r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8164
Expires: Fri, 03 Feb 2023 07:59:54 GMT
Date: Fri, 03 Feb 2023 05:43:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2434
Expires: Fri, 03 Feb 2023 06:24:24 GMT
Date: Fri, 03 Feb 2023 05:43:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 05:43:34 GMT
content-type: application/json
age: 16
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
016sp.com/video/36023.html
38.6.108.197301 Moved Permanently 0 B URL HTTP/1.1 016sp.com/video/36023.html
IP 38.6.108.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/36023.html HTTP/1.1
Host: 016sp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 05:43:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.016sp.com/video/36023.html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4605
Expires: Fri, 03 Feb 2023 07:00:35 GMT
Date: Fri, 03 Feb 2023 05:43:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: o7mb+LWjZsIq83KyDmcLPBuZ+lbB3ZbVJ+j1oZT4Df5B+XzLLP8YBhefe+oO2y93CJZi5Cqn3CY=
x-amz-request-id: 81GHSDRZAYJHECXG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 05:23:25 GMT
age: 1225
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:50 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 04:49:06 GMT
age: 3285
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2211
Expires: Fri, 03 Feb 2023 06:20:42 GMT
Date: Fri, 03 Feb 2023 05:43:51 GMT
Connection: keep-alive
push.services.mozilla.com/
52.40.49.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.49.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mGC7Qplf7/nQeKELEQrCdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zBLoneDuV6L/WY4WQDbba/fQvqM=
www.016sp.com/video/36023.html
38.6.108.197200 OK 453 B URL HTTP/1.1 www.016sp.com/video/36023.html
IP 38.6.108.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (392), with CRLF line terminators
Hash 539baf131300c58a956515113f786799
9ac36075d5d55b0ce174ccf2fbfb8e30244f7d86
821eba9b6664c168398f4be12ac899e3b3bb10fd9825fb688d4786d582797696
GET /video/36023.html HTTP/1.1
Host: www.016sp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 05:43:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.016sp.com/common.js
38.6.108.197200 OK 701 B IP 38.6.108.197:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Hash 68550d9a92e6d921d2bb00e896e91dbc
03b9b50201fac144aa9190ab24631badece68763
6fea851fce86fccaf4cf599570680be3427d84187dccd68f8d05bc8efd76d025
GET /common.js HTTP/1.1
Host: www.016sp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.016sp.com/video/36023.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 05:43:54 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.016sp.com/tj.js
38.6.108.197200 OK 6.0 kB IP 38.6.108.197:0
File type ASCII text, with very long lines (14734), with CRLF line terminators
Hash f63613a23c15ac952a12cfd713067b63
98c8d785adc819cd45775396f1b7ad22d13d538f
9fde6f31dd1e56b6ebec4e3d5c28539ee7e6a548dd2a92b47ca376ccdb240c98
NIDS Severity Alert suricata high ET HUNTING Possible Obfuscator io JavaScript Obfuscation
GET /tj.js HTTP/1.1
Host: www.016sp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.016sp.com/video/36023.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 05:43:54 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 88623bce893b3bce2e42a4a44896c2a2
eee4e0a613a31430021e907e994be358b7e8a6ac
59b0d9c744c9e83988f7fd8bccd2cf7583b6b51a44844398af647336bafc639c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "59B0D9C744C9E83988F7FD8BCCD2CF7583B6B51A44844398AF647336BAFC639C"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Fri, 03 Feb 2023 11:43:28 GMT
Date: Fri, 03 Feb 2023 05:43:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2770
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 05:43:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2770
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 05:43:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2770
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 05:43:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 28551
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4242d4999b7b033873b81a482c319c2
bc4c004065ce9f558f210d508844c123a85737a1
ab35a5c1a7c1a0a548aee3b9c301893799680ec1922c13e7a16d44ca457cd91d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7237
x-amzn-requestid: f6aa0d26-8df4-40fe-8984-1aac7c76097e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVr4jEdeIAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2269c-58a038d6491d8f461e9168d4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XNO6ArxsjiZTxcoSn1Fmhso5bpWNIvzT9nplF6UGTiHVxXlJiv7bJA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:58:40 GMT
age: 27912
etag: "bc4c004065ce9f558f210d508844c123a85737a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bc75469-aee4-46b2-9ae0-75869ae8bb2a.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bc75469-aee4-46b2-9ae0-75869ae8bb2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 40d4165b4e6dbb637204df196545ada8
a01f74c0c2c3ec1e5e7d6498415df8fbf109ae94
25d54e72b043f2d9553be6a8dedfce3ce39df4ac2b992f7e6d32ef04e96a3266
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bc75469-aee4-46b2-9ae0-75869ae8bb2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8912
x-amzn-requestid: 4fdceb0c-8af7-4ffb-b28b-c0d9e22f2456
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpQ4KGUsoAMFlcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9fb67-68ef58c454f6bd834eb05485;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 05:40:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KqdmB4tt4CIXxWaI0S0Icx_EJiBK5KLgfUJ8K2jlkh-AgYI6S9w4lA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 28551
etag: "a01f74c0c2c3ec1e5e7d6498415df8fbf109ae94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 27963
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c1c2a5a291f23be6591c9b19db47b47
2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619
327efb8c72421819992900ab0f8f267da7d28122c710b8694979116579d512c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3083
x-amzn-requestid: 7a4f094b-a423-401e-a9e7-8d9f130e2e40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi1drEtKIAMFuYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76924-66751080608a6cd2650b853d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:52:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UoXATdGOgEK3Unxszcp4ulAK3b1BuHS2MbUzTHe-qxjNZkb2eoxE-A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:49 GMT
age: 28743
etag: "2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2c8eebb0368d30bc054b888c9a28750a
00bac172b007bc4ce4831caeba9cc5fb9f94eccc
2e4c1d396d17f04125b5b53d85d5d3211a7a9818658705a05ced9a998830bfda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E4C1D396D17F04125B5B53D85D5D3211A7A9818658705A05CED9A998830BFDA"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Fri, 03 Feb 2023 11:42:54 GMT
Date: Fri, 03 Feb 2023 05:43:52 GMT
Connection: keep-alive
iq882.tz-68-fabb.com/x-2/800.html
104.233.164.55200 OK 629 B URL HTTP/2 iq882.tz-68-fabb.com/x-2/800.html
IP 104.233.164.55:0
ASN #398993 PEGTECHINC-AP-03
File type HTML document, Unicode text, UTF-8 text
Hash 36868d9ceb5db0182a6248a44fb47272
1744005f82aa6a3a192aa42b1911b56950f63ced
6885021d3d889b6401b8a14526e5d655242dfcd3a4b600a468483949f4624269
GET /x-2/800.html HTTP/1.1
Host: iq882.tz-68-fabb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.016sp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:45:05 GMT
content-type: text/html
content-length: 629
last-modified: Sat, 21 Jan 2023 10:56:34 GMT
etag: "63cbc4e2-275"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash eade92ec08d739a4e4fa82117a0cfe80
362b161b5f86fce6dd4425a055711a4ee9e5af77
6b32a9ab954c2bcd8931193322c62d6a1301979c36ff4935fe145f7b2cf3abe9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 03:59:17 GMT
ETag: "362b161b5f86fce6dd4425a055711a4ee9e5af77"
Last-Modified: Fri, 03 Feb 2023 03:59:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2499
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7938d9fe4f14b51e-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash eade92ec08d739a4e4fa82117a0cfe80
362b161b5f86fce6dd4425a055711a4ee9e5af77
6b32a9ab954c2bcd8931193322c62d6a1301979c36ff4935fe145f7b2cf3abe9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 03:59:17 GMT
ETag: "362b161b5f86fce6dd4425a055711a4ee9e5af77"
Last-Modified: Fri, 03 Feb 2023 03:59:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2499
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7938d9fe4e7c0b49-OSL
www.016sp.com/favicon.ico
38.6.108.197200 OK 1.2 kB URL HTTP/1.1 www.016sp.com/favicon.ico
IP 38.6.108.197:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.016sp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.016sp.com/video/36023.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:22 GMT
Connection: keep-alive
ETag: "4e0d81de-47e"
Expires: Wed, 08 Feb 2023 05:43:55 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 29342605062eac7b2cd440b636f253e1
0a9b18892d02f7d6fdb933ad6b19d7082630f160
841dbdfe4d06daea4a18df0dc55d2ddcab626f1eb9415d88a31cc48ab5ec9e95
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 07 Feb 2023 01:05:24 GMT
ETag: "0a9b18892d02f7d6fdb933ad6b19d7082630f160"
Last-Modified: Fri, 03 Feb 2023 01:05:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3163
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7938da01e940b51e-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d24fabc2cdfac6ae5916b5a44536c23
bba45a649601834d5e794c1d24dff58e68678394
8e083330d7ad5b7f337d98af651aa6f86259ce63d57e35e09da0aef4cb8ab36b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E083330D7AD5B7F337D98AF651AA6F86259CE63D57E35E09DA0AEF4CB8AB36B"
Last-Modified: Fri, 03 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21496
Expires: Fri, 03 Feb 2023 11:42:10 GMT
Date: Fri, 03 Feb 2023 05:43:54 GMT
Connection: keep-alive
hm.baidu.com/hm.js?56fde3305da5aac86bae870fbbd965d7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?56fde3305da5aac86bae870fbbd965d7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 05c769857ef50233c58ef3afb6b8c6e1
6e1f01c9b636bf1cec4d329bc9ac336d8acd8ce1
00d9d15e521df0a9e45552b3d8af16b9999c561f0b2427470fd6b3433ebcf0be
GET /hm.js?56fde3305da5aac86bae870fbbd965d7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.016sp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 05:43:53 GMT
Etag: 5ff9b7f233f7cfa9246ef55791183b37
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E59C78A6DCD8C9EE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
js.users.51.la/21435479.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21435479.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash ac0d028a92cad968e8dbdb0c7d992426
6b2c52196a590eabc9e6ec078634aa033766bb5e
3b2bfdefa0707faadafd621dd3038bbf438227d18d1dae0792f7baa064121a66
GET /21435479.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iq882.tz-68-fabb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 03 Feb 2023 05:43:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=bc2c3fd638bcc0190e; path=/
HWWAFSESTIME=1675403033922; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
n1.nvwangav1.top/0.8115251300666422
104.233.175.168404 Not Found 146 B URL HTTP/2 n1.nvwangav1.top/0.8115251300666422
IP 104.233.175.168:0
ASN #398993 PEGTECHINC-AP-03
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /0.8115251300666422 HTTP/1.1
Host: n1.nvwangav1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iq882.tz-68-fabb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Fri, 03 Feb 2023 05:43:54 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e64afd1036e8c69c3add7fda2aba96ec
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e64afd1036e8c69c3add7fda2aba96ec
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash ccc1b4882ac15e3dac7ac6c520adf637
70cba6d3832142fa106748885d49570c1bc92147
241ad813b9a07166efb0c7915943632ca0017ae12a7877da2d23a8029ba908d5
GET /hm.js?e64afd1036e8c69c3add7fda2aba96ec HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.016sp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 05:43:53 GMT
Etag: f06131fd06f27194ea32a29e40346015
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C442A225707BD3DB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1393685764&si=56fde3305da5aac86bae870fbbd965d7&v=1.3.0&lv=1&sn=789&r=0&ww=1280&u=http%3A%2F%2Fwww.016sp.com%2Fvideo%2F36023.html&tt=%E5%AE%9C%E5%AE%BE%E5%8B%9F%E5%93%9F%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1393685764&si=56fde3305da5aac86bae870fbbd965d7&v=1.3.0&lv=1&sn=789&r=0&ww=1280&u=http%3A%2F%2Fwww.016sp.com%2Fvideo%2F36023.html&tt=%E5%AE%9C%E5%AE%BE%E5%8B%9F%E5%93%9F%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1393685764&si=56fde3305da5aac86bae870fbbd965d7&v=1.3.0&lv=1&sn=789&r=0&ww=1280&u=http%3A%2F%2Fwww.016sp.com%2Fvideo%2F36023.html&tt=%E5%AE%9C%E5%AE%BE%E5%8B%9F%E5%93%9F%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.016sp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 05:43:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=AF38F79C7C8FA9AF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=182868123&si=e64afd1036e8c69c3add7fda2aba96ec&v=1.3.0&lv=1&sn=789&r=0&ww=1280&u=http%3A%2F%2Fwww.016sp.com%2Fvideo%2F36023.html&tt=%E5%AE%9C%E5%AE%BE%E5%8B%9F%E5%93%9F%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=182868123&si=e64afd1036e8c69c3add7fda2aba96ec&v=1.3.0&lv=1&sn=789&r=0&ww=1280&u=http%3A%2F%2Fwww.016sp.com%2Fvideo%2F36023.html&tt=%E5%AE%9C%E5%AE%BE%E5%8B%9F%E5%93%9F%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=182868123&si=e64afd1036e8c69c3add7fda2aba96ec&v=1.3.0&lv=1&sn=789&r=0&ww=1280&u=http%3A%2F%2Fwww.016sp.com%2Fvideo%2F36023.html&tt=%E5%AE%9C%E5%AE%BE%E5%8B%9F%E5%93%9F%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.016sp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 05:43:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=72F29A5F87AA4C19; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
js.users.51.la/21470059.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21470059.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 4ec7c72e06dc46e956107804e117c47b
3daa9a12989d10ad9d444cc10102033193e196e3
fe48b0495eaba14153f09248377f66ee8d421f9c38de4826e423d40dbf42662a
GET /21470059.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=bc2c3211638bcc0190e; path=/
HWWAFSESTIME=1675403033922; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
js.users.51.la/21498489.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21498489.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 526ca53c43b79e1988f210b9487d0f88
c253c2bed0dca94dc503ea81fd7cc2724de732e6
3fe6dda0e68687f7818def6889394a8ba1b9bd7a2ca49ca4465a3814de668f42
GET /21498489.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=95b3b1cf3256b802a60; path=/
HWWAFSESTIME=1675403034370; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
n1.nvwangav1.top/template/m1938pc/ads/960.js
104.233.175.168200 OK 659 B URL HTTP/2 n1.nvwangav1.top/template/m1938pc/ads/960.js
IP 104.233.175.168:0
ASN #398993 PEGTECHINC-AP-03
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash b1a224dc1abcd4f29c7b17972f7fb346
e6bd83f26ab4bb614cc8a3e1f28dffecdd502d89
fb75298f365c13536d6b1e0b0112e1d87286a3637ba6a4e5c1cd84a599761f9b
GET /template/m1938pc/ads/960.js HTTP/1.1
Host: n1.nvwangav1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/?qiye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:55 GMT
content-type: application/javascript
content-length: 659
last-modified: Thu, 26 Jan 2023 09:30:02 GMT
etag: "63d2481a-293"
expires: Fri, 03 Feb 2023 17:43:55 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2db4861670d2d79a73ea97c36437154f
71038fd443fb1be7d3f77ba979b8df6426071111
1a5d1b20cb267049b11829d9417399aec3fae564d7bd547b0040aebffaa53a6f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 22:57:53 GMT
Expires: Tue, 07 Feb 2023 22:57:52 GMT
Etag: "71038fd443fb1be7d3f77ba979b8df6426071111"
Cache-Control: max-age=407036,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7938da0cfcfbb515-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2db4861670d2d79a73ea97c36437154f
71038fd443fb1be7d3f77ba979b8df6426071111
1a5d1b20cb267049b11829d9417399aec3fae564d7bd547b0040aebffaa53a6f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 22:57:53 GMT
Expires: Tue, 07 Feb 2023 22:57:52 GMT
Etag: "71038fd443fb1be7d3f77ba979b8df6426071111"
Cache-Control: max-age=407036,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7938da0c7ba20b51-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2db4861670d2d79a73ea97c36437154f
71038fd443fb1be7d3f77ba979b8df6426071111
1a5d1b20cb267049b11829d9417399aec3fae564d7bd547b0040aebffaa53a6f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 22:57:53 GMT
Expires: Tue, 07 Feb 2023 22:57:52 GMT
Etag: "71038fd443fb1be7d3f77ba979b8df6426071111"
Cache-Control: max-age=407036,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7938da0c6abcb512-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2db4861670d2d79a73ea97c36437154f
71038fd443fb1be7d3f77ba979b8df6426071111
1a5d1b20cb267049b11829d9417399aec3fae564d7bd547b0040aebffaa53a6f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 22:57:53 GMT
Expires: Tue, 07 Feb 2023 22:57:52 GMT
Etag: "71038fd443fb1be7d3f77ba979b8df6426071111"
Cache-Control: max-age=407036,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7938da0cffc0b500-OSL
img.ywtuchuang5.com/upload/vod/20220929-1/bba1b229d73c32b1fae353637e0eac77.jpg
154.12.54.85200 OK 8.1 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220929-1/bba1b229d73c32b1fae353637e0eac77.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 80x107, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash b47a3098188b2443e2db8be35f471de8
2e028554c1c334b09553fe030e3cb61f05ebe949
5848a7f86797f76fcb24ab5bd89474418e8d820e3cac7eff1cec09cf27cecdac
GET /upload/vod/20220929-1/bba1b229d73c32b1fae353637e0eac77.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: image/jpeg
Content-Length: 8103
Last-Modified: Wed, 28 Sep 2022 16:05:12 GMT
Connection: keep-alive
ETag: "633470b8-1fa7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.lytuchuang3.com/upload/vod/20221112-1/4a710ba3db6839b61f6bb25e9e3962c3.jpg
154.12.54.84200 OK 7.7 kB URL HTTP/1.1 img.lytuchuang3.com/upload/vod/20221112-1/4a710ba3db6839b61f6bb25e9e3962c3.jpg
IP 154.12.54.84:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash 9cf61e6af076a23e297f3b5f1c258142
eddf6f2ee66a429ef679574a6298880bd34f851e
cd966878e54168fa1dc371ecf35a0826e46c165cdf937ef61107cbab4e60afe0
GET /upload/vod/20221112-1/4a710ba3db6839b61f6bb25e9e3962c3.jpg HTTP/1.1
Host: img.lytuchuang3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: image/jpeg
Content-Length: 7690
Last-Modified: Sat, 12 Nov 2022 08:00:09 GMT
Connection: keep-alive
ETag: "636f5289-1e0a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220929-1/491265f7badb6ce946cf4795af476000.jpg
154.12.54.85200 OK 7.8 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220929-1/491265f7badb6ce946cf4795af476000.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 80x107, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 5bd61fea81e9dc9a4f9e600bde12b2b4
1bd868961e169d27954bb099e79d1e1822975c7c
0b929b7307b7ed7056dce26fcbab804fe969661c615fb7417175e583e3a861b3
GET /upload/vod/20220929-1/491265f7badb6ce946cf4795af476000.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: image/jpeg
Content-Length: 7846
Last-Modified: Wed, 28 Sep 2022 16:05:38 GMT
Connection: keep-alive
ETag: "633470d2-1ea6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220929-1/f194d65779cedc439c6cd216d1b15ded.jpg
154.12.54.85200 OK 10 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220929-1/f194d65779cedc439c6cd216d1b15ded.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 80x107, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash c36ebb4957a6665dda246b619bdb0c37
a5235ac914cd7e93411ad309f373e597873d0e4d
ca09f99cfea2dc40309a0a1342a4ef809efb58ee6499540975c9b6b1cf33538d
GET /upload/vod/20220929-1/f194d65779cedc439c6cd216d1b15ded.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: image/jpeg
Content-Length: 10400
Last-Modified: Wed, 28 Sep 2022 16:05:12 GMT
Connection: keep-alive
ETag: "633470b8-28a0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220929-1/3f1ba43142a8f966522fa87bd860c42e.jpg
154.12.54.85200 OK 10 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220929-1/3f1ba43142a8f966522fa87bd860c42e.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 160x209, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 173f01dc48a8c3eb7c2ec5690fb8ee8f
db5da9c5b5862173c846f36ad4eb30c1dce1b272
c1c4f422c50ce91f202c6fccc751e1fd8c17fbfb9c171e81d05f55d64efb0ff1
GET /upload/vod/20220929-1/3f1ba43142a8f966522fa87bd860c42e.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: image/jpeg
Content-Length: 10216
Last-Modified: Wed, 28 Sep 2022 16:05:12 GMT
Connection: keep-alive
ETag: "633470b8-27e8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2db4861670d2d79a73ea97c36437154f
71038fd443fb1be7d3f77ba979b8df6426071111
1a5d1b20cb267049b11829d9417399aec3fae564d7bd547b0040aebffaa53a6f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 22:57:53 GMT
Expires: Tue, 07 Feb 2023 22:57:52 GMT
Etag: "71038fd443fb1be7d3f77ba979b8df6426071111"
Cache-Control: max-age=407036,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7938da0cfee4b4fd-OSL
img.ywtuchuang5.com/upload/vod/20220929-1/5411144c9c050f6e9d2018287185e95a.jpg
154.12.54.85200 OK 9.7 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220929-1/5411144c9c050f6e9d2018287185e95a.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 80x107, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 630e7db26ec7f9848f037be755b95095
f5305eb3420e50dee7a1174fc38fdea3c5b69da2
84fd849252d4513f247164aa24ae5c45b6b9ee85356b22f7ce004977c57fb01f
GET /upload/vod/20220929-1/5411144c9c050f6e9d2018287185e95a.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: image/jpeg
Content-Length: 9727
Last-Modified: Wed, 28 Sep 2022 16:05:05 GMT
Connection: keep-alive
ETag: "633470b1-25ff"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/3ce5ec70c122ec4f099aed4782e45b9f.jpg
154.12.54.85200 OK 8.1 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/3ce5ec70c122ec4f099aed4782e45b9f.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 80x107, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 64f0747d9107eb13f32581a01b566f08
5da4031d8375df03bf90e23a244661ec385a8a60
ce67ec6436828c613c970564d720a54dbecdc44087ec545f3dc1375094fe30fe
GET /upload/vod/20230203-1/3ce5ec70c122ec4f099aed4782e45b9f.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 8134
Last-Modified: Thu, 02 Feb 2023 16:04:47 GMT
Connection: keep-alive
ETag: "63dbdf1f-1fc6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220929-1/ada4c49b6292267a5a1374428424399c.jpg
154.12.54.85200 OK 7.3 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220929-1/ada4c49b6292267a5a1374428424399c.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 80x107, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash c42a09c662fd3c520f7d156b1221c132
ef57f991ab9b9801cc0a65c31ed20fac092c90e2
515049252039cc01f672644d5e3990f4a49638b47e57f44059b6fa07771c8caa
GET /upload/vod/20220929-1/ada4c49b6292267a5a1374428424399c.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 7252
Last-Modified: Wed, 28 Sep 2022 16:05:13 GMT
Connection: keep-alive
ETag: "633470b9-1c54"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/0810dd6ec8b910ba767fddb7c0288348.jpg
154.12.54.85200 OK 9.8 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/0810dd6ec8b910ba767fddb7c0288348.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash aed68664292cdc17723c1be0481e52e3
7ce9b164591ea32a0e41f72459732ddf5c01addd
a829a8d9fc83cd8222c040122462b9dadeb8bf29785df367d172693fe6754c6a
GET /upload/vod/20230203-1/0810dd6ec8b910ba767fddb7c0288348.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 9811
Last-Modified: Thu, 02 Feb 2023 16:05:59 GMT
Connection: keep-alive
ETag: "63dbdf67-2653"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/967f6dccf9fef1de01acc7d386360e01.jpg
154.12.54.85200 OK 8.1 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/967f6dccf9fef1de01acc7d386360e01.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash f60d7bbae951528b4d165552415520c8
38a5ca762c52e92608a0a5b0e00b31a785c1e725
1f9045b45b943d5d68717aef333fe05caffaa63aaefaf4042c0f7e1104a1bcd3
GET /upload/vod/20230203-1/967f6dccf9fef1de01acc7d386360e01.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 8096
Last-Modified: Thu, 02 Feb 2023 16:06:29 GMT
Connection: keep-alive
ETag: "63dbdf85-1fa0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220929-1/d261d0b0d008b7182f740ef5ded74be9.jpg
154.12.54.85200 OK 10 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220929-1/d261d0b0d008b7182f740ef5ded74be9.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 160x209, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash c4d5e6a3782b2260b72a93a7b0b36753
1fcb3edcc9e82b396df21485731fe2b535d36b5b
bacfc3114de65d7d6a2488bc41729ebeebc2c0583d7805a54906670c0321be94
GET /upload/vod/20220929-1/d261d0b0d008b7182f740ef5ded74be9.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 9958
Last-Modified: Wed, 28 Sep 2022 16:05:22 GMT
Connection: keep-alive
ETag: "633470c2-26e6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/aa69cb6ab522f881b1d5655f90906d6a.jpg
154.12.54.85200 OK 8.0 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/aa69cb6ab522f881b1d5655f90906d6a.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash aa139fccc2ed75f7ed5ae0a5a7c81e00
0f7d18ad9871e4ebf8f93bbb573a1c87150bb373
ac8b8f4af9460f8913992a55685bdb5a6056327d93c6e3ed798d816f016c11c3
GET /upload/vod/20230203-1/aa69cb6ab522f881b1d5655f90906d6a.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 8023
Last-Modified: Thu, 02 Feb 2023 16:06:29 GMT
Connection: keep-alive
ETag: "63dbdf85-1f57"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.lytuchuang3.com/upload/vod/20221114-1/f2881b36af487c4210108ce84c0a45c4.jpg
154.12.54.84200 OK 115 kB URL HTTP/1.1 img.lytuchuang3.com/upload/vod/20221114-1/f2881b36af487c4210108ce84c0a45c4.jpg
IP 154.12.54.84:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 115 kB (115107 bytes)
Hash c20fc8f2791239ec54f31f44ad8ebebf
771ad839046a7cdfce5f817e6741df665249fe56
7cfe394f921b08182fddce94e44a446d02508f69b9f9531b48100719b6f79e75
GET /upload/vod/20221114-1/f2881b36af487c4210108ce84c0a45c4.jpg HTTP/1.1
Host: img.lytuchuang3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:55 GMT
Content-Type: image/jpeg
Content-Length: 115107
Last-Modified: Sun, 13 Nov 2022 16:24:38 GMT
Connection: keep-alive
ETag: "63711a46-1c1a3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/b77e240e4dc7139ff9bf3bfb9841dcb4.jpg
154.12.54.85200 OK 35 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/b77e240e4dc7139ff9bf3bfb9841dcb4.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 800x450, components 3\012- data
Hash 09b1f19857aadaf75cd7b553505e8713
ea2787984fdd14f6678ea220636743a8c8d5de5b
1b8127ef69e2697bf3dc32e3a7cc8f157ab2e4bf169c7db4862617a7bed3a584
GET /upload/vod/20230203-1/b77e240e4dc7139ff9bf3bfb9841dcb4.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 35019
Last-Modified: Thu, 02 Feb 2023 16:08:10 GMT
Connection: keep-alive
ETag: "63dbdfea-88cb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/60cc7d811efe857f188c276b4e286b10.jpg
154.12.54.85200 OK 74 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/60cc7d811efe857f188c276b4e286b10.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 800x450, components 3\012- data
Hash ce3cab2d2c20699a3fdda753836a6305
0b5ad8c97805c5db57490c827cb2dae2f8f2b779
256d285c465a7e75aaf4ebf145db27b07fc99acee6538276d284a4e8cc605d1c
GET /upload/vod/20230203-1/60cc7d811efe857f188c276b4e286b10.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 74484
Last-Modified: Thu, 02 Feb 2023 16:08:10 GMT
Connection: keep-alive
ETag: "63dbdfea-122f4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/df271957973b75eec801cbee9c3d928c.jpg
154.12.54.85200 OK 59 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/df271957973b75eec801cbee9c3d928c.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 800x450, components 3\012- data
Hash 5ce1b4ab2a019ac921a535e10d524fe0
691d5c27c4080b2bb98337011a5e753ac547d8d0
57700aa1cbc500449b60f7b4f1441a92a39c32020911b9e89a623c5038fe36cb
GET /upload/vod/20230203-1/df271957973b75eec801cbee9c3d928c.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 59317
Last-Modified: Thu, 02 Feb 2023 16:08:10 GMT
Connection: keep-alive
ETag: "63dbdfea-e7b5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230201-1/c5c53550d57c0d8cce49687bee731f71.jpg
154.12.54.85200 OK 99 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230201-1/c5c53550d57c0d8cce49687bee731f71.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 800x450, components 3\012- data
Hash 4f50fe1f1271dd054c37a3c704c93139
4b69dab649134a5dbe67647539049ce840080b2a
88a68b0bf033f4b7218a92eb763b5d7e586d8de419d043169cab135e057dd246
GET /upload/vod/20230201-1/c5c53550d57c0d8cce49687bee731f71.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 99021
Last-Modified: Tue, 31 Jan 2023 18:08:11 GMT
Connection: keep-alive
ETag: "63d9590b-182cd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/8f4f0e2ea8c45865bb7c0da9468486ae.jpg
154.12.54.85200 OK 204 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/8f4f0e2ea8c45865bb7c0da9468486ae.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 204 kB (204128 bytes)
Hash 51e67f374d10eab45abcf8dcb6b37568
1ee4c68a88507cc0c6ef84a720e08a506a824cbf
9524d437c1cd19a17805cfdff6dd9ffc6fc56ad97065a6c62aee5e97468b061b
GET /upload/vod/20230203-1/8f4f0e2ea8c45865bb7c0da9468486ae.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 204128
Last-Modified: Thu, 02 Feb 2023 16:09:17 GMT
Connection: keep-alive
ETag: "63dbe02d-31d60"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/d258e5ad51826d6f7d4953cb7260299d.jpg
154.12.54.85200 OK 194 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/d258e5ad51826d6f7d4953cb7260299d.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=PhotoScape, datetime=2021:02:03 18:18:45], baseline, precision 8, 680x453, components 3\012- data
Size 194 kB (193685 bytes)
Hash 6e2327dd8a7e0681257ff29f76d7fe98
5a8645a7b76535c28ec05a65cde58d22f6adc197
7d571b55ca313eadb155b2ea2149b95bf5b0103125942d07e2d06a0a8b5875eb
GET /upload/vod/20230203-1/d258e5ad51826d6f7d4953cb7260299d.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 193685
Last-Modified: Thu, 02 Feb 2023 16:09:17 GMT
Connection: keep-alive
ETag: "63dbe02d-2f495"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/7f9fdd3fa0cdffee5d0d73529284b87c.jpg
154.12.54.85200 OK 195 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/7f9fdd3fa0cdffee5d0d73529284b87c.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 195 kB (194681 bytes)
Hash f5af0e7755ce9bb9b45ee64be0f152a7
06aadcb98f022628188ca64a68866986df6d02d9
2594dd138fa780a54f3e35b96c7a7138b0d1fc8a3084c0fb0a5f9ae7cb46e0b9
GET /upload/vod/20230203-1/7f9fdd3fa0cdffee5d0d73529284b87c.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 194681
Last-Modified: Thu, 02 Feb 2023 16:09:17 GMT
Connection: keep-alive
ETag: "63dbe02d-2f879"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/f0b83b5a42d23ee62e145313bd2db9b3.jpg
154.12.54.85200 OK 202 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/f0b83b5a42d23ee62e145313bd2db9b3.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 202 kB (202233 bytes)
Hash 9d9769f48a4d3147e06c6fc4e9676933
1da4886fc728ca55df8f2d7ec75c1a98c79f7e4f
9687ed600211fc962327b6af3a31960d19030399718ca729a272e5f4cd55adc0
GET /upload/vod/20230203-1/f0b83b5a42d23ee62e145313bd2db9b3.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 202233
Last-Modified: Thu, 02 Feb 2023 16:09:17 GMT
Connection: keep-alive
ETag: "63dbe02d-315f9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/b8937d38dd2abf3559162330400f0759.jpg
154.12.54.85200 OK 203 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/b8937d38dd2abf3559162330400f0759.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 203 kB (202677 bytes)
Hash e2b997d81e1558f77199d72be664b308
884d3ac3451ac5d26536239eb2210d78e34826be
8e4bc28401454bf68fd8e1a32557886eddb13153cffa9f06c518c19cde7dad90
GET /upload/vod/20230203-1/b8937d38dd2abf3559162330400f0759.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 202677
Last-Modified: Thu, 02 Feb 2023 16:09:17 GMT
Connection: keep-alive
ETag: "63dbe02d-317b5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230203-1/25d4df8bcecb53a85856c9cd201b038d.jpg
154.12.54.85200 OK 194 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230203-1/25d4df8bcecb53a85856c9cd201b038d.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=PhotoScape, datetime=2021:06:01 21:10:28], baseline, precision 8, 680x453, components 3\012- data
Size 194 kB (194233 bytes)
Hash 4b6717107307a555c352aa66fc625e03
387e10be62fcff71d41a9100ad4ded86353fdbac
7af8214e0a86f61cb7ab664563482185c63048761c088d2e423ebfc7a3fe3131
GET /upload/vod/20230203-1/25d4df8bcecb53a85856c9cd201b038d.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 194233
Last-Modified: Thu, 02 Feb 2023 16:09:16 GMT
Connection: keep-alive
ETag: "63dbe02c-2f6b9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220825-1/a8587910319bb3f084b7d590090fb87f.jpg
154.12.54.85200 OK 208 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220825-1/a8587910319bb3f084b7d590090fb87f.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 208 kB (207683 bytes)
Hash a69b96e960450dfe572b022755e01167
a913cb9f6f39a112b0ed48d377c7cb9cb11058d8
5f7a9a656bbd2df8c6f011e952f27c590d525ba2a3db44cff05d4a5e1077f325
GET /upload/vod/20220825-1/a8587910319bb3f084b7d590090fb87f.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 05:43:56 GMT
Content-Type: image/jpeg
Content-Length: 207683
Last-Modified: Sun, 04 Sep 2022 15:45:16 GMT
Connection: keep-alive
ETag: "6314c80c-32b43"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 25f0078cb193103fd08f0c8a69a81622
a451d87ddaaa7c4b77b7b7ff69e32aa6bdf9190c
7927a141af3dc212c8bd26c4db6d891a3b790664876ac119f98c220002d112b1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 05:28:49 GMT
Expires: Thu, 09 Feb 2023 05:28:48 GMT
Etag: "a451d87ddaaa7c4b77b7b7ff69e32aa6bdf9190c"
Cache-Control: max-age=516889,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7938da1d5f79b515-OSL
v.wyasdfgbd.live/ty/C4A248ED-F27B-7095-33-0C6BC8FE906E.blpha
23.225.63.116200 OK 1.6 kB URL HTTP/2 v.wyasdfgbd.live/ty/C4A248ED-F27B-7095-33-0C6BC8FE906E.blpha
IP 23.225.63.116:0
Hash e15f8600d13774296492cd4a64c51eab
078aa175818c5336bb98d92e7903884f3d313579
1e31820de15251763e891c4ad2c5e8d1f0d1522c91630997bf3f701473bb4135
Analyzer Verdict Alert quad9 Sinkholed
GET /ty/C4A248ED-F27B-7095-33-0C6BC8FE906E.blpha HTTP/1.1
Host: v.wyasdfgbd.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Fri, 03 Feb 2023 05:43:58 GMT
expires: Fri, 03 Feb 2023 05:58:58 GMT
cache-control: max-age=900
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?5234533d103c99ce45a1b7d8769cf1a5
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?5234533d103c99ce45a1b7d8769cf1a5
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 485ca5c23a8de4eeadea766dad4147db
97834c70379920b57f7e7ce6183a45f4a81f4fd3
1a2e011d5f8657c3af92ae825c952934c5fa8edb4a3330db16b3e4bf1408c0ea
GET /hm.js?5234533d103c99ce45a1b7d8769cf1a5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 05:43:58 GMT
Etag: c10f3cd5861824273fd95e1d3f637443
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5AEFFC70A11FDB82; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash f6994491b7ec53d1fd5fff50c8601aea
8ffaf25b455ff0d7a93867973fba345dcf3ce822
6a170eaa346f843353c289600108b3874d0b21f93ce4a07384415d8c91e45afc
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:43:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 07 Feb 2023 03:22:18 GMT
ETag: "8ffaf25b455ff0d7a93867973fba345dcf3ce822"
Last-Modified: Fri, 03 Feb 2023 03:22:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2126
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7938da22cf4f0b49-OSL
ia.51.la/go1?id=21470059&rt=1675403068245&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%25A5%25B3%25E7%258E%258BAV&ing=1&ekc=&sid=1675403068245&tt=%25E5%25A5%25B3%25E7%258E%258BAV&kw=%25E5%25A5%25B3%25E7%258E%258BAV&cu=https%253A%252F%252Fn1.nvwangav1.top%252F%253Fqiye&pu=https%253A%252F%252Fiq882.tz-68-fabb.com%252F
112.90.153.36200 0 B URL HTTP/1.1 ia.51.la/go1?id=21470059&rt=1675403068245&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%25A5%25B3%25E7%258E%258BAV&ing=1&ekc=&sid=1675403068245&tt=%25E5%25A5%25B3%25E7%258E%258BAV&kw=%25E5%25A5%25B3%25E7%258E%258BAV&cu=https%253A%252F%252Fn1.nvwangav1.top%252F%253Fqiye&pu=https%253A%252F%252Fiq882.tz-68-fabb.com%252F
IP 112.90.153.36:0
ASN #136959 China Unicom Guangdong IP network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21470059&rt=1675403068245&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%25A5%25B3%25E7%258E%258BAV&ing=1&ekc=&sid=1675403068245&tt=%25E5%25A5%25B3%25E7%258E%258BAV&kw=%25E5%25A5%25B3%25E7%258E%258BAV&cu=https%253A%252F%252Fn1.nvwangav1.top%252F%253Fqiye&pu=https%253A%252F%252Fiq882.tz-68-fabb.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Content-Length: 0
Date: Fri, 03 Feb 2023 05:43:53 GMT
ia.51.la/go1?id=21498489&rt=1675403068251&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%25A5%25B3%25E7%258E%258BAV&ing=1&ekc=&sid=1675403068251&tt=%25E5%25A5%25B3%25E7%258E%258BAV&kw=%25E5%25A5%25B3%25E7%258E%258BAV&cu=https%253A%252F%252Fn1.nvwangav1.top%252F%253Fqiye&pu=https%253A%252F%252Fiq882.tz-68-fabb.com%252F
112.90.153.36200 0 B URL HTTP/1.1 ia.51.la/go1?id=21498489&rt=1675403068251&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%25A5%25B3%25E7%258E%258BAV&ing=1&ekc=&sid=1675403068251&tt=%25E5%25A5%25B3%25E7%258E%258BAV&kw=%25E5%25A5%25B3%25E7%258E%258BAV&cu=https%253A%252F%252Fn1.nvwangav1.top%252F%253Fqiye&pu=https%253A%252F%252Fiq882.tz-68-fabb.com%252F
IP 112.90.153.36:0
ASN #136959 China Unicom Guangdong IP network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21498489&rt=1675403068251&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=%25E5%25A5%25B3%25E7%258E%258BAV&ing=1&ekc=&sid=1675403068251&tt=%25E5%25A5%25B3%25E7%258E%258BAV&kw=%25E5%25A5%25B3%25E7%258E%258BAV&cu=https%253A%252F%252Fn1.nvwangav1.top%252F%253Fqiye&pu=https%253A%252F%252Fiq882.tz-68-fabb.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Content-Length: 0
Date: Fri, 03 Feb 2023 05:43:52 GMT
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1087308123&si=5234533d103c99ce45a1b7d8769cf1a5&su=https%3A%2F%2Fiq882.tz-68-fabb.com%2F&v=1.3.0&lv=1&sn=794&r=0&ww=1268&u=https%3A%2F%2Fn1.nvwangav1.top%2F%3Fqiye&tt=%E5%A5%B3%E7%8E%8BAV
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1087308123&si=5234533d103c99ce45a1b7d8769cf1a5&su=https%3A%2F%2Fiq882.tz-68-fabb.com%2F&v=1.3.0&lv=1&sn=794&r=0&ww=1268&u=https%3A%2F%2Fn1.nvwangav1.top%2F%3Fqiye&tt=%E5%A5%B3%E7%8E%8BAV
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1087308123&si=5234533d103c99ce45a1b7d8769cf1a5&su=https%3A%2F%2Fiq882.tz-68-fabb.com%2F&v=1.3.0&lv=1&sn=794&r=0&ww=1268&u=https%3A%2F%2Fn1.nvwangav1.top%2F%3Fqiye&tt=%E5%A5%B3%E7%8E%8BAV HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 05:43:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C2AD4F47AEBCA161; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae0083daa88e6b26c6525c51348d266c
676f55b22fdeee4f7737a48cb2b89d86aa371aae
89f6903260704061faf849549fd95e6f9cbbfcbbf93eaa17d32b96c5e4244d53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7159
x-amzn-requestid: 1d159649-0d8c-4806-8f42-585b985972ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuwSKF61IAMF5qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2da7-18fc268c5a719c1d19079001;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:39:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VyQrwAb5tjqPPPQbxf9Ee_zB1UvrnMPGjOHeRKEzyH6BBDazPUkXSA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:41 GMT
age: 28758
etag: "676f55b22fdeee4f7737a48cb2b89d86aa371aae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
n1.nvwangav1.top/?qiye
104.233.175.168200 OK 0 B IP 104.233.175.168:0
ASN #398993 PEGTECHINC-AP-03
GET /?qiye HTTP/1.1
Host: n1.nvwangav1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iq882.tz-68-fabb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
n1.nvwangav1.top/template/m1938pc/css/zui.css
104.233.175.168200 OK 0 B URL HTTP/2 n1.nvwangav1.top/template/m1938pc/css/zui.css
IP 104.233.175.168:0
ASN #398993 PEGTECHINC-AP-03
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: n1.nvwangav1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/?qiye
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:55 GMT
content-type: text/css
last-modified: Tue, 03 Jan 2023 10:29:52 GMT
vary: Accept-Encoding
etag: W/"63b403a0-18404"
expires: Fri, 03 Feb 2023 17:43:55 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bootscdn.com/ajax/libs/jquery/3.6.1/jquery.js
172.67.153.127200 OK 0 B URL HTTP/2 cdn.bootscdn.com/ajax/libs/jquery/3.6.1/jquery.js
IP 172.67.153.127:0
GET /ajax/libs/jquery/3.6.1/jquery.js HTTP/1.1
Host: cdn.bootscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.016sp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
last-modified: Friday, 03-Feb-2023 05:43:53 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qom6bk36aW2qNVco81DW4vr8sj6WpNDZS5lRjRJfKRq3fjYHkWy43lUxw%2FvYOsP6VWMxbChvxU7jS7Gn98FNsn63FQGWx7dn5Ggkq4DXwNN%2BdhbYkW%2BXFw9K0da1sSbHZHJp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9fb0bb4b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
n1.nvwangav1.top/template/m1938pc/css/ate.css
104.233.175.168200 OK 0 B URL HTTP/2 n1.nvwangav1.top/template/m1938pc/css/ate.css
IP 104.233.175.168:0
ASN #398993 PEGTECHINC-AP-03
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: n1.nvwangav1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/?qiye
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:55 GMT
content-type: text/css
last-modified: Thu, 21 Apr 2022 12:25:48 GMT
vary: Accept-Encoding
etag: W/"62614d4c-126e4"
expires: Fri, 03 Feb 2023 17:43:55 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
v.wyasdfgbd.live/ty/639812AB-F696-7100-34-B39E6BE9E8BA.blpha
23.225.63.116200 OK 0 B URL HTTP/2 v.wyasdfgbd.live/ty/639812AB-F696-7100-34-B39E6BE9E8BA.blpha
IP 23.225.63.116:0
Analyzer Verdict Alert quad9 Sinkholed
GET /ty/639812AB-F696-7100-34-B39E6BE9E8BA.blpha HTTP/1.1
Host: v.wyasdfgbd.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://n1.nvwangav1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Fri, 03 Feb 2023 05:43:58 GMT
expires: Fri, 03 Feb 2023 05:58:58 GMT
cache-control: max-age=900
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2