r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5872
Expires: Tue, 31 Jan 2023 10:25:23 GMT
Date: Tue, 31 Jan 2023 08:47:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5476
Expires: Tue, 31 Jan 2023 10:18:47 GMT
Date: Tue, 31 Jan 2023 08:47:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 08:43:17 GMT
content-type: application/json
age: 254
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20305
Expires: Tue, 31 Jan 2023 14:25:56 GMT
Date: Tue, 31 Jan 2023 08:47:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BENWduCbsPY0ulJZxTyydARisBRai3NjzjOGQ5BpL6JhPtKWQN49hoH5jWxz7g3g2RshVc+ZcVwTxPqsawo+wA==
x-amz-request-id: RDJ2ZRS45HY9C4DS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 08:22:08 GMT
age: 1523
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
234rrrrr.com/info/217.html
38.239.187.140301 Moved Permanently 0 B URL HTTP/1.1 234rrrrr.com/info/217.html
IP 38.239.187.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /info/217.html HTTP/1.1
Host: 234rrrrr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 31 Jan 2023 08:47:30 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.234rrrrr.com/info/217.html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:47:31 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 08:41:42 GMT
age: 349
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4065
Expires: Tue, 31 Jan 2023 09:55:16 GMT
Date: Tue, 31 Jan 2023 08:47:31 GMT
Connection: keep-alive
www.234rrrrr.com/info/217.html
38.239.187.140200 OK 634 B URL HTTP/1.1 www.234rrrrr.com/info/217.html
IP 38.239.187.140:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (881), with CRLF line terminators
Hash a7a9765b36da3b66eb79d0b1d4d0899f
9518db28d5aeda57f8877176a59b8792a8b4e08f
5511486946cbb0abb59a9df515378d517b034a3a50c9b5195beba1e9bddf4156
GET /info/217.html HTTP/1.1
Host: www.234rrrrr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
35.165.197.103101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.197.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5yFKEEbVFndgWWARPn2Cxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s2uVLGI5UvC15QQ9E1dnDZYCvnY=
www.234rrrrr.com/common.js
38.239.187.140200 OK 695 B URL HTTP/1.1 www.234rrrrr.com/common.js
IP 38.239.187.140:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Hash 19de4ca93c538ae975f6521a2a12bd9c
0700deaf8e9c9984fc70e3a89453b38c5ad7dd91
05cdba5dae507c60ddfd9a449b90cde4a54a81d5fca31875e4f9de6c7408e21a
GET /common.js HTTP/1.1
Host: www.234rrrrr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.234rrrrr.com/info/217.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.234rrrrr.com/tj.js
38.239.187.140200 OK 258 B IP 38.239.187.140:0
File type ASCII text, with CRLF line terminators
Hash a2ab78a9642db3c6b07760a978a5568b
b11bd899a530e5c14cec58c37e22543f33a36cff
15edfea73d65aec10c72a46cfe52a14bb708ab07ed4c9495871c1fe69d9c59a6
GET /tj.js HTTP/1.1
Host: www.234rrrrr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.234rrrrr.com/info/217.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:32 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
122.10.49.229/m168se.html
122.10.49.229200 OK 622 B URL HTTP/1.1 122.10.49.229/m168se.html
IP 122.10.49.229:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text
Hash 2ae5d1a1813aa31247b7ca1fed06802b
098e835e81104098ed9aa60b0f32c9e6cc818436
7ac3b0d88231e048f216384d62724e0e4a7d553dd2f929db38d5d015b8cdb17e
Analyzer Verdict Alert quad9 Sinkholed
GET /m168se.html HTTP/1.1
Host: 122.10.49.229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.234rrrrr.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:32 GMT
Content-Type: text/html
Content-Length: 622
Last-Modified: Tue, 31 Jan 2023 05:22:18 GMT
Connection: keep-alive
ETag: "63d8a58a-26e"
Accept-Ranges: bytes
www.234rrrrr.com/favicon.ico
38.239.187.140200 OK 1.2 kB URL HTTP/1.1 www.234rrrrr.com/favicon.ico
IP 38.239.187.140:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.234rrrrr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.234rrrrr.com/info/217.html
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:32 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 05 Feb 2023 08:47:32 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
38.239.19.74/0.491926174405506
38.239.19.74404 Not Found 146 B URL HTTP/1.1 38.239.19.74/0.491926174405506
IP 38.239.19.74:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert quad9 Sinkholed
GET /0.491926174405506 HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://122.10.49.229/
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 31 Jan 2023 08:47:32 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
38.239.19.73/0.15862810177956488
38.239.19.73404 Not Found 146 B URL HTTP/1.1 38.239.19.73/0.15862810177956488
IP 38.239.19.73:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert quad9 Sinkholed
GET /0.15862810177956488 HTTP/1.1
Host: 38.239.19.73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://122.10.49.229/
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 31 Jan 2023 08:47:32 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
38.239.19.70/0.5910041415853958
38.239.19.70404 Not Found 146 B URL HTTP/1.1 38.239.19.70/0.5910041415853958
IP 38.239.19.70:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert quad9 Sinkholed
GET /0.5910041415853958 HTTP/1.1
Host: 38.239.19.70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://122.10.49.229/
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 31 Jan 2023 08:47:32 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19924
Expires: Tue, 31 Jan 2023 14:19:37 GMT
Date: Tue, 31 Jan 2023 08:47:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19924
Expires: Tue, 31 Jan 2023 14:19:37 GMT
Date: Tue, 31 Jan 2023 08:47:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19924
Expires: Tue, 31 Jan 2023 14:19:37 GMT
Date: Tue, 31 Jan 2023 08:47:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19924
Expires: Tue, 31 Jan 2023 14:19:37 GMT
Date: Tue, 31 Jan 2023 08:47:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 25494
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 146cb1c622ae62d62090dcaf81709056
c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e
d1a2caf59c5bfb3fd66c804217c60705de91e5beebd006cffab1d712a5aef85b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8755
x-amzn-requestid: 18054ad3-92df-4a07-b7d1-643293ba4a5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1hDGZfoAMFsFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c6c-7aae5ef32459231c25465b1b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:05:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5GkQA5AcFOFc2Wn5rdaX7nH5F4wfy52vtlpbI8Qlai-jQE77inKzqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 10:06:07 GMT
age: 81686
etag: "c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c7c3dd-3b94-47e5-83e3-d08d77011a06.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c7c3dd-3b94-47e5-83e3-d08d77011a06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5167f99b892b964436e3c85ec115e25d
4f35912cf744f1f8fe875ff13d333ff19a775155
8b2350b0d3cf009164143a9591e62c1fd77fa127cfe01ab6204fe8accd3d11b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c7c3dd-3b94-47e5-83e3-d08d77011a06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10000
x-amzn-requestid: f4b22eb2-3e65-4b0b-bec9-b2782103cec7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcSZ6FznIAMF_AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4caa5-787125d9270792e5417f2891;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4SuH8GRiQqYRDlMFy3MI4KFbhHKwlDUbovcMITVrWtELKGQGTP-epw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 20:41:22 GMT
age: 43571
etag: "4f35912cf744f1f8fe875ff13d333ff19a775155"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70d0f84c-475c-41c3-922d-8f0be8fbfff4.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70d0f84c-475c-41c3-922d-8f0be8fbfff4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6790dfb54452775c77c50890d17669a
a21e3ac869acae92640075dcb9da9ded4b7f0c92
b24238875cca2327ef4df93e5e66303f02b7f64265faebcb033a245c14638817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70d0f84c-475c-41c3-922d-8f0be8fbfff4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6481
x-amzn-requestid: ca20c9a5-983f-4cde-a833-2a561c13af95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY-T9FcXoAMFnlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d3774c-665397d31a681a155b8a7d53;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:03:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BpOJ8IlnGRS5RbTLM1pQdk11d9NJLiiUy7oIMbwYykeX5E6OyAAFdw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 17:04:34 GMT
age: 56579
etag: "a21e3ac869acae92640075dcb9da9ded4b7f0c92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d143b65b98551bde96a7f026808d4583
3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7
004be88ebe2a4840bb718a5148fcf7d2dc1400f6c1c880cee4428d66ba91dbd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9972
x-amzn-requestid: 8a609804-1429-4a2d-abdc-7dc74a83a35b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcWB-GO8oAMF5Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4d072-0a0afc9625eb840c0b14b259;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:36:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uOHt5PEtB9XCEUi1eFA_7pTZsZgHQnvadZNw7BiXJTYMmnYgAzZ7pQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:58 GMT
age: 17795
etag: "3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 29671
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash ac8891324f5daeecf205fd81a798b1b7
10da10f9d49b28325b17b99bcb328f13ac4e54b7
87a7a46cce8109ceba7fa527fc3629da4f478026caa7860f526dec8eeccd192a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 04 Feb 2023 05:49:49 GMT
ETag: "10da10f9d49b28325b17b99bcb328f13ac4e54b7"
Last-Modified: Tue, 31 Jan 2023 05:49:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 195
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79212ee96be20b69-OSL
38.239.19.74/
38.239.19.74200 OK 32 kB IP 38.239.19.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1244)
Hash 30497536a82b7ca225b090b214ff28ef
40c51d5de48bf9108b443813890d9e27ed3c0d27
2968df53e17b9ed8bb8834c608f85ec1d67bb984a1d5f0e8a1efdf34a1310ec4
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://122.10.49.229/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:33 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
38.239.19.74/template/m1938pc/css/ate.css
38.239.19.74200 OK 6.0 kB URL HTTP/1.1 38.239.19.74/template/m1938pc/css/ate.css
IP 38.239.19.74:0
File type ASCII text, with CRLF line terminators
Hash 775ec9fd65a59632efdf68fc5af2dfad
a51c8530feab204356baa78c94848b688de1caf5
683dab144184920b21b643c2e6de55202e5528633318697e652fec75a8016d93
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:33 GMT
Content-Type: text/css
Last-Modified: Thu, 21 Apr 2022 12:25:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62614d4a-126e4"
Expires: Tue, 31 Jan 2023 20:47:33 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
38.239.19.74/template/m1938pc/css/zui.css
38.239.19.74200 OK 26 kB URL HTTP/1.1 38.239.19.74/template/m1938pc/css/zui.css
IP 38.239.19.74:0
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 48188b5946ef858dfa344439947c87c0
d42813d81e2dcb0a116af428df6337060d5c3ebb
bb79ed3252c5ef94bfd1e94e9a335d6dfb93dd85ff7fe13eee97235c44069336
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:33 GMT
Content-Type: text/css
Last-Modified: Fri, 18 Nov 2022 07:27:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637733f4-1be1a"
Expires: Tue, 31 Jan 2023 20:47:33 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
122.10.17.7/duilian.js
122.10.17.7200 OK 1.1 kB IP 122.10.17.7:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with very long lines (957)
Hash 6ddf43ee714887151db8ea44b8735b18
bedc470211686f1528d67a05a20f64f07faaf118
d211540550bc6dee6bbc0e85ff176bf604ba5605ffeac380a9f0f6f813f0f4c1
Analyzer Verdict Alert quad9 Sinkholed
GET /duilian.js HTTP/1.1
Host: 122.10.17.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:34 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Jan 2023 08:13:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b7d823-85d"
Expires: Tue, 31 Jan 2023 20:47:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
122.10.17.7/gonggao1.js
122.10.17.7200 OK 1.3 kB IP 122.10.17.7:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (991)
Hash 4115cbb72d9764083fcc4e2820fd1081
d7cd8d708fb006744769f3abdb1408c9040dca74
17c127a26a332d9e0706ca990e5c857b75119e0f8c72639bd346fc55adc58c10
Analyzer Verdict Alert quad9 Sinkholed
GET /gonggao1.js HTTP/1.1
Host: 122.10.17.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:34 GMT
Content-Type: application/javascript
Last-Modified: Tue, 31 Jan 2023 05:41:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d8aa23-c35"
Expires: Tue, 31 Jan 2023 20:47:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
38.239.19.74/template/m1938pc/ads/img/nwess.gif
38.239.19.74200 OK 26 kB URL HTTP/1.1 38.239.19.74/template/m1938pc/ads/img/nwess.gif
IP 38.239.19.74:0
File type GIF image data, version 89a, 712 x 105\012- data
Hash 9092217b47dfc7613a3afe93732a945b
630b1ad522248a5f313e612b3c30a17dc4992ebd
55d38a017673f851129bdb2617c869c80a4f35b23914581d8425b0e27011c64b
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/img/nwess.gif HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:34 GMT
Content-Type: image/gif
Content-Length: 26396
Last-Modified: Sun, 04 Dec 2022 05:09:19 GMT
Connection: keep-alive
ETag: "638c2b7f-671c"
Expires: Thu, 02 Mar 2023 08:47:34 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
38.239.19.74/template/m1938pc/ads/img/1.gif
38.239.19.74200 OK 254 B URL HTTP/1.1 38.239.19.74/template/m1938pc/ads/img/1.gif
IP 38.239.19.74:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/img/1.gif HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:34 GMT
Content-Type: image/gif
Content-Length: 254
Last-Modified: Thu, 21 Apr 2022 12:25:48 GMT
Connection: keep-alive
ETag: "62614d4c-fe"
Expires: Thu, 02 Mar 2023 08:47:34 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
38.239.19.74/template/m1938pc/ads/img/01.jpg
38.239.19.74200 OK 7.2 kB URL HTTP/1.1 38.239.19.74/template/m1938pc/ads/img/01.jpg
IP 38.239.19.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 1280x80, components 3\012- data
Hash e907a82842fbb9efd3eafc0abdcc3dca
ccf459fba4e8ca93fab930d1f3095512035c2839
9847330626e23b057b07049eb31f48b3f860ff5937dd8705241a63f67784c132
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/img/01.jpg HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:34 GMT
Content-Type: image/jpeg
Content-Length: 7195
Last-Modified: Sat, 14 Jan 2023 00:39:04 GMT
Connection: keep-alive
ETag: "63c1f9a8-1c1b"
Expires: Thu, 02 Mar 2023 08:47:34 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
38.239.19.74/template/m1938pc/ads/img/zggt.jpg
38.239.19.74200 OK 7.6 kB URL HTTP/1.1 38.239.19.74/template/m1938pc/ads/img/zggt.jpg
IP 38.239.19.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 1020x60, components 3\012- data
Hash f384655759c7636820f4541a21c5ae43
93619eb32c623bc70974a22d4ca2f441d6dfc845
c46cd3858323fa82a2bc02c5f1c979a7dbf61ff18641f74b0c431c66c12ceb31
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/img/zggt.jpg HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:34 GMT
Content-Type: image/jpeg
Content-Length: 7608
Last-Modified: Thu, 10 Nov 2022 08:30:38 GMT
Connection: keep-alive
ETag: "636cb6ae-1db8"
Expires: Thu, 02 Mar 2023 08:47:34 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 382e2f85397c2939e13d4611e1ec86a0
f4bc9106ad32f48860618ab0b60228aff467b4d3
db7dc91114c3f576f9202fa45a453209f72fe98fbdc3074d1e3843756fc44564
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB7DC91114C3F576F9202FA45A453209F72FE98FBDC3074D1E3843756FC44564"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3942
Expires: Tue, 31 Jan 2023 09:53:16 GMT
Date: Tue, 31 Jan 2023 08:47:34 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/0100f12000ae3ck8y7042.gif?proc=autoorient
23.14.2.52200 OK 175 kB URL HTTP/2 dimg04.c-ctrip.com/images/0100f12000ae3ck8y7042.gif?proc=autoorient
IP 23.14.2.52:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 175 kB (175192 bytes)
Hash 84da714bad49f50cfb13f96109ca82d3
34cf50dff8785d62c65286cf8316747f1c4ca613
076ac3243481224e8f70c52317c5fae1de18dd28117c5a80e1b7b37898341d8c
GET /images/0100f12000ae3ck8y7042.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 175192
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5625412
expires: Thu, 06 Apr 2023 11:24:26 GMT
date: Tue, 31 Jan 2023 08:47:34 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105n12000aebu6fxCE0E.gif?proc=autoorient
23.14.2.52200 OK 305 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105n12000aebu6fxCE0E.gif?proc=autoorient
IP 23.14.2.52:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 305 kB (304630 bytes)
Hash 616b404a780629dce921fed59248917a
b0835a59b7a1f85590204090084f7e379c2c730f
bcf6e4c08fff7ddbaf6021553a4c336bbb40bf2d888d00a43908a3766fd7b933
GET /images/0105n12000aebu6fxCE0E.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 304630
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5719399
expires: Fri, 07 Apr 2023 13:30:53 GMT
date: Tue, 31 Jan 2023 08:47:34 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
23.14.2.52200 OK 489 kB URL HTTP/2 dimg04.c-ctrip.com/images/0105c12000ae3a0t3DD7A.gif?proc=autoorient
IP 23.14.2.52:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 489 kB (488987 bytes)
Hash 6a7d54ecdc2d1cce357d304db217ccec
03a803d54b6a1dd16cba5d73bf4e732d8b7be263
7cd4479b97a015f11a04b2d7d94fbe78030a7e0e3de457bf72abdbf53235c7d8
GET /images/0105c12000ae3a0t3DD7A.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 488987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5622430
expires: Thu, 06 Apr 2023 10:34:44 GMT
date: Tue, 31 Jan 2023 08:47:34 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?8c5e0a2e06912c0ee1456a972f703738
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8c5e0a2e06912c0ee1456a972f703738
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 19b4d5d4eba390b7f52c060f92f0a993
dca08c0e6212a897a1ec7e2eae04afcaeb1dc37f
ee6b1a9c15573f90e7cb245faaab7af70473346d27e45d6fbb1ee0347297edd5
GET /hm.js?8c5e0a2e06912c0ee1456a972f703738 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.234rrrrr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 08:47:33 GMT
Etag: 85d070aba2adb2a95af3f57414f27151
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7C95EEC31779D63F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
kvkaa.com/153ac71e52df3d7d664bf0bb17905f12.gif
45.154.214.206301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/153ac71e52df3d7d664bf0bb17905f12.gif
IP 45.154.214.206:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /153ac71e52df3d7d664bf0bb17905f12.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 31 Jan 2023 08:47:34 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/153ac71e52df3d7d664bf0bb17905f12.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?c34175a344a7cbbdf7846e6823f15d4c
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?c34175a344a7cbbdf7846e6823f15d4c
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash fd0ebd02176f5f0be95945b80521c618
37a934554daeb4839c3fc5d015d8c42e2eb1b609
ef68881463782f80389132ded1a8e91ea0814f01eb3338f41bface7b6ba1b02a
GET /hm.js?c34175a344a7cbbdf7846e6823f15d4c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Tue, 31 Jan 2023 08:47:34 GMT
Etag: 30cd380af2a6cf4b97726d9af6233c32
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D2F4CC69A0453BE7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
38.239.19.74/template/m1938pc/images/video-play.png
38.239.19.74200 OK 1.6 kB URL HTTP/1.1 38.239.19.74/template/m1938pc/images/video-play.png
IP 38.239.19.74:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:35 GMT
Content-Type: image/png
Content-Length: 1567
Last-Modified: Thu, 21 Apr 2022 12:26:06 GMT
Connection: keep-alive
ETag: "62614d5e-61f"
Expires: Thu, 02 Mar 2023 08:47:35 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
38.239.19.74/template/m1938pc/fonts/e61a601604fe408d85f635b56e71b3a1.woff
38.239.19.74404 Not Found 146 B URL HTTP/1.1 38.239.19.74/template/m1938pc/fonts/e61a601604fe408d85f635b56e71b3a1.woff
IP 38.239.19.74:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/fonts/e61a601604fe408d85f635b56e71b3a1.woff HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://38.239.19.74/template/m1938pc/css/zui.css
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 31 Jan 2023 08:47:35 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
kvkaa.com/0386d45065aa4bb1d118804aea2b6df7.md.jpg
45.154.214.206301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/0386d45065aa4bb1d118804aea2b6df7.md.jpg
IP 45.154.214.206:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0386d45065aa4bb1d118804aea2b6df7.md.jpg HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 31 Jan 2023 08:47:35 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/0386d45065aa4bb1d118804aea2b6df7.md.jpg
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
45.154.214.206301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/3b519146003914bff4ecede8a7b76f26.gif
IP 45.154.214.206:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 31 Jan 2023 08:47:35 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvkaa.com/01dfa9bde54e701e29b1896a128d2cc1.gif
45.154.214.206301 Moved Permanently 162 B URL HTTP/2 kvkaa.com/01dfa9bde54e701e29b1896a128d2cc1.gif
IP 45.154.214.206:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /01dfa9bde54e701e29b1896a128d2cc1.gif HTTP/1.1
Host: kvkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 31 Jan 2023 08:47:35 GMT
content-type: text/html
content-length: 162
location: https://kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 382e2f85397c2939e13d4611e1ec86a0
f4bc9106ad32f48860618ab0b60228aff467b4d3
db7dc91114c3f576f9202fa45a453209f72fe98fbdc3074d1e3843756fc44564
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB7DC91114C3F576F9202FA45A453209F72FE98FBDC3074D1E3843756FC44564"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3941
Expires: Tue, 31 Jan 2023 09:53:16 GMT
Date: Tue, 31 Jan 2023 08:47:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 382e2f85397c2939e13d4611e1ec86a0
f4bc9106ad32f48860618ab0b60228aff467b4d3
db7dc91114c3f576f9202fa45a453209f72fe98fbdc3074d1e3843756fc44564
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB7DC91114C3F576F9202FA45A453209F72FE98FBDC3074D1E3843756FC44564"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3941
Expires: Tue, 31 Jan 2023 09:53:16 GMT
Date: Tue, 31 Jan 2023 08:47:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 382e2f85397c2939e13d4611e1ec86a0
f4bc9106ad32f48860618ab0b60228aff467b4d3
db7dc91114c3f576f9202fa45a453209f72fe98fbdc3074d1e3843756fc44564
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB7DC91114C3F576F9202FA45A453209F72FE98FBDC3074D1E3843756FC44564"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3941
Expires: Tue, 31 Jan 2023 09:53:16 GMT
Date: Tue, 31 Jan 2023 08:47:35 GMT
Connection: keep-alive
tupkku.top/logotp/tiangx01.gif
172.67.178.134200 OK 193 kB URL HTTP/2 tupkku.top/logotp/tiangx01.gif
IP 172.67.178.134:0
File type GIF image data, version 89a, 120 x 120\012- data
Size 193 kB (192700 bytes)
Hash 1f96742e79c464754770d21b824c422e
2eacc04050d6b364ca38e67f740f5019ba609d72
90b4a34013848befc26d1e21f30afa75bb896fb8775cfb283e0d1f4d9bc1a294
GET /logotp/tiangx01.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:35 GMT
content-type: image/gif
content-length: 192700
last-modified: Sun, 19 Jun 2022 13:11:00 GMT
etag: "62af2064-2f0bc"
expires: Tue, 14 Feb 2023 21:18:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1337220
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToUJnbvnoUgG9%2BjpKkixF%2BXwOzAYTqgPzGhFxpKm8V1EbeJxFnt46xIW0q3QY09t%2F48kazGrFpotJChQ%2BC2MBPcofoANIAqPObjW4w8wktrzI0a67ZkQ0E%2FKPUld"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212ef9dc500b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tupkku.top/hf/xincha.gif
172.67.178.134200 OK 287 kB IP 172.67.178.134:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 287 kB (287106 bytes)
Hash bf69a23dccde7e62074b6300ea402b95
dd009214a977991f1ce608f209962267a2db1e2c
6e329ba63b5b8b6493317c2c2f140b49bc76cb72d5eb06793d5f32e87ac308fb
GET /hf/xincha.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:35 GMT
content-type: image/gif
content-length: 287106
last-modified: Mon, 06 Jun 2022 10:46:28 GMT
etag: "629ddb04-46182"
expires: Tue, 31 Jan 2023 16:40:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2563531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIJvAat%2BKsiylSUcaubmZQZUZtrA3zlxWqJp%2BLSCGsEaW5vAMlatIzAUg2lYEvvVW%2FVkRngtFAAIV41vnqCwnG85kZ0vVeMwwxLJr5iv5jrVm%2FCOiN5ZxtYMbaMW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212ef9dc580b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
595tuchuang.com/200x200.gif
183.255.106.38301 Moved Permanently 166 B URL HTTP/1.1 595tuchuang.com/200x200.gif
IP 183.255.106.38:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /200x200.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 08:47:35 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://595tuchuang.com/200x200.gif
Server: cdn
38.239.19.74/template/m1938pc/fonts/iconfont.woff
38.239.19.74200 OK 525 B URL HTTP/1.1 38.239.19.74/template/m1938pc/fonts/iconfont.woff
IP 38.239.19.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f66ed8f90ffb0fc831098b7701d3ba8a
1bc63ccb714f1272c80b224aa8fd9da94914825d
6ccac1f3560824c5e11e27d1798e447cfc5a930e5824009d6b1cf8eb98e248de
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/fonts/iconfont.woff HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://38.239.19.74/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:36 GMT
Content-Type: font/woff
Content-Length: 525
Last-Modified: Thu, 21 Apr 2022 12:34:02 GMT
Connection: keep-alive
ETag: "62614f3a-20d"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1613437043&si=8c5e0a2e06912c0ee1456a972f703738&v=1.3.0&lv=1&sn=14736&r=0&ww=1280&u=http%3A%2F%2Fwww.234rrrrr.com%2Finfo%2F217.html&tt=%E6%BB%81%E5%B7%9E%E5%8A%A0%E7%85%A7%E4%BF%A1%E7%94%A8%E6%8B%85%E4%BF%9D%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1613437043&si=8c5e0a2e06912c0ee1456a972f703738&v=1.3.0&lv=1&sn=14736&r=0&ww=1280&u=http%3A%2F%2Fwww.234rrrrr.com%2Finfo%2F217.html&tt=%E6%BB%81%E5%B7%9E%E5%8A%A0%E7%85%A7%E4%BF%A1%E7%94%A8%E6%8B%85%E4%BF%9D%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1613437043&si=8c5e0a2e06912c0ee1456a972f703738&v=1.3.0&lv=1&sn=14736&r=0&ww=1280&u=http%3A%2F%2Fwww.234rrrrr.com%2Finfo%2F217.html&tt=%E6%BB%81%E5%B7%9E%E5%8A%A0%E7%85%A7%E4%BF%A1%E7%94%A8%E6%8B%85%E4%BF%9D%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.234rrrrr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 08:47:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=00EE6467A50C8A62; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=214366423&si=c34175a344a7cbbdf7846e6823f15d4c&su=http%3A%2F%2F122.10.49.229%2F&v=1.3.0&lv=1&sn=14736&r=0&ww=1268&u=http%3A%2F%2F38.239.19.74%2F&tt=%E5%96%B5%E5%BD%B1%E9%99%A2-%E5%96%B5%E7%94%B5%E5%BD%B1-%E5%96%B5%E8%A7%86%E9%A2%91-%E7%9F%AD%E8%A7%86%E9%A2%91-%E5%96%B5%E7%BD%91%E7%AB%99%E5%A4%A7%E5%85%A8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=214366423&si=c34175a344a7cbbdf7846e6823f15d4c&su=http%3A%2F%2F122.10.49.229%2F&v=1.3.0&lv=1&sn=14736&r=0&ww=1268&u=http%3A%2F%2F38.239.19.74%2F&tt=%E5%96%B5%E5%BD%B1%E9%99%A2-%E5%96%B5%E7%94%B5%E5%BD%B1-%E5%96%B5%E8%A7%86%E9%A2%91-%E7%9F%AD%E8%A7%86%E9%A2%91-%E5%96%B5%E7%BD%91%E7%AB%99%E5%A4%A7%E5%85%A8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=214366423&si=c34175a344a7cbbdf7846e6823f15d4c&su=http%3A%2F%2F122.10.49.229%2F&v=1.3.0&lv=1&sn=14736&r=0&ww=1268&u=http%3A%2F%2F38.239.19.74%2F&tt=%E5%96%B5%E5%BD%B1%E9%99%A2-%E5%96%B5%E7%94%B5%E5%BD%B1-%E5%96%B5%E8%A7%86%E9%A2%91-%E7%9F%AD%E8%A7%86%E9%A2%91-%E5%96%B5%E7%BD%91%E7%AB%99%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 31 Jan 2023 08:47:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=182B1CBE73114D30; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
38.239.19.74/template/m1938pc/fonts/iconfont.ttf
38.239.19.74200 OK 257 B URL HTTP/1.1 38.239.19.74/template/m1938pc/fonts/iconfont.ttf
IP 38.239.19.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b6bf2659c287c7e192ff7c20853205e4
91087c59b4f1a108c0515d4daeb8d4cc49b62da5
a3cc4d1f67765644ce73654ad2d0a1e9f2b85553268d2f3e4d438da3bda75bb4
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /template/m1938pc/fonts/iconfont.ttf HTTP/1.1
Host: 38.239.19.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.239.19.74/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 08:47:36 GMT
Content-Type: application/octet-stream
Content-Length: 257
Last-Modified: Thu, 21 Apr 2022 12:34:00 GMT
Connection: keep-alive
ETag: "62614f38-101"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
cdn.cnbj1.fds.api.mi-img.com/middle.community.vip.bkt/97ac44eee8afffca12361b5820da338b
47.246.44.229200 OK 327 kB URL HTTP/2 cdn.cnbj1.fds.api.mi-img.com/middle.community.vip.bkt/97ac44eee8afffca12361b5820da338b
IP 47.246.44.229:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Size 327 kB (327284 bytes)
Hash 3adea83ed61de09e26f5f1a2a3ce35ff
dba7d14002b8ea617e5561c837b2ac359b919263
bde0886f4216117c996cdaca72049696ec511b7a7f1817d48a5f3197a8176893
GET /middle.community.vip.bkt/97ac44eee8afffca12361b5820da338b HTTP/1.1
Host: cdn.cnbj1.fds.api.mi-img.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/webp
content-length: 327284
date: Wed, 18 Jan 2023 14:53:56 GMT
cache-control: max-age=86400
last-modified: Tue, 20 Sep 2022 14:53:05 GMT
x-xiaomi-meta-content-length: 327284
etag: "3adea83ed61de09e26f5f1a2a3ce35ff"
content-md5: 3adea83ed61de09e26f5f1a2a3ce35ff
x-xiaomi-hash-crc64ecma: -656869869866579051
x-xiaomi-request-id: acf14aa1-81ed-1c3a-0000-0185c55f5140
access-control-allow-credentials: true
access-control-expose-headers: content-md5, upload-time, x-xiaomi-meta-content-length
ali-swift-global-savetime: 1674053636
via: cache4.l2de2[0,0,304-0,H], cache6.l2de2[2,0], cache6.l2de2[3,0], cache1.se1[0,0,200-0,H], cache8.se1[2,0]
age: 1101220
x-cache: HIT TCP_HIT dirn:4:367632445
x-swift-savetime: Wed, 18 Jan 2023 15:53:16 GMT
x-swift-cachetime: 2588440
xm-cache-status: hit
xm-cdn-prov: 1
xm-remote-address: 47.246.44.229
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9c16751548564881037e
X-Firefox-Spdy: h2
628536nyv.com/a560e00e7bb844119014562b6f612399.gif
45.61.212.49200 OK 654 kB URL HTTP/1.1 628536nyv.com/a560e00e7bb844119014562b6f612399.gif
IP 45.61.212.49:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 654 kB (653713 bytes)
Hash 6e1b913d233fb64271527a796618f37b
a858c96c304244dfa9d5cd159a3a5c80c6b98598
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
Analyzer Verdict Alert quad9 Sinkholed
GET /a560e00e7bb844119014562b6f612399.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b8daa-9f991"
Date: Sat, 29 Oct 2022 14:20:53 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:07:06 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-19
Content-Length: 653713
u22033.com/5e33fab68eed3463dd7baf63eaa71d4d.gif
13.227.254.124200 OK 394 kB URL HTTP/2 u22033.com/5e33fab68eed3463dd7baf63eaa71d4d.gif
IP 13.227.254.124:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 394 kB (394223 bytes)
Hash 3df630d62c497a10551750a9b76e872b
480cb236325de4ad6fe0d81e324058af95766f17
630ca9db8b415de7944c67c2163674444f71fede4c7ab614e6119cc49f0d356e
GET /5e33fab68eed3463dd7baf63eaa71d4d.gif HTTP/1.1
Host: u22033.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 394223
last-modified: Tue, 03 Jan 2023 03:28:18 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 21:57:08 GMT
etag: "3df630d62c497a10551750a9b76e872b"
x-cache: Hit from cloudfront
via: 1.1 9c281f6d3073335c1b2f806823d50e2a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jrpb4Vs6B9E9Zl0qWLiGwEws_xhnjZNE5u3-F7iTX9i4RxZsV1z4Iw==
age: 39029
X-Firefox-Spdy: h2
n0544.com/0ccc634cf3ce463988e9007b8271fcf6.gif
52.140.208.180200 OK 149 kB URL HTTP/1.1 n0544.com/0ccc634cf3ce463988e9007b8271fcf6.gif
IP 52.140.208.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 980 x 100\012- data
Size 149 kB (149117 bytes)
Hash 120ce196e8934e9f72fcabc50c87a963
4df10a35b43796baa34984ce3d4ecd3d1f580986
bdba0086b20f901ed2ed033d4f946b7c6682a80b888024cff21ebd73948521f0
GET /0ccc634cf3ce463988e9007b8271fcf6.gif HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:36 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 08 Jan 2023 13:02:02 GMT
ETag: W/"63babeca-643f7"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 44525527c181a727eefa02a4e7ff1053
f43045a5e4cda55f5ede04be0b0fd42bbdf898ba
eaea670303ac29377639856d56c0a18117fecf41b180cf6316ae8c8fa3c41e04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EAEA670303AC29377639856D56C0A18117FECF41B180CF6316AE8C8FA3C41E04"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1986
Expires: Tue, 31 Jan 2023 09:20:43 GMT
Date: Tue, 31 Jan 2023 08:47:37 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cca2e19ab347addbebc7de030d67deb
e277dad924a10fe0946687ff0f8cd62766edc067
37c284ba168d2d42ab55fc67beaa7b9e50dba1ce5ce9e93e0d8f9339afac05ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "37C284BA168D2D42AB55FC67BEAA7B9E50DBA1CE5CE9E93E0D8F9339AFAC05EE"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1178
Expires: Tue, 31 Jan 2023 09:07:15 GMT
Date: Tue, 31 Jan 2023 08:47:37 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cca2e19ab347addbebc7de030d67deb
e277dad924a10fe0946687ff0f8cd62766edc067
37c284ba168d2d42ab55fc67beaa7b9e50dba1ce5ce9e93e0d8f9339afac05ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "37C284BA168D2D42AB55FC67BEAA7B9E50DBA1CE5CE9E93E0D8F9339AFAC05EE"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18029
Expires: Tue, 31 Jan 2023 13:48:06 GMT
Date: Tue, 31 Jan 2023 08:47:37 GMT
Connection: keep-alive
aooacctp.vip/lm/se5.gif
172.67.161.53200 OK 397 kB IP 172.67.161.53:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 397 kB (396964 bytes)
Hash 7b42e791e269b8425a0f380efdd8e5fd
10c09c8f711478c7aeccc988c076d299fafcbbfa
00ef96678470106e95be9f6f4dc07debbbb63a96db839adbf17e5e04e27caf60
GET /lm/se5.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:37 GMT
content-type: image/gif
content-length: 396964
last-modified: Wed, 25 May 2022 14:04:51 GMT
etag: "628e3783-60ea4"
expires: Mon, 06 Feb 2023 05:37:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2084938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NepvmAqLZe0JGsjPFfViCIBCibm6hJxmE%2FYMlWmO28Qk8Mtf3UTtSTzJvsiXLnBnInWcmNHaXPDpvRThT%2BeaHvDZhTlJCF9QCmdlPHgqwNfBiSRNw7nVlv7PUjgUYfU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f04bbb6fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.20.226:0
Hash e2e7515565fb4ca356a3c30f15b76f33
13c1f319a36263cec3990aef3ee777ff7509fd37
929d01921ac21bcb0e825d6ffbb0be0e8bb4a7d5ccb3dc8afd45b191c167b1bd
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Sat, 04 Feb 2023 06:20:12 GMT
ETag: "13c1f319a36263cec3990aef3ee777ff7509fd37"
Last-Modified: Tue, 31 Jan 2023 06:20:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1039
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79212f04be07b4fa-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 1ba6860f9d9d7089a52fe14f501e4fb8
e0c12446143e8fc4f7fc5df2f0278c443e9fb7b5
c96038573e7e2e65300b22f12a6be7b731faaad17add6b6b2360f2e745c0be95
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 04 Feb 2023 06:52:12 GMT
ETag: "e0c12446143e8fc4f7fc5df2f0278c443e9fb7b5"
Last-Modified: Tue, 31 Jan 2023 06:52:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2665
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79212f04b89cb506-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 1ba6860f9d9d7089a52fe14f501e4fb8
e0c12446143e8fc4f7fc5df2f0278c443e9fb7b5
c96038573e7e2e65300b22f12a6be7b731faaad17add6b6b2360f2e745c0be95
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 04 Feb 2023 06:52:12 GMT
ETag: "e0c12446143e8fc4f7fc5df2f0278c443e9fb7b5"
Last-Modified: Tue, 31 Jan 2023 06:52:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2665
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79212f04cd79b4f7-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 1ba6860f9d9d7089a52fe14f501e4fb8
e0c12446143e8fc4f7fc5df2f0278c443e9fb7b5
c96038573e7e2e65300b22f12a6be7b731faaad17add6b6b2360f2e745c0be95
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 04 Feb 2023 06:52:12 GMT
ETag: "e0c12446143e8fc4f7fc5df2f0278c443e9fb7b5"
Last-Modified: Tue, 31 Jan 2023 06:52:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2665
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79212f04cad70b39-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 3f5bc00a357e02884712951fcedd2a9a
4d6f8e5dc162acb8019e6d6df6c8074b302ce114
559e18025c08c00db4944590df6dd3231b725cf2a501ce1c1df8db58ff577dce
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 02:51:07 GMT
Expires: Sat, 04 Feb 2023 02:51:06 GMT
Etag: "4d6f8e5dc162acb8019e6d6df6c8074b302ce114"
Cache-Control: max-age=323608,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f04be32b505-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2ab4c7c8fc0af62d3b6bb77468b025a6
b832ad365d81c2a6b9a5269cf11a32a6988c2b40
f233b987520d6474808c84299c0f5cceb88fc77f34ad0e563bdc5e2d902e26c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 20:49:45 GMT
Expires: Sat, 04 Feb 2023 20:49:44 GMT
Etag: "b832ad365d81c2a6b9a5269cf11a32a6988c2b40"
Cache-Control: max-age=388326,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f04cfddb515-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2ab4c7c8fc0af62d3b6bb77468b025a6
b832ad365d81c2a6b9a5269cf11a32a6988c2b40
f233b987520d6474808c84299c0f5cceb88fc77f34ad0e563bdc5e2d902e26c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 20:49:45 GMT
Expires: Sat, 04 Feb 2023 20:49:44 GMT
Etag: "b832ad365d81c2a6b9a5269cf11a32a6988c2b40"
Cache-Control: max-age=388326,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f04cbebb51d-OSL
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash f1a5c519dcd4e91ba2f1ce6536b13213
535b8cb493a6c8f56d4bffc7b70e8d321bcbc3ec
96625f0f30905f52ebf522931b1f473aed9a6a39a611523e5d68acc92d86666f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 30 Jan 2023 19:32:50 GMT
Expires: Tue, 31 Jan 2023 19:32:50 GMT
ETag: "535b8cb493a6c8f56d4bffc7b70e8d321bcbc3ec"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f2263d888c7ccbc9b86c6429e4c22716
4cc87ed1db15f93b0b539466460516c857da2a49
04c56a09a5412b9ef4310c55293a57ede2b16232f41b2a318a21ccecf7523f66
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 23:43:04 GMT
Expires: Sun, 05 Feb 2023 23:43:03 GMT
Etag: "4cc87ed1db15f93b0b539466460516c857da2a49"
Cache-Control: max-age=485125,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f05287fb515-OSL
u1055.com/9e1d97c5f88c4717a146e59c2ab7208e.gif
103.170.15.41200 OK 488 kB URL HTTP/2 u1055.com/9e1d97c5f88c4717a146e59c2ab7208e.gif
IP 103.170.15.41:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 980 x 100\012- data
Size 488 kB (488260 bytes)
Hash 69ad33cf174ba3acefada6f149223b8a
2fba823f7286cc8e12ee3d8887375f8ccc010f84
79565f9eb2a64c62b7defaa5942cc5efdf46dce8a34044282419b9f2cd8f6111
GET /9e1d97c5f88c4717a146e59c2ab7208e.gif HTTP/1.1
Host: u1055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63b54e2d-77344"
server: nginx
date: Mon, 30 Jan 2023 08:46:45 GMT
content-type: image/gif
last-modified: Wed, 04 Jan 2023 10:00:13 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-31
content-length: 488260
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d87993e9a2072eef3cd77babd0d78baa
9fb41370f0379b3493b1dfee339e1a57451addd3
0ebee77ce2e4c544f0b642f4d842a9b90209faf9aac8ff1aeb9bd7c9af6ed43e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:31:14 GMT
Expires: Sun, 05 Feb 2023 15:31:13 GMT
Etag: "9fb41370f0379b3493b1dfee339e1a57451addd3"
Cache-Control: max-age=455615,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f04cbef0b49-OSL
u1055.com/766a9ba6979c4f5aae898c52bfe6ec25.gif
103.170.15.41200 OK 89 kB URL HTTP/2 u1055.com/766a9ba6979c4f5aae898c52bfe6ec25.gif
IP 103.170.15.41:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 300 x 174\012- data
Hash 68419df54aa3f860cdfbd4f01e0c4ba6
abf3dd29e383d995652c561d4b53609cb0d80e2a
5a2ee3bbb8cdee0db69c5d5107425f3d8bb14dea8b7f3df4033e2da08591f0b1
GET /766a9ba6979c4f5aae898c52bfe6ec25.gif HTTP/1.1
Host: u1055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63babeec-15c90"
server: nginx
date: Sat, 21 Jan 2023 03:01:06 GMT
content-type: image/gif
last-modified: Sun, 08 Jan 2023 13:02:36 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-31
content-length: 89232
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 3f5bc00a357e02884712951fcedd2a9a
4d6f8e5dc162acb8019e6d6df6c8074b302ce114
559e18025c08c00db4944590df6dd3231b725cf2a501ce1c1df8db58ff577dce
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 02:51:07 GMT
Expires: Sat, 04 Feb 2023 02:51:06 GMT
Etag: "4d6f8e5dc162acb8019e6d6df6c8074b302ce114"
Cache-Control: max-age=323608,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f04ca13b521-OSL
3888537ccc.com/2dffd6822fff499da6133542ede23169.gif
45.61.212.126200 OK 785 kB URL HTTP/1.1 3888537ccc.com/2dffd6822fff499da6133542ede23169.gif
IP 45.61.212.126:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 785 kB (785064 bytes)
Hash 9790eeab3cd6b04d5a97f292e09aa2ea
d5b05a3ea51a795a61efe13c0bebe7bfa373373e
76e3c428d666666df9fb2ba783e3929046ecfc82cd51c4c056a7de7036bf1cc1
GET /2dffd6822fff499da6133542ede23169.gif HTTP/1.1
Host: 3888537ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c25fdd-bfaa8"
Date: Sun, 29 Jan 2023 01:12:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 14 Jan 2023 07:55:09 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-26
Content-Length: 785064
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9934c9814f5bdaf472c88c62e9f03624
0d9d34c7ccb344b57b2ed4c33001d9b400ae17e2
71b468a187afa7d7afbb408543510286c14fddeab527e26ca86f88dbda4a191e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 01:54:30 GMT
Expires: Mon, 06 Feb 2023 01:54:29 GMT
Etag: "0d9d34c7ccb344b57b2ed4c33001d9b400ae17e2"
Cache-Control: max-age=493011,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f04cab80b59-OSL
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c22b105efd877cecaffcf585d0bcb436
fd5cf16aa376c4b5d4945004ec7cb512c30310ca
8cb5e3b075a4cfab7817e00a00af41f6cffb9d0db08dba416d7a87bdcac9c8b1
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 31 Jan 2023 08:47:37 GMT
last-modified: Sun, 29 Jan 2023 04:53:34 GMT
expires: Sun, 05 Feb 2023 04:53:33 GMT
etag: "fd5cf16aa376c4b5d4945004ec7cb512c30310ca"
cache-control: max-age=417355,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
cf-ray: 79212f05cd9d2bd2-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675154857
via: cache14.l2de2[37,33,304-0,C], cache4.l2de2[35,0], cache4.se1[122,122,200-0,H], cache5.se1[124,0], cache5.se1[127,0]
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:4:168060355
x-swift-savetime: Tue, 31 Jan 2023 08:47:37 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9916751548577807025e, 2ff62c9916751548577807025e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c22b105efd877cecaffcf585d0bcb436
fd5cf16aa376c4b5d4945004ec7cb512c30310ca
8cb5e3b075a4cfab7817e00a00af41f6cffb9d0db08dba416d7a87bdcac9c8b1
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 31 Jan 2023 08:47:37 GMT
last-modified: Sun, 29 Jan 2023 04:53:34 GMT
expires: Sun, 05 Feb 2023 04:53:33 GMT
etag: "fd5cf16aa376c4b5d4945004ec7cb512c30310ca"
cache-control: max-age=417355,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
cf-ray: 79212f05cd9d2bd2-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675154857
via: cache14.l2de2[37,36,304-0,M], cache21.l2de2[38,0], cache5.se1[120,120,200-0,H], cache5.se1[122,0], cache5.se1[123,0]
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:4:455420084
x-swift-savetime: Tue, 31 Jan 2023 08:47:37 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9916751548577827027e, 2ff62c9916751548577827027e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c22b105efd877cecaffcf585d0bcb436
fd5cf16aa376c4b5d4945004ec7cb512c30310ca
8cb5e3b075a4cfab7817e00a00af41f6cffb9d0db08dba416d7a87bdcac9c8b1
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 31 Jan 2023 08:47:37 GMT
last-modified: Sun, 29 Jan 2023 04:53:34 GMT
expires: Sun, 05 Feb 2023 04:53:33 GMT
etag: "fd5cf16aa376c4b5d4945004ec7cb512c30310ca"
cache-control: max-age=417355,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
cf-ray: 79212f05cd9d2bd2-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675154857
via: cache14.l2de2[37,33,304-0,C], cache4.l2de2[35,0], cache4.se1[122,51,200-0,C], cache5.se1[53,0], cache2.se1[56,0]
age: 0
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 31 Jan 2023 08:47:37 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9616751548578511538e, 2ff62c9616751548578511538e
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash f381ec90ce280b87435a1f2db6eabf47
80f4680e5618602e96d5392155df64fef52202c6
41f43bf36dd7e80e66b01586399632e54a00ccb8ad102b63783e8343dc92c52b
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 31 Jan 2023 08:47:37 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f0407726863dec739a5eb64c188df5f3
ba6e9a28b711c8561c49e8401c8f8ef169c53330
b1467174071d4da743d6d23b37f174caabe5a21b867352de5a8bd17b03558a4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4576
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:37 GMT
Last-Modified: Tue, 31 Jan 2023 07:31:21 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 23322a877a66f2590b48cfc09a136fce
d1067e1cca62521a00c69762630263a715cb8139
54c194e17586ed948d0842f6f855cb97c0f15972055fc585449e11f74637395b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 04:33:44 GMT
Expires: Sun, 05 Feb 2023 04:33:43 GMT
Etag: "d1067e1cca62521a00c69762630263a715cb8139"
Cache-Control: max-age=416165,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f064de3b51d-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 4945ada35e3812939a29d6368a196f4d
14a81e951bb7ca3a6421b6ca97e3430ec2994483
ef7f0f8b1554c68049f408ab758100d4129c8a2af63a272417f310e17541cff6
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 06:06:36 GMT
Expires: Sat, 04 Feb 2023 06:06:35 GMT
Etag: "14a81e951bb7ca3a6421b6ca97e3430ec2994483"
Cache-Control: max-age=335337,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f063ffcb505-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0a21307ac63b459862fc1db0714bfbc1
4cd67928f07d7090dce74efb37e9a67aa5ffd8b1
9c0a8cc6bcbfbbb1cc9359b3023f12b69d5ade0983af3b0d227394968ddd60fe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 22:55:25 GMT
Expires: Sun, 05 Feb 2023 22:55:24 GMT
Etag: "4cd67928f07d7090dce74efb37e9a67aa5ffd8b1"
Cache-Control: max-age=482265,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f06ceb1b51d-OSL
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 5f67f93c8ff9f8ba44c79df860119bed
5da546609ca6a30a5c66575f95057219957e1c1a
536427f7eb77f7e7d00d9917ecef316c96601261a708761fb0ffceb7c7a6a39f
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 096c2f01-747d-4444-a8ca-e5e67e9d1296
Content-Length: 1701
Date: Tue, 31 Jan 2023 08:47:38 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 44dfc159e57dcba25871c8efdbfc8264
bf9d4392b66f7fe8f2e98cea87e68f3a6ba7cc65
8238f9fb21397ea0e19add8738a328c4ee2a7f2b3417913fdab6b01244785c70
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 5b36238d-6d48-4bfe-83f7-6eb2cb9b48d5
Content-Length: 1701
Date: Tue, 31 Jan 2023 08:47:38 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash b122cc04e0228f3d1315e99e10799c6f
bd745e1dae3366b80ab07e439ce31e6c84fb5b0f
f24a65d2664e006d901756219c3f10bd5b3eadcdd5fa43a53fe78dfbd4ca7322
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 4046940a-f98c-4817-afdb-c9b62fb1c4f6
Content-Length: 1701
Date: Tue, 31 Jan 2023 08:47:38 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/Y5ojaBtLN6o
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Y5ojaBtLN6o
IP 216.58.211.3:0
Hash 2a374a0ac008fe2a5ac183f60514ef83
1848c49c3d67600829a56d114aa34a14c24e86fc
342abec59d397f525b47e12086ef25e74eee50be65edcff7cdf8ee8c5025dcc2
POST /s/gts1p5/Y5ojaBtLN6o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 4a3e20a627bf2010e7190db632a5373f
3cc6ad9fe892d022b623ad2882c666843e263969
ae88148a3382c08ddcabdfde3b986d679ad77f04ca765b367bd0894667e945d2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 23:53:11 GMT
Expires: Sat, 04 Feb 2023 23:53:10 GMT
Etag: "3cc6ad9fe892d022b623ad2882c666843e263969"
Cache-Control: max-age=399331,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f064a1eb515-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash db6fe3f2b1f6239b2fb0884af786457a
dd4540dfe089d3eab47cd057efe32b43db7ac1ac
97d9073bc616d42284de7ab45b18c248e501f40e9f9dc6059822c974e6342bdc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 10:57:50 GMT
Expires: Sat, 04 Feb 2023 10:57:49 GMT
Etag: "dd4540dfe089d3eab47cd057efe32b43db7ac1ac"
Cache-Control: max-age=352810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f07abfbb515-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash db6fe3f2b1f6239b2fb0884af786457a
dd4540dfe089d3eab47cd057efe32b43db7ac1ac
97d9073bc616d42284de7ab45b18c248e501f40e9f9dc6059822c974e6342bdc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 10:57:50 GMT
Expires: Sat, 04 Feb 2023 10:57:49 GMT
Etag: "dd4540dfe089d3eab47cd057efe32b43db7ac1ac"
Cache-Control: max-age=352810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f07aab8b50b-OSL
www.linkpicture.com/q/banner-200x200.gif
104.21.235.181200 OK 45 kB URL HTTP/2 www.linkpicture.com/q/banner-200x200.gif
IP 104.21.235.181:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash b4f4fed461bbb4b26470493d20981400
22428e4181e945df1cbfe9cdf80b77c8a5bb6418
d40df33aef84673afdba73add3edb245024b1be4b1b8cfa00d99b4d038f2a490
GET /q/banner-200x200.gif HTTP/1.1
Host: www.linkpicture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 45020
last-modified: Sat, 24 Dec 2022 04:11:41 GMT
etag: "63a67bfd-afdc"
x-powered-by: PleskLin
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJY7BmasnAMMwx13MmRdZxLwXUBsR51ixY5E4VWVi9gcvJvp0La%2BcvHNZzsx4Bq8KIwhLy20Lzgi4zjnlMltP5dSUWX1gXYcIp5UkW47exDyRC2IkqTCfiJ8%2F0ZfrVvmkY4OSHiF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f06aaefdd50-LHR
X-Firefox-Spdy: h2
sydlcs.com/logotp/xfb66.gif
104.21.235.134200 OK 624 kB URL HTTP/2 sydlcs.com/logotp/xfb66.gif
IP 104.21.235.134:0
File type GIF image data, version 89a, 145 x 145\012- data
Size 624 kB (623748 bytes)
Hash a32d51e341cd89abbece4c69d304f22d
66079b18e75f9469f4be074e9bc02ba0d85c4361
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
GET /logotp/xfb66.gif HTTP/1.1
Host: sydlcs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 623748
last-modified: Fri, 15 Apr 2022 17:52:24 GMT
etag: "6259b0d8-98484"
expires: Tue, 21 Feb 2023 03:30:11 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 796532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e58zeGnM0p35bF1MHu%2FtMjALWohjwCOWc2PtTw78ha%2BozgjJEglbDMcXbS5Gno%2FDnhno4V%2BOaHqJMGFQFRODTZaSIFWfTLRJjhs2BlPWD6rqezMzNcQ7jftW6nWm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f07ae307324-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 250a21fd1172fcbfb7d9995d3c371c25
5930edf98db46045c5fb7178cbbad9fa095cbaac
9f490ed314cc48ad030f8e9a467451a5d1ba1f1a47094044e7eeec4455847b6c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:50:05 GMT
Expires: Mon, 06 Feb 2023 04:50:04 GMT
Etag: "5930edf98db46045c5fb7178cbbad9fa095cbaac"
Cache-Control: max-age=503545,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f074f62b51d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash db6fe3f2b1f6239b2fb0884af786457a
dd4540dfe089d3eab47cd057efe32b43db7ac1ac
97d9073bc616d42284de7ab45b18c248e501f40e9f9dc6059822c974e6342bdc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 10:57:50 GMT
Expires: Sat, 04 Feb 2023 10:57:49 GMT
Etag: "dd4540dfe089d3eab47cd057efe32b43db7ac1ac"
Cache-Control: max-age=352810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f075cd60b59-OSL
img.1163555.com/images/63a55917585d8a55b36609c0.gif
3.36.126.81302 Found 472 B URL HTTP/2 img.1163555.com/images/63a55917585d8a55b36609c0.gif
IP 3.36.126.81:0
Hash 21f19515c8c24b2afe25061d7d0affbf
aaa7858e6a6d54ed9c1acd95968cd8f28c4ee768
951679a2b61bae0abc63a2fbc634ad55ecf710827a2cb11e4e9951e65b3d6620
GET /images/63a55917585d8a55b36609c0.gif HTTP/1.1
Host: img.1163555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4b938e93009c41f49311f99dcd18f3b5
X-Firefox-Spdy: h2
img.ywtuchuang5.com/upload/vod/20230104-1/da474e6107b0f12b4cde1507c4b08828.jpg
154.12.54.85200 OK 8.1 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/da474e6107b0f12b4cde1507c4b08828.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c58f09268fc9471d93ea069afeaa8f30
a88b82f2b11312828985dc87423347c158a11005
dbd11d7aa60961ffd3761b3e440c2a9f0d64fb948a8757e80949c2650e6a49e7
GET /upload/vod/20230104-1/da474e6107b0f12b4cde1507c4b08828.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 8054
Last-Modified: Tue, 03 Jan 2023 16:16:44 GMT
Connection: keep-alive
ETag: "63b454ec-1f76"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.jialiimg.com/upload/vod/20230108-1/6ae912bba4def31f144ad171e6ea1022.jpg
108.186.171.14200 OK 10 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230108-1/6ae912bba4def31f144ad171e6ea1022.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3f85b3f2661d6a6d50816d520eb18471
563ddd8765e9d36b1fc41148a25b8d3118bde118
dbaa96d7cb9e1de4123f1bc234a11e9835fdf65cd871406b08a9cdfbbc9a8bed
GET /upload/vod/20230108-1/6ae912bba4def31f144ad171e6ea1022.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 10396
last-modified: Sat, 07 Jan 2023 18:40:57 GMT
etag: "63b9bcb9-289c"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.ywtuchuang5.com/upload/vod/20220612-1/709b5eb7ce724245df586fa6ecf221a7.jpg
154.12.54.85200 OK 8.8 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/709b5eb7ce724245df586fa6ecf221a7.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash f6881e49466500a75c1c8324329f1be7
fb7ab1d0359374c18de3f336141164bdb5822a85
d7523f223a4d59957de81d7a197cef3fa9177874c4a5fc87dc2e2cce7801218f
GET /upload/vod/20220612-1/709b5eb7ce724245df586fa6ecf221a7.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 8830
Last-Modified: Sun, 04 Sep 2022 15:52:46 GMT
Connection: keep-alive
ETag: "6314c9ce-227e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/ee6aa58c02e6cc87aaad1e87610bc623.jpg
154.12.54.85200 OK 7.7 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/ee6aa58c02e6cc87aaad1e87610bc623.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 493660e239be785c94fac5160539685f
c2c0a5c22e25b1b582cdade98b3150608a1cd269
854482cb0c0812c7fae123697b3eaff66b1662f3e480d52a6548018d72a336b5
GET /upload/vod/20230104-1/ee6aa58c02e6cc87aaad1e87610bc623.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 7719
Last-Modified: Tue, 03 Jan 2023 16:16:55 GMT
Connection: keep-alive
ETag: "63b454f7-1e27"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.jialiimg.com/upload/vod/20230104-1/056412f22a2d3a0ad118ed78079ddbb3.jpg
108.186.171.14200 OK 8.8 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230104-1/056412f22a2d3a0ad118ed78079ddbb3.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 86fa16ca58224c4e920f54cf722c2b00
8ea3f1ea19335a7dc41aab0172151ddfef9063f4
62fd8f3324ee27ae1e29778e5e1870c257883c8335026a05460459b2828d17c4
GET /upload/vod/20230104-1/056412f22a2d3a0ad118ed78079ddbb3.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 8763
last-modified: Tue, 03 Jan 2023 16:16:00 GMT
etag: "63b454c0-223b"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f1dde97ed1a94dbc76bea157ada5bf97
7608ccd3570795ed1ea10c571a4f5babffe4069b
a921720f4f80263d79b34703484900810b7c3420efa050e2e159987e84b9f694
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1452
Cache-Control: max-age=142980
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:38 GMT
Etag: "63d85b82-117"
Expires: Thu, 02 Feb 2023 00:30:38 GMT
Last-Modified: Tue, 31 Jan 2023 00:06:26 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 279
img.ywtuchuang5.com/upload/vod/20220612-1/3b092328b74de617364308ec201bce7b.jpg
154.12.54.85200 OK 9.2 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/3b092328b74de617364308ec201bce7b.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash c0e9068eef998b54626f4562db447cf0
0dd841430af68db062d4cc4b4678cbcc9d45ce60
3b84c225fbb288716d71ea388aa2d44b387b3d9a2efec34529f75b935c55fa1d
GET /upload/vod/20220612-1/3b092328b74de617364308ec201bce7b.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9209
Last-Modified: Sun, 04 Sep 2022 15:51:51 GMT
Connection: keep-alive
ETag: "6314c997-23f9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e0a4a28dddb3bc6ab050b9d0d6e29
a55a766610237d13718beacee001096ffac7c099
96f639286ef72c0beb981609e76a203e075e51bd57f614901c00904b93f5fc0c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "96F639286EF72C0BEB981609E76A203E075E51BD57F614901C00904B93F5FC0C"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Tue, 31 Jan 2023 14:46:31 GMT
Date: Tue, 31 Jan 2023 08:47:38 GMT
Connection: keep-alive
img.ywtuchuang5.com/upload/vod/20220612-1/f99d8c9890d42cf2d9ef3fa3af0062ff.jpg
154.12.54.85200 OK 7.7 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/f99d8c9890d42cf2d9ef3fa3af0062ff.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7175d23b3de84a14eea97ca10d6ad4cc
89d2b82d4c3bba6896f68f6bd60179e25ce56437
b6efb7ccd97fcddee9c1909cb83aa77c5b0d3d712e5e3e03342cfc39a15bb3dc
GET /upload/vod/20220612-1/f99d8c9890d42cf2d9ef3fa3af0062ff.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 7738
Last-Modified: Sun, 04 Sep 2022 15:50:14 GMT
Connection: keep-alive
ETag: "6314c936-1e3a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
104.21.30.227200 OK 45 kB URL HTTP/2 kvtaaa.top/3b519146003914bff4ecede8a7b76f26.gif
IP 104.21.30.227:0
File type GIF image data, version 89a, 300 x 250\012- data
Hash 27a2817f52fee59d33a011663237afdc
e7d0b357438c2865cebc6c484e5d59bc1f048593
646c480e9b32d6623a25cb02951e9e2be603ff3926511754c6994f29857626fd
GET /3b519146003914bff4ecede8a7b76f26.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 44685
last-modified: Wed, 29 Jun 2022 14:36:22 GMT
etag: "62bc6366-ae8d"
expires: Fri, 24 Feb 2023 02:29:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 541069
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQ3Bv9E6ORfx8e6yQ0ZpDsCNuDirIonDRssdIplJ7fkTB5iPIL0bIVFLK5MQq51eXzWLdI4vj%2BjgAQ7nKo45KUiz0haBdcZBykjSYmB1HwlYrPqTY%2BsLPApBuK1d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f095cf70b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pic.picnewsss.com/tu-pic/se-1.jpg
23.225.139.251200 OK 27 kB URL HTTP/2 pic.picnewsss.com/tu-pic/se-1.jpg
IP 23.225.139.251:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Hash d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e
GET /tu-pic/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Tue, 31 Jan 2023 07:47:01 GMT
etag: "1675151334"
expires: Thu, 02 Mar 2023 07:47:01 GMT
last-modified: Tue, 31 Jan 2023 07:48:54 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 26754
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4aa69f4cc09a3f36bd775636c24ea226
3d6a071c4899a324626979cc6fa5ac40539921cc
a09e4dd32a8aa9f78dbca779bee3cfbec2d866902545db05eb6bee7653c2a893
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A09E4DD32A8AA9F78DBCA779BEE3CFBEC2D866902545DB05EB6BEE7653C2A893"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7413
Expires: Tue, 31 Jan 2023 10:51:11 GMT
Date: Tue, 31 Jan 2023 08:47:38 GMT
Connection: keep-alive
kvtaaa.top/153ac71e52df3d7d664bf0bb17905f12.gif
104.21.30.227200 OK 202 kB URL HTTP/2 kvtaaa.top/153ac71e52df3d7d664bf0bb17905f12.gif
IP 104.21.30.227:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 202 kB (202324 bytes)
Hash b3257a1280c7afd3cc952de2c91b1b68
9b1a4dc37ecaca40f22a6748542f8431a8c6d03d
6e09a9770baaf036b9d90d6826ac91de0246661c68d573064c774edd97047fd6
GET /153ac71e52df3d7d664bf0bb17905f12.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://38.239.19.74/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 202324
last-modified: Mon, 13 Jun 2022 10:12:34 GMT
etag: "62a70d92-31654"
expires: Thu, 02 Feb 2023 18:21:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2384797
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhbettSRUCKfR%2F1H7%2B49S%2BEe5vIWqVsOBA4tZ7pkFCWnrRyEDfJrRXMzkQUChN98lftB9028E5603Y%2F%2BxMnwT%2B7oVad%2FpneD%2BvhgwfVLap7HhgVbGfs%2BBdqhjxwM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f096d040b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 3c74e0bfa8071fe3c7bed9add71f9bef
da0687adc4e4a0b4946a4c79c359b04f687aaf4f
c5f2a337beb1ddbd37efe61506d35a5061517a2bd248b13618a501d34e90d9fd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 05:12:56 GMT
Expires: Sun, 05 Feb 2023 05:12:55 GMT
Etag: "da0687adc4e4a0b4946a4c79c359b04f687aaf4f"
Cache-Control: max-age=418516,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f082c8db515-OSL
img.ywtuchuang5.com/upload/vod/20220612-1/93a33a6778a5f2faf6fdb822c659133a.jpg
154.12.54.85200 OK 9.0 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/93a33a6778a5f2faf6fdb822c659133a.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash e9be99c0433caed205f75443f48c5597
8e04590f5b5e902894dc03ce6ebc0bef585aa78e
5fc75cdff95bdefa7cb1fb0fa0cb8b3f6763931baad3077acf528218174d0c75
GET /upload/vod/20220612-1/93a33a6778a5f2faf6fdb822c659133a.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9011
Last-Modified: Sun, 04 Sep 2022 15:55:35 GMT
Connection: keep-alive
ETag: "6314ca77-2333"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f1dde97ed1a94dbc76bea157ada5bf97
7608ccd3570795ed1ea10c571a4f5babffe4069b
a921720f4f80263d79b34703484900810b7c3420efa050e2e159987e84b9f694
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:38 GMT
Etag: "63d70a03-116"
Server: ECS (amb/6BA1)
Content-Length: 279
tvax3.sinaimg.cn/large/006j3g7igy1h3qh5sh9ttg303c03c78m.gif
23.36.77.33403 Forbidden 316 B URL HTTP/2 tvax3.sinaimg.cn/large/006j3g7igy1h3qh5sh9ttg303c03c78m.gif
IP 23.36.77.33:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6482ea1fae18c8248ed85127dbcc120e
a6b0cb15712806143f9646cb5c286436cd77353d
31ee7a976476e7e576fc7914d1844bf366d4a8c2ada2d524e99c4fde8cf04737
GET /large/006j3g7igy1h3qh5sh9ttg303c03c78m.gif HTTP/1.1
Host: tvax3.sinaimg.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: AkamaiGHost
mime-version: 1.0
content-type: text/html
content-length: 316
expires: Tue, 31 Jan 2023 08:47:38 GMT
date: Tue, 31 Jan 2023 08:47:38 GMT
x-cache: TCP_DENIED from a23-36-77-29.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
network_info: NO_OSLO_50304
served-from:
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f1dde97ed1a94dbc76bea157ada5bf97
7608ccd3570795ed1ea10c571a4f5babffe4069b
a921720f4f80263d79b34703484900810b7c3420efa050e2e159987e84b9f694
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141528
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:38 GMT
Etag: "63d85b82-117"
Expires: Thu, 02 Feb 2023 00:06:26 GMT
Last-Modified: Tue, 31 Jan 2023 00:06:26 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/s/gts1p5/Y5ojaBtLN6o
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Y5ojaBtLN6o
IP 216.58.211.3:0
Hash 2a374a0ac008fe2a5ac183f60514ef83
1848c49c3d67600829a56d114aa34a14c24e86fc
342abec59d397f525b47e12086ef25e74eee50be65edcff7cdf8ee8c5025dcc2
POST /s/gts1p5/Y5ojaBtLN6o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.jialiimg.com/upload/vod/20230105-1/2b32ebb6b67fd1fb2cd03a42d6198336.jpg
108.186.171.14200 OK 6.0 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230105-1/2b32ebb6b67fd1fb2cd03a42d6198336.jpg
IP 108.186.171.14:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 34683d9955b121cf90b9d2d9505b6687
6aae762d275c36127813655fb3b6a069ca86f2d6
ebd3f80d927789dafd2d6245c6965a111ba692565544b437a3081bc3193aea1d
GET /upload/vod/20230105-1/2b32ebb6b67fd1fb2cd03a42d6198336.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 6008
last-modified: Wed, 04 Jan 2023 16:33:43 GMT
etag: "63b5aa67-1778"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230106-1/ce26b4dad0455e7546788dd1e6b0a636.jpg
108.186.171.14200 OK 13 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230106-1/ce26b4dad0455e7546788dd1e6b0a636.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5ff9294ad9537f63396bfffaeb3c91bc
caf7e702f672093a1b9d4b90ba4950563aa12895
a5cab76b420975b905b279645b640c78e7d410e98cad2ff6afd5b22c80b20588
GET /upload/vod/20230106-1/ce26b4dad0455e7546788dd1e6b0a636.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 12908
last-modified: Thu, 05 Jan 2023 16:17:59 GMT
etag: "63b6f837-326c"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif
104.21.30.227200 OK 917 kB URL HTTP/2 kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif
IP 104.21.30.227:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 917 kB (917343 bytes)
Hash 4c00e1159d5d1e950b0b9d0bf4ff89ea
ff4782d5b4f083af52757f7f74c524f17ad67a93
edb306fed3ef2015e2eb7a7d11d15f923367819b44e15d0650fdea692f50005e
GET /01dfa9bde54e701e29b1896a128d2cc1.gif HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://38.239.19.74/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 917343
last-modified: Sun, 25 Dec 2022 10:36:11 GMT
etag: "63a8279b-dff5f"
expires: Fri, 24 Feb 2023 21:03:35 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 474243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LyhbMBzJe4dJoU%2F8%2BmRFkvoI3LUg%2BC%2BRowNFfkeI9BDvxZCm9Pe%2FAJN6RGQq%2FuCG01BMfndOg5fgNyZMXijkvUVntd4m%2B%2BwLkAs5mUFdV%2B3nTsFdDZvOxpaUfPpU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f0a3dd80b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtaaa.top/0386d45065aa4bb1d118804aea2b6df7.md.jpg
104.21.30.227200 OK 74 kB URL HTTP/2 kvtaaa.top/0386d45065aa4bb1d118804aea2b6df7.md.jpg
IP 104.21.30.227:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3\012- data
Hash d2f4823d32955aa0ab7f1359c6f6a00d
997f59a923215431e9eb7147b6e1672fd9826ef1
d00210ef7dff97905d6006f244eaac0531b376a4caf11f3891ab5bbe69477998
GET /0386d45065aa4bb1d118804aea2b6df7.md.jpg HTTP/1.1
Host: kvtaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/jpeg
content-length: 74378
last-modified: Mon, 26 Dec 2022 11:39:03 GMT
etag: "63a987d7-1228a"
expires: Fri, 24 Feb 2023 11:55:11 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 507147
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzicMPQj8ezbVtZnhT%2BKIJ6tpTpNwHvwV%2BRJESWW%2B%2FE71X%2F4kS8X7OOmghSiApYSESvRgRsaJZw%2FaJJOhTKkxn3%2BCFnSikPrTx9EndpAR6vrvV5secctjucw%2BC0Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f0a7e110b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
99885aaa.com/cd98bc96c0984d2e8697f0b9305bc3dd.gif
103.170.15.81200 OK 15 kB URL HTTP/1.1 99885aaa.com/cd98bc96c0984d2e8697f0b9305bc3dd.gif
IP 103.170.15.81:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 120 x 120\012- data
Hash 59333778fca8734541076ed1d1fc587f
45be351713f5fb47d1a69372e4723d115e35b96c
53d1081701662a63e4b1760dc932430f93acd196b5e5b4d580df114eb947296c
Analyzer Verdict Alert quad9 Sinkholed
GET /cd98bc96c0984d2e8697f0b9305bc3dd.gif HTTP/1.1
Host: 99885aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a1a910-3c57"
Date: Tue, 20 Dec 2022 12:29:51 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 20 Dec 2022 12:22:40 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-11
Content-Length: 15447
img.ywtuchuang5.com/upload/vod/20220612-1/39dc867599228d84316cab277d8d1836.jpg
154.12.54.85200 OK 9.1 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/39dc867599228d84316cab277d8d1836.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash b7bfde46fa0b5117370aab99c881b31a
3d5130f2b8de37df41874f06d360f2687a8880f4
aaf49a9fbdbb23dc06c921187c15afda8c56abeef8aec3f6398f8e7baee05ea2
GET /upload/vod/20220612-1/39dc867599228d84316cab277d8d1836.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9103
Last-Modified: Sun, 04 Sep 2022 15:52:00 GMT
Connection: keep-alive
ETag: "6314c9a0-238f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/a8d50dc2612453610049e8235ae5c68a.jpg
154.12.54.85200 OK 9.5 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/a8d50dc2612453610049e8235ae5c68a.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 9e7eb92a807cf5f58ed3783c5b96566e
e021ef9257e4b4f557006d4240c7bae3a4a65278
e07dd2d7b3ee93272ced8a25049bcc8e43c5c4e57f67dec0ec3adb80023365ae
GET /upload/vod/20230104-1/a8d50dc2612453610049e8235ae5c68a.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9496
Last-Modified: Tue, 03 Jan 2023 16:17:16 GMT
Connection: keep-alive
ETag: "63b4550c-2518"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220612-1/23f19e63473defe9508ff1af8745b358.jpg
154.12.54.85200 OK 9.0 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/23f19e63473defe9508ff1af8745b358.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash b805717fba4c163d6bda802dfaae5b16
020c08e250a02b029f7eb7caca23684536b26cd5
2f2aa27417b691f6162b00bfb2c83e4a8314376e5d74b14fdc853253da19bead
GET /upload/vod/20220612-1/23f19e63473defe9508ff1af8745b358.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9018
Last-Modified: Sun, 04 Sep 2022 15:56:11 GMT
Connection: keep-alive
ETag: "6314ca9b-233a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220612-1/0c2b055fc6e866df0742727e0d275e3d.jpg
154.12.54.85200 OK 8.7 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/0c2b055fc6e866df0742727e0d275e3d.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash e477b85115a8351deb255792467a8296
24ec7cc532a707f66ad695d465827a1984fb8e1f
a2bd5cc91f637a3670fbb117909c5b2a9da48212803b742796171fd1c42ee68c
GET /upload/vod/20220612-1/0c2b055fc6e866df0742727e0d275e3d.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 8672
Last-Modified: Sun, 04 Sep 2022 15:50:07 GMT
Connection: keep-alive
ETag: "6314c92f-21e0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/d30ae2437638c5db5818ab3dd7215188.jpg
154.12.54.85200 OK 9.9 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/d30ae2437638c5db5818ab3dd7215188.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b57a97d83973d8916fcc4fda00f376b4
fdb693afb08a3c10ff8bb720d0fcad88713673c2
8d18d6135efae5590aca5d05660514c3dd3662cbe763fc75499cc834c4f3c3cf
GET /upload/vod/20230104-1/d30ae2437638c5db5818ab3dd7215188.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9898
Last-Modified: Tue, 03 Jan 2023 16:17:18 GMT
Connection: keep-alive
ETag: "63b4550e-26aa"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f1dde97ed1a94dbc76bea157ada5bf97
7608ccd3570795ed1ea10c571a4f5babffe4069b
a921720f4f80263d79b34703484900810b7c3420efa050e2e159987e84b9f694
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1452
Cache-Control: max-age=142980
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:38 GMT
Etag: "63d85b82-117"
Expires: Thu, 02 Feb 2023 00:30:38 GMT
Last-Modified: Tue, 31 Jan 2023 00:06:26 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash d6c34ec10d1c6a65e943848028020d88
5f4ed54e072ca6c059cc6063fc7421cc35d9918f
54079355a651cac8fd4c7c2d09d31b1efd10b5b27ccf60fd6e168cab00648589
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6104
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:38 GMT
Last-Modified: Tue, 31 Jan 2023 07:05:54 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
img.jialiimg.com/upload/vod/20230104-1/ac56cd4b9f740d0c8ceab08dc5129c51.jpg
108.186.171.14200 OK 8.2 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230104-1/ac56cd4b9f740d0c8ceab08dc5129c51.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash ef792e4ccd99f72e2d7867175eefeb49
c4965add92c6702dbd32308f23c35b69a32959f2
ecc21792277def4467c3de100088da49e4e9e9a89e45242cc51442f4f0f49fee
GET /upload/vod/20230104-1/ac56cd4b9f740d0c8ceab08dc5129c51.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 8207
last-modified: Tue, 03 Jan 2023 16:15:23 GMT
etag: "63b4549b-200f"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.ywtuchuang5.com/upload/vod/20220612-1/a5a7c67fd182eae99aa39a99321b6ae1.jpg
154.12.54.85200 OK 7.3 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/a5a7c67fd182eae99aa39a99321b6ae1.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash 17b328bc3c0c55a0e04af9b929ff530b
e6b2e0d56d31a52bfb10804ac4fd778c58568f5f
a30e5dd899c13c2e889d80fbc7370038bc5491a07c709d48f5d91be312aba3bd
GET /upload/vod/20220612-1/a5a7c67fd182eae99aa39a99321b6ae1.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 7251
Last-Modified: Sun, 04 Sep 2022 16:02:45 GMT
Connection: keep-alive
ETag: "6314cc25-1c53"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e0a4a28dddb3bc6ab050b9d0d6e29
a55a766610237d13718beacee001096ffac7c099
96f639286ef72c0beb981609e76a203e075e51bd57f614901c00904b93f5fc0c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "96F639286EF72C0BEB981609E76A203E075E51BD57F614901C00904B93F5FC0C"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Tue, 31 Jan 2023 14:46:31 GMT
Date: Tue, 31 Jan 2023 08:47:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3321a01f05e04629f40593e7b885fd8f
da065e49ac9a969915a5e465e2e92614f8a6eb57
7e55c9a809bee2725026ebde818df2a8ea659aa7cb90a8b0ac7a51d13e655e2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2969
Cache-Control: max-age=136615
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:38 GMT
Etag: "63d83cb8-2d7"
Expires: Wed, 01 Feb 2023 22:44:33 GMT
Last-Modified: Mon, 30 Jan 2023 21:55:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3321a01f05e04629f40593e7b885fd8f
da065e49ac9a969915a5e465e2e92614f8a6eb57
7e55c9a809bee2725026ebde818df2a8ea659aa7cb90a8b0ac7a51d13e655e2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3341
Cache-Control: max-age=136987
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:47:38 GMT
Etag: "63d83cb8-2d7"
Expires: Wed, 01 Feb 2023 22:50:45 GMT
Last-Modified: Mon, 30 Jan 2023 21:55:04 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 727
8499165.com/8499/320x180.gif
23.224.101.35200 OK 189 kB URL HTTP/2 8499165.com/8499/320x180.gif
IP 23.224.101.35:0
File type GIF image data, version 89a, 320 x 185\012- data
Size 189 kB (188752 bytes)
Hash b509f2dc9b21ae7425713b0313a9e0ae
f8d9ab2e41c442872a8193cdefbfd24972c25d49
9ca2b0643406090c29973b82953032ca7f0027b0ae2d871e5de77e89ce2f1c21
GET /8499/320x180.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 188752
last-modified: Wed, 28 Dec 2022 08:15:26 GMT
etag: "2e150-5f0def882a9b5"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
8499225.com/8499/150x150.gif
162.209.128.163200 OK 185 kB URL HTTP/2 8499225.com/8499/150x150.gif
IP 162.209.128.163:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 185 kB (185171 bytes)
Hash 09b278a0ce767cdcdc3b9be868a94320
b69d4a2345f4d5ae6cc772a70456ea7aea74ce95
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
GET /8499/150x150.gif HTTP/1.1
Host: 8499225.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 185171
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
etag: "2d353-5f0e00094173c"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
u1099.com/09c41f1834594b05910b9dd3ef0ee1f7.png
103.170.15.56200 OK 50 kB URL HTTP/2 u1099.com/09c41f1834594b05910b9dd3ef0ee1f7.png
IP 103.170.15.56:0
ASN #7483 Skycloud Computing co., Ltd.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 97cc6988849502540b56f5ee80515f33
c4dc920b46f883c78aa349f57db666febc7f33d4
a54ecdafac52d98d03467b2abf9688027f71d6b93f89b3388c91302795b5ff9e
GET /09c41f1834594b05910b9dd3ef0ee1f7.png HTTP/1.1
Host: u1099.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63b54e38-c3ec"
server: nginx
date: Tue, 31 Jan 2023 05:09:02 GMT
content-type: image/png
last-modified: Wed, 04 Jan 2023 10:00:24 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-46
content-length: 50156
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/4b938e93009c41f49311f99dcd18f3b5
47.246.44.224200 OK 135 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/4b938e93009c41f49311f99dcd18f3b5
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 320 x 180\012- data
Size 135 kB (135342 bytes)
Hash df90b320485de1418478f3bc0844db51
486b7c7966aeced5363b55958319f4d9186cd702
2f1b44986411344a042f649704e1221e48b3a412900053e356e6e7d41ebf2d5f
GET /obj/tos-cn-i-dy/4b938e93009c41f49311f99dcd18f3b5 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 135342
date: Sat, 10 Dec 2022 02:41:49 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Dec 2022 16:31:56 GMT
nw-session-id: 2022121000315601020908716304980E7E74hjp01dy
nw-session-trace: 2022-12-10T00:31:56.398916639+08:00 200
x-bdcdn-cache-status: TCP_HIT
x-length: 135342
x-powered-by: ImageX
x-response-date: Sat, 10 Dec 2022 00:31:56 GMT
x-tt-logid: 2022121000315601020908716304980E7E
via: n204-098-210, cache14.l2de2[0,0,206-0,H], cache17.l2de2[0,0], cache17.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[2,0]
x-request-ip: fdbd:dc01:29:554::77
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce1081973ded83abeefe282ff469caebbeb54b6c5496681b5e8e4bc2224e345639b3532845878236474849a1accdc8eec7b59c93c60be9790072ef252278d3c912bbf9b69949038e3453bc429d10db5de26968
x-response-lb: image
ali-swift-global-savetime: 1670640109
age: 4514749
x-cache: HIT TCP_HIT dirn:11:195676335
x-swift-savetime: Sat, 10 Dec 2022 02:52:22 GMT
x-swift-cachetime: 31535367
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548587202188e
X-Firefox-Spdy: h2
99887aaa.com/8bcd2bfe9b2049c5b7fe741f671ef33d.gif
45.61.212.49200 OK 584 kB URL HTTP/1.1 99887aaa.com/8bcd2bfe9b2049c5b7fe741f671ef33d.gif
IP 45.61.212.49:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 584 kB (584025 bytes)
Hash ebf4ee75bbd43b703e1b1b861ba166e2
c241029604f77ad6b4f56894bc51decfededfde7
d6655adbfa7089435d168e9b1432e524f0bf11be8b80ddc499bef69bd5a376ea
GET /8bcd2bfe9b2049c5b7fe741f671ef33d.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "630b4851-8e959"
Date: Fri, 13 Jan 2023 09:16:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 28 Aug 2022 10:49:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-19
Content-Length: 584025
8499165.com/8499/zzxx/960x80.gif
23.224.101.35200 OK 367 kB URL HTTP/2 8499165.com/8499/zzxx/960x80.gif
IP 23.224.101.35:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 367 kB (366944 bytes)
Hash bde9cbff38e305f40a245a7cf87bd85a
4aaa627b0db260ac7f97a9223e93b1e2f35caba4
375eaceb954016306188bd02f6cc229f71c8e1ef337e99b6ec0a98fad9b3eb7e
GET /8499/zzxx/960x80.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:37 GMT
content-type: image/gif
content-length: 366944
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "59960-5f092cf09840f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/0332074d0cf944a6bfd16ee42cb38530
47.246.44.224200 OK 189 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/0332074d0cf944a6bfd16ee42cb38530
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 140\012- data
Size 189 kB (188990 bytes)
Hash c54df405b01553fde2a974eed883373e
94c38c7f0fc0714dc86897dc7ee51ec57f168d74
b266850edb393d4f675351e83507168d791a3de53af1e94712e524c9800ac91d
GET /obj/tos-cn-i-dy/0332074d0cf944a6bfd16ee42cb38530 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 188990
date: Fri, 23 Dec 2022 08:13:55 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 23 Dec 2022 07:57:32 GMT
nw-session-id: 202212231557329EC514B12972589114DCsdmlc03dy
nw-session-trace: 2022-12-23T15:57:32.16948373+08:00 39
x-bdcdn-cache-status: TCP_HIT
x-length: 188990
x-powered-by: ImageX
x-response-date: Fri, 23 Dec 2022 15:57:32 GMT
x-tt-logid: 202212231557329EC514B12972589114DC
via: n132-080-031, cache11.l2de2[0,0,206-0,H], cache21.l2de2[1,0], cache21.l2de2[1,0], cache8.se1[0,0,200-0,H], cache2.se1[2,0]
x-request-ip: fdbd:dc03:15:294::68
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 0112822cd344b558b193bef668b3a6b7e9ed4bf3ed0f69b71df48bb601509a260ceebda4d00a7bfbd90f7de37213b3a430d57de87c60cac62eceaea4802da6e5e15bb7d9559bc2d8914a9a2eb3a83ce63e8ce1ec0cf52fef6b0f1c1c83b352c97e
x-response-lb: image
ali-swift-global-savetime: 1671783235
age: 3371623
x-cache: HIT TCP_HIT dirn:4:183381709
x-swift-savetime: Fri, 23 Dec 2022 08:54:50 GMT
x-swift-cachetime: 31533545
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548587322194e
X-Firefox-Spdy: h2
pic.picnewsss.com/tu-2022290039/100-100.gif
23.225.139.251200 OK 8.2 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/100-100.gif
IP 23.225.139.251:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 918513d290dddc60fa8c6ee3247e9c1e
3e2cf6fed66ac4fb1584dfb161961ed6b01f5404
9a3e1da3b8592c11a62956bb98bac93b2294bc93f11e39c3aa1511de6a3c5f5a
GET /tu-2022290039/100-100.gif HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Mon, 30 Jan 2023 16:51:04 GMT
etag: "1675097476"
expires: Wed, 01 Mar 2023 16:51:04 GMT
last-modified: Mon, 30 Jan 2023 16:51:16 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 8246
X-Firefox-Spdy: h2
pic.picnewsss.com/tu-2022290039/se-2.gif
23.225.139.251200 OK 89 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/se-2.gif
IP 23.225.139.251:0
File type GIF image data, version 89a, 267 x 160\012- data
Hash 482e725b00bf18359cae59cd413aea13
aaf8f22b9470066e250989a25a09a7486c3aaf28
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083
GET /tu-2022290039/se-2.gif HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Mon, 30 Jan 2023 19:38:23 GMT
etag: "1675107504"
expires: Wed, 01 Mar 2023 19:38:23 GMT
last-modified: Mon, 30 Jan 2023 19:38:24 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 89034
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/279708542d404206a2cca0377b6e0a16
47.246.44.224200 OK 387 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/279708542d404206a2cca0377b6e0a16
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 500 x 297\012- data
Size 387 kB (387112 bytes)
Hash 36e392542729c3003efcf2ce88814f1d
5a531cacf3d60704a64668041deab42f3ea53cb3
e6cd959f838de1f3e8d1eac234212cc4ac11526ecc7ce7577ef98790b7ee4f2f
GET /obj/tos-cn-i-dy/279708542d404206a2cca0377b6e0a16 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 387112
date: Sat, 28 Jan 2023 07:55:39 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 28 Jan 2023 07:16:35 GMT
nw-session-id: 20230128151635A11B8CFA428CCB0ADF7Fsjx4603dy
nw-session-trace: 2023-01-28T15:16:35.579988695+08:00 221
x-bdcdn-cache-status: TCP_HIT
x-length: 387112
x-powered-by: ImageX
x-response-date: Sat, 28 Jan 2023 15:16:35 GMT
x-tt-logid: 20230128151635A11B8CFA428CCB0ADF7F
via: n204-100-074, cache12.l2de2[206,205,206-0,M], cache8.l2de2[207,0], cache8.l2de2[207,0], cache1.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc01:29:150::87
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 012be64705e92d23785059d199aa7821677c3782768e2a2ac5033126a14bc0c69e645ef4755a0f06e5f0ae6bbe3859187312f7ada9abf3f58fdb2c89645cac4e7f913c462cf49edcc1b2218d0428105cd711d14955d37bbf53926b2de639a7778f
x-response-lb: image
ali-swift-global-savetime: 1674892539
age: 262319
x-cache: HIT TCP_MEM_HIT dirn:11:107176614
x-swift-savetime: Sat, 28 Jan 2023 07:55:39 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548587362195e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/8cc88b54ca2245dc8fced54eb3a49e83
47.246.44.224200 OK 211 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/8cc88b54ca2245dc8fced54eb3a49e83
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 200 x 200\012- data
Size 211 kB (211128 bytes)
Hash 7d4e398b1635b8736c5652b99d97e573
e3859ce984c08c98db109e95fa95b19df619ae7f
b5e85c2b0d4ae8c09d3a6279e87c52ea016ab97cd42c9cad8b7b581f44e4c993
GET /obj/tos-cn-i-dy/8cc88b54ca2245dc8fced54eb3a49e83 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 211128
date: Wed, 14 Dec 2022 08:19:23 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 14 Dec 2022 08:00:24 GMT
nw-session-id: 202212141600240102120750884F5A89439fwbf03dy
nw-session-trace: 2022-12-14T16:00:24.650900245+08:00 65
x-bdcdn-cache-status: TCP_HIT
x-length: 211128
x-powered-by: ImageX
x-response-date: Wed, 14 Dec 2022 16:00:24 GMT
x-tt-logid: 202212141600240102120750884F5A8943
via: n150-051-207, cache1.l2de2[170,169,206-0,M], cache4.l2de2[172,0], cache4.l2de2[172,0], cache5.se1[0,0,200-0,H], cache2.se1[2,0]
x-request-ip: fdbd:dc02:22:599::144
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01f9bffe01cdbf4a192b0dcac06a9aaa54e6c173f2080b3fd5e6f76037bc30bdb5432ac444a4650eb0226720c17498dd633ce16af6d391d536a468023bbbb2327ece2a851486dacb12d216abf76f85764207b98d041839e485cee02f93fb195485
x-response-lb: image
ali-swift-global-savetime: 1671005963
age: 4148895
x-cache: HIT TCP_HIT dirn:4:87313343
x-swift-savetime: Wed, 14 Dec 2022 08:19:23 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548587442205e
X-Firefox-Spdy: h2
8499165.com/8499/200x200.gif
23.224.101.35200 OK 166 kB URL HTTP/2 8499165.com/8499/200x200.gif
IP 23.224.101.35:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 166 kB (166259 bytes)
Hash 9fc0b7d64f735674a14a4db84e1b7284
06da074c05f5beaca6a3b610c72ddfecfa44ea5f
269b7a6d667098e8db5611e861c2160879f65c0e234f8c515b60bda77995f121
GET /8499/200x200.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 166259
last-modified: Sun, 08 Jan 2023 05:09:54 GMT
etag: "28973-5f1b9a949cebf"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.ywtuchuang5.com/upload/vod/20230104-1/d37181bafdaaeb46fdc9574bb252388a.jpg
154.12.54.85200 OK 16 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/d37181bafdaaeb46fdc9574bb252388a.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4b72f66111e67e42912dec811d6851be
afa23612a111a10a9cdc05c4c85afdde55b252e3
a5d92bfbec5ab2311a0ef27b5e16ec186e2ebd09962750fdb06cb4ef69606463
GET /upload/vod/20230104-1/d37181bafdaaeb46fdc9574bb252388a.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 15651
Last-Modified: Tue, 03 Jan 2023 16:17:18 GMT
Connection: keep-alive
ETag: "63b4550e-3d23"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220612-1/48630fee07951aaaa04f9761680539dc.jpg
154.12.54.85200 OK 9.5 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/48630fee07951aaaa04f9761680539dc.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash 2e722b01abf9311106e842d28702a922
584cdfa89274d32f11ba0c11a950de4430274770
b62a424c500fd844eb3f07dde4b25b3e5fbb0114104c66b2b6ab62856162c2e9
GET /upload/vod/20220612-1/48630fee07951aaaa04f9761680539dc.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9474
Last-Modified: Sun, 04 Sep 2022 15:51:17 GMT
Connection: keep-alive
ETag: "6314c975-2502"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220607-1/6c282ca7b8327a58180cf77c2bd3f551.jpg
154.12.54.85200 OK 9.8 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220607-1/6c282ca7b8327a58180cf77c2bd3f551.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1616x1617, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 240x320, components 3\012- data
Hash 4a6602476b3d25c71d0f4f33315b7103
f502c45ad0c490b8108a6e4b7d3f6ca8a049735a
a207b4f927297d5cba244cd37e4bb534558f3298216e33df8df446781d884dd2
GET /upload/vod/20220607-1/6c282ca7b8327a58180cf77c2bd3f551.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9817
Last-Modified: Sun, 04 Sep 2022 15:55:45 GMT
Connection: keep-alive
ETag: "6314ca81-2659"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220607-1/fc6b8b62d677a24044c4f90ca5ff7b72.jpg
154.12.54.85200 OK 11 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220607-1/fc6b8b62d677a24044c4f90ca5ff7b72.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 240x320, components 3\012- data
Hash f1e370855c072093801db7942f85b5ec
caf90eaecbc9dd3f4f45391d9a063928ea88a3d0
2546177d2308a956d7550a48fd818985e88a752df614f6c78964b4ca9e5d91f7
GET /upload/vod/20220607-1/fc6b8b62d677a24044c4f90ca5ff7b72.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 10957
Last-Modified: Sun, 04 Sep 2022 15:58:02 GMT
Connection: keep-alive
ETag: "6314cb0a-2acd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220607-1/267489f9a97c5c02318ef3494abf5df5.jpg
154.12.54.85200 OK 7.0 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220607-1/267489f9a97c5c02318ef3494abf5df5.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 89x120, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 240x320, components 3\012- data
Hash 3aa47dd24cca1755e49e38e9dca9598c
840f854ab8006a1f56ae82bc17a7d9e4da1cea44
5352af3526199d8a2ed930f3069b2d391e75f8d898f6988b5fe0339f1c80cfa5
GET /upload/vod/20220607-1/267489f9a97c5c02318ef3494abf5df5.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 6999
Last-Modified: Sun, 04 Sep 2022 16:01:04 GMT
Connection: keep-alive
ETag: "6314cbc0-1b57"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
plugins.doubleclicks.biz/plugins/ua/linkid.js
104.21.16.35403 Forbidden 2.8 kB URL HTTP/2 plugins.doubleclicks.biz/plugins/ua/linkid.js
IP 104.21.16.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1001)
Hash 7c559fd346eafbe9464877f20a2a0ad1
7cbbde61b0daaba2a0625656e607f27ed6f32153
7b245755517e76b2e49fe9046d1dc09d58404dc5f01d888242aff7d212490056
GET /plugins/ua/linkid.js HTTP/1.1
Host: plugins.doubleclicks.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jY%2B7dnhI6Ot5%2F2DoDnYSqoCt3J5IYx6K7aGyb2BslxMvdMxwuq%2F5n5%2F1gbMiBW%2BDTulsnSvWzHxqmYk0mHMPKjSCc%2FWRPjaI1ZbJCy5lAVQ1r2fBzhawyrkc6F1S0JcpOapLwiX%2FkzB%2FMNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f085da0b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230104-1/063ffd7bb1139c593c613c57d130d3e3.jpg
108.186.171.14200 OK 11 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230104-1/063ffd7bb1139c593c613c57d130d3e3.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 77cf28680a0333c096381900b92b5325
8e17c09af95042b8c94b0b8f4dbf0c0972878593
ff6ac191e8e99558a74ba8642add9d9b54ebd5cb761371e335ef938fd1f42bab
GET /upload/vod/20230104-1/063ffd7bb1139c593c613c57d130d3e3.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 11038
last-modified: Tue, 03 Jan 2023 16:16:00 GMT
etag: "63b454c0-2b1e"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
u1010.com/b1e6e408f0284fb2aa93e1c6e9188fad.gif
103.170.15.56200 OK 32 kB URL HTTP/2 u1010.com/b1e6e408f0284fb2aa93e1c6e9188fad.gif
IP 103.170.15.56:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 300 x 174\012- data
Hash e291a6e249141715b5b299f10ffa683f
1364d05fb0a69980fa2434fd406b000f2e50ef10
3af003ca205dcd94bb3bf0ac44952bc500c10b733fbc47b1ed0c9f1438fd1a97
GET /b1e6e408f0284fb2aa93e1c6e9188fad.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63b54e41-7c6a"
server: nginx
date: Mon, 30 Jan 2023 14:46:44 GMT
content-type: image/gif
last-modified: Wed, 04 Jan 2023 10:00:33 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-46
content-length: 31850
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/0d6b57d40f9842fda2732b741fc74e5b
47.246.44.224200 OK 167 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/0d6b57d40f9842fda2732b741fc74e5b
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 167 kB (166626 bytes)
Hash a644e0164396e4fab83828dd224e899e
5d7970fc6ec361828598b3281945670c1ac09202
6a150be88eddb354b86cc1c37d056ee539740012b23692641c7e5d6bfe1029be
GET /obj/tos-cn-i-dy/0d6b57d40f9842fda2732b741fc74e5b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 166626
date: Mon, 21 Nov 2022 17:25:38 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 21 Nov 2022 16:09:56 GMT
nw-session-id: 2022112200095601015109210135A47BABm852401dy
nw-session-trace: 2022-11-22T00:09:56.778098956+08:00 33
x-bdcdn-cache-status: TCP_HIT
x-length: 166626
x-powered-by: ImageX
x-response-date: Tue, 22 Nov 2022 00:09:56 GMT
x-tt-logid: 2022112200095601015109210135A47BAB
via: n132-082-085, cache16.l2de2[0,0,206-0,H], cache25.l2de2[1,0], cache25.l2de2[1,0], cache5.se1[0,10,200-0,H], cache2.se1[12,0]
x-request-ip: fdbd:dc03:4:365::36
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=12
x-tt-trace-host: 01c6e184f2a89a47afcb4871df36be1faef5a3fbb286a60c41f3dc87602c62fd49e644a0bba2dd38d79fc1f14083eea9ab320b86978162ae8fd235c4cca82e964e59a58ae1e76952362226d65421bf3072c59066be458d625b80e4a5bcea92d0bc
x-response-lb: image
ali-swift-global-savetime: 1669051538
age: 6103320
x-cache: HIT TCP_HIT dirn:1:271206474
x-swift-savetime: Mon, 21 Nov 2022 20:29:25 GMT
x-swift-cachetime: 31524973
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548588242248e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/7c85a1a3ab1b4d90848a1980825b3e0e
47.246.44.224200 OK 107 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/7c85a1a3ab1b4d90848a1980825b3e0e
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 107 kB (106698 bytes)
Hash 67a1eb5ac1a8c88b2c2b5dcaa255ed00
76951acf3a79235e34cd90407535a46d29308376
ad805a37e357a4d1cc60c7f49b2d0f3459b2fcdf3273818fd5fa9fd8c03cf426
GET /obj/tos-cn-i-dy/7c85a1a3ab1b4d90848a1980825b3e0e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 106698
date: Tue, 20 Dec 2022 08:53:49 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Tue, 20 Dec 2022 08:49:02 GMT
nw-session-id: 202212201649023CD1B6A68E751E678F1388spj01dy
nw-session-trace: 2022-12-20T16:49:02.630650934+08:00 43
x-bdcdn-cache-status: TCP_HIT
x-length: 106698
x-powered-by: ImageX
x-response-date: Tue, 20 Dec 2022 16:49:02 GMT
x-tt-logid: 202212201649023CD1B6A68E751E678F13
via: n132-080-035, cache17.l2de2[0,0,206-0,H], cache17.l2de2[1,0], cache17.l2de2[1,0], cache7.se1[0,0,200-0,H], cache2.se1[1,0]
x-request-ip: fdbd:dc03:15:294::68
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce1081a89895dcc9185cd66c304b314821e02b0d856215a725b811069e25fdc139503dd6a7f668a22b7b6231d807c33d923e6c04bd1896a65b3c451fd42dd8c335c0a9d7baacc9d03b6d5c6fc022724d25dd68
x-response-lb: image
ali-swift-global-savetime: 1671526430
age: 3628428
x-cache: HIT TCP_MEM_HIT dirn:5:126322786
x-swift-savetime: Tue, 20 Dec 2022 18:14:13 GMT
x-swift-cachetime: 31502377
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548588512256e
X-Firefox-Spdy: h2
img.ywtuchuang5.com/upload/vod/20220607-1/48073fbdb2fdf3be0fa1d5ed98855064.jpg
154.12.54.85200 OK 6.0 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220607-1/48073fbdb2fdf3be0fa1d5ed98855064.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 3x4, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 240x320, components 3\012- data
Hash 0c29d1a17ff0a9019d371d8fda89e573
bcabad400aa9146e9294b6a7405193039d3051eb
594b7b543e5a8b5175c9e40eef12c07f6003c0f6a64f537e5949ea929c21d293
GET /upload/vod/20220607-1/48073fbdb2fdf3be0fa1d5ed98855064.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 6030
Last-Modified: Sun, 04 Sep 2022 16:02:28 GMT
Connection: keep-alive
ETag: "6314cc14-178e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
p3.douyinpic.com/obj/tos-cn-i-dy/22bfb16217cf4b16b6becdb8fe1e89b9
47.246.44.224200 OK 475 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/22bfb16217cf4b16b6becdb8fe1e89b9
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 475 kB (474754 bytes)
Hash 187c69beaa798211a2760f0e7944d8cc
645bc6d28abf2cf3756a014fb2fc9075d0f0fe20
50bc3ac7422522639cd47b65d6cb5683ba8f80395087ba0c105e47edb69b81d4
GET /obj/tos-cn-i-dy/22bfb16217cf4b16b6becdb8fe1e89b9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 474754
date: Thu, 17 Nov 2022 10:03:43 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:07 GMT
nw-session-id: 2022111717530701017509420915A9E9958ts6801dy
nw-session-trace: 2022-11-17T17:53:07.901032264+08:00 60
x-bdcdn-cache-status: TCP_HIT
x-length: 474754
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:07 GMT
x-tt-logid: 2022111717530701017509420915A9E995
via: n150-054-026, cache25.l2de2[0,0,206-0,H], cache15.l2de2[1,0], cache15.l2de2[1,0], cache1.se1[0,0,200-0,H], cache2.se1[4,0]
x-request-ip: fdbd:dc02:22:96::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=4
x-tt-trace-host: 01feed32f8df778762a9e69d42d42a41ca5ffa742d42ac3e26ebee788fa4349173e5a9d4e7dbb7bc93434cf3067924e317a44479a4629e8b997eb7344fd2a7f3332e594f68d7cf65316dd5b8338b84eaaca10877f340f23fea4eeb3aa83508f7e1
x-response-lb: image
ali-swift-global-savetime: 1668679423
age: 6475435
x-cache: HIT TCP_HIT dirn:4:63027990
x-swift-savetime: Thu, 17 Nov 2022 12:32:57 GMT
x-swift-cachetime: 31527046
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548588902279e
X-Firefox-Spdy: h2
935676yfc.com/83fdb99ab2f345e782cd035ce4fdaa3d.gif
103.170.15.88200 OK 452 kB URL HTTP/1.1 935676yfc.com/83fdb99ab2f345e782cd035ce4fdaa3d.gif
IP 103.170.15.88:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 452 kB (452273 bytes)
Hash df16374d7e4ccf1c7ff3814012167dad
bf7f89f135684b9182f4dc5bd4dd296060427eef
670f99c726a10b701a44db00b29b694b79a4461185e623e3e8b5f766d287a54f
GET /83fdb99ab2f345e782cd035ce4fdaa3d.gif HTTP/1.1
Host: 935676yfc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6378ae89-6e6b1"
Date: Sun, 29 Jan 2023 06:38:57 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 19 Nov 2022 10:23:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 452273
p3.douyinpic.com/obj/tos-cn-i-dy/55a7d75ae2cb486791d4d697e0154331
47.246.44.224200 OK 354 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/55a7d75ae2cb486791d4d697e0154331
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 354 kB (354129 bytes)
Hash 3db712ac22958ae165d256eee58ebd08
d3b916193a8e9bf2ad1d28e8e37dc650bc7a1dc0
84473a0268e0d0f686048469fd10cc70d4ab51bbb7fce136da086d64e1acb1c5
GET /obj/tos-cn-i-dy/55a7d75ae2cb486791d4d697e0154331 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 354129
date: Sat, 28 Jan 2023 07:42:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 28 Jan 2023 05:38:14 GMT
nw-session-id: 2023012813381495AE106C3EF007EFA52Fpjjws01dy
nw-session-trace: 2023-01-28T13:38:14.529786847+08:00 40
x-bdcdn-cache-status: TCP_HIT
x-length: 354129
x-powered-by: ImageX
x-response-date: Sat, 28 Jan 2023 13:38:14 GMT
x-tt-logid: 2023012813381495AE106C3EF007EFA52F
via: n204-100-084, cache10.l2de2[0,0,206-0,H], cache16.l2de2[0,0], cache16.l2de2[1,0], cache7.se1[0,0,200-0,H], cache2.se1[2,0]
x-request-ip: fdbd:dc01:29:554::77
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 010646086399bb69a396f9c633df7f74b5a26ec1baa57632c2ff6cac34d3b690b38c9780927bef17472b45da393baae325076394df57ba6a9532157b48319ce8e9ec5ba532e5978116ac727a1648221cfe7423b726bee134353d62b6eedc386960
x-response-lb: image
ali-swift-global-savetime: 1674891752
age: 263106
x-cache: HIT TCP_MEM_HIT dirn:11:293751104
x-swift-savetime: Sat, 28 Jan 2023 07:55:39 GMT
x-swift-cachetime: 31535213
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548589342310e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/5958e46e18ab4bd08c87c878cb17f1d9
47.246.44.224200 OK 233 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/5958e46e18ab4bd08c87c878cb17f1d9
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 233 kB (233254 bytes)
Hash b8fa5a99137a093d79d825dd3caefbbb
b2732bd75f00bf99ecdaf6e3ff969407f4c5ae6f
f6e324f50574a8be439c7ae11a9f9d7446c6ff55fa6b38b47a9a856d2aae7f31
GET /obj/tos-cn-i-dy/5958e46e18ab4bd08c87c878cb17f1d9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 233254
date: Thu, 17 Nov 2022 10:03:48 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:20 GMT
nw-session-id: 2022111717532001015816314722A89B16qn8b402dy
nw-session-trace: 2022-11-17T17:53:20.826400418+08:00 39
x-bdcdn-cache-status: TCP_HIT
x-length: 233254
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:20 GMT
x-tt-logid: 2022111717532001015816314722A89B16
via: n204-099-057, cache2.l2de2[0,0,206-0,H], cache19.l2de2[2,0], cache19.l2de2[2,0], cache7.se1[0,0,200-0,H], cache2.se1[2,0]
x-request-ip: fdbd:dc01:26:259::153
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01feed32f8df778762a9e69d42d42a41ca04042627f54d7925c9d189d9dead99963086c788f18c3bcfd42677c83e977eb5617e7ca8ea31b4e4c59d2bfd4f78846cc496b82c3c102ba5895d861a094f7728ff5b5e48d2487523125496ed0cb07cc3
x-response-lb: image
ali-swift-global-savetime: 1668679428
age: 6475430
x-cache: HIT TCP_HIT dirn:11:334970908
x-swift-savetime: Thu, 17 Nov 2022 12:33:07 GMT
x-swift-cachetime: 31527041
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548589412316e
X-Firefox-Spdy: h2
img.1151555.com/images/63a558dc585d8a55b36609bf.gif
3.36.126.81302 Found 147 kB URL HTTP/2 img.1151555.com/images/63a558dc585d8a55b36609bf.gif
IP 3.36.126.81:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 147 kB (146647 bytes)
Hash f78a73d565302b8dd5855ee502c74151
fecf2949903823f5c2dc8d9d95a2ca5505bf0dfa
7657811ea43a9ac21ac6a8a319c6c4fe1b445c9378ca6b1caa4d16c39b06d997
GET /images/63a558dc585d8a55b36609bf.gif HTTP/1.1
Host: img.1151555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7c85a1a3ab1b4d90848a1980825b3e0e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/d52e852e1a5f47939f93db5394906625
47.246.44.224200 OK 254 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/d52e852e1a5f47939f93db5394906625
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 150 x 150\012- data
Size 254 kB (254386 bytes)
Hash f9ba8bc4a1734b392b245e5f5f841aa3
25495f3b9df6f475d5569721fc09902d9587f0b8
7720ab1f9e1836a30c3bac2e66944fe528cc5ddf112560888ecae41669557ad6
GET /obj/tos-cn-i-dy/d52e852e1a5f47939f93db5394906625 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 254386
date: Thu, 17 Nov 2022 10:03:49 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:53:20 GMT
nw-session-id: 202211171753200101510921013EB137D8cd4rd01dy
nw-session-trace: 2022-11-17T17:53:20.80807601+08:00 100
x-bdcdn-cache-status: TCP_HIT
x-length: 254386
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:53:20 GMT
x-tt-logid: 202211171753200101510921013EB137D8
via: n132-082-086, cache20.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[2,0], cache3.se1[0,18,200-0,H], cache2.se1[21,0]
x-request-ip: fdbd:dc03:15:292::203
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=21
x-tt-trace-host: 01feed32f8df778762a9e69d42d42a41cad1b8c6ddcf6475f4a6155b7398252da39d113a0294dc0673664f405a675975710544214badb68432ed385656ad099d88146c07f552ed24936947bb00452e4aaac462726d58c1e6847032407d87dd5b35
x-response-lb: image
ali-swift-global-savetime: 1668679429
age: 6475429
x-cache: HIT TCP_HIT dirn:11:88967990
x-swift-savetime: Thu, 17 Nov 2022 12:33:07 GMT
x-swift-cachetime: 31527042
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616751548589332305e
X-Firefox-Spdy: h2
img.ywtuchuang5.com/upload/vod/20230104-1/b42689828b6458061d3a15cd0ee2fdd1.jpg
154.12.54.85200 OK 8.8 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/b42689828b6458061d3a15cd0ee2fdd1.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6c35b6b7408e47469e0337633fcf3176
5bf2e2b8b6ad07204cc251ea661af9bb7fbcce30
09a4ffe76db1e62d4da7942038dbef0452a286250e8547f63045bf68b15061cd
GET /upload/vod/20230104-1/b42689828b6458061d3a15cd0ee2fdd1.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 8758
Last-Modified: Tue, 03 Jan 2023 16:16:46 GMT
Connection: keep-alive
ETag: "63b454ee-2236"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/d73ddff4b1a19c55a1d4acb5a1b67ee5.jpg
154.12.54.85200 OK 9.3 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/d73ddff4b1a19c55a1d4acb5a1b67ee5.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 56cf633a9ccb97622de9fdf3544c3391
73ac1ed860d2e282b6959b46fb2376b20be05971
71f8045252fed8befbf5f1732e705ad771b9f07b7fe92bfbfbab99f48475c510
GET /upload/vod/20230104-1/d73ddff4b1a19c55a1d4acb5a1b67ee5.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9329
Last-Modified: Tue, 03 Jan 2023 16:19:49 GMT
Connection: keep-alive
ETag: "63b455a5-2471"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/82ecf1aa462cfcfba8a2adb502f3c0ea.jpg
154.12.54.85200 OK 14 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/82ecf1aa462cfcfba8a2adb502f3c0ea.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ba92737154743996f35cfd41b8460aeb
e97eda03fb3de830bc44698c3aa24c7458cc44ad
98cd4ccc0ff75cd648ee500c0662609596827fcab0c5f26f472fdb224d37867e
GET /upload/vod/20230104-1/82ecf1aa462cfcfba8a2adb502f3c0ea.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 14221
Last-Modified: Tue, 03 Jan 2023 16:19:49 GMT
Connection: keep-alive
ETag: "63b455a5-378d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/4a59322906d7be6477d0b5036e0a945d.jpg
154.12.54.85200 OK 7.3 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/4a59322906d7be6477d0b5036e0a945d.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 7b5cc3448ddb11a324fa38e89dd473e7
cae9e540a8c2f11e21280e718fc69660ec3679a2
146e428c1a357a85d78db4f0bce4c63b65aea1549c598cbe1cfd8ca546290901
GET /upload/vod/20230104-1/4a59322906d7be6477d0b5036e0a945d.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 7284
Last-Modified: Tue, 03 Jan 2023 16:17:18 GMT
Connection: keep-alive
ETag: "63b4550e-1c74"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/fd9b0d65695d7fe592221432af7ea55a.jpg
154.12.54.85200 OK 12 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/fd9b0d65695d7fe592221432af7ea55a.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 34x45, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3\012- data
Hash 443edd17240120d24da3776bd41585ea
2fc0965f72a36eb49532698207334e2d29c52296
2d04783f870bac47dc85eaa1e8f26156b76cce35eaa13670e93b38c97112de72
GET /upload/vod/20230104-1/fd9b0d65695d7fe592221432af7ea55a.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/jpeg
Content-Length: 11903
Last-Modified: Tue, 03 Jan 2023 16:18:13 GMT
Connection: keep-alive
ETag: "63b45545-2e7f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/094a363359082a8051de24b36b30f519.jpg
154.12.54.85200 OK 10 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/094a363359082a8051de24b36b30f519.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d8acc74d8fdf058f7375114ce5b524e5
553d3b8fa142156cdb7c3a7a20d30f4becc48315
9e338751c9ce1679dddfe7827f58a3352e5f63749c245bd9e8481baebcd37e65
GET /upload/vod/20230104-1/094a363359082a8051de24b36b30f519.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 9985
Last-Modified: Tue, 03 Jan 2023 16:19:49 GMT
Connection: keep-alive
ETag: "63b455a5-2701"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigochina.com/
172.64.154.39200 OK 599 B IP 172.64.154.39:0
Hash f731fc21e495cb8b4aad86d6b1468ead
212da5a2a55e34444613e084a28fc605033f0f10
f181d7884c8bf3fc15ebf0c84161b64e080fa34ed4be16b8e1349804e5de262a
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 06:59:55 GMT
Expires: Sat, 04 Feb 2023 06:59:54 GMT
Etag: "212da5a2a55e34444613e084a28fc605033f0f10"
Cache-Control: max-age=338534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f0cdfcb1c06-OSL
img.ywtuchuang5.com/upload/vod/20230104-1/9e0ea7012c20aef7387662d0835017a5.jpg
154.12.54.85200 OK 7.9 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/9e0ea7012c20aef7387662d0835017a5.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 255621b1a229652177d32d1606604936
fd3aa471cf67d88e3a598e21da5ce9a157b8feda
d5b231fdc57b0e606f00465a65f60fe5a8b6875134aa5d9af58ae85a89e521c2
GET /upload/vod/20230104-1/9e0ea7012c20aef7387662d0835017a5.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 7869
Last-Modified: Tue, 03 Jan 2023 16:19:48 GMT
Connection: keep-alive
ETag: "63b455a4-1ebd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/79735f42ef90017d19bb941e8289f436.jpg
154.12.54.85200 OK 12 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/79735f42ef90017d19bb941e8289f436.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 020dfe6a6aff9a92f422bda5e8d9f45b
64438634c3a2bf5fca0f8367eb567806e9147f00
ee763fd602d41b8ac7bcf6f264c6af10ad8599c49e4eab1a11bd8bcf5b9586c6
GET /upload/vod/20230104-1/79735f42ef90017d19bb941e8289f436.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 12105
Last-Modified: Tue, 03 Jan 2023 16:19:10 GMT
Connection: keep-alive
ETag: "63b4557e-2f49"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/09b97ecf69bf53d19185517d585fdd86.jpg
154.12.54.85200 OK 7.5 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/09b97ecf69bf53d19185517d585fdd86.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5c9ba46e7cd77004c8422898f0d90bee
1c7b39e9436b79351dad788672884e704a3f2f6d
e201fd5b84c37fc1369c3ca556624902285c8622d1f60bcf4f9ebb8baeb56bb7
GET /upload/vod/20230104-1/09b97ecf69bf53d19185517d585fdd86.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 7467
Last-Modified: Tue, 03 Jan 2023 16:19:48 GMT
Connection: keep-alive
ETag: "63b455a4-1d2b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/7118b61a8372e748c0cace606e3496a9.jpg
154.12.54.85200 OK 10 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/7118b61a8372e748c0cace606e3496a9.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6bc5fedc676ac2e1765ea5dfbab93b96
a80da30c5d4467985f9ad2f17ab2d2627d0349d9
2cddc95db0eb8a1ba58ab788f3095d203338e514450632fe90dcd0b4f5d3eb72
GET /upload/vod/20230104-1/7118b61a8372e748c0cace606e3496a9.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 10065
Last-Modified: Tue, 03 Jan 2023 16:19:48 GMT
Connection: keep-alive
ETag: "63b455a4-2751"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/c9081a3703138c5eef872f31db87e92f.jpg
154.12.54.85200 OK 10 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/c9081a3703138c5eef872f31db87e92f.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash d527bbf3b62499f2e747b96745119117
8af2d1ca1ba451001819a64d42795622f6bb8d78
607f8802fdbdee8e51059e77839f9a2455af8bfa6357a791f5620ecf65df432d
GET /upload/vod/20230104-1/c9081a3703138c5eef872f31db87e92f.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 10223
Last-Modified: Tue, 03 Jan 2023 16:19:48 GMT
Connection: keep-alive
ETag: "63b455a4-27ef"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/c4055b94f7f6bfc4bc52e0e8ad26f575.jpg
154.12.54.85200 OK 9.1 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/c4055b94f7f6bfc4bc52e0e8ad26f575.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 50f8479a9cc6998e042a81e3afe407bf
6821ff55cea9b86e3c53ffdd6ea36b0178d0e940
dee927b4df6d05dbf470de4286497a4142658e2c82504664a9d74e3ad1102066
GET /upload/vod/20230104-1/c4055b94f7f6bfc4bc52e0e8ad26f575.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 9116
Last-Modified: Tue, 03 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63b455a3-239c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
595tuchuang.com/960x80.gif
183.255.106.38200 OK 145 kB URL HTTP/1.1 595tuchuang.com/960x80.gif
IP 183.255.106.38:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 145 kB (144990 bytes)
Hash 9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/gif
Content-Length: 144990
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 13:28:21 GMT
ETag: "63a309f5-2365e"
Expires: Wed, 01 Mar 2023 06:45:41 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
89365tc2.com/56ca35139ddb9ccb8bdd6c6cc197e3d5.gif
154.196.3.134200 OK 7.6 kB URL HTTP/2 89365tc2.com/56ca35139ddb9ccb8bdd6c6cc197e3d5.gif
IP 154.196.3.134:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 200 x 200\012- data
Hash 8f74f619ba647be0f7155abab01fb1e8
1a140e3cb91a1110292fb8db96488bea78cee3e4
16b598687195c0a239ad86e19bb4b9e498d4518fc91ed008279b8e0666c42973
GET /56ca35139ddb9ccb8bdd6c6cc197e3d5.gif HTTP/1.1
Host: 89365tc2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 7565
server: nginx
last-modified: Mon, 02 Jan 2023 06:09:51 GMT
etag: "63b2752f-1d8d"
expires: Thu, 02 Mar 2023 06:16:12 GMT
cache-control: max-age=2592000
nginx-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/d87ce4acedd7e067171def14606c32d9.gif
185.10.104.115200 OK 1.1 MB URL HTTP/2 pic.rmb.bdstatic.com/bjh/d87ce4acedd7e067171def14606c32d9.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 640 x 150\012- data
Size 1.1 MB (1149237 bytes)
Hash d87ce4acedd7e067171def14606c32d9
f4378c984f68499bf17bd96903686d358539b997
dc619dd2cab20792752238a69694827de9deb84ae975eb4986584031762ba644
GET /bjh/d87ce4acedd7e067171def14606c32d9.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 1149237
expires: Wed, 01 Feb 2023 09:55:38 GMT
last-modified: Thu, 14 Apr 2022 18:25:11 GMT
etag: "d87ce4acedd7e067171def14606c32d9"
age: 168719
accept-ranges: bytes
content-md5: 2HzkrO3X4GcXHe8UYGwy2Q==
x-bce-content-crc32: 1281562985
x-bce-debug-id: xB8f76VQuLbItuWLZvoU2MbDw9CYPupGN34MweKAKUVdm19MrxRp27deiFnfDH2790Vwf8jBk/k+zUiabUClyQ==
x-bce-request-id: 31b16984-71ff-458a-8f3b-d0d307aa30b4
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 09:55:38 GMT
ohc-cache-hit: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache51 [2], xaix230 [2]
ohc-file-size: 1149237
x-cache-status: HIT
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20220614-1/0a028f01708086c892dbe8d259b7722e.jpg
108.186.171.14200 OK 9.3 kB URL HTTP/2 img.jialiimg.com/upload/vod/20220614-1/0a028f01708086c892dbe8d259b7722e.jpg
IP 108.186.171.14:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 4e98377f90126caf060e467e1d694348
ae786d639f46830007c5c34b982b69c44ea68525
76e431e3f6a1452ec328457936ddc1cfe611756614b5b876daad307859297fde
GET /upload/vod/20220614-1/0a028f01708086c892dbe8d259b7722e.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 9341
last-modified: Mon, 13 Jun 2022 23:41:19 GMT
etag: "62a7cb1f-247d"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dg.mzxvib.com/sc/2381?n=kzoqcdlo
154.23.151.91200 OK 9.5 kB URL HTTP/1.1 dg.mzxvib.com/sc/2381?n=kzoqcdlo
IP 154.23.151.91:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type ASCII text, with very long lines (9451), with no line terminators
Hash 5cf5660ee50699a224eccc35169f6cdb
f0022965aa7bdb2cde8516f63a6207ab967dd4df
97c6e0147eb63ad53f766d994f57b78ebb34bf77f90738439ec607148a1bd9df
GET /sc/2381?n=kzoqcdlo HTTP/1.1
Host: dg.mzxvib.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Pragma: max-age=1800
img.ywtuchuang5.com/upload/vod/20230104-1/367ba8aa5fd370c8b4726e97e44836e5.jpg
154.12.54.85200 OK 12 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/367ba8aa5fd370c8b4726e97e44836e5.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash aa0353352c2d5eeffac213c08aad816d
bae63a3379cca2af2ffc11b46abb0c9d1cd4cc31
8ac10fbc5a0a95e7ca790ea83b7d01a0fafc741d1883785851f2496835dceb03
GET /upload/vod/20230104-1/367ba8aa5fd370c8b4726e97e44836e5.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 11895
Last-Modified: Tue, 03 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63b455a3-2e77"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/942c26c20f45d724a10da4fd3cb7cf77.jpg
154.12.54.85200 OK 7.2 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/942c26c20f45d724a10da4fd3cb7cf77.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 305d958a513af1c6ed6da93c8d94e990
f940798d30f79cbb9a4f35e0b96f7d1eee40f04f
e187ca8838ad503172b2cdee6f04cf3f9e1b387490ff881b37ed1e2cd313f585
GET /upload/vod/20230104-1/942c26c20f45d724a10da4fd3cb7cf77.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 7204
Last-Modified: Tue, 03 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63b455a3-1c24"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaRgTBTfAsYfmbo2Dp6MDVrQm1ibxETID4So/0
43.154.254.32200 OK 231 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaRgTBTfAsYfmbo2Dp6MDVrQm1ibxETID4So/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 70\012- data
Size 231 kB (231392 bytes)
Hash 51a1b4bde78191c061cc01e042917960
b86e90da3103d2fc61a5bce109060f4ef5b1cddf
c5e19d84bdd325fb8cc9aa5e96ebdc0c7f3d3610c85758dd24983095ffb704be
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaRgTBTfAsYfmbo2Dp6MDVrQm1ibxETID4So/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 08:47:37 GMT
content-type: image/gif
content-length: 231392
vary: Accept,Origin
last-modified: Mon, 19 Dec 2022 08:38:58 GMT
cache-control: max-age=2592000
x-delay: 37727 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 231392
chid: 0
fid: 0
x-nws-log-uuid: 4050d4bc-5494-4d6b-85fb-5f85a90cfac5
X-Firefox-Spdy: h2
img.ywtuchuang5.com/upload/vod/20230104-1/c63d6134a8565b541b629fb241bac54e.jpg
154.12.54.85200 OK 9.8 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/c63d6134a8565b541b629fb241bac54e.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8ec0f174bf35cfc50265f1a755369c3e
24243100d5b97d9f89ff9803b42668608aabf94a
2f83fbdaf257d4c636c833c088992e42b1932eef04dbe67a81f422562501d4a1
GET /upload/vod/20230104-1/c63d6134a8565b541b629fb241bac54e.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 9843
Last-Modified: Tue, 03 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63b455a3-2673"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/50d13366cd685669f96eb17ad2041ed1.jpg
154.12.54.85200 OK 11 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/50d13366cd685669f96eb17ad2041ed1.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a2baa6771b4dabb7b0621c28b452e6d1
2ebb4ef0ca6f38f1465edd40aabc542f2f022b77
b929e7fd7b7f164fadd26fb029c59c23ead750507ae76571137485c82cdc32df
GET /upload/vod/20230104-1/50d13366cd685669f96eb17ad2041ed1.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 11184
Last-Modified: Tue, 03 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63b455a3-2bb0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/087d49af287fecefac5de00511864843.jpg
154.12.54.85200 OK 10 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/087d49af287fecefac5de00511864843.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1ab74c17d36086a03deb11c1a0176dbe
98d4075be2b3267eb0be8704fb527c9993008cba
c287bbc9a76a11dc3ff4eb3350e0323038cd600501f87073aa9408333ebcc769
GET /upload/vod/20230104-1/087d49af287fecefac5de00511864843.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 10549
Last-Modified: Tue, 03 Jan 2023 16:20:39 GMT
Connection: keep-alive
ETag: "63b455d7-2935"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.moneyziyouwm.com/bid?url=http%3A%2F%2F38.239.19.74%2F&frm=1&ref=http%3A%2F%2F122.10.49.229%2F&ic=0&pl=0&ml=0&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:53:48:50:50:51:49:53:54:58:49:58:49:50:56:48:46:49:48:48:50&ps=20100101&lgs=0&zo=0&ws=1280x1024&gdm=0&iw=0&cpn=16&fid=c9ac64ebd715d4f67814f8ea5ae2de84&hl=1&ihn=0&md=0&ns=denied&np=default&pj=0&top=0&left=0&id=10133&rid=e4f34a6d3b90ece4eb42ff937538f550&dcc=&dcl=&gvd=&grr=&ct=unknown&diit=&dit=&cmn=
172.64.163.15200 OK 1.7 kB URL HTTP/2 www.moneyziyouwm.com/bid?url=http%3A%2F%2F38.239.19.74%2F&frm=1&ref=http%3A%2F%2F122.10.49.229%2F&ic=0&pl=0&ml=0&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:53:48:50:50:51:49:53:54:58:49:58:49:50:56:48:46:49:48:48:50&ps=20100101&lgs=0&zo=0&ws=1280x1024&gdm=0&iw=0&cpn=16&fid=c9ac64ebd715d4f67814f8ea5ae2de84&hl=1&ihn=0&md=0&ns=denied&np=default&pj=0&top=0&left=0&id=10133&rid=e4f34a6d3b90ece4eb42ff937538f550&dcc=&dcl=&gvd=&grr=&ct=unknown&diit=&dit=&cmn=
IP 172.64.163.15:0
File type ASCII text, with very long lines (347)
Hash 9612a8c5e69714bc569b8c11b5aaa18d
449cdfaa34865b0eb38d2fd17b8907287cbefa9b
3dd2db548d0564d7e26afcb63c11396b4731d83aa8af4ee2dfefea841348eb39
GET /bid?url=http%3A%2F%2F38.239.19.74%2F&frm=1&ref=http%3A%2F%2F122.10.49.229%2F&ic=0&pl=0&ml=0&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:53:48:50:50:51:49:53:54:58:49:58:49:50:56:48:46:49:48:48:50&ps=20100101&lgs=0&zo=0&ws=1280x1024&gdm=0&iw=0&cpn=16&fid=c9ac64ebd715d4f67814f8ea5ae2de84&hl=1&ihn=0&md=0&ns=denied&np=default&pj=0&top=0&left=0&id=10133&rid=e4f34a6d3b90ece4eb42ff937538f550&dcc=&dcl=&gvd=&grr=&ct=unknown&diit=&dit=&cmn= HTTP/1.1
Host: www.moneyziyouwm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
access-control-allow-origin:
set-cookie: geo=%E6%8C%AA%E5%A8%81%2F%2F; Path=/; Max-Age=259200
oid=c7f814ef-a143-11ed-a613-b009c0000761; Path=/; Max-Age=31104000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BMJavJarvNVP5cFmDG37U6SNHFCxoipsO05%2BHo2f%2BOJKvS9uG1q4qrdppyDmu%2BKkVZo2LSKZrnnAl9uwrOzXzxz2zZ5%2FiPOXHSU8lbI6d2PXTj6hT8Fpi9qdheCg%2Fd%2BomOGADPnNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79212f0b1f667686-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.ywtuchuang5.com/upload/vod/20230104-1/b912b70d4cef3ed923d7dec3bb9fdaf0.jpg
154.12.54.85200 OK 8.3 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/b912b70d4cef3ed923d7dec3bb9fdaf0.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 160a715807d7bb9dd281374410d81731
a34fcbbf68336e268161ee126959a61c5bac9b53
fa7860d39e0eb0ec7567bbfe518142cd51e503443cb91c3a9ce65f441eb8f5e2
GET /upload/vod/20230104-1/b912b70d4cef3ed923d7dec3bb9fdaf0.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 8300
Last-Modified: Tue, 03 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63b455a3-206c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X70.gif
47.75.19.133200 OK 178 kB URL HTTP/1.1 kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com/960X70.gif
IP 47.75.19.133:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 70\012- data
Size 178 kB (178039 bytes)
Hash 69924d7b9449264976064cb14326c87b
310e755bb5ab2eb9a7a87a4035438408c2a57599
c3f20bfd47922613be7636b2dfcbc6181cfb924cc43f8104fbfd0cab9961cc59
GET /960X70.gif HTTP/1.1
Host: kaiyuan-advertising.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 31 Jan 2023 08:47:37 GMT
Content-Type: image/gif
Content-Length: 178039
Connection: keep-alive
x-oss-request-id: 63D8D5A9D14BBC363530D1A1
Accept-Ranges: bytes
ETag: "69924D7B9449264976064CB14326C87B"
Last-Modified: Mon, 03 Oct 2022 10:13:00 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8750043469148862070
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: aZJNe5RJJkl2BkyxQybIew==
x-oss-server-time: 2
img.jialiimg.com/upload/vod/20230107-1/c5b0aca4a6aac00ff344081d4c149ba3.jpg
108.186.171.14200 OK 7.8 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230107-1/c5b0aca4a6aac00ff344081d4c149ba3.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash bfc08d4aa68fa87127c3a27f8836dcdc
ef584534358dc74ce298eaad81bb607a52821f5c
99f4aa8044346b3e5907f03e378a9a301991e7f6e5b7b796ff07ed9c893985e3
GET /upload/vod/20230107-1/c5b0aca4a6aac00ff344081d4c149ba3.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 7788
last-modified: Fri, 06 Jan 2023 16:16:03 GMT
etag: "63b84943-1e6c"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230105-1/32d8505e960eb87860d4c97871a83744.jpg
108.186.171.14200 OK 6.5 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230105-1/32d8505e960eb87860d4c97871a83744.jpg
IP 108.186.171.14:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 7617de53c22e21f3905b4436ea7a01db
1e006b80ea54eaa24423d57854d5c3b5e8b52a7f
9ea6d04d504e07962aa7d10aced987234ead4e1dd520e8dc344dacdea588e026
GET /upload/vod/20230105-1/32d8505e960eb87860d4c97871a83744.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 6509
last-modified: Wed, 04 Jan 2023 16:34:22 GMT
etag: "63b5aa8e-196d"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230106-1/bb0690fe83eee74a2da270cb731a4f77.jpg
108.186.171.14200 OK 9.9 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230106-1/bb0690fe83eee74a2da270cb731a4f77.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6c2314b94a09fd49b5e09e4b4770990e
f6b89ae2bec8a91eb20ca2fc7e7ee9b90e27e72e
442f2bdd9ff9ce0e6c165552df968dbc18ef8509ae8c60a322b33a2598c89d9f
GET /upload/vod/20230106-1/bb0690fe83eee74a2da270cb731a4f77.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 9937
last-modified: Thu, 05 Jan 2023 16:18:30 GMT
etag: "63b6f856-26d1"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230106-1/e011f55efa21fd66feeb410f2c5d79b9.jpg
108.186.171.14200 OK 12 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230106-1/e011f55efa21fd66feeb410f2c5d79b9.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash c8805ce77737bf46885524d458c423cb
59442a959147265978a8a97218ee90a1a948f87d
ee061a088c6d89f01386540b5125da579b6e6d79fef61133be3e78b68570e088
GET /upload/vod/20230106-1/e011f55efa21fd66feeb410f2c5d79b9.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 12162
last-modified: Thu, 05 Jan 2023 16:18:30 GMT
etag: "63b6f856-2f82"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230107-1/8b1398fa8463e8d24191a6a81b007f0f.jpg
108.186.171.14200 OK 11 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230107-1/8b1398fa8463e8d24191a6a81b007f0f.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 037f2b24266f19335fa9b1b039569ab3
755c3bef4d5151d39413f3d1de49f4861bd14015
75037ded3637de3d854ff538fcec26d1cbe6503025f44d71ffd89d02c0bfbee6
GET /upload/vod/20230107-1/8b1398fa8463e8d24191a6a81b007f0f.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 10993
last-modified: Fri, 06 Jan 2023 16:16:03 GMT
etag: "63b84943-2af1"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230109-1/b3baf1bce3dcfe8103c16a6193c4d3f0.jpg
108.186.171.14200 OK 9.8 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230109-1/b3baf1bce3dcfe8103c16a6193c4d3f0.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 240x161, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 5955fb2303317ef36a472a0f0c585ec5
76eaa77fd0294af04035c750f3cee8be47a6163f
388902d09d7f7f04875e70f55b754018e3d164df55dcf57de9211597ae433d54
GET /upload/vod/20230109-1/b3baf1bce3dcfe8103c16a6193c4d3f0.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 9785
last-modified: Sun, 08 Jan 2023 20:28:12 GMT
etag: "63bb275c-2639"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230108-1/67a63f1e57de0ce7e1c6a61ae4e491e0.jpg
108.186.171.14200 OK 9.6 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230108-1/67a63f1e57de0ce7e1c6a61ae4e491e0.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 747x560, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c42d9213037a49e138a09f40b9cc3a3d
cc0ba898e19c00ecce4ffb6605ceea0c0b4e5153
2204c2b8f6745a2e9ab8911d97888b48f93d296f5a77fcc6355908291738608a
GET /upload/vod/20230108-1/67a63f1e57de0ce7e1c6a61ae4e491e0.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 9627
last-modified: Sat, 07 Jan 2023 18:40:57 GMT
etag: "63b9bcb9-259b"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 47f339a4ac4a682b810635a97078b3d4
1b0a85e0d48b47fd4ebe8c028c87fccd0cdc9f24
a085304f7c4b18a4f6a8aa14c7544b43f9144c78f47e4312353ed2c4ee8529a5
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 00:10:10 GMT
Expires: Mon, 06 Feb 2023 00:10:09 GMT
Etag: "1b0a85e0d48b47fd4ebe8c028c87fccd0cdc9f24"
Cache-Control: max-age=486749,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79212f0e5c29b505-OSL
img.ywtuchuang5.com/upload/vod/20230104-1/f3a86af413a418cdf20fc42588b770bf.jpg
154.12.54.85200 OK 10 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/f3a86af413a418cdf20fc42588b770bf.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash c9be641fc4d3ba3208f7ab3f7aa41e2e
af6a8dc2a685566b4a3bf9c91b2ed53484bddf4e
8059ea81a3f244566f31b220b7cb513dad64ba0682c5067dcd9c9fd82611e5b7
GET /upload/vod/20230104-1/f3a86af413a418cdf20fc42588b770bf.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 10257
Last-Modified: Tue, 03 Jan 2023 16:19:46 GMT
Connection: keep-alive
ETag: "63b455a2-2811"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220612-1/6ac37ec26f57f1e0e19f34e769c59c8e.jpg
154.12.54.85200 OK 13 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/6ac37ec26f57f1e0e19f34e769c59c8e.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash ca20e789e1a626ac4626b898034da77c
0d84b8940befde4c71224c0989a309f39881e22f
2e2d05a383b9b9939f05bd99afd5175960dc9af8348cc462a7201a6fc10fde08
GET /upload/vod/20220612-1/6ac37ec26f57f1e0e19f34e769c59c8e.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 13389
Last-Modified: Sun, 04 Sep 2022 15:51:50 GMT
Connection: keep-alive
ETag: "6314c996-344d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/8f2c8f2874ce080694bdf9f8d32d1b1d.jpg
154.12.54.85200 OK 12 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/8f2c8f2874ce080694bdf9f8d32d1b1d.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 72ea2494967c2071145dad1bf7e99e43
8ed504ddb2214adcf4489a12cc44d32ac4bf2a72
e0902c43285565913688005e4daef508731ab0a3a085c0b60d1cda29cc6a6132
GET /upload/vod/20230104-1/8f2c8f2874ce080694bdf9f8d32d1b1d.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 11972
Last-Modified: Tue, 03 Jan 2023 16:16:55 GMT
Connection: keep-alive
ETag: "63b454f7-2ec4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220612-1/1fd9ace7ab4650b685a03580e794a5c4.jpg
154.12.54.85200 OK 7.8 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/1fd9ace7ab4650b685a03580e794a5c4.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash fd582b8334539b343cb0e9cc20b0eac7
9741755acc7653f83313662d9fa2ad6858b13271
e431adf357fce5dc878389da7fbe6f6081c41c02e4b119452d135e6da01815e9
GET /upload/vod/20220612-1/1fd9ace7ab4650b685a03580e794a5c4.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 7757
Last-Modified: Sun, 04 Sep 2022 15:55:06 GMT
Connection: keep-alive
ETag: "6314ca5a-1e4d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220612-1/e43e21c5c7e4c4dc9252e8100b295201.jpg
154.12.54.85200 OK 8.6 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/e43e21c5c7e4c4dc9252e8100b295201.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash 06f6a07ec38e8ae2e72cd8d6c8717dc4
ad679365ce8e3b15323c0c73dbf44e39aedd63ff
19ae3ab4c11f1224da77c6d37527e74db4a2995a71f0b9e0a347acb1e192f782
GET /upload/vod/20220612-1/e43e21c5c7e4c4dc9252e8100b295201.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 8560
Last-Modified: Sun, 04 Sep 2022 15:49:12 GMT
Connection: keep-alive
ETag: "6314c8f8-2170"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220612-1/1937832f19e1302d84a2a4575714ef06.jpg
154.12.54.85200 OK 10 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/1937832f19e1302d84a2a4575714ef06.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash edc5f3ec8467221737b4cb78da2f661b
127918c1268ee4af3c82df3aa875dde2416be0ca
b91f8421b4985a2bcad284ae558ca3582d7ce987dd3814861097d670d7173359
GET /upload/vod/20220612-1/1937832f19e1302d84a2a4575714ef06.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 9954
Last-Modified: Sun, 04 Sep 2022 16:00:12 GMT
Connection: keep-alive
ETag: "6314cb8c-26e2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
89365tc2.com/960.gif
154.196.3.134200 OK 474 kB IP 154.196.3.134:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 960 x 70\012- data
Size 474 kB (473876 bytes)
Hash e63e5e13bf4e9740f9b10b07062a1f72
7512dec98db9094d62b68a4167d12f58dbf18d16
d4355562c548eaac9cdd9b7d05fe7d0150e3e9652f241d6680cecd0e72acb411
GET /960.gif HTTP/1.1
Host: 89365tc2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 473876
server: nginx
last-modified: Mon, 02 Jan 2023 06:10:19 GMT
etag: "63b2754b-73b14"
expires: Thu, 02 Mar 2023 06:14:18 GMT
cache-control: max-age=2592000
nginx-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230105-1/4b9d52e6f8f08b142f2baf3f1ff5562b.jpg
108.186.171.14200 OK 8.8 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230105-1/4b9d52e6f8f08b142f2baf3f1ff5562b.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash dcc1bb0b0f3569d3e1a5bb8c1ce1c486
a99431cb856bc9be058441da288d661cf228fc8b
5afbc543e889156c8355fcd8afd3fbc35aaf4658bd9b03e207ab5f5cdbe04aef
GET /upload/vod/20230105-1/4b9d52e6f8f08b142f2baf3f1ff5562b.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 8763
last-modified: Wed, 04 Jan 2023 16:34:22 GMT
etag: "63b5aa8e-223b"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230108-1/e230c3426ce9634abff3136fb57fdb47.jpg
108.186.171.14200 OK 9.5 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230108-1/e230c3426ce9634abff3136fb57fdb47.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 135x101, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash e72b97f4c67d9c307a0546116b6eab85
d0fe793e067ba318aae5681f790de9e9b9d72b12
9df770b1fcb0c84edbd3b379ab76eb58205aa67377e61c17b490691d4432efcc
GET /upload/vod/20230108-1/e230c3426ce9634abff3136fb57fdb47.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 9496
last-modified: Sat, 07 Jan 2023 18:40:16 GMT
etag: "63b9bc90-2518"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
595tuchuang.com/200x200.gif
183.255.106.38200 OK 121 kB URL HTTP/1.1 595tuchuang.com/200x200.gif
IP 183.255.106.38:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Size 121 kB (120651 bytes)
Hash bcfac2c4bf0f55f93b33272c31e1464b
60beb5e6b64c209a42d4a3b34c4913bf2cd76951
880b113a7ba644ede38fb18c53dd5de953103fd5c7bc1d9d73cade1160be5a4b
GET /200x200.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/gif
Content-Length: 120651
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:19:57 GMT
ETag: "63d68e9d-1d74b"
Expires: Wed, 01 Mar 2023 06:45:41 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/08e3c340ff54ed09dfbd571a39529c61.jpg
154.12.54.85200 OK 9.4 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/08e3c340ff54ed09dfbd571a39529c61.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e8a7dec27e6f546b22efeaecaad1110c
2f7d04e57128ce3a18ea7204d2d98ea5d6857f4a
94decf9c2a755ec1417c5fef1c37b9f4743483cc461c055cd63d5e91a54c08f1
GET /upload/vod/20230104-1/08e3c340ff54ed09dfbd571a39529c61.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 9411
Last-Modified: Tue, 03 Jan 2023 16:16:55 GMT
Connection: keep-alive
ETag: "63b454f7-24c3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20220612-1/6950f95744ce652739ddeaff09f2806c.jpg
154.12.54.85200 OK 9.4 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20220612-1/6950f95744ce652739ddeaff09f2806c.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Hash 3e6604511e593c4d285cd07fddc412b3
39847156db0ef8fb03921e0a0f1ef88e571e0543
cc0ac564224adb8ec316de6168f3f009da5fdef564ee7fbffb7d472594c29b72
GET /upload/vod/20220612-1/6950f95744ce652739ddeaff09f2806c.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 9441
Last-Modified: Sun, 04 Sep 2022 15:50:07 GMT
Connection: keep-alive
ETag: "6314c92f-24e1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/92bc97cb3b9f39322030444013bc62aa.jpg
154.12.54.85200 OK 11 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/92bc97cb3b9f39322030444013bc62aa.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 227x140, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f90d07e61553821aec3bea8c8af62d25
026f27f5faeb07e1bf517e4f51f6e6ded0a7c7bb
b8ec5868c99b987d1649e53fe4978171ae06fd437c5ee4df05c3fa5b47b0a206
GET /upload/vod/20230104-1/92bc97cb3b9f39322030444013bc62aa.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 11300
Last-Modified: Tue, 03 Jan 2023 16:17:04 GMT
Connection: keep-alive
ETag: "63b45500-2c24"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.ywtuchuang5.com/upload/vod/20230104-1/a0e011765327b6c6efb5c96b098f8c39.jpg
154.12.54.85200 OK 12 kB URL HTTP/1.1 img.ywtuchuang5.com/upload/vod/20230104-1/a0e011765327b6c6efb5c96b098f8c39.jpg
IP 154.12.54.85:0
ASN #22769 DDOSING-BGP-NETWORK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 4c2679f2ef4a9db4d0cdc16e80cdcb30
6fc225bb445ba8ec19783e6ab956b27b56b0d0ff
f67348ba5a9477803411802c21c89c966efeeb4f1e6963ef41955e9071f87b22
GET /upload/vod/20230104-1/a0e011765327b6c6efb5c96b098f8c39.jpg HTTP/1.1
Host: img.ywtuchuang5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Tue, 31 Jan 2023 08:47:39 GMT
Content-Type: image/jpeg
Content-Length: 12537
Last-Modified: Tue, 03 Jan 2023 16:17:04 GMT
Connection: keep-alive
ETag: "63b45500-30f9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/220x120.gif
47.75.19.46200 OK 153 kB URL HTTP/1.1 yaoji666.oss-cn-hongkong.aliyuncs.com/gg/220x120.gif
IP 47.75.19.46:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 220 x 120\012- data
Size 153 kB (152902 bytes)
Hash 32ba08734784b5fa4bd5ccb4c418afc6
55ff8eddc8d4f57c72f453e164d90decb6f24b2a
fb40f93af9a17cfb47539c10c88d1f462e0795c4fb74ac0ae314a4b7c609c376
GET /gg/220x120.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 31 Jan 2023 08:47:38 GMT
Content-Type: image/gif
Content-Length: 152902
Connection: keep-alive
x-oss-request-id: 63D8D5AA22AAFC3935AA7CBE
Accept-Ranges: bytes
ETag: "32BA08734784B5FA4BD5CCB4C418AFC6"
Last-Modified: Tue, 02 Aug 2022 06:36:36 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12615694894249441682
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: MroIc0eEtfpL1cy0xBivxg==
x-oss-server-time: 2
img.jialiimg.com/upload/vod/20230105-1/e5a51699eb8c8067f5fe27c4eec76c37.jpg
108.186.171.14200 OK 197 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230105-1/e5a51699eb8c8067f5fe27c4eec76c37.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 197 kB (196589 bytes)
Hash 4f3fe909b33550ebdb749e83036f49e6
6c1b34a12d09c3ab1c5bcd164108c345ddc20280
a8a59da5df21108d5445707df1c2275481958d24f7aa7dc796a5dbb2cabaac27
GET /upload/vod/20230105-1/e5a51699eb8c8067f5fe27c4eec76c37.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 196589
last-modified: Wed, 04 Jan 2023 16:34:44 GMT
etag: "63b5aaa4-2ffed"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230106-1/8f452e4771899241b700f5fb7bd9e542.jpg
108.186.171.14200 OK 168 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230106-1/8f452e4771899241b700f5fb7bd9e542.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 168 kB (167708 bytes)
Hash c677b5f79fd61e030b63cf0e3745b947
701aa9432a49276df306bc04eb4845e8fbba0587
a9a30919747280f7a1089b67873bec3d95f91acd1b647164a8c00e632f169905
GET /upload/vod/20230106-1/8f452e4771899241b700f5fb7bd9e542.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 167708
last-modified: Thu, 05 Jan 2023 16:18:40 GMT
etag: "63b6f860-28f1c"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230106-1/59a3cec2bffcdead6a054f8981e46981.jpg
108.186.171.14200 OK 175 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230106-1/59a3cec2bffcdead6a054f8981e46981.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 175 kB (174565 bytes)
Hash 42b4565953b344f5161bdfcf9b3568c3
1812e866631a353865cbdd446af37ccb9cdeea03
8c00c5b67ffb1ffcedde6dec966ee27aaa342e53fc1ddea2e7c238b3825dc2cc
GET /upload/vod/20230106-1/59a3cec2bffcdead6a054f8981e46981.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 174565
last-modified: Thu, 05 Jan 2023 16:18:40 GMT
etag: "63b6f860-2a9e5"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.jialiimg.com/upload/vod/20230105-1/23e06b8cfc034b4a8ebe00891073546b.jpg
108.186.171.14200 OK 224 kB URL HTTP/2 img.jialiimg.com/upload/vod/20230105-1/23e06b8cfc034b4a8ebe00891073546b.jpg
IP 108.186.171.14:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size 224 kB (224073 bytes)
Hash c6c6c4c19493ad4af45b4ca41d9d875c
53298d8b61a668acdc8b35a9f7782d30af412dd6
98cd9b1c16f2714846c69ed6d89a0e368f2b85c0fda5c804e326184046cb5e0f
GET /upload/vod/20230105-1/23e06b8cfc034b4a8ebe00891073546b.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:48:02 GMT
content-type: image/jpeg
content-length: 224073
last-modified: Wed, 04 Jan 2023 16:34:49 GMT
etag: "63b5aaa9-36b49"
expires: Thu, 02 Mar 2023 08:48:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
43.154.254.32200 OK 1.6 MB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 640 x 200\012- data
Size 1.6 MB (1607696 bytes)
Hash 9c26f4dcfdfa72ecdcbe3ea854547b4c
fed85b90734400d6810be2b07403f5c8a194a507
ebd842d015d6684a6995a73f1e81f0dea219815318f8993501da9ca79cca74d2
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
content-length: 1607696
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:45 GMT
cache-control: max-age=2592000
x-delay: 91426 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1607696
chid: 0
fid: 0
x-nws-log-uuid: 44e506d2-9c47-49c4-a370-49cd8440f268
X-Firefox-Spdy: h2
imgsrc.baidu.com/super/pic/item/b31c8701a18b87d68b6fbbc1420828381f30fd3b.jpg
104.193.88.109200 OK 0 B URL HTTP/2 imgsrc.baidu.com/super/pic/item/b31c8701a18b87d68b6fbbc1420828381f30fd3b.jpg
IP 104.193.88.109:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /super/pic/item/b31c8701a18b87d68b6fbbc1420828381f30fd3b.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Tue, 31 Jan 2023 08:47:39 GMT
content-type: image/gif
content-length: 628554
access-control-allow-origin: *
etag: 304c505a4fa597c9ddbcc9686f7fad2e
expires: Thu, 02 Mar 2023 08:47:39 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
8499163.com/8499/150x150.gif
23.224.101.35200 OK 0 B URL HTTP/2 8499163.com/8499/150x150.gif
IP 23.224.101.35:0
GET /8499/150x150.gif HTTP/1.1
Host: 8499163.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:39 GMT
content-type: image/gif
content-length: 185171
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
etag: "2d353-5f0e00094173c"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.1163555.com/images/63a55ee8585d8a55b36609c3.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1163555.com/images/63a55ee8585d8a55b36609c3.gif
IP 3.36.126.81:0
GET /images/63a55ee8585d8a55b36609c3.gif HTTP/1.1
Host: img.1163555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/0332074d0cf944a6bfd16ee42cb38530
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 31 Jan 2023 08:47:37 GMT
content-type: image/gif
content-length: 1362871
vary: Accept,Origin
last-modified: Sat, 10 Jul 2021 16:21:47 GMT
cache-control: max-age=2592000
x-delay: 697 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 1362871
chid: 0
fid: 0
x-nws-log-uuid: 38bdcc35-0c46-4ef5-92aa-f8faa8a3c927
X-Firefox-Spdy: h2
www.moneyziyouwm.com/o.js
172.64.163.15200 OK 0 B URL HTTP/2 www.moneyziyouwm.com/o.js
IP 172.64.163.15:0
GET /o.js HTTP/1.1
Host: www.moneyziyouwm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
access-control-allow-origin:
cache-control: max-age=14400
cf-cache-status: HIT
age: 3789
last-modified: Tue, 31 Jan 2023 07:44:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrtEnE5KfgUz0owHmYMVkEx7AIdGY%2BkCGmxSVVXDqsTRgqkC9pA0SAmCqsYCPg5dS4vZPVhwLGhfEZhtVATHx4JSuoaBd5fcdk6pFCkdIl%2FSo1S7Rt4fCQ9nrw8YCbQ3Ph6NMEOUAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f09ad687686-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.3633a.com/images/63d4cf361eff8f93601b0337.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.3633a.com/images/63d4cf361eff8f93601b0337.gif
IP 3.36.126.81:0
GET /images/63d4cf361eff8f93601b0337.gif HTTP/1.1
Host: img.3633a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/55a7d75ae2cb486791d4d697e0154331
X-Firefox-Spdy: h2
img.3276a.com/images/63d4cee71eff8f93601b0335.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.3276a.com/images/63d4cee71eff8f93601b0335.gif
IP 3.36.126.81:0
GET /images/63d4cee71eff8f93601b0335.gif HTTP/1.1
Host: img.3276a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/279708542d404206a2cca0377b6e0a16
X-Firefox-Spdy: h2
img.9162x.com/images/637ba116cce1c6e2c29fed23.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.9162x.com/images/637ba116cce1c6e2c29fed23.gif
IP 3.36.126.81:0
GET /images/637ba116cce1c6e2c29fed23.gif HTTP/1.1
Host: img.9162x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/0d6b57d40f9842fda2732b741fc74e5b
X-Firefox-Spdy: h2
plugins.doubleclicks.biz/plugins/ua/linkid.js
104.21.16.35403 Forbidden 0 B URL HTTP/2 plugins.doubleclicks.biz/plugins/ua/linkid.js
IP 104.21.16.35:0
GET /plugins/ua/linkid.js HTTP/1.1
Host: plugins.doubleclicks.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTzheuo1HzcMU2bY0xrMU0mmb4XwCJbyq%2BZGPl%2Bieke50RPMG12g4YEoQPz%2BZWlrWT42f8AETf%2BMOBk6oyCZSarDHcnRqYCjw9rES0rvygtKUpmaRdlWd4fzXej26U4cXzOidD8Rp3lnPg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79212f082d81b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.9212x.com/images/6360ffd4f063a0336d55a5a7.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.9212x.com/images/6360ffd4f063a0336d55a5a7.gif
IP 3.36.126.81:0
GET /images/6360ffd4f063a0336d55a5a7.gif HTTP/1.1
Host: img.9212x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/d52e852e1a5f47939f93db5394906625
X-Firefox-Spdy: h2
img.u1339.com/images/6360ff14f063a0336d55a5a4.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.u1339.com/images/6360ff14f063a0336d55a5a4.gif
IP 3.36.126.81:0
GET /images/6360ff14f063a0336d55a5a4.gif HTTP/1.1
Host: img.u1339.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5958e46e18ab4bd08c87c878cb17f1d9
X-Firefox-Spdy: h2
img.8729x.com/images/636b9812bc00ae02cb23ef7c.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.8729x.com/images/636b9812bc00ae02cb23ef7c.gif
IP 3.36.126.81:0
GET /images/636b9812bc00ae02cb23ef7c.gif HTTP/1.1
Host: img.8729x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/22bfb16217cf4b16b6becdb8fe1e89b9
X-Firefox-Spdy: h2
img.1134555.com/images/63a5592b585d8a55b36609c1.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1134555.com/images/63a5592b585d8a55b36609c1.gif
IP 3.36.126.81:0
GET /images/63a5592b585d8a55b36609c1.gif HTTP/1.1
Host: img.1134555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.239.19.74/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5a41501bd20d46c1a65610f51f3595e9
X-Firefox-Spdy: h2
n0600.com/8e18288365d54ef59bdabab9f4b3340e.gif
13.212.90.224200 OK 0 B URL HTTP/2 n0600.com/8e18288365d54ef59bdabab9f4b3340e.gif
IP 13.212.90.224:0
GET /8e18288365d54ef59bdabab9f4b3340e.gif HTTP/1.1
Host: n0600.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 08:47:38 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Sun, 08 Jan 2023 13:02:26 GMT
etag: W/"63babee2-7dc8"
server: WAF/2.4-12.1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
img.1193555.com/images/6399822556eec67c33ea8867.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1193555.com/images/6399822556eec67c33ea8867.gif
IP 3.36.126.81:0
GET /images/6399822556eec67c33ea8867.gif HTTP/1.1
Host: img.1193555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/8cc88b54ca2245dc8fced54eb3a49e83
X-Firefox-Spdy: h2