzuflizl7FbwGsA=
x-amz-request-id: RM28G3D18P2CZ3T2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 04:20:50 GMT
age: 739
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.gamespubg.com/index.php
154.80.134.13200 OK 531 B URL HTTP/1.1 www.gamespubg.com/index.php
IP 154.80.134.13:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (608), with CRLF line terminators
Hash f25f16e9ac050e2fc72b8cf2552a4993
1538513cbb8b5861fd25b7132766bee734007b21
97c734c6707119ee88526f5e850758004f8e5bb21fe9bd288a7349788ef6bd64
Analyzer Verdict Alert fortinet Phishing
GET /index.php HTTP/1.1
Host: www.gamespubg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:33:09 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.gamespubg.com/tj.js
154.80.134.13200 OK 258 B IP 154.80.134.13:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type ASCII text, with CRLF line terminators
Hash 6e5e0ad3a931ea1a9dec70d5074c5ec5
5242da74eb9855a58a00621fdf46727d6bd4b537
d54a118a5b964eae0b9e6d6d82d1bb4312a455ca8306ec21d5d0d5b940ec856d
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.gamespubg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gamespubg.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:10 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.gamespubg.com/common.js
154.80.134.13200 OK 561 B URL HTTP/1.1 www.gamespubg.com/common.js
IP 154.80.134.13:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type ASCII text, with very long lines (499), with CRLF line terminators
Hash 662e939e121a3cce98599dc59d84fd2f
472182b5bdc26dbf21b7961fd1b7d3418d0477cd
bc72633572176b3cf1f92678b05b60f466d7bee8c0c5282877ddfb1dbc705193
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.gamespubg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gamespubg.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:10 GMT
Content-Type: application/x-javascript
Content-Length: 561
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 03:41:40 GMT
age: 3090
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6360
Expires: Sat, 28 Jan 2023 06:19:10 GMT
Date: Sat, 28 Jan 2023 04:33:10 GMT
Connection: keep-alive
www.gamespubg.com/favicon.ico
154.80.134.13200 OK 1.2 kB URL HTTP/1.1 www.gamespubg.com/favicon.ico
IP 154.80.134.13:0
ASN #134175 UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.gamespubg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gamespubg.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:10 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 02 Feb 2023 04:33:10 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash e562f5065632c8150d59dfe43f82fcba
181e7d53b9b492f4b88e663b29230acb9aba7b91
60d34ccc637c56c4d1776c56eb24d05d235f381b78c130b53fe96a8a4870e9fa
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 03:16:43 GMT
ETag: "181e7d53b9b492f4b88e663b29230acb9aba7b91"
Last-Modified: Sat, 28 Jan 2023 03:16:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1228
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907022b6a52b4e8-OSL
push.services.mozilla.com/
52.40.179.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.179.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ayG6cJV8GebmYm0qgwz7IA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zcuUN4PhFFP2Whe6qLq0xz4NwPg=
adx.ytai7.top/
122.10.14.247200 OK 191 B IP 122.10.14.247:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 6fb55246d414e63501817bfcb0636303
27757a3287d4108730ab6549d378cede7aec606f
d16f39b0b211331bcdd5668a10b0320cd128b96f31c784e1e9e89f929ed245a7
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: adx.ytai7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gamespubg.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 10:57:59 GMT
Accept-Ranges: bytes
ETag: "96f930e63d27d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 04:33:10 GMT
Content-Length: 191
pky.ytmv5.top/
122.10.49.246200 OK 194 B IP 122.10.49.246:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 07aa4fcf7e48faafc24ec9387f70f538
7dbc67cc472aaaadf064bf28b73ae24e1a5629cb
35422fe0c71b87c8fa3658a84bc9c4e68a15fd143013f954582b75386846f22a
GET / HTTP/1.1
Host: pky.ytmv5.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adx.ytai7.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 28 Jan 2023 04:28:17 GMT
Accept-Ranges: bytes
ETag: W/"75d7eaf1d032d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 28 Jan 2023 04:33:15 GMT
Content-Length: 194
hm.baidu.com/hm.js?526f52c28c56b2c002cefe3723939904
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?526f52c28c56b2c002cefe3723939904
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 11c6a04ed389c826849abd77fcd9cf07
cb912e1a1af57d97fc0b386cda83e29352985fbf
ddc0ef1e6aa4452387f2ac5aec2405303603d9158322775c9edb4010fec50e10
GET /hm.js?526f52c28c56b2c002cefe3723939904 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gamespubg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 04:33:11 GMT
Etag: 311204888703a287d29d39cd434462a7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=71422125E9B21493; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2176
Expires: Sat, 28 Jan 2023 05:09:28 GMT
Date: Sat, 28 Jan 2023 04:33:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2176
Expires: Sat, 28 Jan 2023 05:09:28 GMT
Date: Sat, 28 Jan 2023 04:33:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c808e0-eda9-4074-b1ed-65637dbd4ba9.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c808e0-eda9-4074-b1ed-65637dbd4ba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 940946e65210c717266c3a64751f1b72
f0e66aeef0c72865d565f48b563f66a184b758a9
1d031b8a530a1e6d84d79fae891f023e1ab7646596c00c57d83cfffce1f6fdf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c808e0-eda9-4074-b1ed-65637dbd4ba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5742
x-amzn-requestid: b22fd8a5-eefc-494e-a304-75b69eef069d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPFr2GsdoAMFpqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8318-69b5e7c726fa92134d08c775;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:04:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBpEdVPmvtXlsyGTvZCkIahK7_Ivhq4yswhw23ixIOH1zlgWPyLH9Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 01:14:42 GMT
age: 11910
etag: "f0e66aeef0c72865d565f48b563f66a184b758a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: baf2eddf-03cc-4af7-b799-c2c68b90d7a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUf4sFUYoAMFg6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1ad04-696c5dd015428f7429a5ccec;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 22:28:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dI2BG_eOmY3zIev7w_cnkk-Cy3nkXPmxA2o6htVQzaFGJfl0g6Q_iw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 16:14:27 GMT
age: 44325
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d04b173ecc22c619998bda87a8f9ce70
9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5
c30fbd2807e36b637bd1382a955c34abb4fe88b99173692530d288fff0986896
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8739
x-amzn-requestid: 77241ca1-d7d1-4133-bc06-e89a8db93aef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbANlFiSoAMFrcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44723-0b07156624f03d47665f2d4f;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9ZePVrD3oL-ImiMCCYYfuUbQ8l09Q-9F91cFRgSgFG2poVC5Ww4JaQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:57:22 GMT
age: 23750
etag: "9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 23786
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d1a1e953f3f857726f15465313d082e5
1962e632f29d87d4f5455a29aa096eea057e15c0
a5b193f6de91c69c9e554f75dfa4a00f9cb8c47a26fdca61ed03ffe1dce7cc87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7637
x-amzn-requestid: f22c88bd-1eb9-47fa-aab1-95108b540f35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-D3HN1oAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b2-05068ae37469a90c2355b4ec;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 03aXePxD_sCOwoLYYvykhq0YDOjyTtuoljGYXU_7Wsue1dO-b7gnuw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:43 GMT
age: 23849
etag: "1962e632f29d87d4f5455a29aa096eea057e15c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2881cea3ae511d3dfd2f6b7cd598a4e
105d8d675aaafce5602e4015aee2d1659553d1b1
0993ef71c2af9e07ed09e0e2ba40a4d9fdd01444154c2f39f8fc48a4dfef1730
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10863
x-amzn-requestid: db873091-be76-4276-aa3e-f9bd44051508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbAMbHCMoAMFsYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4471c-57f14d6a3ebcc8a1788bae80;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00zN6NcdSHaq-4mWQeizXw9SDgUZJOFnB_6dTo6skjlytfBuz8ud3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:57:22 GMT
age: 23750
etag: "105d8d675aaafce5602e4015aee2d1659553d1b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=986956105&si=526f52c28c56b2c002cefe3723939904&v=1.3.0&lv=1&sn=2398&r=0&ww=1280&u=http%3A%2F%2Fwww.gamespubg.com%2Findex.php&tt=%E9%95%BF%E8%91%9B%E9%80%80%E8%B0%B4%E9%9B%86%E5%9B%A2%E6%9C%89%E9%99%90%E8%B4%A3%E4%BB%BB%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=986956105&si=526f52c28c56b2c002cefe3723939904&v=1.3.0&lv=1&sn=2398&r=0&ww=1280&u=http%3A%2F%2Fwww.gamespubg.com%2Findex.php&tt=%E9%95%BF%E8%91%9B%E9%80%80%E8%B0%B4%E9%9B%86%E5%9B%A2%E6%9C%89%E9%99%90%E8%B4%A3%E4%BB%BB%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=986956105&si=526f52c28c56b2c002cefe3723939904&v=1.3.0&lv=1&sn=2398&r=0&ww=1280&u=http%3A%2F%2Fwww.gamespubg.com%2Findex.php&tt=%E9%95%BF%E8%91%9B%E9%80%80%E8%B0%B4%E9%9B%86%E5%9B%A2%E6%9C%89%E9%99%90%E8%B4%A3%E4%BB%BB%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gamespubg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 04:33:12 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CC855E5228A6331F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
yf5.ytvw7.top/
122.10.19.172200 OK 6.8 kB IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (365), with CRLF line terminators
Hash deffebd03844696de303027c674a8cc9
734b2e56f42c642c85b64214c935c3e247755a15
89aa99c5229318d7ba1c8b67cb582fe0fa63525f5f8976d17d55f9145e597ea4
GET / HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pky.ytmv5.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=9jq6jsr9lguo0b5tg8vmke4o9a; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
yf5.ytvw7.top/static/js/jquery.lazyload.js
122.10.19.172200 OK 744 B URL HTTP/1.1 yf5.ytvw7.top/static/js/jquery.lazyload.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2230)
Hash 6348619cde36c75bca818e8ac92837ac
f7fe9d84289deda6cd3e182ba5e744c8bc442c4f
c02b12be56711ac7752e9f4842b0b1bd3689fe5f357ed2eca198d8f5c0715d9e
GET /static/js/jquery.lazyload.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-8b8"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/static/js/jquery.autocomplete.js
122.10.19.172200 OK 6.3 kB URL HTTP/1.1 yf5.ytvw7.top/static/js/jquery.autocomplete.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 017ab50786774a4a7fae3a5bc3d7ffbd
e49fa45c10bf04810f6fceb896c35042c88417f6
fd1ec0a20c8c5f196840fc9c2e29decf3889f183fa0f566977454d9956e2a4ba
GET /static/js/jquery.autocomplete.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-6215"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/static/js/jquery.js
122.10.19.172200 OK 37 kB URL HTTP/1.1 yf5.ytvw7.top/static/js/jquery.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
GET /static/js/jquery.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-169d5"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/static/js/home.js
122.10.19.172200 OK 10 kB URL HTTP/1.1 yf5.ytvw7.top/static/js/home.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators
Hash cf27875c07ac1742b6554d5c6369812f
d7a01a40e5144cdcd36a8588cbb929e317019a78
a558013b5c70dc000814a5045bd1988aec1ce0552617fbb38f3349b923119440
GET /static/js/home.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Apr 2020 14:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ea83d74-994e"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/template/m1938pc/static/css/layer.css
122.10.19.172200 OK 1.4 kB URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/static/css/layer.css
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 (with BOM) text, with very long lines (5261), with no line terminators
Hash 1ecab368d900dfeb45c936a58b1199d2
787f95478788ae15a6724648a3d6e4cdaa1822d7
d1f5386addc2e6a5b22fc448e04f81f521e89630660ec1577c63e694352a7cb2
GET /template/m1938pc/static/css/layer.css HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Dec 2021 08:05:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61b9a1bf-1492"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/template/m1938pc/static/css/home.css
122.10.19.172200 OK 7.2 kB URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/static/css/home.css
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 08bf712abd56c10c5eae65e2adcc96fa
e9836eb37ab60bc494e396fc74e5a99ebe327c32
ad22df0d2d45f85ec1de2b146fa997ba8151a61e44023ecd51a3ffe660fa4af4
GET /template/m1938pc/static/css/home.css HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Dec 2021 12:40:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61b9e230-a392"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/template/m1938pc/ads/shanghf.js
122.10.19.172200 OK 1.3 kB URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/ads/shanghf.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 812901dc17a47400a1cf41bbaf1c477f
9d4f66026d6137d93a52d198d22fab881df04dd9
78c1c96febaf3ea2334faa955392e16a686a893fb7b93d61977eb28d43a1e2ca
GET /template/m1938pc/ads/shanghf.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: application/javascript
Last-Modified: Thu, 19 Jan 2023 14:59:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c95ae6-21f0"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/template/m1938pc/ads/dh.js
122.10.19.172200 OK 1.4 kB URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/ads/dh.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 2ef2e67e8f894672b139e2ffb6e49b91
afa3bdf9141cc3b0815e087c2b305f5dbadca86d
e86fc8fc2435841b2a6186f28b8ed2e7e4d2350cda1a6d8ebe8a3c6a23c49ef8
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 09:15:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ca5bc3-2d12"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
yf5.ytvw7.top/template/m1938pc/static/css/styles.css
122.10.19.172200 OK 20 kB URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/static/css/styles.css
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (2135), with CRLF line terminators
Hash b1c07819ca6b0512ecc82e601c8ca003
971b6684cc252b541f1f1b8726aaa34ff7124e7b
ccde075256e9771c24692aa5f54f937bb7f1c015f888d109524eaa0c5a102dd9
GET /template/m1938pc/static/css/styles.css HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: text/css
Last-Modified: Thu, 16 Dec 2021 05:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61bacb52-17cd2"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/template/m1938pc/ads/77.js
122.10.19.172200 OK 575 B URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/ads/77.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash c75b52ccbb1eec493abf87d54cde3fec
ac491640e132be31438e347aef66badc7b61e46d
c0e4a12f139a02b3b2b5c996faabeef4e6d763c382752162be04508a610e6c50
GET /template/m1938pc/ads/77.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Jan 2023 04:06:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d34dc9-452"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/template/m1938pc/ads/dibuhf.js
122.10.19.172200 OK 405 B URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/ads/dibuhf.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 977b14eac95a74c1b3b34030c36e52e5
ea3f936d7a022b60c04dc5ae9ec62908222f88fc
ce0c68c54301f3408092c8a502bab43535249c9779ca4152c64b7ccd905bf01b
GET /template/m1938pc/ads/dibuhf.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 09:16:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63ca5bea-46a"
Expires: Sat, 28 Jan 2023 16:33:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
yf5.ytvw7.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
yf5.ytvw7.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 04:33:14 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
yf5.ytvw7.top/template/m1938pc/static/fonts/f1d752b16d6b4a78871e7ed63ffdddb4.woff
122.10.19.172200 OK 194 kB URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/static/fonts/f1d752b16d6b4a78871e7ed63ffdddb4.woff
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size 194 kB (193452 bytes)
Hash 7e4676a929e4897200b2cc6decbdbaef
d472a97057a6f012711fa01fb81ee37745075590
0d185013f6f00ad3e9b06a7a7ba7c29ed5bc500db689320c2a06f0faedd86b18
GET /template/m1938pc/static/fonts/f1d752b16d6b4a78871e7ed63ffdddb4.woff HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://yf5.ytvw7.top/template/m1938pc/static/css/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:13 GMT
Content-Type: font/woff
Content-Length: 193452
Last-Modified: Wed, 15 Dec 2021 08:05:35 GMT
Connection: keep-alive
ETag: "61b9a1cf-2f3ac"
Accept-Ranges: bytes
yf5.ytvw7.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 04:33:14 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
yf5.ytvw7.top/template/m1938pc/static/fonts/iconfont.fa27ec7fe2f9d852bf7c-15.woff
122.10.19.172200 OK 548 B URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/static/fonts/iconfont.fa27ec7fe2f9d852bf7c-15.woff
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /template/m1938pc/static/fonts/iconfont.fa27ec7fe2f9d852bf7c-15.woff HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://yf5.ytvw7.top/template/m1938pc/static/css/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:14 GMT
Content-Type: font/woff
Content-Length: 548
Last-Modified: Wed, 15 Dec 2021 08:06:29 GMT
Connection: keep-alive
ETag: "61b9a205-224"
Accept-Ranges: bytes
yf5.ytvw7.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 04:33:14 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
yf5.ytvw7.top/template/m1938pc/static/fonts/iconfont.2bf44c243e7df0a70044-15.ttf
122.10.19.172200 OK 548 B URL HTTP/1.1 yf5.ytvw7.top/template/m1938pc/static/fonts/iconfont.2bf44c243e7df0a70044-15.ttf
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /template/m1938pc/static/fonts/iconfont.2bf44c243e7df0a70044-15.ttf HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/template/m1938pc/static/css/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 04:33:14 GMT
Content-Type: application/octet-stream
Content-Length: 548
Last-Modified: Wed, 15 Dec 2021 08:07:13 GMT
Connection: keep-alive
ETag: "61b9a231-224"
Accept-Ranges: bytes
yf5.ytvw7.top/cssadmin/tongji.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 yf5.ytvw7.top/cssadmin/tongji.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /cssadmin/tongji.js HTTP/1.1
Host: yf5.ytvw7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 04:33:14 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
u25011.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.127200 OK 864 kB URL HTTP/2 u25011.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.127:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: u25011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
date: Fri, 27 Jan 2023 21:10:21 GMT
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 20bb709a751569d186bca51c132b4c86.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9K7CHGRxi2FEoaSqEi_zy349CPKcG9IdSZUySqVz2DyqgThhm3Es8w==
age: 26574
X-Firefox-Spdy: h2
u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
13.227.254.86200 OK 288 kB URL HTTP/2 u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP 13.227.254.86:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 288 kB (288397 bytes)
Hash e17bb688cfdae836ea866c47e92a022a
d748bb7b13696141ba768280a21d3dac482e3a0c
cb9affdc029bd6deb908ab9786fad62113c4ba28d2e9a8926cbed0c5e2c2aa6a
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: u22055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 288397
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 24 Dec 2022 08:23:21 GMT
etag: "e17bb688cfdae836ea866c47e92a022a"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 322d4a6b5dc93fed92dc98b4eacf25ca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: C05y_JsbPUQef5qjzeex5-MIl2MURcVciAGc6Tg9I-u5g0pmzk5Ueg==
age: 1543268
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 9b731d89db5b34948bbdb77d234388b7
633a3970703084d43eb705129f6f3e50ee11b7fb
3afbc02e496edc8c56f0f7de6875fa051f33c9687d5990812ac902cbd903a9e7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 03:14:30 GMT
ETag: "633a3970703084d43eb705129f6f3e50ee11b7fb"
Last-Modified: Sat, 28 Jan 2023 03:14:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1434
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790702478c7bb4f3-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e74596189d30f2253b9baa33bbc9a052
fc98bce6fe66948f6003e4eaebb215fa2486f8ce
d8ae02fa60f06df48729e455833d9ea044f291dff2dfb265423b741c0749c987
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8AE02FA60F06DF48729E455833D9EA044F291DFF2DFB265423B741C0749C987"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8747
Expires: Sat, 28 Jan 2023 06:59:02 GMT
Date: Sat, 28 Jan 2023 04:33:15 GMT
Connection: keep-alive
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 04dce6823513debecd28b57f1c426847
e984a4b57ab469c45ca19a60e0d22fd66547c60a
9e6954e914eb9975d8d0cf1bb0e520d840da3210e1a21903342d808d9999c348
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135627
Date: Sat, 28 Jan 2023 04:33:15 GMT
Etag: "63d408f1-1d7"
Expires: Sun, 29 Jan 2023 18:13:42 GMT
Last-Modified: Fri, 27 Jan 2023 17:25:05 GMT
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: g82WLwrVplNMwYD1U5BjFs8BKq20wpLdwSJgoJE_qjxMaJUUxgirew==
Age: 2917
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 171c48aabf5b99a69bb1bef484f98fbb
f5f37d0e956bbe43b410d2bc41fd0669037797f6
42bd17bc4aca6b138a3ad0f5f78f114fbc28018a781e4da04b86b5e4728d2699
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149595
Date: Sat, 28 Jan 2023 04:33:15 GMT
Etag: "63d44ae6-1d7"
Expires: Sun, 29 Jan 2023 22:06:30 GMT
Last-Modified: Fri, 27 Jan 2023 22:06:30 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ovs849KrARPTeg7jdtLvjN6SJ1kl519o6stXKHR9CDcIz8dGO0iOkg==
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 519fdcffbb86649e1fe0fc2efbf7dd89
fbddcccfe4952d6cf77f4e7743b358d3e929904a
3e0901e09f79eb36833e88bdd0b88b788db71fc424d426bbacb033691c33a349
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 03:57:28 GMT
ETag: "fbddcccfe4952d6cf77f4e7743b358d3e929904a"
Last-Modified: Sat, 28 Jan 2023 03:57:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790702478cd9b4fd-OSL
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 0fa889ec3a4ee37d218e30db71cb0928
4fe8aae077883608cba5db9e60f7879e250d25c7
4d37f84574670745dbf2923117b4e21bd6452359a087d2cad13dae89a504c41f
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 04:33:15 GMT
Etag: e59847fd99251f6a0af1240e52ac1fbd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=805934D99A8A134A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?d8989362584b5b1658654f26eff6b689
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d8989362584b5b1658654f26eff6b689
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 85a6c2538d198d46b02e3aaf1ccc7aff
b23ae1d77abba32adbae4b5261a6ad5aa5c6b56d
d6bbad522516ad3a70357b3f1ed7766e2ff34e1a581d116c5fd27c05f649ab0e
GET /hm.js?d8989362584b5b1658654f26eff6b689 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 04:33:15 GMT
Etag: 3f779f9196865ab474711d1e381d666a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6B99F15F88603F5C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 519fdcffbb86649e1fe0fc2efbf7dd89
fbddcccfe4952d6cf77f4e7743b358d3e929904a
3e0901e09f79eb36833e88bdd0b88b788db71fc424d426bbacb033691c33a349
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 01 Feb 2023 03:57:28 GMT
ETag: "fbddcccfe4952d6cf77f4e7743b358d3e929904a"
Last-Modified: Sat, 28 Jan 2023 03:57:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790702480cc3b4f3-OSL
dimg04.c-ctrip.com/images/0102y12000abt01aa9FED.gif
104.110.17.24200 OK 121 kB URL HTTP/2 dimg04.c-ctrip.com/images/0102y12000abt01aa9FED.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 121 kB (120581 bytes)
Hash df98d05eafcc98d4a8beb8fdaea33d7b
e2fe0e1248eee770d0160151fd5d15822a5a9058
6c9bfee3b3175e72068b00c27a767920960a51080930ba550da900debc25d311
GET /images/0102y12000abt01aa9FED.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 120581
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5060188
expires: Mon, 27 Mar 2023 18:09:43 GMT
date: Sat, 28 Jan 2023 04:33:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101u12000afi1qkd7430.gif
104.110.17.24200 OK 471 kB URL HTTP/2 dimg04.c-ctrip.com/images/0101u12000afi1qkd7430.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 471 kB (471292 bytes)
Hash 5607cae5276d831657c9656d79a91056
984aef4f0ae0adcc6c1b95d07244a379a263c368
da1d86fc792d6db5a69c57bcc83670c0db02bd9d70e190b8b9f55a474f5442df
GET /images/0101u12000afi1qkd7430.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 471292
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6494350
expires: Thu, 13 Apr 2023 08:32:25 GMT
date: Sat, 28 Jan 2023 04:33:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 7d66d3bf367eccabf9c732934dd99fd7
f04fdcace7102e7b80a2683b83a1f44ff0498213
a043fcd48cbfa8f177ab23aa5a1be3f4c3e4f973c1b8daedc981b78f6e254e4d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170466
Date: Sat, 28 Jan 2023 04:33:15 GMT
Etag: "63d48e79-1d7"
Expires: Mon, 30 Jan 2023 03:54:21 GMT
Last-Modified: Sat, 28 Jan 2023 02:54:49 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EyIoo4nOtm-97D0WuOXXjsBJhQ5fKo845odwgg_vH1TnouZwBmB_hQ==
Age: 3572
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1c8854d6e51a0e96bd4218b8993c008c
027d98f03831ac902b8513d63c930b2f5109394d
da20e1241ba4e2cbe6dffe4905aaeacb7df063abafbd17ebee3b7fd87e13e298
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA20E1241BA4E2CBE6DFFE4905AAEACB7DF063ABAFBD17EBEE3B7FD87E13E298"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15450
Expires: Sat, 28 Jan 2023 08:50:45 GMT
Date: Sat, 28 Jan 2023 04:33:15 GMT
Connection: keep-alive
u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
13.227.254.92200 OK 396 kB URL HTTP/2 u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP 13.227.254.92:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 396 kB (395600 bytes)
Hash 5155d4f34bc2f7e77b9fe8e854d9e96f
408ed373dd26d934ee70f30b0e47a9dc8049983f
db9f393331e2d56fe7da37b7822590b82524e2dde508848299877daeae1df3be
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: u22088.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RBgTw3vCBOXu6o9KJI3UQC2zqoLJJtOy_OwRMpBYAIWu2CN4QDfxYg==
age: 1543269
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 731697d02377035ac18cd27a68e5f8d2
ab89e1ab06a14201795df11dd4db7a61f2c89292
ac4824084323660bb2ae17b4f36b955aa832d21f2be994f77a965103ee37c0a3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:39:06 GMT
Expires: Wed, 01 Feb 2023 15:39:05 GMT
Etag: "ab89e1ab06a14201795df11dd4db7a61f2c89292"
Cache-Control: max-age=384949,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79070248dbad1c06-OSL
hlggimg.com/1023/640_200_2.gif
172.247.80.59200 OK 67 kB URL HTTP/2 hlggimg.com/1023/640_200_2.gif
IP 172.247.80.59:0
File type GIF image data, version 89a, 640 x 200\012- data
Hash 3d428957baf4858b9fa51159eed760b8
9bedac19dab8eaa07f1fa834a07b605bba8aa580
6525a61e3d6e20e3c5af390648c7f498e8c9deb969b28bb24d97f71277e2a414
GET /1023/640_200_2.gif HTTP/1.1
Host: hlggimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 04:33:15 GMT
content-type: image/gif
content-length: 66992
last-modified: Sun, 23 Oct 2022 14:56:58 GMT
etag: "6355563a-105b0"
expires: Sun, 26 Feb 2023 10:24:24 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash cc9a8379b1d89017159c8ea02217f48e
80894297e136888e39e228c2fba5d30d6932859d
47dfe96865168f6994fcbd96c6aa242b090a70561c2db96780ff3e40a6e2b738
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:45:21 GMT
Expires: Wed, 01 Feb 2023 13:45:20 GMT
Etag: "80894297e136888e39e228c2fba5d30d6932859d"
Cache-Control: max-age=378124,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7907024a3bf41c06-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 9b5d2a601fe1d5eae256e9077a609b17
1538b1734d68fd64c7b24bcb7391df7fcd8c6169
2db63c72d326d5f0acda181844e061de8e03fdc899a3c678c5003812fb0e5602
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=155741
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:33:15 GMT
Etag: "63d462e8-2d7"
Expires: Sun, 29 Jan 2023 23:48:56 GMT
Last-Modified: Fri, 27 Jan 2023 23:48:56 GMT
Server: nginx
Content-Length: 727
u22088.com/8e089c8e4c324c8bc1a08f5fe77e5165.gif
13.227.254.92200 OK 293 kB URL HTTP/2 u22088.com/8e089c8e4c324c8bc1a08f5fe77e5165.gif
IP 13.227.254.92:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 293 kB (292555 bytes)
Hash f6f0bb4a97a38572c3525a718b3b71e6
085dfa8c21aa72bd6ba99a9cc348faaf6d67cb8f
4543d34b4055aed3dd9aaef2f598e211341547a238db3e8d88c060c511e83975
GET /8e089c8e4c324c8bc1a08f5fe77e5165.gif HTTP/1.1
Host: u22088.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 292555
date: Mon, 16 Jan 2023 05:14:10 GMT
last-modified: Fri, 13 Jan 2023 11:20:08 GMT
etag: "f6f0bb4a97a38572c3525a718b3b71e6"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: H0jn2Q6tD-Rj3O7jif3vMsOWrTzrX34K_-O814zd8Ufa20L_bVHBnw==
age: 1034346
X-Firefox-Spdy: h2
p3.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/7558099dc34b48e792b26c791c0d1791~noop.image
47.246.44.227200 OK 126 kB URL HTTP/2 p3.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/7558099dc34b48e792b26c791c0d1791~noop.image
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 500 x 280\012- data
Size 126 kB (125587 bytes)
Hash 29930865c2e520335eec8f890fda0c9c
25b9fc28d5003d87ad4914cfee4cfa11854b08df
d1c26c69e700aeb970018e324e530fe9d1f8e0996dede9ac2ca4a47e05abf662
GET /img/tos-cn-i-siecs4i2o7/7558099dc34b48e792b26c791c0d1791~noop.image HTTP/1.1
Host: p3.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 125587
date: Fri, 19 Aug 2022 21:16:47 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 19 Aug 2022 10:04:04 GMT
nw-session-id: 20220819180404010210042050347E065C5gpds02la
nw-session-trace: 2022-08-19T18:04:04.461428434+08:00 108
x-bdcdn-cache-status: TCP_HIT
x-length: 125587
x-powered-by: ImageX
x-response-date: Fri, 19 Aug 2022 18:04:04 GMT
x-tt-logid: 20220819180404010210042050347E065C
via: n150-054-026, cache16.l2de2[0,11,200-0,H], cache25.l2de2[12,0], cache25.l2de2[12,0], cache8.se1[0,0,200-0,H], cache8.se1[2,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 010a28e97b7060d4afb8037abacbeb6eba847e2093358076bae38d12c7a3b65f779f207f5d9166980008d9c0a789d499d8107d0d509e615cf755f880441e814bc1447ea0ff4634d2dfecd15a9868e42679563115fbe87ad4a91e05f4204cf1bf8f
x-response-lb: image
ali-swift-global-savetime: 1660943807
age: 13936588
x-cache: HIT TCP_MEM_HIT dirn:4:413668137
x-swift-savetime: Wed, 31 Aug 2022 16:31:20 GMT
x-swift-cachetime: 30516327
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16748803959373410e
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash feb2b192102a550236cbeb7a85f97d44
d2e30846e721c48214127756f2ca55d95f7401a2
38189119e1751c882b94026a2f96721ddd3df66c8c9f307cea66a3b48758019e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38189119E1751C882B94026A2F96721DDD3DF66C8C9F307CEA66A3B48758019E"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5472
Expires: Sat, 28 Jan 2023 06:04:28 GMT
Date: Sat, 28 Jan 2023 04:33:16 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=849664593&si=d8989362584b5b1658654f26eff6b689&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2402&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=849664593&si=d8989362584b5b1658654f26eff6b689&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2402&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=849664593&si=d8989362584b5b1658654f26eff6b689&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2402&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 04:33:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1E527BE430CF2A70; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1041608638&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2402&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1041608638&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2402&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1041608638&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2402&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 04:33:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CABE1CD186582713; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 71a6ad7bd571e553b87c5e7beaa6bbb9
d04dcd4e2f730ce9ded1fac39f09f25557188d2f
31e7b83527052580d98bf79ae2ca0c3111ab157b5100819c2be64c2cd8356570
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 17:13:01 GMT
Expires: Wed, 01 Feb 2023 17:13:00 GMT
Etag: "d04dcd4e2f730ce9ded1fac39f09f25557188d2f"
Cache-Control: max-age=390583,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790702479a28b523-OSL
hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 28e0c299965ac578451f7a3a313b73d3
18b9ac5d5a6c1b0db30f3b5a2df43e05245acb83
05aaee43f9d288bf7791e526538417901cdcd194f584612deef496c751a54b3c
GET /hm.js?6cdc9a2253c9e58f82eb10fc564d352b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 04:33:15 GMT
Etag: e44a24fb9523b840ea9a7c5a5540d5f3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8FB3CB32638FB407; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 71a6ad7bd571e553b87c5e7beaa6bbb9
d04dcd4e2f730ce9ded1fac39f09f25557188d2f
31e7b83527052580d98bf79ae2ca0c3111ab157b5100819c2be64c2cd8356570
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 17:13:01 GMT
Expires: Wed, 01 Feb 2023 17:13:00 GMT
Etag: "d04dcd4e2f730ce9ded1fac39f09f25557188d2f"
Cache-Control: max-age=390583,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79070247dd9afac0-OSL
p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
211.152.148.84200 OK 1.1 MB URL HTTP/2 p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
IP 211.152.148.84:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 1.1 MB (1086086 bytes)
Hash fe1357abf524bc560d11e4af8beddaf9
175486b7fa4830246014f760a759f4aacf460b7c
fac07ee4c01eab6eeb7c10dbaca74fbfde9a4dbfc0fa88325cf32ecdc405603a
GET /dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif HTTP/1.1
Host: p1.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 04:33:15 GMT
content-type: image/gif
content-length: 1086086
server: NWS_Oversea_AP
cache-control: max-age=5184000
expires: Wed, 29 Mar 2023 04:33:15 GMT
last-modified: Tue, 07 Mar 2023 08:18:57 GMT
x-nws-log-uuid: 360c4662-9545-4194-acde-b5cc5166707d
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-cache-lookup: Hit From Disktank3
x-nws-uuid-verify: 15e43310eacc637d4ebc3013fed5c61a
m-traceid: kaiwwg7g47cexjt8s7rc
age: 546637
timing-allow-origin: *
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?f60217089b1da6d1d44680872fcaac43
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f60217089b1da6d1d44680872fcaac43
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 219943eccd45158c841da34b2ad6edea
7c2ed3d2db00986f4261c82b468eb5b870c9a3f8
f08ba83c3e5a7adc56af10c59a323c241dd4fcaa6ade802e1686daa0efbc828e
GET /hm.js?f60217089b1da6d1d44680872fcaac43 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Sat, 28 Jan 2023 04:33:15 GMT
Etag: 2b0b2db65f8ec6362fd6775776589c55
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9C0CBD8290074EFA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
u1022.com/cf8c8be1fbe748b3ab05c1896bde8d0b.gif
103.170.15.56200 OK 275 kB URL HTTP/2 u1022.com/cf8c8be1fbe748b3ab05c1896bde8d0b.gif
IP 103.170.15.56:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 275 kB (275446 bytes)
Hash 70c0e3b780542b0ba8634822528674c1
18ff79341d6854d6c841618bc108233fb064b9c2
de2918f8ea0639a91d608b506207f16cc973559eb143eb711601ba50e14ef2bc
GET /cf8c8be1fbe748b3ab05c1896bde8d0b.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63bae198-433f6"
server: nginx
date: Wed, 25 Jan 2023 19:15:36 GMT
content-type: image/gif
last-modified: Sun, 08 Jan 2023 15:30:32 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-46
content-length: 275446
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230126-1/4a9c8c03c2f2c0447d50dc476ee88427.jpg
23.224.136.188200 OK 182 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230126-1/4a9c8c03c2f2c0447d50dc476ee88427.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x541, components 3\012- data
Size 182 kB (181813 bytes)
Hash 05635eb5d18bc2adbe10595dc326de4f
d494e7d274b5e6f886392ff34bf7ef1f46f5c7ba
675ca8757f2c55a1e59b7e2f8f96ed1c795fb64cc6a9f9b86c00f1a0d680574e
GET /upload/vod/20230126-1/4a9c8c03c2f2c0447d50dc476ee88427.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 181813
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 17:32:22 GMT
ETag: "63d167a6-2c635"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230127-1/3125fa6ed2585e3ad240086e94080856.jpg
23.224.136.188200 OK 178 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/3125fa6ed2585e3ad240086e94080856.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 178 kB (178489 bytes)
Hash 91441c1762d28d25d572b710933e1a19
681c21ad7e34d61087c6d86d83a0a637ef0d4092
92dd518d5bd8420b402860e6a41ee0066f5d986b25b368dae03e09dc0e106c6a
GET /upload/vod/20230127-1/3125fa6ed2585e3ad240086e94080856.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 178489
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:25:01 GMT
ETag: "63d3440d-2b939"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230127-1/b5d89acf6ab9ed3d258176aba8c6cfc7.jpg
23.224.136.188200 OK 187 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/b5d89acf6ab9ed3d258176aba8c6cfc7.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x537, components 3\012- data
Size 187 kB (186801 bytes)
Hash c63b0be0bd46a20f5e32ff56486b4e9f
c59265d429ae8a40719d4156919fa1e83228806d
703b62322ceffc55cca836e14c9e62e99efb7562d2e5575cbee49ca5b4de44ff
GET /upload/vod/20230127-1/b5d89acf6ab9ed3d258176aba8c6cfc7.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 186801
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:24:55 GMT
ETag: "63d34407-2d9b1"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230127-1/69ba4fb986e85dc848a71e4f4c65d51c.jpg
23.224.136.188200 OK 155 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/69ba4fb986e85dc848a71e4f4c65d51c.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x535, components 3\012- data
Size 155 kB (155422 bytes)
Hash c60c7951f94f3aa95676818df62daee6
e416efaa6df4d29ca2636d0daae80b784d6776ce
b47dc6c32a64898d1cfa559bf9d0c75b5ee8b58b73852176a7f08f87fbf82dcb
GET /upload/vod/20230127-1/69ba4fb986e85dc848a71e4f4c65d51c.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 155422
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:24:54 GMT
ETag: "63d34406-25f1e"
Accept-Ranges: bytes
5199qq.com/c01be6ba19f9425fb2464fa5f2150411.gif
45.61.212.217200 OK 378 kB URL HTTP/1.1 5199qq.com/c01be6ba19f9425fb2464fa5f2150411.gif
IP 45.61.212.217:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 378 kB (378244 bytes)
Hash dcee74862649d4f1b27bf2bad4d7b505
ab5a968d4276ee57121e47a816bbb760f6ea352b
0932de00bb38b492d7d3ea9626be48617dee34b86b650c6bde61e30d09063d2e
GET /c01be6ba19f9425fb2464fa5f2150411.gif HTTP/1.1
Host: 5199qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c6a05a-5c584"
Date: Fri, 27 Jan 2023 05:49:30 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 17 Jan 2023 13:19:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-17
Content-Length: 378244
ttzytp3.com/upload/vod/20230126-1/754f683935f604b4155e6da64fd04f86.jpg
23.224.136.188200 OK 195 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230126-1/754f683935f604b4155e6da64fd04f86.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x540, components 3\012- data
Size 195 kB (195112 bytes)
Hash 9cee6d436cedb7f252e1c82c6d9f4a79
54fb0046d8548b0b4320430e65fc8c5311c7aa52
dccb39dbe11ba3b3c9a61b71225c830dfc5fc19ee5bf189a29a0f126cedba127
GET /upload/vod/20230126-1/754f683935f604b4155e6da64fd04f86.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 195112
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 17:32:38 GMT
ETag: "63d167b6-2fa28"
Accept-Ranges: bytes
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:26:19 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Mon, 27 Feb 2023 04:26:19 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
768guanggao.oss-cn-shenzhen.aliyuncs.com/vip80.gif
120.77.167.195200 OK 264 kB URL HTTP/1.1 768guanggao.oss-cn-shenzhen.aliyuncs.com/vip80.gif
IP 120.77.167.195:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /vip80.gif HTTP/1.1
Host: 768guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 28 Jan 2023 04:33:15 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63D4A58B4EAD113032861822
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Thu, 08 Dec 2022 08:00:50 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3
ttzytp3.com/upload/vod/20230127-1/f0d4eef4bfe87578b227226e0be7cb6c.jpg
23.224.136.188200 OK 195 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/f0d4eef4bfe87578b227226e0be7cb6c.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x535, components 3\012- data
Size 195 kB (194967 bytes)
Hash 4b7359b15412b6863f5750e86bcd785e
230f64d968b1956f584ead965a30cd0aae59f007
1dfad7da85b881b99fd9fd65e34097fe280fb15e116fd66403d2bd88cf470348
GET /upload/vod/20230127-1/f0d4eef4bfe87578b227226e0be7cb6c.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 194967
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:24:53 GMT
ETag: "63d34405-2f997"
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1464185815&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2403&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1464185815&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2403&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1464185815&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2403&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 04:33:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5CDE0136A37A1FA3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=796326284&si=f60217089b1da6d1d44680872fcaac43&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2403&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=796326284&si=f60217089b1da6d1d44680872fcaac43&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2403&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=796326284&si=f60217089b1da6d1d44680872fcaac43&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=2403&r=0&ww=1252&u=http%3A%2F%2Fyf5.ytvw7.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 28 Jan 2023 04:33:16 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1A624CCE5C71D74B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 859db80394a135542482b2525b2e48ca
a2792cdb2e21a5842ef28522269126512f14b615
185465e1b7428379b8bff1598f3be1ad7ab1e275167cc4f958b6483cc8f4050a
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 192
Cache-Control: max-age=101580
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:33:16 GMT
Etag: "63d38e98-1d7"
Expires: Sun, 29 Jan 2023 08:46:16 GMT
Last-Modified: Fri, 27 Jan 2023 08:43:04 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 471
ttzytp3.com/upload/vod/20230127-1/aa06359b016489b257094e3787e8a54e.jpg
23.224.136.188200 OK 8.3 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/aa06359b016489b257094e3787e8a54e.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e7e4eee54df8554db8ef0e3347f7b966
4c086b3fe49e40b190238fa04e0f8e3ee41a26a0
53a99bfff4e041c3b559011d6d29fd14544eb09fd3b7ee1e21eacb4c1709be15
GET /upload/vod/20230127-1/aa06359b016489b257094e3787e8a54e.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 8332
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:25:33 GMT
ETag: "63d3442d-208c"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230127-1/e9d93907a3b979b8337f8d156ff03832.jpg
23.224.136.188200 OK 5.7 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/e9d93907a3b979b8337f8d156ff03832.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 667x500, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3ab93f7f63cbc69fb42581d51482ddff
87b23fbb489392d30f8e8b516708c02e5ab16cdd
3d1b87dddc1f3fe8e3dcb490cf4c8983a19ca7fca8f21e7b039bf100bd585973
GET /upload/vod/20230127-1/e9d93907a3b979b8337f8d156ff03832.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 5657
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:25:33 GMT
ETag: "63d3442d-1619"
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 19992e557767bab1b2f3969134af34c7
dcfed566c9b2c62ab1fb618ef2932508d73a2d14
bb0e4306fee7150b94469fbfe30fd58910fe365b939de6c69f98d5dbe9ba0078
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 16:52:21 GMT
Expires: Thu, 02 Feb 2023 16:52:20 GMT
Etag: "dcfed566c9b2c62ab1fb618ef2932508d73a2d14"
Cache-Control: max-age=475742,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79070250dd1c1c06-OSL
ttzytp3.com/upload/vod/20230127-1/b2f47df2004c65e907c1c05382b9de39.jpg
23.224.136.188200 OK 49 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/b2f47df2004c65e907c1c05382b9de39.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 640x396, components 3\012- data
Hash 64c69b2817b320feb079293c99b4637d
37582bdc16179ad09ae459920ca056ccb2fae224
d0a35c903f4cd9d488a5b16654f7ee1a0609f4e052893a6a48b79c9f3e41b5ba
GET /upload/vod/20230127-1/b2f47df2004c65e907c1c05382b9de39.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 48888
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:25:32 GMT
ETag: "63d3442c-bef8"
Accept-Ranges: bytes
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.64200 OK 300 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.64:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 300 kB (299985 bytes)
Hash 5d7118c19a9bd8ff78641a72cb481144
5cf8f1709330929db0f38141e5e18518a2ddcb12
ebd1f7b5795943f0b6e779047bfd82e03c020056e9ae9f4a4f8b400d3835cd85
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 28 Jan 2023 04:33:15 GMT
Content-Type: image/gif
Content-Length: 299985
Connection: keep-alive
x-oss-request-id: 63D4A58B4C8B373631E99132
Accept-Ranges: bytes
ETag: "5D7118C19A9BD8FF78641A72CB481144"
Last-Modified: Tue, 10 Jan 2023 09:27:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5878332609690177558
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDwy4PsrBgiIGVlOTJjOGM4NTBkZDQ5NTBhMzAzYjhiYTJjYjQ0NTI5
Content-MD5: XXEYwZqb2P94ZBpyy0gRRA==
x-oss-server-time: 1
ttzytp3.com/upload/vod/20230127-1/5dcc37adf77e7f4c79b1ec6cf1813dde.jpg
23.224.136.188200 OK 180 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/5dcc37adf77e7f4c79b1ec6cf1813dde.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 180 kB (179648 bytes)
Hash 9360606e479201daa22115bde1d60bd2
4697d79432ce1d810c401b4e0eb2e30aa06ae0bf
62c21a54c0f078843ef13b1acf8123f7f07150ba55d574a54c21a48b899260d4
GET /upload/vod/20230127-1/5dcc37adf77e7f4c79b1ec6cf1813dde.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:17 GMT
Content-Type: image/jpeg
Content-Length: 179648
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:24:37 GMT
ETag: "63d343f5-2bdc0"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230127-1/eb918d686cf235845457474d2957543b.jpg
23.224.136.188200 OK 188 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/eb918d686cf235845457474d2957543b.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 188 kB (188410 bytes)
Hash 4f5077b4ee26adf240dfcaa7cd3badfa
aab9d721d524227c0053c263bd108baeed75ef68
fca0f04fc748ebde16f97f105942f801e0e2a4756a3e2789993def9207b083a1
GET /upload/vod/20230127-1/eb918d686cf235845457474d2957543b.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 188410
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:24:38 GMT
ETag: "63d343f6-2dffa"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230127-1/f31e073a1076e7829cfabcaf6d5728d2.jpg
23.224.136.188200 OK 320 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/f31e073a1076e7829cfabcaf6d5728d2.jpg
IP 23.224.136.188:0
File type PNG image data, 1280 x 720, 8-bit colormap, non-interlaced\012- data
Size 320 kB (319547 bytes)
Hash 7f0708f0df53d3f62c44214ccf34f975
cea4ce84db0fb3e0d30e470e15032b73589b2268
fde26ba68d329c38cc90c7a7fa89269e5952b839638f2da3b3bce3f18f1005d9
GET /upload/vod/20230127-1/f31e073a1076e7829cfabcaf6d5728d2.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:16 GMT
Content-Type: image/jpeg
Content-Length: 319547
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:25:32 GMT
ETag: "63d3442c-4e03b"
Accept-Ranges: bytes
u1010.com/b80b68717e334bfcb8f9c35dec22678c.gif
103.189.109.72200 OK 347 kB URL HTTP/2 u1010.com/b80b68717e334bfcb8f9c35dec22678c.gif
IP 103.189.109.72:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 347 kB (347426 bytes)
Hash 9113d18ae855d227d6f10b05e4f6425e
5e9cafc7cb295afbdc9298fd7144f3125191b710
2e70e0d59d74220a307c094c2cf8b77ef905bf8ec8226e35f115632485aba973
GET /b80b68717e334bfcb8f9c35dec22678c.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63b563f5-54d22"
server: nginx
date: Fri, 27 Jan 2023 00:47:33 GMT
content-type: image/gif
last-modified: Wed, 04 Jan 2023 11:33:09 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-062
content-length: 347426
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
185.10.104.115200 OK 1.3 MB URL HTTP/2 pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /bjh/5f356028e5e94176f56a75568e49ae20.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 28 Jan 2023 04:33:16 GMT
content-type: image/gif
content-length: 1296026
expires: Sun, 29 Jan 2023 03:44:38 GMT
last-modified: Sun, 01 May 2022 03:41:02 GMT
etag: "5f356028e5e94176f56a75568e49ae20"
age: 175718
accept-ranges: bytes
content-md5: XzVgKOXpQXb1anVWjkmuIA==
x-bce-content-crc32: 619664397
x-bce-debug-id: qoHJbuYLCrwt6BohAJHKhB1la/dLtPckbQZCDsLdCYj3ffbVUHMGsmUK6fqoM0iXz1HI2DGQutkKVrhCRx8zZA==
x-bce-request-id: f2b33ae6-db81-4f70-9150-c6452b74a3f4
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 03:44:37 GMT
ohc-cache-hit: fra01-sys-jomo6.fra01.baidu.com [2], fra01-sys-jomo8.fra01.baidu.com [2], zhuzuncache62 [3], suzix207 [3]
ohc-file-size: 1296026
x-cache-status: HIT
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230127-1/34331bcb5229f983d8cea8f486f2df8a.jpg
23.224.136.188200 OK 196 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/34331bcb5229f983d8cea8f486f2df8a.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 196 kB (195977 bytes)
Hash d22e056e30689aa9b7e2378cf0056ef7
a9247d6b39411fc3d33e30359e2d04f0e450ead6
8954029158543d44f6df3c48f115f056273bf657bc9d5dace449523970f6fdc9
GET /upload/vod/20230127-1/34331bcb5229f983d8cea8f486f2df8a.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:17 GMT
Content-Type: image/jpeg
Content-Length: 195977
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:24:43 GMT
ETag: "63d343fb-2fd89"
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230127-1/cb1d7e06de38e3b3996c150ebc8633c6.jpg
23.224.136.188200 OK 192 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230127-1/cb1d7e06de38e3b3996c150ebc8633c6.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 192 kB (191497 bytes)
Hash 527e01f6383731beeefadec2ffd454ee
c98a6518deb69396ac1b6f6162dcc600779a8df7
ee6cd0b74d098bff62fc6c6120760a29a9189f2413eb8e670a9a5354bde26637
GET /upload/vod/20230127-1/cb1d7e06de38e3b3996c150ebc8633c6.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 28 Jan 2023 04:33:17 GMT
Content-Type: image/jpeg
Content-Length: 191497
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:24:44 GMT
ETag: "63d343fc-2ec09"
Accept-Ranges: bytes
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 933fd5fa22be6b7d22f9d750e22732c4
991e98407e1e02502d6b5b70c81a53734264c4bf
25197182d04e17383c9bfb297b5b37b4d730ae42767d900afbe37cfcdcfaa30b
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 28 Jan 2023 04:23:54 GMT
last-modified: Wed, 25 Jan 2023 20:07:09 GMT
expires: Wed, 01 Feb 2023 20:07:08 GMT
etag: "991e98407e1e02502d6b5b70c81a53734264c4bf"
cache-control: max-age=594720,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7906f4932b1d92b1-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1674879834
via: cache25.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache3.se1[0,0,200-0,H], cache1.se1[1,0], cache5.se1[2,0]
age: 563
x-cache: HIT TCP_MEM_HIT dirn:2:36584392
x-swift-savetime: Sat, 28 Jan 2023 04:28:26 GMT
x-swift-cachetime: 1528
timing-allow-origin: *, *
eagleid: 2ff62c9916748803976362015e, 2ff62c9916748803976362015e
u1077.com/d4fd5995061e4d0591810a5a215c050e.gif
103.189.109.72200 OK 50 kB URL HTTP/2 u1077.com/d4fd5995061e4d0591810a5a215c050e.gif
IP 103.189.109.72:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 75e4620e76c97c5c19eef7a4d255b2f4
8356629a1f461942a1d23030ea3e1092707eeb62
3338318141a22d332902d08827f22af6fa9381b5697423d0c33435dd4a1b85e7
GET /d4fd5995061e4d0591810a5a215c050e.gif HTTP/1.1
Host: u1077.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "639ca276-c2e6"
server: nginx
date: Sun, 22 Jan 2023 06:38:26 GMT
content-type: image/gif
last-modified: Fri, 16 Dec 2022 16:53:10 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-062
content-length: 49894
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 44e491ad290df528b2835134ffc6402d
71affec825d7161c134edd2b203741d1a0c0e872
7eb59b380be5d6a294b100c9c7521117de898c118eae7ac98e19252d6af0f0af
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:46:14 GMT
ETag: "71affec825d7161c134edd2b203741d1a0c0e872"
Last-Modified: Sat, 28 Jan 2023 01:46:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790702534871b518-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 44e491ad290df528b2835134ffc6402d
71affec825d7161c134edd2b203741d1a0c0e872
7eb59b380be5d6a294b100c9c7521117de898c118eae7ac98e19252d6af0f0af
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:46:14 GMT
ETag: "71affec825d7161c134edd2b203741d1a0c0e872"
Last-Modified: Sat, 28 Jan 2023 01:46:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7907025398bdb4f3-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 44e491ad290df528b2835134ffc6402d
71affec825d7161c134edd2b203741d1a0c0e872
7eb59b380be5d6a294b100c9c7521117de898c118eae7ac98e19252d6af0f0af
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:46:14 GMT
ETag: "71affec825d7161c134edd2b203741d1a0c0e872"
Last-Modified: Sat, 28 Jan 2023 01:46:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790702534eadb4e8-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash a53c538d9b475ffd4b3bf1f449b5ac4f
a219949fa97428fa4f14cc2597b7108e511589f2
6f89d7950d7206ab453fb10495ffbed6ee62d6868d6f149a33592981934b63fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5259
Cache-Control: max-age=154171
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:33:18 GMT
Etag: "63d4483e-2d7"
Expires: Sun, 29 Jan 2023 23:22:49 GMT
Last-Modified: Fri, 27 Jan 2023 21:55:10 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
47.246.44.231200 OK 638 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 638 kB (637830 bytes)
Hash 038cc3c0d0309ae7edac2468660d6ace
7c625c7e99f6cc090985f06c31d835852c407b83
029afc7f86b07276e77f5a1f657b2347204ab18863ed2c40d3a5122f23d12c82
GET /obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 637830
date: Mon, 09 Jan 2023 14:22:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 09 Jan 2023 12:31:47 GMT
nw-session-id: 202301092031472FF0DA8F74B79DF4D092tvfd201dy
nw-session-trace: 2023-01-09T20:31:47.625548883+08:00 90
x-bdcdn-cache-status: TCP_HIT
x-length: 637830
x-powered-by: ImageX
x-response-date: Mon, 09 Jan 2023 20:31:47 GMT
x-tt-logid: 202301092031472FF0DA8F74B79DF4D092
via: n131-120-212, cache17.l2de2[0,0,206-0,H], cache10.l2de2[1,0], cache10.l2de2[1,0], cache1.se1[0,0,200-0,H], cache7.se1[1,0]
x-request-ip: fdbd:dc03:8:577::14
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c734cca4103e2a0e1159f9306391b8c0d2922725c9864f02af173eda916716925e0c544793ac80bc2a409b45ff52b866aa4f9f296dea60c32f3b80e8f731e074e58ce6a5fcdf62fb0a2e6e31910aeb8ff334239f98c60cfd9f15a9853464832f
x-response-lb: image
ali-swift-global-savetime: 1673274178
age: 1606220
x-cache: HIT TCP_MEM_HIT dirn:11:197343923 mlen:0
x-swift-savetime: Wed, 11 Jan 2023 02:35:59 GMT
x-swift-cachetime: 31405619
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9b16748803980542639e
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 44e491ad290df528b2835134ffc6402d
71affec825d7161c134edd2b203741d1a0c0e872
7eb59b380be5d6a294b100c9c7521117de898c118eae7ac98e19252d6af0f0af
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:46:14 GMT
ETag: "71affec825d7161c134edd2b203741d1a0c0e872"
Last-Modified: Sat, 28 Jan 2023 01:46:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79070255886cb4f4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 44e491ad290df528b2835134ffc6402d
71affec825d7161c134edd2b203741d1a0c0e872
7eb59b380be5d6a294b100c9c7521117de898c118eae7ac98e19252d6af0f0af
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:33:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:46:14 GMT
ETag: "71affec825d7161c134edd2b203741d1a0c0e872"
Last-Modified: Sat, 28 Jan 2023 01:46:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790702534d12b521-OSL
img.2611u.com/images/638edb5d970f0b1d475e3297.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.2611u.com/images/638edb5d970f0b1d475e3297.gif
IP 3.36.126.81:0
GET /images/638edb5d970f0b1d475e3297.gif HTTP/1.1
Host: img.2611u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
121.226.246.3200 OK 0 B URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
IP 121.226.246.3:0
GET /ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:33:18 GMT
content-type: image/gif
content-length: 893726
cache-control: max-age=15552000
expires: Mon, 24 Jul 2023 04:43:53 GMT
last-modified: Fri, 25 Nov 2022 14:40:05 GMT
age: 258566
via: http/1.1 ORI-CLOUD-HUZ-MIX-29 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-19 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1674621833626-0-0-15-202-202;200;200-1674665172784-0-0-0-5-5;200-1674880398052-0-0-0-1-1
X-Firefox-Spdy: h2
imgsrc.baidu.com/super/pic/item/5266d0160924ab18dd4485f270fae6cd7a890ba0.jpg
104.193.88.109200 OK 0 B URL HTTP/1.1 imgsrc.baidu.com/super/pic/item/5266d0160924ab18dd4485f270fae6cd7a890ba0.jpg
IP 104.193.88.109:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /super/pic/item/5266d0160924ab18dd4485f270fae6cd7a890ba0.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yf5.ytvw7.top/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 28 Jan 2023 04:33:18 GMT
Content-Type: image/gif
Content-Length: 196656
Connection: close
Access-Control-Allow-Origin: *
Etag: dcf1803214d0b363ae68f4b8337ad429
Expires: Mon, 27 Feb 2023 04:33:17 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT