Report - ytwuliu.net/shujuku

Report Overview

Submitted URL
ytwuliu.net/shujuku
IP
50.3.129.12
ASN
#62904 AS62904
Submitted
2023-02-05 10:22:40
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
7
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.239.226.203
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	2.2 kB	24 kB	103.235.46.191
www.zhu2021.cc	unknown	2021-10-30T20:04:49Z	2023-03-09T11:05:20Z	728 B	1.2 kB	43.243.30.13
www.tu2021.cc	unknown	2021-10-25T19:42:04Z	2023-03-09T11:05:21Z	3.7 kB	1.0 MB	43.243.30.14
ytwuliu.net	unknown	2017-06-20T03:47:08Z	2023-02-03T02:44:08Z	3.4 kB	51 kB	50.3.129.12
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	359 B	1.9 kB	104.18.20.226
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-13T05:37:01Z	281 B	750 B	39.156.68.163
www.ytwuliu.net	unknown	2017-06-23T14:53:53Z	2023-01-22T07:33:43Z	661 B	1.7 kB	50.3.129.12
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	55 kB	34.120.237.76
www.zhong2021.cc	unknown	2021-10-30T20:04:49Z	2023-03-09T11:05:19Z	362 B	4.7 kB	43.243.30.15
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.trust-provider.cn	unknown	2022-02-10T09:18:30Z	2023-03-13T07:40:56Z	2.4 kB	10 kB	47.246.44.205

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-05 10:23:09	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-05 10:23:09	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-05 10:23:10	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-05 10:23:10	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-05 10:23:12	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-05 10:23:12	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-05 10:23:12	medium	50.3.129.12	Client IP	ET INFO JJEncode Encoded Script

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	www.zhong2021.cc/jquery.minjs.js	55 kB	2023-03-07	2024-04-26
Pretty URL www.zhong2021.cc/jquery.minjs.js IP 43.243.30.15 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:22 Last Seen2024-04-26 05:42:04 Times Seen2646 Hash 0ae3a0bbe549b4e7470df716754e8c5a 9f52e9fe1886f2d2aaec02af557cd6281d7c0e0a cb53a28d1c0689aa226454348ac90b2f9f0fed2557bf4c586f76b70c35257655 Loading...

	ytwuliu.net/shujuku	404 B	2023-03-07	2024-04-26
Pretty URL ytwuliu.net/shujuku IP 50.3.129.12 ASN #62904 AS62904 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 13:23:16 Times Seen2980 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-26
Pretty URL push.zhanzhang.baidu.com/push.js IP 39.156.68.163 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 16:09:47 Times Seen19027 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	hm.baidu.com/hm.js?71723abeb81a55cf0f46084c52752f47	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?71723abeb81a55cf0f46084c52752f47 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:09 Last Seen2023-03-13 17:32:09 Times Seen1 Hash bb739f73ba79c4d58e8fe9ce9f89724f 191da3649cb536fa33040280dbf3b7d02efedc30 035e2ef7a4461900ad85b70672bd7d1b0ff71ff1627644452345032987c6745e Loading...

	ytwuliu.net/tj.js	252 B	2023-03-10	2023-07-30
Pretty URL ytwuliu.net/tj.js IP 50.3.129.12 ASN #62904 AS62904 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:44:58 Last Seen2023-07-30 15:28:34 Times Seen47 Hash 3b5fdcdc43897ae598577e026b962e60 e844b0a5e0e2df6e0aeffac84513cf1584bf67d1 fcec5c2fa758df41f509a35dbb23a883a3b059d659d07f2629004c872c17ffda Loading...

	hm.baidu.com/hm.js?4f05cb48672fadda10f7c0d26927b3b5	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?4f05cb48672fadda10f7c0d26927b3b5 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:09 Last Seen2023-03-13 17:32:09 Times Seen1 Hash 86cae2cb8c4b26a50d850c93346812c3 e3adbe164c9b4033f616ffa084502ed15fca2488 a13dd45ecf851effd979a1025ccb270db3df3a0cf45b0f462c0aafebf38fa2b1 Loading...

	ytwuliu.net/shujuku	57 B	2023-03-07	2024-04-26
Pretty URL ytwuliu.net/shujuku IP 50.3.129.12 ASN #62904 AS62904 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:11 Last Seen2024-04-26 05:42:02 Times Seen1420 Hash 2d313be4b5d93e9b681de954aaeb3006 1e0508be1026244daf1812f988033612c3945bdb 9059d0d74efaf0e229d59a9c05ace7b975b42ccacea21e01aa64c56b2157048c Loading...

	ytwuliu.net/jquery.min.js	3.9 kB	2023-03-07	2024-04-21
Pretty URL ytwuliu.net/jquery.min.js IP 50.3.129.12 ASN #62904 AS62904 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:22 Last Seen2024-04-21 09:53:10 Times Seen1934 Hash 0dbfe5203a0ca15cf8557f97dcd5cb90 5368bc6c31549f8eada96eea895641f05bc610f3 f07a05e6bd56826874dbb8dea28c9d9f9557b9402967fd6478b61a672cbcefbd Loading...

		Size	First Seen	Last Seen
	#1 Write - dcb3fbe3effe6d9b34200284c5eb0d51	109 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 12:04:22 Last Seen2024-04-26 05:42:03 Times Seen1313 Hash dcb3fbe3effe6d9b34200284c5eb0d51 6fdaeb6c9e2f513acca77edc3a4a38982b320d66 b56319d601f26bb1e9c05dd0ea7299d3a44d22149f5702b9a59db4f21b268fc5 Loading...

	#2 Write - 3926071183d8b6a346bcc4d83cc1bf03	2.9 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:28:45 Last Seen2023-03-13 20:21:59 Times Seen1 Hash 3926071183d8b6a346bcc4d83cc1bf03 14c6cdea3823296d202434aca3b2d297052c0966 5d88b1fa5e41f3a2d6debf8ed697d3f14f2ff6d26c9255d233e0e2c771eb6148 Loading...

HTTP Transactions (54)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16706
Expires: Sun, 05 Feb 2023 15:00:54 GMT
Date: Sun, 05 Feb 2023 10:22:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13490
Expires: Sun, 05 Feb 2023 14:07:18 GMT
Date: Sun, 05 Feb 2023 10:22:28 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 09:36:17 GMT
content-type: application/json
age: 2771
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4894
Expires: Sun, 05 Feb 2023 11:44:02 GMT
Date: Sun, 05 Feb 2023 10:22:28 GMT
Connection: keep-alive

ytwuliu.net/shujuku

50.3.129.12

200 OK

4.1 kB

URL HTTP/1.1
ytwuliu.net/shujuku
IP
50.3.129.12:0
ASN
#62904 AS62904

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (500), with CRLF, LF line terminators
Size
4.1 kB (4141 bytes)
Hash
9f5bea4a5fa3ede0b57ffc400606b5af
c52d256d5d2b3dd9bfb1ede6ad766d787431d420
e3243ffa910df3a3a1aa149af508691a96ac5231772b7447043c01bc8bde712e

HTTP Headers

GET /shujuku HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:28 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: eNCjtkRXRdwYa7myiRBO0/ysWm2bL0QHAdxc3ZvtP91ZTGrBADleTMSxiY8xTB7U0i/8jpp318Y=
x-amz-request-id: Z3YYNWNS452N164V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 09:53:13 GMT
age: 1755
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 10:22:29 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ytwuliu.net/jquery.min.js

50.3.129.12

301 Moved Permanently

178 B

URL HTTP/1.1
ytwuliu.net/jquery.min.js
IP
50.3.129.12:0
ASN
#62904 AS62904

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /jquery.min.js HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ytwuliu.net/shujuku

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 05 Feb 2023 10:22:29 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.ytwuliu.net/jquery.min.js

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 09:49:07 GMT
age: 2002
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7364
Expires: Sun, 05 Feb 2023 12:25:13 GMT
Date: Sun, 05 Feb 2023 10:22:29 GMT
Connection: keep-alive

www.ytwuliu.net/jquery.min.js

50.3.129.12

200 OK

806 B

URL HTTP/1.1
www.ytwuliu.net/jquery.min.js
IP
50.3.129.12:0
ASN
#62904 AS62904

File type
ASCII text, with very long lines (3686)
Size
806 B (806 bytes)
Hash
f519b523ac0e88e8b1b8c2e27acc99ae
9d1103cb6acf17d46e173820acecbbec3018ed9d
539fe51fa9d987b6b9c4b92f7eb7a2fff55f3ae53306b53a9647f703b670b95d

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO JJEncode Encoded Script

HTTP Headers

GET /jquery.min.js HTTP/1.1
Host: www.ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ytwuliu.net/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:29 GMT
Content-Type: application/javascript
Last-Modified: Wed, 15 Jun 2022 03:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a94d15-f68"
Expires: Sun, 05 Feb 2023 11:22:29 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip

push.services.mozilla.com/

44.239.226.203

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.239.226.203:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vkF0BrlMvoo5NBEaafXCCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z7TB2NHSAm8xzD7DFOpnKahcbw4=

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
2041679a785a764f12931a4c85655dcc
7d18b60efe3a3e9ece9fd1b629c8f788fa43c7c7
3aeb1149646c4acca2992b859408357f44768b7f6a9bc7fabfdb8c1c1501017a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 05 Feb 2023 10:11:31 GMT
last-modified: Thu, 02 Feb 2023 23:58:17 GMT
expires: Thu, 09 Feb 2023 23:58:16 GMT
etag: "7d18b60efe3a3e9ece9fd1b629c8f788fa43c7c7"
cache-control: max-age=589171,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 794adcc72f772c2d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675591891
via: cache1.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache1.se1[22,22,200-0,H], cache5.se1[23,0], cache7.se1[26,0]
age: 659
x-cache: HIT TCP_REFRESH_HIT dirn:4:264861702
x-swift-savetime: Sun, 05 Feb 2023 10:22:30 GMT
x-swift-cachetime: 1141
timing-allow-origin: *, *
eagleid: 2ff62c9b16755925505024730e, 2ff62c9b16755925505024730e

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
3644cfdf4c8429b5e7ba0f74f07af1b3
b2277d43e29a03b575fcb96713ca51d56d40a0ff
d39a0ca9f3e56f2525afbd0f41352c91e9f1a6845e6dcc0b2e5932c330f531c3

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:22:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 09 Feb 2023 07:16:13 GMT
ETag: "b2277d43e29a03b575fcb96713ca51d56d40a0ff"
Last-Modified: Sun, 05 Feb 2023 07:16:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3564
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794aece13991b4eb-OSL

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8158
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:22:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8158
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:22:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8158
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:22:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12967 bytes)
Hash
8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 23972
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10905 bytes)
Hash
1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 43953
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (5014 bytes)
Hash
5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 82324
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7060 bytes)
Hash
75caf9549ac23c827c10d6baabb84884
e8391e4046acb91cd4a6113974fda1c44dcd3865
a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 9379b64e-3a3f-4b8d-aba2-bc3cd7dab98f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3cgFCkIAMFrhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c4f-6ac6da215407497043249929;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75uKxGlJDSXzIUgR5Rm4f13SClTT1UIDLgbkTrFDEDvKmGmViQ3Djg==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:25:50 GMT
age: 43001
etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7589 bytes)
Hash
5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IxfTibTq6T_wq9a5YCIBZLBb70BI7AOLEAYMYYuMZPhvVKjDbFfrvA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:52:08 GMT
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
age: 45023
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7fff69db25a1c7a3fbe154a3c80ac5aa
638e08807f73b70ab87b804816f9eb3e8dd2aa74
be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
age: 45545
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.zhong2021.cc/jquery.minjs.js

43.243.30.15

200 OK

4.3 kB

URL HTTP/1.1
www.zhong2021.cc/jquery.minjs.js
IP
43.243.30.15:0
ASN
#64050 BGPNET Global ASN

File type
ASCII text, with very long lines (54610), with CRLF line terminators
Size
4.3 kB (4278 bytes)
Hash
761223a5592d541a55722c6cdf77e983
768279c307c9d86bb773a6b107af2947061fccfe
ae95932fac401c2d3bb3f0fe35f5c19109c0f1cbcb7786a264f8e900eb5d0509

HTTP Headers

GET /jquery.minjs.js HTTP/1.1
Host: www.zhong2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:30 GMT
Content-Type: application/javascript
Last-Modified: Mon, 25 Oct 2021 19:42:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6177089c-d554"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip

ytwuliu.net/bg_noise.jpg

50.3.129.12

302 Moved Temporarily

0 B

URL HTTP/1.1
ytwuliu.net/bg_noise.jpg
IP
50.3.129.12:0
ASN
#62904 AS62904

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bg_noise.jpg HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ytwuliu.net/shujuku

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 05 Feb 2023 10:22:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.hailunhuanbao.com/bg_noise.jpg

ytwuliu.net/logo.png

50.3.129.12

302 Moved Temporarily

0 B

URL HTTP/1.1
ytwuliu.net/logo.png
IP
50.3.129.12:0
ASN
#62904 AS62904

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /logo.png HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ytwuliu.net/shujuku

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 05 Feb 2023 10:22:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.hailunhuanbao.com/logo.png

ytwuliu.net/404_s-divider.jpg

50.3.129.12

302 Moved Temporarily

0 B

URL HTTP/1.1
ytwuliu.net/404_s-divider.jpg
IP
50.3.129.12:0
ASN
#62904 AS62904

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /404_s-divider.jpg HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ytwuliu.net/shujuku

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 05 Feb 2023 10:22:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.hailunhuanbao.com/404_s-divider.jpg

ytwuliu.net/texgyreschola-regular-webfont.woff

50.3.129.12

200 OK

18 kB

URL HTTP/1.1
ytwuliu.net/texgyreschola-regular-webfont.woff
IP
50.3.129.12:0
ASN
#62904 AS62904

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (500), with CRLF, LF line terminators
Size
18 kB (17840 bytes)
Hash
52fb51f0e916aa04878a651deb7ee7dd
9138dcc2691965684b45adb94c43c6e09293cdc5
b818d643cb3e7ebe50ebe10715e2c28f32dfcc3bd453b35d207d9c536073fc80

HTTP Headers

GET /texgyreschola-regular-webfont.woff HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ytwuliu.net/shujuku

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:31 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41

ytwuliu.net/texgyreschola-bold-webfont.woff

50.3.129.12

200 OK

18 kB

URL HTTP/1.1
ytwuliu.net/texgyreschola-bold-webfont.woff
IP
50.3.129.12:0
ASN
#62904 AS62904

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (500), with CRLF, LF line terminators
Size
18 kB (17840 bytes)
Hash
52fb51f0e916aa04878a651deb7ee7dd
9138dcc2691965684b45adb94c43c6e09293cdc5
b818d643cb3e7ebe50ebe10715e2c28f32dfcc3bd453b35d207d9c536073fc80

HTTP Headers

GET /texgyreschola-bold-webfont.woff HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ytwuliu.net/shujuku

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:31 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41

ytwuliu.net/texgyreschola-regular-webfont.ttf

50.3.129.12

200 OK

4.1 kB

URL HTTP/1.1
ytwuliu.net/texgyreschola-regular-webfont.ttf
IP
50.3.129.12:0
ASN
#62904 AS62904

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (500), with CRLF, LF line terminators
Size
4.1 kB (4149 bytes)
Hash
a18bf5ce86d98bee6c1e055e58121e29
e3e168dce29d8a4fab0c32814a47a28b5d47931f
eafa475915c8c9096adcd6e1e6daa2c89b25805a438824fb7baac9608c7bfd58

HTTP Headers

GET /texgyreschola-regular-webfont.ttf HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ytwuliu.net/shujuku

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:31 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

ytwuliu.net/texgyreschola-bold-webfont.ttf

50.3.129.12

200 OK

4.1 kB

URL HTTP/1.1
ytwuliu.net/texgyreschola-bold-webfont.ttf
IP
50.3.129.12:0
ASN
#62904 AS62904

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (500), with CRLF, LF line terminators
Size
4.1 kB (4149 bytes)
Hash
a18bf5ce86d98bee6c1e055e58121e29
e3e168dce29d8a4fab0c32814a47a28b5d47931f
eafa475915c8c9096adcd6e1e6daa2c89b25805a438824fb7baac9608c7bfd58

HTTP Headers

GET /texgyreschola-bold-webfont.ttf HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ytwuliu.net/shujuku

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:31 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

push.zhanzhang.baidu.com/push.js

39.156.68.163

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
39.156.68.163:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ytwuliu.net/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 05 Feb 2023 10:22:31 GMT
Etag: "4078521116"
Expires: Mon, 05 Feb 2024 10:22:31 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=46FE7AA1166D77BC4D01E42CD522FC73:FG=1; max-age=31536000; expires=Mon, 05-Feb-24 10:22:31 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

hm.baidu.com/hm.js?71723abeb81a55cf0f46084c52752f47

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?71723abeb81a55cf0f46084c52752f47
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
057847c121ac64f1e2a33c5867f047a7
efd15eb69ca01e451159ad7b92288fad04ca8449
0a2217f0b53aff582b5fab699dc56a541e72569403c2d75eb0cd2041e35b9cc2

HTTP Headers

GET /hm.js?71723abeb81a55cf0f46084c52752f47 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Sun, 05 Feb 2023 10:22:31 GMT
Etag: d20427a217f6cec2543e498097822a6d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4C82255C71A746F5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
6764250a87632cdfd04422ced32ba7b6
c67843fe42a29be9f45c16d791a12299140493c8
f891daf18c302d9f9aede0fb839ec512e4d112956d876ec6ef56d89ddcf1b14a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 05 Feb 2023 10:11:32 GMT
last-modified: Thu, 02 Feb 2023 14:22:59 GMT
expires: Thu, 09 Feb 2023 14:22:58 GMT
etag: "c67843fe42a29be9f45c16d791a12299140493c8"
cache-control: max-age=602392,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 794adcce6842bb35-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675591892
via: cache14.l2de2[0,0,304-0,H], cache3.l2de2[0,0], cache8.se1[82,81,200-0,H], cache5.se1[83,0], cache7.se1[87,0]
age: 660
x-cache: HIT TCP_REFRESH_HIT dirn:4:70291614
x-swift-savetime: Sun, 05 Feb 2023 10:22:32 GMT
x-swift-cachetime: 1140
timing-allow-origin: *, *
eagleid: 2ff62c9b16755925519406151e, 2ff62c9b16755925519406151e

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1151368157&si=71723abeb81a55cf0f46084c52752f47&v=1.3.0&lv=1&sn=59247&r=0&ww=1280&u=http%3A%2F%2Fytwuliu.net%2Fshujuku&tt=%E6%BE%B3%E9%97%A8%E9%93%B6%E9%93%B6%E6%B2%B3%E5%A8%B1%E4%B9%90%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E9%A6%96%E9%A1%B5(%E6%AC%A2%E8%BF%8E%E6%82%A8)

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1151368157&si=71723abeb81a55cf0f46084c52752f47&v=1.3.0&lv=1&sn=59247&r=0&ww=1280&u=http%3A%2F%2Fytwuliu.net%2Fshujuku&tt=%E6%BE%B3%E9%97%A8%E9%93%B6%E9%93%B6%E6%B2%B3%E5%A8%B1%E4%B9%90%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E9%A6%96%E9%A1%B5(%E6%AC%A2%E8%BF%8E%E6%82%A8)
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1151368157&si=71723abeb81a55cf0f46084c52752f47&v=1.3.0&lv=1&sn=59247&r=0&ww=1280&u=http%3A%2F%2Fytwuliu.net%2Fshujuku&tt=%E6%BE%B3%E9%97%A8%E9%93%B6%E9%93%B6%E6%B2%B3%E5%A8%B1%E4%B9%90%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E9%A6%96%E9%A1%B5(%E6%AC%A2%E8%BF%8E%E6%82%A8) HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 05 Feb 2023 10:22:32 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EF0CC585BFCBBE14; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.zhu2021.cc/hbt/index.php?keyword=%E6%BE%B3%E9%97%A8%E9%93%B6%E9%93%B6%E6%B2%B3%E5%A8%B1%E4%B9%90%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E9%A6%96%E9%A1%B5(%E6%AC%A2%E8%BF%8E%E6%82%A8)&from=pc&originurl=http%3A%2F%2Fytwuliu.net%2Fshujuku&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=6010

43.243.30.13

200 OK

892 B

URL HTTP/1.1
www.zhu2021.cc/hbt/index.php?keyword=%E6%BE%B3%E9%97%A8%E9%93%B6%E9%93%B6%E6%B2%B3%E5%A8%B1%E4%B9%90%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E9%A6%96%E9%A1%B5(%E6%AC%A2%E8%BF%8E%E6%82%A8)&from=pc&originurl=http%3A%2F%2Fytwuliu.net%2Fshujuku&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=6010
IP
43.243.30.13:0
ASN
#64050 BGPNET Global ASN

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2930), with no line terminators
Size
892 B (892 bytes)
Hash
34e0988c1088745b2259202bb689e10f
f4dc763d7e4e95fad60436a3da45502f8833e979
b417071a216901c72b6dc19a161d900ddfe5b9401f70f1b35a6125259463ba75

HTTP Headers

GET /hbt/index.php?keyword=%E6%BE%B3%E9%97%A8%E9%93%B6%E9%93%B6%E6%B2%B3%E5%A8%B1%E4%B9%90%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E9%A6%96%E9%A1%B5(%E6%AC%A2%E8%BF%8E%E6%82%A8)&from=pc&originurl=http%3A%2F%2Fytwuliu.net%2Fshujuku&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=6010 HTTP/1.1
Host: www.zhu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ytwuliu.net
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip

ytwuliu.net/tj.js

50.3.129.12

301 Moved Permanently

178 B

URL HTTP/1.1
ytwuliu.net/tj.js
IP
50.3.129.12:0
ASN
#62904 AS62904

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /tj.js HTTP/1.1
Host: ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ytwuliu.net/shujuku
Cookie: Hm_lvt_71723abeb81a55cf0f46084c52752f47=1675592592; Hm_lpvt_71723abeb81a55cf0f46084c52752f47=1675592592

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 05 Feb 2023 10:22:32 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.ytwuliu.net/tj.js

www.ytwuliu.net/tj.js

50.3.129.12

200 OK

252 B

URL HTTP/1.1
www.ytwuliu.net/tj.js
IP
50.3.129.12:0
ASN
#62904 AS62904

File type
ASCII text
Size
252 B (252 bytes)
Hash
3b5fdcdc43897ae598577e026b962e60
e844b0a5e0e2df6e0aeffac84513cf1584bf67d1
fcec5c2fa758df41f509a35dbb23a883a3b059d659d07f2629004c872c17ffda

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.ytwuliu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ytwuliu.net/
Connection: keep-alive
Cookie: Hm_lvt_71723abeb81a55cf0f46084c52752f47=1675592592; Hm_lpvt_71723abeb81a55cf0f46084c52752f47=1675592592

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:32 GMT
Content-Type: application/javascript
Content-Length: 252
Last-Modified: Wed, 15 Jun 2022 03:08:05 GMT
Connection: keep-alive
ETag: "62a94d15-fc"
Expires: Sun, 05 Feb 2023 11:22:32 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
56ee582337c9f42b5fa3080c590e2f6f
77294d4e29c38ad4eea6fdef6faa52c4c8903c25
a49cb00d0f79c6a9d213fd7c66485d45bdbee982e089fb5c4e899fea9a76fbb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 05 Feb 2023 10:11:33 GMT
last-modified: Fri, 03 Feb 2023 07:58:13 GMT
expires: Fri, 10 Feb 2023 07:58:12 GMT
etag: "77294d4e29c38ad4eea6fdef6faa52c4c8903c25"
cache-control: max-age=602722,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 794adcd6aaa0914d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675591893
via: cache26.l2de2[0,0,304-0,H], cache21.l2de2[1,0], cache5.se1[22,15,200-0,C], cache5.se1[17,0], cache8.se1[19,0]
age: 660
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 05 Feb 2023 10:22:33 GMT
x-swift-cachetime: 1140
timing-allow-origin: *, *
eagleid: 2ff62c9c16755925535746039e, 2ff62c9c16755925535746039e

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
56ee582337c9f42b5fa3080c590e2f6f
77294d4e29c38ad4eea6fdef6faa52c4c8903c25
a49cb00d0f79c6a9d213fd7c66485d45bdbee982e089fb5c4e899fea9a76fbb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 05 Feb 2023 10:11:33 GMT
last-modified: Fri, 03 Feb 2023 07:58:13 GMT
expires: Fri, 10 Feb 2023 07:58:12 GMT
etag: "77294d4e29c38ad4eea6fdef6faa52c4c8903c25"
cache-control: max-age=602722,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 794adcd6aaa0914d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675591893
via: cache26.l2de2[0,0,304-0,H], cache21.l2de2[1,0], cache5.se1[22,21,200-0,H], cache5.se1[24,0], cache1.se1[26,0]
age: 660
x-cache: HIT TCP_REFRESH_HIT dirn:1:54867021
x-swift-savetime: Sun, 05 Feb 2023 10:22:33 GMT
x-swift-cachetime: 1140
timing-allow-origin: *, *
eagleid: 2ff62c9516755925535724834e, 2ff62c9516755925535724834e

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
56ee582337c9f42b5fa3080c590e2f6f
77294d4e29c38ad4eea6fdef6faa52c4c8903c25
a49cb00d0f79c6a9d213fd7c66485d45bdbee982e089fb5c4e899fea9a76fbb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 05 Feb 2023 10:11:33 GMT
last-modified: Fri, 03 Feb 2023 07:58:13 GMT
expires: Fri, 10 Feb 2023 07:58:12 GMT
etag: "77294d4e29c38ad4eea6fdef6faa52c4c8903c25"
cache-control: max-age=602722,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 794adcd6aaa0914d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675591893
via: cache26.l2de2[0,0,304-0,H], cache21.l2de2[1,0], cache5.se1[22,15,200-0,C], cache5.se1[17,0], cache7.se1[19,0]
age: 660
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 05 Feb 2023 10:22:33 GMT
x-swift-cachetime: 1140
timing-allow-origin: *, *
eagleid: 2ff62c9b16755925535817739e, 2ff62c9b16755925535817739e

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
56ee582337c9f42b5fa3080c590e2f6f
77294d4e29c38ad4eea6fdef6faa52c4c8903c25
a49cb00d0f79c6a9d213fd7c66485d45bdbee982e089fb5c4e899fea9a76fbb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 05 Feb 2023 10:11:33 GMT
last-modified: Fri, 03 Feb 2023 07:58:13 GMT
expires: Fri, 10 Feb 2023 07:58:12 GMT
etag: "77294d4e29c38ad4eea6fdef6faa52c4c8903c25"
cache-control: max-age=602722,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 794adcd6aaa0914d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675591893
via: cache26.l2de2[0,0,304-0,H], cache16.l2de2[1,0], cache4.se1[82,100,200-0,H], cache5.se1[102,0], cache7.se1[104,0]
age: 660
x-cache: HIT TCP_REFRESH_HIT dirn:11:223497667
x-swift-savetime: Sun, 05 Feb 2023 10:22:33 GMT
x-swift-cachetime: 1140
timing-allow-origin: *, *
eagleid: 2ff62c9b16755925535577702e, 2ff62c9b16755925535577702e

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
56ee582337c9f42b5fa3080c590e2f6f
77294d4e29c38ad4eea6fdef6faa52c4c8903c25
a49cb00d0f79c6a9d213fd7c66485d45bdbee982e089fb5c4e899fea9a76fbb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sun, 05 Feb 2023 10:11:33 GMT
last-modified: Fri, 03 Feb 2023 07:58:13 GMT
expires: Fri, 10 Feb 2023 07:58:12 GMT
etag: "77294d4e29c38ad4eea6fdef6faa52c4c8903c25"
cache-control: max-age=602722,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 794adcd6aaa0914d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675591893
via: cache26.l2de2[0,0,304-0,H], cache16.l2de2[1,0], cache4.se1[82,83,200-0,C], cache5.se1[85,0], cache5.se1[87,0]
age: 660
x-cache: HIT TCP_MEM_HIT dirn:11:223497667
x-swift-savetime: Sun, 05 Feb 2023 10:22:33 GMT
x-swift-cachetime: 1140
timing-allow-origin: *, *
eagleid: 2ff62c9916755925535726976e, 2ff62c9916755925535726976e

hm.baidu.com/hm.js?4f05cb48672fadda10f7c0d26927b3b5

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?4f05cb48672fadda10f7c0d26927b3b5
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (616)
Size
11 kB (11254 bytes)
Hash
b65c042c2bf27c4c2cf012adb930d94c
3a1bf3b1735bf7ad5020e52720323245f5fff8e2
fe76fff063d6b41c3c311c13e89661593ac5c51290059b4e39601dc76429c046

HTTP Headers

GET /hm.js?4f05cb48672fadda10f7c0d26927b3b5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Sun, 05 Feb 2023 10:22:33 GMT
Etag: 39257226e82a7065e94caa16ff7dadd3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A0D1B89B94D50786; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=760508375&si=4f05cb48672fadda10f7c0d26927b3b5&v=1.3.0&lv=1&sn=59249&r=0&ww=1280&u=http%3A%2F%2Fytwuliu.net%2Fshujuku&tt=%E6%BE%B3%E9%97%A8%E9%93%B6%E9%93%B6%E6%B2%B3%E5%A8%B1%E4%B9%90%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E9%A6%96%E9%A1%B5(%E6%AC%A2%E8%BF%8E%E6%82%A8)

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=760508375&si=4f05cb48672fadda10f7c0d26927b3b5&v=1.3.0&lv=1&sn=59249&r=0&ww=1280&u=http%3A%2F%2Fytwuliu.net%2Fshujuku&tt=%E6%BE%B3%E9%97%A8%E9%93%B6%E9%93%B6%E6%B2%B3%E5%A8%B1%E4%B9%90%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E9%A6%96%E9%A1%B5(%E6%AC%A2%E8%BF%8E%E6%82%A8)
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=760508375&si=4f05cb48672fadda10f7c0d26927b3b5&v=1.3.0&lv=1&sn=59249&r=0&ww=1280&u=http%3A%2F%2Fytwuliu.net%2Fshujuku&tt=%E6%BE%B3%E9%97%A8%E9%93%B6%E9%93%B6%E6%B2%B3%E5%A8%B1%E4%B9%90%E5%AE%98%E6%96%B9%E7%BD%91%E5%9D%80-%E9%A6%96%E9%A1%B5(%E6%AC%A2%E8%BF%8E%E6%82%A8) HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 05 Feb 2023 10:22:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=07992C3CA437F66C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.tu2021.cc/uploads/al0nbzn1nlqurn8s0wg4mo0slkm6vai2k5j.jpg

43.243.30.14

200 OK

56 kB

URL HTTP/1.1
www.tu2021.cc/uploads/al0nbzn1nlqurn8s0wg4mo0slkm6vai2k5j.jpg
IP
43.243.30.14:0
ASN
#64050 BGPNET Global ASN

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x100, components 3\012- data
Size
56 kB (56253 bytes)
Hash
a0bea1017e6fdccc6c25770044de313d
f28b8fe62c3e34f0ead9593e2d79fb84970eeb74
504e2c1189351e9cb8888002a79923f22aee6f22c19baf03f1155df62f1bef33

HTTP Headers

GET /uploads/al0nbzn1nlqurn8s0wg4mo0slkm6vai2k5j.jpg HTTP/1.1
Host: www.tu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:34 GMT
Content-Type: image/jpeg
Content-Length: 56253
Last-Modified: Sun, 28 Mar 2021 16:11:40 GMT
Connection: keep-alive
ETag: "6060aabc-dbbd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

www.tu2021.cc/uploads/2w4xbloeayhr2qyrw7r89gb4y0b5mue1kkw.jpg

43.243.30.14

200 OK

57 kB

URL HTTP/1.1
www.tu2021.cc/uploads/2w4xbloeayhr2qyrw7r89gb4y0b5mue1kkw.jpg
IP
43.243.30.14:0
ASN
#64050 BGPNET Global ASN

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x100, components 3\012- data
Size
57 kB (57413 bytes)
Hash
2e599e6d4d3d33ff4de9f6729899c960
ba96b8f555d5907c0b67c723aaeba8250098e61c
3bba9661f9ad5b20934c5a85fdb31b01006948f2dcb27ff7f81cbd958b2c4fb5

HTTP Headers

GET /uploads/2w4xbloeayhr2qyrw7r89gb4y0b5mue1kkw.jpg HTTP/1.1
Host: www.tu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:34 GMT
Content-Type: image/jpeg
Content-Length: 57413
Last-Modified: Sun, 28 Mar 2021 16:11:36 GMT
Connection: keep-alive
ETag: "6060aab8-e045"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

www.tu2021.cc/uploads/29800tuc0cyqvejurllnadd3n4g776ur4t2.jpg

43.243.30.14

200 OK

50 kB

URL HTTP/1.1
www.tu2021.cc/uploads/29800tuc0cyqvejurllnadd3n4g776ur4t2.jpg
IP
43.243.30.14:0
ASN
#64050 BGPNET Global ASN

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x100, components 3\012- data
Size
50 kB (50516 bytes)
Hash
7925f7dd6392dcb4f188398fa87e8c0c
030ad16e6e28d2b8520427bf57d48e7fa38a65a4
552c475fe29e8eabac0760a6d4e5f74a0165ca447e269614a01bdbc7b60a7353

HTTP Headers

GET /uploads/29800tuc0cyqvejurllnadd3n4g776ur4t2.jpg HTTP/1.1
Host: www.tu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:34 GMT
Content-Type: image/jpeg
Content-Length: 50516
Last-Modified: Sun, 28 Mar 2021 16:11:40 GMT
Connection: keep-alive
ETag: "6060aabc-c554"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

www.tu2021.cc/uploads/4ns3n30rhgm59f4b2gx3mzv111hfj4vjiq7.jpg

43.243.30.14

200 OK

143 kB

URL HTTP/1.1
www.tu2021.cc/uploads/4ns3n30rhgm59f4b2gx3mzv111hfj4vjiq7.jpg
IP
43.243.30.14:0
ASN
#64050 BGPNET Global ASN

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x300, components 3\012- data
Size
143 kB (142606 bytes)
Hash
48880d25f2244e8c2e51ccc79b22104e
7934561d21ca9d5528139fdd41c6ba7b2ff7dfd6
c6b7dd88ad5a2a53d798364591691f8ba365d46b0b1cb5d91aa5f273d30b9343

HTTP Headers

GET /uploads/4ns3n30rhgm59f4b2gx3mzv111hfj4vjiq7.jpg HTTP/1.1
Host: www.tu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:34 GMT
Content-Type: image/jpeg
Content-Length: 142606
Last-Modified: Sun, 28 Mar 2021 16:11:37 GMT
Connection: keep-alive
ETag: "6060aab9-22d0e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

www.tu2021.cc/uploads/3819t6tzm6ocdjxzd9lflbkbjw4vqvfe77i.jpg

43.243.30.14

200 OK

53 kB

URL HTTP/1.1
www.tu2021.cc/uploads/3819t6tzm6ocdjxzd9lflbkbjw4vqvfe77i.jpg
IP
43.243.30.14:0
ASN
#64050 BGPNET Global ASN

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x100, components 3\012- data
Size
53 kB (52696 bytes)
Hash
09a9c5e99ec33235f28bdca03b58682e
81d68e1a6bc09d122f9a0984c23dffc01b8d1c1c
0a5fbab46d0fed48a729000dc2c5415bea823742bc19cc2e4118f8844627414b

HTTP Headers

GET /uploads/3819t6tzm6ocdjxzd9lflbkbjw4vqvfe77i.jpg HTTP/1.1
Host: www.tu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:35 GMT
Content-Type: image/jpeg
Content-Length: 52696
Last-Modified: Sun, 28 Mar 2021 16:11:40 GMT
Connection: keep-alive
ETag: "6060aabc-cdd8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

www.tu2021.cc/uploads/x0jcb56nn6282jrj23pacjr8pmcarekhkh3.jpg

43.243.30.14

200 OK

57 kB

URL HTTP/1.1
www.tu2021.cc/uploads/x0jcb56nn6282jrj23pacjr8pmcarekhkh3.jpg
IP
43.243.30.14:0
ASN
#64050 BGPNET Global ASN

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x100, components 3\012- data
Size
57 kB (56884 bytes)
Hash
795fdd629261bbfff623483c6cb6f160
deca291d31bff5e123c3e192d7404976b2192ec5
8e948fa556ac4998fe70fd5eb00c0c14988c884e83d204f711bb5f59c444fdff

HTTP Headers

GET /uploads/x0jcb56nn6282jrj23pacjr8pmcarekhkh3.jpg HTTP/1.1
Host: www.tu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:35 GMT
Content-Type: image/jpeg
Content-Length: 56884
Last-Modified: Sun, 28 Mar 2021 16:11:46 GMT
Connection: keep-alive
ETag: "6060aac2-de34"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

www.tu2021.cc/uploads/291wu9ropi8eyj8ngdzh8b0ygl9d7d5cvek.jpg

43.243.30.14

200 OK

62 kB

URL HTTP/1.1
www.tu2021.cc/uploads/291wu9ropi8eyj8ngdzh8b0ygl9d7d5cvek.jpg
IP
43.243.30.14:0
ASN
#64050 BGPNET Global ASN

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x100, components 3\012- data
Size
62 kB (62211 bytes)
Hash
c8e43ccc9c88624a86c0c190719d55ba
c273eba44ea68dbccaf44c36ef5d4c24cfdaee26
c34da23b1f8b51d2f0799b39e06ea1342347e7d4b32f39bbd94fa4cfb0cc1cfb

HTTP Headers

GET /uploads/291wu9ropi8eyj8ngdzh8b0ygl9d7d5cvek.jpg HTTP/1.1
Host: www.tu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:35 GMT
Content-Type: image/jpeg
Content-Length: 62211
Last-Modified: Sun, 28 Mar 2021 16:11:39 GMT
Connection: keep-alive
ETag: "6060aabb-f303"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

www.tu2021.cc/uploads/fzo19d83tvcadjbhcsz7.png

43.243.30.14

200 OK

255 kB

URL HTTP/1.1
www.tu2021.cc/uploads/fzo19d83tvcadjbhcsz7.png
IP
43.243.30.14:0
ASN
#64050 BGPNET Global ASN

File type
PNG image data, 1000 x 200, 8-bit/color RGB, non-interlaced\012- data
Size
255 kB (255290 bytes)
Hash
9b7839cc32f8daa06bb7d870900882a0
23b0c93464743e63954eafed8057ca0ec3d4effb
baaa64f64b837b8ad5e3c1e6e4c9aa4b4f7b0a96d179049f1e26ad66a290eaf8

HTTP Headers

GET /uploads/fzo19d83tvcadjbhcsz7.png HTTP/1.1
Host: www.tu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:34 GMT
Content-Type: image/png
Content-Length: 255290
Last-Modified: Fri, 28 Oct 2022 04:40:50 GMT
Connection: keep-alive
ETag: "635b5d52-3e53a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

www.tu2021.cc/uploads/w0cxd9yqcoopofugsrgv37wjib2jmgguo3e.gif

43.243.30.14

200 OK

295 kB

URL HTTP/1.1
www.tu2021.cc/uploads/w0cxd9yqcoopofugsrgv37wjib2jmgguo3e.gif
IP
43.243.30.14:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 1000 x 90\012- data
Size
295 kB (294842 bytes)
Hash
85163b53631e93551465219ff0e8d8fb
59b7a0a3ab620f45ce48de1c27afdfeb88c6bed6
b77899e0b4dac978615eb40d7efffc1dd8cb0acc5271b57273c589cf601396a9

HTTP Headers

GET /uploads/w0cxd9yqcoopofugsrgv37wjib2jmgguo3e.gif HTTP/1.1
Host: www.tu2021.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ytwuliu.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 10:22:34 GMT
Content-Type: image/gif
Content-Length: 294842
Last-Modified: Fri, 19 Mar 2021 18:33:26 GMT
Connection: keep-alive
ETag: "6054ee76-47fba"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML