r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5842
Expires: Fri, 03 Feb 2023 17:34:21 GMT
Date: Fri, 03 Feb 2023 15:56:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4546
Expires: Fri, 03 Feb 2023 17:12:45 GMT
Date: Fri, 03 Feb 2023 15:56:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 15:43:35 GMT
content-type: application/json
age: 804
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6913
Expires: Fri, 03 Feb 2023 17:52:12 GMT
Date: Fri, 03 Feb 2023 15:56:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Yt5hgbHGuSE33XcG+enyKY3lssxfAiyEayx2VAwtcfbQJDD/+GiO4+Id6eq9ygQMj/XIdEvW86/deuGFabhUYA==
x-amz-request-id: 3GGVHNCJ3PV13ZH1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 15:52:28 GMT
age: 271
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ivcs.top/
154.86.144.179301 Moved Permanently 0 B IP 154.86.144.179:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: ivcs.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 15:56:58 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.ivcs.top/index.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 15:56:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 15:07:19 GMT
age: 2980
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Fri, 03 Feb 2023 17:11:03 GMT
Date: Fri, 03 Feb 2023 15:56:59 GMT
Connection: keep-alive
www.ivcs.top/index.php
154.86.144.179200 OK 535 B IP 154.86.144.179:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (578), with CRLF line terminators
Hash e91b98ff4bc7a8bdc078c86163b19409
5ebe7d4281300e50aec0be8bccb6ab9d2230a9f5
f711e5dfe7067d5b632e1b906f55ab632bf4063c5d9636187942f5b2d312bb15
GET /index.php HTTP/1.1
Host: www.ivcs.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:56:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.148.238.232101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.238.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yxbE36Y8aKV8kTGSirjEUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bSkKwe/VogbT7KQAE0r+/2G8FBU=
www.ivcs.top/common.js
154.86.144.179200 OK 561 B IP 154.86.144.179:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (499), with CRLF line terminators
Hash 662e939e121a3cce98599dc59d84fd2f
472182b5bdc26dbf21b7961fd1b7d3418d0477cd
bc72633572176b3cf1f92678b05b60f466d7bee8c0c5282877ddfb1dbc705193
GET /common.js HTTP/1.1
Host: www.ivcs.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ivcs.top/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:56:59 GMT
Content-Type: application/x-javascript
Content-Length: 561
Connection: keep-alive
www.ivcs.top/tj.js
154.86.144.179200 OK 258 B IP 154.86.144.179:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash 53d6039fcea79a93359e6791d0a09d05
5fb0225f09b6009165328dad977e30c86b599984
f58e0cd9f410b97bbd477eb1f4fa75f7c95b04772c802e673de0e83f9ab15f4c
GET /tj.js HTTP/1.1
Host: www.ivcs.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ivcs.top/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:00 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.ivcs.top/favicon.ico
154.86.144.179200 OK 1.2 kB IP 154.86.144.179:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.ivcs.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ivcs.top/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:00 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 08 Feb 2023 15:57:00 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
adx.ytai7.top/
122.10.14.247200 OK 191 B IP 122.10.14.247:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 6fb55246d414e63501817bfcb0636303
27757a3287d4108730ab6549d378cede7aec606f
d16f39b0b211331bcdd5668a10b0320cd128b96f31c784e1e9e89f929ed245a7
GET / HTTP/1.1
Host: adx.ytai7.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ivcs.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 10:57:59 GMT
Accept-Ranges: bytes
ETag: "96f930e63d27d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 03 Feb 2023 15:57:00 GMT
Content-Length: 191
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4908
Expires: Fri, 03 Feb 2023 17:18:49 GMT
Date: Fri, 03 Feb 2023 15:57:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4908
Expires: Fri, 03 Feb 2023 17:18:49 GMT
Date: Fri, 03 Feb 2023 15:57:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4908
Expires: Fri, 03 Feb 2023 17:18:49 GMT
Date: Fri, 03 Feb 2023 15:57:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 62891
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 55917
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 20c6f462-0f1f-44d1-9b6b-6afbc4e79e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpYpcELtIAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da07d5-44cd803c0feba28919b0a9ec;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 06:33:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T3PhGRcHX1X2hn8K_4587fXBrEyuY5Em-b9Jg41uH4uyQXeFoRBIYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:55:01 GMT
age: 64920
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 62948
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e706db8a6107758a148463e916f2532d
4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81
673f18036a53f8ff297ef6a63fd094e7c41d90f3960f0e687a741cc7dd3f6172
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6791
x-amzn-requestid: 665115ea-728e-4a55-aaf8-b09db3fa67a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffl96FIzIAMFYGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61d25-0abbd7262ca10b7a7d2bf9eb;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:15:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T-OEFTj1rywKfBhEUUD0Rc6pFbk-gyFsETr_fjDQR5WGHAVOBgrB9A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 19:18:01 GMT
age: 74340
etag: "4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 39820
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash ca29ac0fdd552d7c08fbd199b1746edf
47585027ec1197d72a7357902a6bd1d13126ad91
7c344cd8d39bb998f0defd0b8612afeb054ba1fef78b0b4115a90c710cd46eb2
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 12:24:22 GMT
ETag: "47585027ec1197d72a7357902a6bd1d13126ad91"
Last-Modified: Fri, 03 Feb 2023 12:24:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3139
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793c5c242ebffab4-OSL
pky.ytmv5.top/
122.10.49.246200 OK 195 B IP 122.10.49.246:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash ea207f7a0510700985877e8878ebe46d
d31828e7e94b30f2d9ae3a3aa333f45be55538de
e9f8fd0ebf85bc6580c4c2a4f91ed4853dfa33b1aeac56e488558dbfc978e5cf
GET / HTTP/1.1
Host: pky.ytmv5.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adx.ytai7.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 03 Feb 2023 14:39:30 GMT
Accept-Ranges: bytes
ETag: W/"7521a53dd37d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Length: 195
zu4.ytvw11.top/
122.10.19.172200 OK 6.6 kB IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (365), with CRLF line terminators
Hash cf86e094504105a906415df6ec8ac63d
eb9239d1f75c4cc9925efa7024877c5d8ea4c0bb
302ffa84f51b9c1390fe27eca61f4f9e19c9b0cfc3b73186aa11fabf001e4d12
GET / HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pky.ytmv5.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=50g80cvj2fe3uba4i9voikitl0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
hm.baidu.com/hm.js?83926cc48441b7a8cede93a1f811a098
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?83926cc48441b7a8cede93a1f811a098
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash d15b437001b86137a8fe6f300fa1400f
66affc92514d15beb6a791386added61a3740836
f9f8e47d502914a4ca1d91aaa70791a8c880f3360165934635eee88ccf7d4c1b
GET /hm.js?83926cc48441b7a8cede93a1f811a098 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ivcs.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 15:57:01 GMT
Etag: e838b667c5a9d7b9136fa449f7560112
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DC9724DAF347B262; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
zu4.ytvw11.top/static/js/jquery.lazyload.js
122.10.19.172200 OK 744 B URL HTTP/1.1 zu4.ytvw11.top/static/js/jquery.lazyload.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2230)
Hash 6348619cde36c75bca818e8ac92837ac
f7fe9d84289deda6cd3e182ba5e744c8bc442c4f
c02b12be56711ac7752e9f4842b0b1bd3689fe5f357ed2eca198d8f5c0715d9e
GET /static/js/jquery.lazyload.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-8b8"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/static/js/jquery.js
122.10.19.172200 OK 37 kB URL HTTP/1.1 zu4.ytvw11.top/static/js/jquery.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
GET /static/js/jquery.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-169d5"
Expires: Sat, 04 Feb 2023 03:57:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/static/js/jquery.autocomplete.js
122.10.19.172200 OK 6.3 kB URL HTTP/1.1 zu4.ytvw11.top/static/js/jquery.autocomplete.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 017ab50786774a4a7fae3a5bc3d7ffbd
e49fa45c10bf04810f6fceb896c35042c88417f6
fd1ec0a20c8c5f196840fc9c2e29decf3889f183fa0f566977454d9956e2a4ba
GET /static/js/jquery.autocomplete.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: application/javascript
Last-Modified: Mon, 08 Jul 2019 02:10:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5fa-6215"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/static/js/home.js
122.10.19.172200 OK 10 kB URL HTTP/1.1 zu4.ytvw11.top/static/js/home.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators
Hash cf27875c07ac1742b6554d5c6369812f
d7a01a40e5144cdcd36a8588cbb929e317019a78
a558013b5c70dc000814a5045bd1988aec1ce0552617fbb38f3349b923119440
GET /static/js/home.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Apr 2020 14:28:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ea83d74-994e"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/template/m1938pc/static/css/layer.css
122.10.19.172200 OK 1.4 kB URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/static/css/layer.css
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 (with BOM) text, with very long lines (5261), with no line terminators
Hash 1ecab368d900dfeb45c936a58b1199d2
787f95478788ae15a6724648a3d6e4cdaa1822d7
d1f5386addc2e6a5b22fc448e04f81f521e89630660ec1577c63e694352a7cb2
GET /template/m1938pc/static/css/layer.css HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Dec 2021 08:05:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61b9a1bf-1492"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1506055931&si=83926cc48441b7a8cede93a1f811a098&v=1.3.0&lv=1&sn=37579&r=0&ww=1280&u=http%3A%2F%2Fwww.ivcs.top%2Findex.php&tt=%E5%94%90%E5%B1%B1%E8%B0%8E%E5%9D%8F%E6%B1%BD%E8%BD%A6%E7%A7%9F%E8%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1506055931&si=83926cc48441b7a8cede93a1f811a098&v=1.3.0&lv=1&sn=37579&r=0&ww=1280&u=http%3A%2F%2Fwww.ivcs.top%2Findex.php&tt=%E5%94%90%E5%B1%B1%E8%B0%8E%E5%9D%8F%E6%B1%BD%E8%BD%A6%E7%A7%9F%E8%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1506055931&si=83926cc48441b7a8cede93a1f811a098&v=1.3.0&lv=1&sn=37579&r=0&ww=1280&u=http%3A%2F%2Fwww.ivcs.top%2Findex.php&tt=%E5%94%90%E5%B1%B1%E8%B0%8E%E5%9D%8F%E6%B1%BD%E8%BD%A6%E7%A7%9F%E8%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ivcs.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 15:57:03 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C783DC0BBCF93B6C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
zu4.ytvw11.top/template/m1938pc/static/css/home.css
122.10.19.172200 OK 7.2 kB URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/static/css/home.css
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 08bf712abd56c10c5eae65e2adcc96fa
e9836eb37ab60bc494e396fc74e5a99ebe327c32
ad22df0d2d45f85ec1de2b146fa997ba8151a61e44023ecd51a3ffe660fa4af4
GET /template/m1938pc/static/css/home.css HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: text/css
Last-Modified: Wed, 15 Dec 2021 12:40:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61b9e230-a392"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/template/m1938pc/ads/shanghf.js
122.10.19.172200 OK 1.3 kB URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/ads/shanghf.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9fc72705d4db3fbd752e49c2c497d0b6
c9d69f09ac286a5c1d36af97979e1b2c8b4155d2
3fdc1c7e9de5025e186e92467441f993f5e097a6499f81411ff99f3fca762894
GET /template/m1938pc/ads/shanghf.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Feb 2023 11:01:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63dce990-21e4"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
zu4.ytvw11.top/template/m1938pc/static/css/styles.css
122.10.19.172200 OK 20 kB URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/static/css/styles.css
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (2135), with CRLF line terminators
Hash b1c07819ca6b0512ecc82e601c8ca003
971b6684cc252b541f1f1b8726aaa34ff7124e7b
ccde075256e9771c24692aa5f54f937bb7f1c015f888d109524eaa0c5a102dd9
GET /template/m1938pc/static/css/styles.css HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: text/css
Last-Modified: Thu, 16 Dec 2021 05:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61bacb52-17cd2"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/template/m1938pc/ads/dh.js
122.10.19.172200 OK 1.4 kB URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/ads/dh.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash f47254b2bfa8d20a99d85b6061847268
dc9977aeff3f4cd65a32067cca7d3b0c18994905
79495e6bbb16593027daae788320cc32801675640a550ca538a6055ac9e0eaa2
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Feb 2023 14:43:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63dbcc24-2cf0"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/template/m1938pc/ads/77.js
122.10.19.172200 OK 574 B URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/ads/77.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 1fb055805fc03e84744926a65760a3af
315da205238afed46612b0a35adfb998b836c05c
b58429c13281e3b326286572a0761c117b61b70899fce709f6b80d2e0205f969
GET /template/m1938pc/ads/77.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Feb 2023 14:43:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63dbcc12-451"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/template/m1938pc/ads/dibuhf.js
122.10.19.172200 OK 403 B URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/ads/dibuhf.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash c940cef90694944c493c1d23a4e24578
3fbee6bcb55eddddd29e9828c96c088307f2ef56
e7d74eb2378144b345d319b906e4e1ad83c572c6709de14de45c77c9b8f41adb
GET /template/m1938pc/ads/dibuhf.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Feb 2023 14:43:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63dbcc2b-468"
Expires: Sat, 04 Feb 2023 03:57:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zu4.ytvw11.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
zu4.ytvw11.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
zu4.ytvw11.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 15:57:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
zu4.ytvw11.top/template/m1938pc/static/fonts/f1d752b16d6b4a78871e7ed63ffdddb4.woff
122.10.19.172200 OK 194 kB URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/static/fonts/f1d752b16d6b4a78871e7ed63ffdddb4.woff
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size 194 kB (193452 bytes)
Hash 7e4676a929e4897200b2cc6decbdbaef
d472a97057a6f012711fa01fb81ee37745075590
0d185013f6f00ad3e9b06a7a7ba7c29ed5bc500db689320c2a06f0faedd86b18
GET /template/m1938pc/static/fonts/f1d752b16d6b4a78871e7ed63ffdddb4.woff HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://zu4.ytvw11.top/template/m1938pc/static/css/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:03 GMT
Content-Type: font/woff
Content-Length: 193452
Last-Modified: Wed, 15 Dec 2021 08:05:35 GMT
Connection: keep-alive
ETag: "61b9a1cf-2f3ac"
Accept-Ranges: bytes
dimg04.c-ctrip.com/images/0102y12000abt01aa9FED.gif
104.110.17.24200 OK 1 B URL HTTP/2 dimg04.c-ctrip.com/images/0102y12000abt01aa9FED.gif
IP 104.110.17.24:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET /images/0102y12000abt01aa9FED.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 1
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7676017
expires: Wed, 03 May 2023 12:10:41 GMT
date: Fri, 03 Feb 2023 15:57:04 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0101u12000afi1qkd7430.gif
104.110.17.24200 OK 1 B URL HTTP/2 dimg04.c-ctrip.com/images/0101u12000afi1qkd7430.gif
IP 104.110.17.24:0
File type very short file (no magic)
Hash cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET /images/0101u12000afi1qkd7430.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 1
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7675919
expires: Wed, 03 May 2023 12:09:03 GMT
date: Fri, 03 Feb 2023 15:57:04 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
zu4.ytvw11.top/template/m1938pc/ads/250.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/ads/250.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/250.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 15:57:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
zu4.ytvw11.top/template/m1938pc/static/fonts/iconfont.fa27ec7fe2f9d852bf7c-15.woff
122.10.19.172200 OK 548 B URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/static/fonts/iconfont.fa27ec7fe2f9d852bf7c-15.woff
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /template/m1938pc/static/fonts/iconfont.fa27ec7fe2f9d852bf7c-15.woff HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://zu4.ytvw11.top/template/m1938pc/static/css/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:04 GMT
Content-Type: font/woff
Content-Length: 548
Last-Modified: Wed, 15 Dec 2021 08:06:29 GMT
Connection: keep-alive
ETag: "61b9a205-224"
Accept-Ranges: bytes
zu4.ytvw11.top/cssadmin/tongji.js
122.10.19.172404 Not Found 146 B URL HTTP/1.1 zu4.ytvw11.top/cssadmin/tongji.js
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /cssadmin/tongji.js HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 15:57:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
zu4.ytvw11.top/template/m1938pc/static/fonts/iconfont.2bf44c243e7df0a70044-15.ttf
122.10.19.172200 OK 548 B URL HTTP/1.1 zu4.ytvw11.top/template/m1938pc/static/fonts/iconfont.2bf44c243e7df0a70044-15.ttf
IP 122.10.19.172:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /template/m1938pc/static/fonts/iconfont.2bf44c243e7df0a70044-15.ttf HTTP/1.1
Host: zu4.ytvw11.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/template/m1938pc/static/css/styles.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 15:57:04 GMT
Content-Type: application/octet-stream
Content-Length: 548
Last-Modified: Wed, 15 Dec 2021 08:07:13 GMT
Connection: keep-alive
ETag: "61b9a231-224"
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3d8cc43bbb9061b5810fa425126de362
5948bdd14fa360ab0a390b7b9d8c2edc823a4ecf
645f02b8dacf5bc2e88606e702820bc3554dc63dde6452bab292b5aeca6fa9db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "645F02B8DACF5BC2E88606E702820BC3554DC63DDE6452BAB292B5AECA6FA9DB"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16022
Expires: Fri, 03 Feb 2023 20:24:06 GMT
Date: Fri, 03 Feb 2023 15:57:04 GMT
Connection: keep-alive
u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
13.227.254.111200 OK 396 kB URL HTTP/2 u22088.com/f7fd72d8ade7e262c4b4f656dd460724.gif
IP 13.227.254.111:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 396 kB (395600 bytes)
Hash 5155d4f34bc2f7e77b9fe8e854d9e96f
408ed373dd26d934ee70f30b0e47a9dc8049983f
db9f393331e2d56fe7da37b7822590b82524e2dde508848299877daeae1df3be
GET /f7fd72d8ade7e262c4b4f656dd460724.gif HTTP/1.1
Host: u22088.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 395600
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 17 Dec 2022 11:55:02 GMT
etag: "5155d4f34bc2f7e77b9fe8e854d9e96f"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: v6Srd0K1VhR77cefV429uKiflLXBR4FensUyumqLnhDP2m3QdyVx8Q==
age: 2102698
X-Firefox-Spdy: h2
u22088.com/8e089c8e4c324c8bc1a08f5fe77e5165.gif
13.227.254.111200 OK 293 kB URL HTTP/2 u22088.com/8e089c8e4c324c8bc1a08f5fe77e5165.gif
IP 13.227.254.111:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 293 kB (292555 bytes)
Hash f6f0bb4a97a38572c3525a718b3b71e6
085dfa8c21aa72bd6ba99a9cc348faaf6d67cb8f
4543d34b4055aed3dd9aaef2f598e211341547a238db3e8d88c060c511e83975
GET /8e089c8e4c324c8bc1a08f5fe77e5165.gif HTTP/1.1
Host: u22088.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 292555
date: Mon, 16 Jan 2023 05:14:10 GMT
last-modified: Fri, 13 Jan 2023 11:20:08 GMT
etag: "f6f0bb4a97a38572c3525a718b3b71e6"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xdwvnHR1EQR8O6L6ErMZKdGsmDU5gj12KxO4YTnobOJkJ9pWJ0F_ug==
age: 1593775
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash 53861f51baf41d2cc493798cd29d1ec7
8fc89684a436ae41e2650fcbb61ec096e410eb1a
eabee428664ca4f0f92663c5be048d24d873188ccaeff95a36c4c8bc5bbc5eae
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Tue, 07 Feb 2023 14:38:09 GMT
ETag: "8fc89684a436ae41e2650fcbb61ec096e410eb1a"
Last-Modified: Fri, 03 Feb 2023 14:38:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2082
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793c5c3bada00b06-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash c8f60eace429a7a24a4975a62d438ca3
1b7ce48de17a5b401a5f65ef60f89643566a4c50
713ba87ead83361d915c71bf68588173e0ca4715171f0d7e3e2afb2eed70727c
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Tue, 07 Feb 2023 13:47:50 GMT
ETag: "1b7ce48de17a5b401a5f65ef60f89643566a4c50"
Last-Modified: Fri, 03 Feb 2023 13:47:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 443
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793c5c3baa88b4ed-OSL
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 1a26f4f67ba9aa8838ff0326a340fd2e
c32a274ad530a1ef01ae6d8b536cdff8ecf8f1df
60ab6f94dd843b704ba89c7dd883f934cd79cf9fee2ce519207c1b600910b3a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 15:57:05 GMT
Last-Modified: Fri, 03 Feb 2023 15:40:27 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 727
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 4596ce41f448b5fbc4dcb73c643728a8
c11f3fa635fdd7be9a4b0b3828d41ff8567dc610
0524953aa9c0be59dfd44145da61c92f5a885e88a35fda426412fc8ce8219597
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 07 Feb 2023 13:22:01 GMT
ETag: "c11f3fa635fdd7be9a4b0b3828d41ff8567dc610"
Last-Modified: Fri, 03 Feb 2023 13:22:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2907
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793c5c3bcdc40b06-OSL
p3.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/7558099dc34b48e792b26c791c0d1791~noop.image
47.246.44.230200 OK 126 kB URL HTTP/2 p3.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/7558099dc34b48e792b26c791c0d1791~noop.image
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 500 x 280\012- data
Size 126 kB (125587 bytes)
Hash 29930865c2e520335eec8f890fda0c9c
25b9fc28d5003d87ad4914cfee4cfa11854b08df
d1c26c69e700aeb970018e324e530fe9d1f8e0996dede9ac2ca4a47e05abf662
GET /img/tos-cn-i-siecs4i2o7/7558099dc34b48e792b26c791c0d1791~noop.image HTTP/1.1
Host: p3.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 125587
date: Fri, 19 Aug 2022 21:16:47 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 19 Aug 2022 10:04:04 GMT
nw-session-id: 20220819180404010210042050347E065C5gpds02la
nw-session-trace: 2022-08-19T18:04:04.461428434+08:00 108
x-bdcdn-cache-status: TCP_HIT
x-length: 125587
x-powered-by: ImageX
x-response-date: Fri, 19 Aug 2022 18:04:04 GMT
x-tt-logid: 20220819180404010210042050347E065C
via: n150-054-026, cache16.l2de2[0,11,200-0,H], cache25.l2de2[12,0], cache25.l2de2[12,0], cache8.se1[0,0,200-0,H], cache3.se1[3,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 010a28e97b7060d4afb8037abacbeb6eba847e2093358076bae38d12c7a3b65f779f207f5d9166980008d9c0a789d499d8107d0d509e615cf755f880441e814bc1447ea0ff4634d2dfecd15a9868e42679563115fbe87ad4a91e05f4204cf1bf8f
x-response-lb: image
ali-swift-global-savetime: 1660943807
age: 14496018
x-cache: HIT TCP_HIT dirn:1:352561808
x-swift-savetime: Wed, 31 Aug 2022 16:31:20 GMT
x-swift-cachetime: 30516327
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716754398252404000e
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 570aed760a23350d4d0492a330c7c80e
442284fb2faa38d348a7944385034a3ef25e2564
3e48d4ee4568ffaaefb4a18caa40234d28d5fdb9ddf01397af408456fb448182
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96670
Date: Fri, 03 Feb 2023 15:57:05 GMT
Etag: "63dbf1f3-1d7"
Expires: Sat, 04 Feb 2023 18:48:15 GMT
Last-Modified: Thu, 02 Feb 2023 17:25:07 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cFhCt_epd7qoeWrc6g8jdbaWKrXVsSM81-pu-q4ZoGg3eddqj0NsVw==
Age: 4988
hm.baidu.com/hm.js?d8989362584b5b1658654f26eff6b689
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d8989362584b5b1658654f26eff6b689
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 84189ee5563344656319f204a698f70a
54292ecd18eda40a62c403dbe51fa4937a05dd1e
4d006ffb9af1c01056925a81a5680c1f848dacac3f67aa24939cb7480002603a
GET /hm.js?d8989362584b5b1658654f26eff6b689 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 15:57:04 GMT
Etag: 289f98b92f3c6cc9643101e1c9f027f0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E9F55D75B068AC33; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 6fc23e1747da01db1997ca723c25eb2c
9ab6270a0cb142ee2771786380dafb171be5c150
8fc80a3ed19d5322f0faad074f8eb2ca57a0d2b6bdcb1fd03ae53877665d1455
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 15:57:04 GMT
Etag: 28be621b400960e6d9ea1255d4c1bbce
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A4444777704021AE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.r2m02.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 61335496e7db044954cc338f78815ad3
2dbf9565398e353769ebfd7869f92093162333fe
64e46827cd83b541ff9dfbdd20b27ba69d546523e61fe337cc212ef4a406ecce
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111037
Date: Fri, 03 Feb 2023 15:57:05 GMT
Etag: "63dc33ec-1d7"
Expires: Sat, 04 Feb 2023 22:47:42 GMT
Last-Modified: Thu, 02 Feb 2023 22:06:36 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qpaRf0XaKytRu3-kc9WnbJ_eTFFGTyG9ufGhWwvptLaudd2jjNsPiA==
Age: 2466
hlggimg.com/1023/640_200_2.gif
172.247.80.60200 OK 67 kB URL HTTP/2 hlggimg.com/1023/640_200_2.gif
IP 172.247.80.60:0
File type GIF image data, version 89a, 640 x 200\012- data
Hash 3d428957baf4858b9fa51159eed760b8
9bedac19dab8eaa07f1fa834a07b605bba8aa580
6525a61e3d6e20e3c5af390648c7f498e8c9deb969b28bb24d97f71277e2a414
GET /1023/640_200_2.gif HTTP/1.1
Host: hlggimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 15:57:04 GMT
content-type: image/gif
content-length: 66992
last-modified: Sun, 23 Oct 2022 14:56:58 GMT
etag: "6355563a-105b0"
expires: Sun, 05 Mar 2023 10:24:33 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9ebebcbbe40b19e7f6c0cf8942835924
06febf4af361f65af7ef6ede3c2075e231950a92
ab43947814d192d0d68f7d281f319f9ff90e5fbb1c55d01a5f248fd297249d3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB43947814D192D0D68F7D281F319F9FF90E5FBB1C55D01A5F248FD297249D3A"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1352
Expires: Fri, 03 Feb 2023 16:19:37 GMT
Date: Fri, 03 Feb 2023 15:57:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 790b51b5eab785512f7fea3ec5c11974
f7cde5e901fefa3d3a1887256f9a74866d086643
507d27c91dd11aadd89952ed57c88f98bcaaf2bbcda64e9665b9a9f9df043b49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "507D27C91DD11AADD89952ED57C88F98BCAAF2BBCDA64E9665B9A9F9DF043B49"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20516
Expires: Fri, 03 Feb 2023 21:39:01 GMT
Date: Fri, 03 Feb 2023 15:57:05 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 790b51b5eab785512f7fea3ec5c11974
f7cde5e901fefa3d3a1887256f9a74866d086643
507d27c91dd11aadd89952ed57c88f98bcaaf2bbcda64e9665b9a9f9df043b49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "507D27C91DD11AADD89952ED57C88F98BCAAF2BBCDA64E9665B9A9F9DF043B49"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18365
Expires: Fri, 03 Feb 2023 21:03:10 GMT
Date: Fri, 03 Feb 2023 15:57:05 GMT
Connection: keep-alive
u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
13.227.254.86200 OK 288 kB URL HTTP/2 u22055.com/fee6dc0783e7085f6b3452a1155d4b4a.gif
IP 13.227.254.86:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 288 kB (288397 bytes)
Hash e17bb688cfdae836ea866c47e92a022a
d748bb7b13696141ba768280a21d3dac482e3a0c
cb9affdc029bd6deb908ab9786fad62113c4ba28d2e9a8926cbed0c5e2c2aa6a
GET /fee6dc0783e7085f6b3452a1155d4b4a.gif HTTP/1.1
Host: u22055.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 288397
date: Tue, 10 Jan 2023 07:52:07 GMT
last-modified: Sat, 24 Dec 2022 08:23:21 GMT
etag: "e17bb688cfdae836ea866c47e92a022a"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d57d3cbfc5a5b868b460784e4cd7888.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hPdl0Q8mmcJFkvt2zK-ZSIPKH8fC97MzhDRhOtcNI3mPCI51lXPp8g==
age: 2102698
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9ebebcbbe40b19e7f6c0cf8942835924
06febf4af361f65af7ef6ede3c2075e231950a92
ab43947814d192d0d68f7d281f319f9ff90e5fbb1c55d01a5f248fd297249d3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB43947814D192D0D68F7D281F319F9FF90E5FBB1C55D01A5F248FD297249D3A"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7605
Expires: Fri, 03 Feb 2023 18:03:50 GMT
Date: Fri, 03 Feb 2023 15:57:05 GMT
Connection: keep-alive
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 57fac9199c01f6ae73fd0be0a4e53e21
4a82b4265cb0f739e57511542b390608a1465d91
e693e93c62afa91e5f03a31de93efcbfcc2b9a604c9efb9daca82b260223e561
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5901
Cache-Control: max-age=152658
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 15:57:05 GMT
Etag: "63dcc916-1d7"
Expires: Sun, 05 Feb 2023 10:21:23 GMT
Last-Modified: Fri, 03 Feb 2023 08:43:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.r2m01.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 143.204.48.16:0
Hash dc135167c7248e18be39287bd52a1d69
22fd4cffd11a9621692f31e7302287633d46cf05
7407dedbc92ea83c966b227fee944fbfe3d6c3771c396fe71df529a940541ee7
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 15:57:05 GMT
Etag: "63dc777a-1d7"
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GFpiULobAuKqtu7CyQizXuma6b-Qqn3G6Z66m2gi3CNDEGkIXoozoA==
u25011.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.127200 OK 864 kB URL HTTP/2 u25011.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.127:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: u25011.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 05:46:21 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 0fa3b62de49c01129844acc24e390b56.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 31WN_6rhahge7nESE4vkSub2rP11mYy22dQj3L4hkjzX3cM4e5m4ww==
age: 36644
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 389f0a6c6cc60596d8e396bd429410a6
e37475c33090d84aa9bb64ffb7c3bcc8ab5783b2
08f4c3b055b13c8f2835366317e48c3a432336985c2490220ebf9a0bf3d189e8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 17:12:58 GMT
Expires: Wed, 08 Feb 2023 17:12:57 GMT
Etag: "e37475c33090d84aa9bb64ffb7c3bcc8ab5783b2"
Cache-Control: max-age=435951,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793c5c3e8a27b4fd-OSL
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=28993458&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37582&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=28993458&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37582&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=28993458&si=09b570ae57a8bdd90710ea1938df4e59&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37582&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 15:57:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F44D5308F02DB331; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1662742920&si=d8989362584b5b1658654f26eff6b689&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37582&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1662742920&si=d8989362584b5b1658654f26eff6b689&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37582&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1662742920&si=d8989362584b5b1658654f26eff6b689&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37582&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 15:57:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F32EA2AD57FE8ECE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 234b25ef02fe456c2342edce694c51c2
9d8fcaa0ec4e98017866ad4e1e4a9e85d5879205
fc3ac4c094c2d679921b9a85038bff36100e6a1dbbc80f120a8dea537ed0bdbe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC3AC4C094C2D679921B9A85038BFF36100E6A1DBBC80F120A8DEA537ED0BDBE"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=441
Expires: Fri, 03 Feb 2023 16:04:26 GMT
Date: Fri, 03 Feb 2023 15:57:05 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6d3bf0959a0cfe7a027e5ef95b0a4baa
f8b727f988eccece292a966d69e49d0154aa96d2
aec63aa078dabe4a3352f704496ad76686db145cd1cf573a287679454f7f2528
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 15:39:06 GMT
Expires: Wed, 08 Feb 2023 15:39:05 GMT
Etag: "f8b727f988eccece292a966d69e49d0154aa96d2"
Cache-Control: max-age=430319,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793c5c3e8b36b517-OSL
p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
211.152.148.72200 OK 1.1 MB URL HTTP/2 p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
IP 211.152.148.72:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 1.1 MB (1086086 bytes)
Hash fe1357abf524bc560d11e4af8beddaf9
175486b7fa4830246014f760a759f4aacf460b7c
fac07ee4c01eab6eeb7c10dbaca74fbfde9a4dbfc0fa88325cf32ecdc405603a
GET /dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif HTTP/1.1
Host: p1.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 15:57:05 GMT
content-type: image/gif
content-length: 1086086
server: NWS_Oversea_AP
cache-control: max-age=5184000
expires: Tue, 04 Apr 2023 15:57:04 GMT
last-modified: Tue, 07 Mar 2023 08:18:57 GMT
x-nws-log-uuid: bc0950b2-ce4a-41d8-a6a1-45a705d0c718
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-nws-uuid-verify: 451d89a50d1e2b2cc00cf26d7b40d270
m-traceid: kaiwwg7g47cexjt8s7rc
age: 1866758
timing-allow-origin: *
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
X-Firefox-Spdy: h2
pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
185.10.104.115200 OK 1.3 MB URL HTTP/2 pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.3 MB (1296026 bytes)
Hash 5f356028e5e94176f56a75568e49ae20
3796c4c950687811a1d1f80fd9e31e718bda0f85
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
GET /bjh/5f356028e5e94176f56a75568e49ae20.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 03 Feb 2023 15:57:05 GMT
content-type: image/gif
content-length: 1296026
expires: Sun, 29 Jan 2023 03:44:38 GMT
last-modified: Sun, 01 May 2022 03:41:02 GMT
etag: "5f356028e5e94176f56a75568e49ae20"
age: 735147
accept-ranges: bytes
content-md5: XzVgKOXpQXb1anVWjkmuIA==
x-bce-content-crc32: 619664397
x-bce-debug-id: qoHJbuYLCrwt6BohAJHKhB1la/dLtPckbQZCDsLdCYj3ffbVUHMGsmUK6fqoM0iXz1HI2DGQutkKVrhCRx8zZA==
x-bce-request-id: f2b33ae6-db81-4f70-9150-c6452b74a3f4
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 03:44:37 GMT
ohc-cache-hit: fra01-sys-jomo6.fra01.baidu.com [2], fra01-sys-jomo8.fra01.baidu.com [2], zhuzuncache62 [3], suzix207 [3]
ohc-file-size: 1296026
x-cache-status: HIT
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230202-1/3559cfbedcdcc27c6eed38ae732b3c62.jpg
23.224.136.188200 OK 193 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/3559cfbedcdcc27c6eed38ae732b3c62.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 193 kB (193256 bytes)
Hash 25cee7a467878481a99d34a54bf9dec8
fcd845c49f28ae5f3e2d569e0975a319da595097
ab154c2f90393af751045d95e315039706bd1ccf3f5701680e64a88db3ec77e6
GET /upload/vod/20230202-1/3559cfbedcdcc27c6eed38ae732b3c62.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: image/jpeg
Content-Length: 193256
Last-Modified: Thu, 02 Feb 2023 03:44:42 GMT
Connection: keep-alive
ETag: "63db31aa-2f2e8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230202-1/0a33b1dea72e71771dd833f62c742654.jpg
23.224.136.188200 OK 186 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/0a33b1dea72e71771dd833f62c742654.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 186 kB (185767 bytes)
Hash 9372686c688cc91b4096b11f6370022f
159aae61dfaec02755264a7dd6dead538ccdd8d7
a944ef7a22a11de757c88a5f78fffe37ddbeb03111bb851229ea8a676866ff42
GET /upload/vod/20230202-1/0a33b1dea72e71771dd833f62c742654.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: image/jpeg
Content-Length: 185767
Last-Modified: Thu, 02 Feb 2023 03:41:51 GMT
Connection: keep-alive
ETag: "63db30ff-2d5a7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230202-1/2b2c975ff9e10b9e5d4f6e80dc1ecaf4.jpg
23.224.136.188200 OK 190 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/2b2c975ff9e10b9e5d4f6e80dc1ecaf4.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 190 kB (189815 bytes)
Hash 732b8c44b1c0e3a23589ee79f08ca9f9
852663a435073a3f171f1d9ec788a22cc080b4d1
f0b72b27fd808206f65c5d66cbd55c58436ceab3fc37c936058f23e64605bcc0
GET /upload/vod/20230202-1/2b2c975ff9e10b9e5d4f6e80dc1ecaf4.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: image/jpeg
Content-Length: 189815
Last-Modified: Thu, 02 Feb 2023 03:42:30 GMT
Connection: keep-alive
ETag: "63db3126-2e577"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2bbff2624d80ab248ae195a17ad3d308
3f5d5ac98b63468455bd6e15fbbdb08fb399aa7c
6dc3bdf6fe9585015db664d75265338309ef602866bec05004533fb9f0a30102
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 00:23:47 GMT
Expires: Wed, 08 Feb 2023 00:23:46 GMT
Etag: "3f5d5ac98b63468455bd6e15fbbdb08fb399aa7c"
Cache-Control: max-age=375399,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793c5c406cd5b4fd-OSL
hm.baidu.com/hm.js?f60217089b1da6d1d44680872fcaac43
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f60217089b1da6d1d44680872fcaac43
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash c9fb0a6d6f590431ee46a590e4bc10a4
29142cac0e14d18cc5fcf8be10bbdbb84efcb282
269f0dc4fca379dc433aceddd6a43770bdf2f2f5ccd1ddf81f85ed0a91fa9b6d
GET /hm.js?f60217089b1da6d1d44680872fcaac43 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 15:57:05 GMT
Etag: 280818ee21f7dbe690a1fea63be2e8d5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=34C51B1C19D42084; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ttzytp3.com/upload/vod/20230202-1/05e699f4eded5faa82cc7d8bd039f88a.jpg
23.224.136.188200 OK 177 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/05e699f4eded5faa82cc7d8bd039f88a.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 177 kB (176989 bytes)
Hash 69d1221e4372f73f69f3138e9120b8bc
b5902d481bab14f777f825e83cbb00ea05de9ed4
49571719eff3729d510b8aaa770e256466a5768c873e3f5384069421d1e1c07b
GET /upload/vod/20230202-1/05e699f4eded5faa82cc7d8bd039f88a.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: image/jpeg
Content-Length: 176989
Last-Modified: Thu, 02 Feb 2023 03:45:32 GMT
Connection: keep-alive
ETag: "63db31dc-2b35d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230202-1/d944d214414f0a02edabbe114ec3236f.jpg
23.224.136.188200 OK 179 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/d944d214414f0a02edabbe114ec3236f.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 179 kB (178810 bytes)
Hash cf6fff2af3aae16dff3926e0bfdfbcf9
18fa17376b90df34a324be1e1d44e05274a1ee62
045a536478342a41f13c3c4b04d9b28c6f354a656c7621bdcad11d7f464bd241
GET /upload/vod/20230202-1/d944d214414f0a02edabbe114ec3236f.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: image/jpeg
Content-Length: 178810
Last-Modified: Thu, 02 Feb 2023 03:42:30 GMT
Connection: keep-alive
ETag: "63db3126-2ba7a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?6cdc9a2253c9e58f82eb10fc564d352b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 4ec03bd820284ae5d1881601a113d1e5
bc0ad2191ef6c658ae78edecc61d61f21da496bc
6d430df452ee14d78d289b7753736e2e6dfc1f018306cd2e36c5ef68e3cfd5f7
GET /hm.js?6cdc9a2253c9e58f82eb10fc564d352b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 15:57:05 GMT
Etag: 2d4006f20d0484e656a1ce6f2766b5eb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=49AC6378DF00CC6F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ttzytp3.com/upload/vod/20230202-1/9569244761f53431f82d6fc63cdd65a1.jpg
23.224.136.188200 OK 183 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/9569244761f53431f82d6fc63cdd65a1.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 183 kB (183446 bytes)
Hash 53b6c6e85f2710ba341d85976c6a931e
5ae4a80dca2fa90c31aee2af81360cdd26b35f99
f8f2c90cf06d6a9e2da8239b5500c0f03d67523740b412dc057b6172eb28800d
GET /upload/vod/20230202-1/9569244761f53431f82d6fc63cdd65a1.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: image/jpeg
Content-Length: 183446
Last-Modified: Thu, 02 Feb 2023 03:45:32 GMT
Connection: keep-alive
ETag: "63db31dc-2cc96"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash dc88ed976af68444da8e6fec2897c5e0
ca8fe53ae4b16dd14196973d50c91a9c20e4b613
740415ae7f7f8032851a6435cb06e8d83fc8310635b01f6d80b467b53b04c27d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 16:52:22 GMT
Expires: Thu, 09 Feb 2023 16:52:21 GMT
Etag: "ca8fe53ae4b16dd14196973d50c91a9c20e4b613"
Cache-Control: max-age=521114,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793c5c427f73b4fd-OSL
ttzytp3.com/upload/vod/20230202-1/ab9b3c328a0590c4b75633aa35619381.jpg
23.224.136.188200 OK 12 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/ab9b3c328a0590c4b75633aa35619381.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 25444d40ea6090a62070a7a8ca08a05c
410b12989aae7ddeef15edf42bedb25fec9d65a6
f49ff207c7974e7c2297d5d690bbcfd498816fcd19a6e85bee1b99491948c958
GET /upload/vod/20230202-1/ab9b3c328a0590c4b75633aa35619381.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 11961
Last-Modified: Thu, 02 Feb 2023 03:42:14 GMT
Connection: keep-alive
ETag: "63db3116-2eb9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230202-1/24ec5eb0c3e8fc91726c21d3ce2652cb.jpg
23.224.136.188200 OK 72 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/24ec5eb0c3e8fc91726c21d3ce2652cb.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 646x488, components 3\012- data
Hash 12e322a949b986cbba77962d9e2cd662
49c34a54ada75bf64ba6a90a90d68e54deb5a2ca
c7f4d783e56841450901105bbb6bbd8c2c9422a8782be8b4983d2111df9a5184
GET /upload/vod/20230202-1/24ec5eb0c3e8fc91726c21d3ce2652cb.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 71837
Last-Modified: Thu, 02 Feb 2023 03:42:14 GMT
Connection: keep-alive
ETag: "63db3116-1189d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230202-1/807d638a2a9d0700d6ea4cba8a9e44d9.jpg
23.224.136.188200 OK 19 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/807d638a2a9d0700d6ea4cba8a9e44d9.jpg
IP 23.224.136.188:0
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash 2d3030aeeb0792a155047bdaa16820d8
0269f676f2e8cd24deeebc0fc4fc3f558a101dff
6dc78acb721327658d8021d00f3d71c34d1010184299e175dcee878b8c0cc828
GET /upload/vod/20230202-1/807d638a2a9d0700d6ea4cba8a9e44d9.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 19155
Last-Modified: Thu, 02 Feb 2023 03:42:14 GMT
Connection: keep-alive
ETag: "63db3116-4ad3"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230202-1/d42685a0e29f8f8787b5e5e5fb7f818a.jpg
23.224.136.188200 OK 156 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/d42685a0e29f8f8787b5e5e5fb7f818a.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 156 kB (156144 bytes)
Hash bfc6ac9e20b34520ab0c3c77c83319d4
95812e69257c278284e3205fcf15f389185cbd2c
0e12e1f0000ed21f6cf81a9ce0377d3e31c776b48176b113895edeb6387820e3
GET /upload/vod/20230202-1/d42685a0e29f8f8787b5e5e5fb7f818a.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 156144
Last-Modified: Thu, 02 Feb 2023 03:42:30 GMT
Connection: keep-alive
ETag: "63db3126-261f0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
u1010.com/b80b68717e334bfcb8f9c35dec22678c.gif
45.61.212.133200 OK 347 kB URL HTTP/2 u1010.com/b80b68717e334bfcb8f9c35dec22678c.gif
IP 45.61.212.133:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 347 kB (347426 bytes)
Hash 9113d18ae855d227d6f10b05e4f6425e
5e9cafc7cb295afbdc9298fd7144f3125191b710
2e70e0d59d74220a307c094c2cf8b77ef905bf8ec8226e35f115632485aba973
GET /b80b68717e334bfcb8f9c35dec22678c.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63b563f5-54d22"
server: nginx
date: Fri, 03 Feb 2023 03:41:16 GMT
content-type: image/gif
last-modified: Wed, 04 Jan 2023 11:33:09 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us4-cdnb-03
content-length: 347426
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230202-1/8ebf0b8c220ac43a4bda882489f39eb0.jpg
23.224.136.188200 OK 178 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/8ebf0b8c220ac43a4bda882489f39eb0.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 178 kB (177724 bytes)
Hash af0e214e27134c4bbe3b723ea92c68b8
19ae01296878fce41a38b681a749738008a21f88
26522604ef71b3a11c7fe0e8380fc7d3524ece28270ad38cdccc6f10c5c9f1f6
GET /upload/vod/20230202-1/8ebf0b8c220ac43a4bda882489f39eb0.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 177724
Last-Modified: Thu, 02 Feb 2023 03:42:30 GMT
Connection: keep-alive
ETag: "63db3126-2b63c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230202-1/f63522b6803176c5e432b938b81a0170.jpg
23.224.136.188200 OK 130 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/f63522b6803176c5e432b938b81a0170.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1280x719, components 3\012- data
Size 130 kB (129504 bytes)
Hash e5b7b211c03848b358bb8d571c9051e5
cf4018553e015c37be42e25926284cf9f88ddab3
296098568b56018cb28721ca3714fca5e3f1b2e1cb98800a78f4690772c7c078
GET /upload/vod/20230202-1/f63522b6803176c5e432b938b81a0170.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 129504
Last-Modified: Thu, 02 Feb 2023 03:42:14 GMT
Connection: keep-alive
ETag: "63db3116-1f9e0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 15:50:04 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Sun, 05 Mar 2023 15:50:04 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
768guanggao.oss-cn-shenzhen.aliyuncs.com/vip80.gif
120.77.167.195200 OK 264 kB URL HTTP/1.1 768guanggao.oss-cn-shenzhen.aliyuncs.com/vip80.gif
IP 120.77.167.195:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /vip80.gif HTTP/1.1
Host: 768guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63DD2ED11A8321393102C302
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Thu, 08 Dec 2022 08:00:50 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 2
u1022.com/cf8c8be1fbe748b3ab05c1896bde8d0b.gif
103.170.15.53200 OK 275 kB URL HTTP/2 u1022.com/cf8c8be1fbe748b3ab05c1896bde8d0b.gif
IP 103.170.15.53:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 275 kB (275446 bytes)
Hash 70c0e3b780542b0ba8634822528674c1
18ff79341d6854d6c841618bc108233fb064b9c2
de2918f8ea0639a91d608b506207f16cc973559eb143eb711601ba50e14ef2bc
GET /cf8c8be1fbe748b3ab05c1896bde8d0b.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63bae198-433f6"
server: nginx
date: Thu, 02 Feb 2023 16:33:33 GMT
content-type: image/gif
last-modified: Sun, 08 Jan 2023 15:30:32 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-length: 275446
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1019078540&si=f60217089b1da6d1d44680872fcaac43&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37583&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1019078540&si=f60217089b1da6d1d44680872fcaac43&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37583&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1019078540&si=f60217089b1da6d1d44680872fcaac43&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37583&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 15:57:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B174F82F38C003F2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1069026432&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37583&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1069026432&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37583&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1069026432&si=6cdc9a2253c9e58f82eb10fc564d352b&su=http%3A%2F%2Fpky.ytmv5.top%2F&v=1.3.0&lv=1&sn=37583&r=0&ww=1252&u=http%3A%2F%2Fzu4.ytvw11.top%2F&tt=%E6%A8%B1%E6%A1%83%E7%A4%BE%E5%8C%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 15:57:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=AA86AE1976F543AD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ttzytp3.com/upload/vod/20230202-1/2b7f26f98b710f5524b8bcbc4612fce9.jpg
23.224.136.188200 OK 155 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/2b7f26f98b710f5524b8bcbc4612fce9.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 155 kB (155269 bytes)
Hash 6c38d54dde26454950a4c9276e9bdb20
7c25672a79582490f5cf57eadb362687d19ff663
9a8257eae110f38d2ebff38eaf56d181c26273e26c654e482368c1e8907eb42d
GET /upload/vod/20230202-1/2b7f26f98b710f5524b8bcbc4612fce9.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 155269
Last-Modified: Thu, 02 Feb 2023 03:42:45 GMT
Connection: keep-alive
ETag: "63db3135-25e85"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230202-1/53842b7e938c197aa6800f49a1d578b2.jpg
23.224.136.188200 OK 187 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/53842b7e938c197aa6800f49a1d578b2.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 187 kB (186941 bytes)
Hash ee2ed189c6505711ea1f42e6391f1837
5fcfee68e556bfa21eb2710630de3e297a968e35
10b7e080ffb77a9d675cffb1b40c41146d596b0cf9f30de799637be79d270cb7
GET /upload/vod/20230202-1/53842b7e938c197aa6800f49a1d578b2.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 186941
Last-Modified: Thu, 02 Feb 2023 03:42:45 GMT
Connection: keep-alive
ETag: "63db3135-2da3d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
u1077.com/d4fd5995061e4d0591810a5a215c050e.gif
45.61.212.169200 OK 50 kB URL HTTP/2 u1077.com/d4fd5995061e4d0591810a5a215c050e.gif
IP 45.61.212.169:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 75e4620e76c97c5c19eef7a4d255b2f4
8356629a1f461942a1d23030ea3e1092707eeb62
3338318141a22d332902d08827f22af6fa9381b5697423d0c33435dd4a1b85e7
GET /d4fd5995061e4d0591810a5a215c050e.gif HTTP/1.1
Host: u1077.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "639ca276-c2e6"
server: nginx
date: Thu, 02 Feb 2023 05:31:56 GMT
content-type: image/gif
last-modified: Fri, 16 Dec 2022 16:53:10 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-09
content-length: 49894
X-Firefox-Spdy: h2
ttzytp3.com/upload/vod/20230202-1/9396e786fd5f664f5422ad1cd8759dc6.jpg
23.224.136.188200 OK 200 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/9396e786fd5f664f5422ad1cd8759dc6.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 200 kB (200180 bytes)
Hash b60e7c7987a7424b061f18ba9f3574a2
28b617f6e6099db636dc20b61c017daf49d9dad8
e6420d63b882f4f79758e65d65a8ef256d0c2f136b8db4982c979a64f3b68cdf
GET /upload/vod/20230202-1/9396e786fd5f664f5422ad1cd8759dc6.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 200180
Last-Modified: Thu, 02 Feb 2023 03:42:22 GMT
Connection: keep-alive
ETag: "63db311e-30df4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ttzytp3.com/upload/vod/20230202-1/fed2072cc3ba6287a759b50ef6c069ce.jpg
23.224.136.188200 OK 174 kB URL HTTP/1.1 ttzytp3.com/upload/vod/20230202-1/fed2072cc3ba6287a759b50ef6c069ce.jpg
IP 23.224.136.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 174 kB (173614 bytes)
Hash 7dd0d48970eb226f53c1e2021c96ae9e
057f7038316f99c76c63c6a2196a7d4568874a16
a28fd9d2b37c7d42d7f5a6a1f54c22b90e37bba0986208640f968d80d7d54ad2
GET /upload/vod/20230202-1/fed2072cc3ba6287a759b50ef6c069ce.jpg HTTP/1.1
Host: ttzytp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 03 Feb 2023 15:57:06 GMT
Content-Type: image/jpeg
Content-Length: 173614
Last-Modified: Thu, 02 Feb 2023 03:42:22 GMT
Connection: keep-alive
ETag: "63db311e-2a62e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.4200 OK 300 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.4:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 300 kB (299985 bytes)
Hash 5d7118c19a9bd8ff78641a72cb481144
5cf8f1709330929db0f38141e5e18518a2ddcb12
ebd1f7b5795943f0b6e779047bfd82e03c020056e9ae9f4a4f8b400d3835cd85
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 03 Feb 2023 15:57:05 GMT
Content-Type: image/gif
Content-Length: 299985
Connection: keep-alive
x-oss-request-id: 63DD2ED19DB57838337457AA
Accept-Ranges: bytes
ETag: "5D7118C19A9BD8FF78641A72CB481144"
Last-Modified: Tue, 10 Jan 2023 09:27:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5878332609690177558
x-oss-storage-class: Standard
x-oss-version-id: CAEQRhiBgIDwy4PsrBgiIGVlOTJjOGM4NTBkZDQ5NTBhMzAzYjhiYTJjYjQ0NTI5
Content-MD5: XXEYwZqb2P94ZBpyy0gRRA==
x-oss-server-time: 2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 59044bc787d77194c82fbf9a6f6a643a
d13ed36c00fd607b3497881ebf98273a1a4d21ae
abafd0c191fe7be0ddb3c3d0cbc5693ce8a19d5702b6c6d088173a27dd00e4be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6482
Cache-Control: max-age=114368
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 15:57:07 GMT
Etag: "63dc3141-2d7"
Expires: Sat, 04 Feb 2023 23:43:15 GMT
Last-Modified: Thu, 02 Feb 2023 21:55:13 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 727
img.8918a.com/images/63db5350fafc29be01e61930.gif
3.36.126.81302 Found 556 kB URL HTTP/2 img.8918a.com/images/63db5350fafc29be01e61930.gif
IP 3.36.126.81:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 556 kB (555734 bytes)
Hash e94d9f80b2f1fcecc69bd8d783927ddf
34def060cb6f1f42bb22ffaa2ca1b94922a9de49
d6d323b4039afb9f7d520b2b488aaba325f3d7e7a60307e5b65735b9f3804ee2
GET /images/63db5350fafc29be01e61930.gif HTTP/1.1
Host: img.8918a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/1d78ba44ed7c4eee834c7efe4ba95e73
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/Q3auHgzwzM7lfibDibZw1dnZN1RFUI5icVRDSA0IJthupzY375OwGysHrxt2ibbYUn6G/0
43.129.255.47200 OK 296 kB URL HTTP/2 p.qlogo.cn/qqmail_head/Q3auHgzwzM7lfibDibZw1dnZN1RFUI5icVRDSA0IJthupzY375OwGysHrxt2ibbYUn6G/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 80\012- data
Size 296 kB (295554 bytes)
Hash a393a279f65bdb6224cbb79330eddf3d
47f8a4401ffe15302af4ce318f0a9e9f8c81ec88
1a19e958b7bd8f4defb5e7376dd310c9d69d672deb2265bb36c762f578e61cb8
GET /qqmail_head/Q3auHgzwzM7lfibDibZw1dnZN1RFUI5icVRDSA0IJthupzY375OwGysHrxt2ibbYUn6G/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 03 Feb 2023 15:57:05 GMT
content-type: image/gif
content-length: 295554
vary: Accept,Origin
last-modified: Fri, 20 Jan 2023 12:51:08 GMT
cache-control: max-age=2592000
x-delay: 39567 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 295554
chid: 0
fid: 0
x-nws-log-uuid: 50f758bb-7dcf-43b7-ad45-9f73de625255
X-Firefox-Spdy: h2
8861267ccc.com/8eeb133350ee425098bf6e527694160d.gif
103.170.15.75200 OK 837 kB URL HTTP/1.1 8861267ccc.com/8eeb133350ee425098bf6e527694160d.gif
IP 103.170.15.75:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 837 kB (837008 bytes)
Hash 584c3e9b6c2fd77fbb6885fa31881b67
827d9c49b8315888c220f34ee366ed694569f32e
d97ecf8f032827472d136c190f837c6fdc9bccdee52788dc6055bd7faf973030
GET /8eeb133350ee425098bf6e527694160d.gif HTTP/1.1
Host: 8861267ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63d4d330-cc590"
Date: Sat, 28 Jan 2023 11:33:08 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 28 Jan 2023 07:48:00 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 837008
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5b34100eff5c3cdff1dc740fbf083371
01cd0fe4a7d983a970105b4395dfe0cb9c5ba011
d13155c2787e17e18c16ed2a671df1ad1520071bd94303b5c7b8e8db657cac89
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 15:30:37 GMT
ETag: "01cd0fe4a7d983a970105b4395dfe0cb9c5ba011"
Last-Modified: Fri, 03 Feb 2023 15:30:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793c5c4abb1dfab4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5b34100eff5c3cdff1dc740fbf083371
01cd0fe4a7d983a970105b4395dfe0cb9c5ba011
d13155c2787e17e18c16ed2a671df1ad1520071bd94303b5c7b8e8db657cac89
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 15:30:37 GMT
ETag: "01cd0fe4a7d983a970105b4395dfe0cb9c5ba011"
Last-Modified: Fri, 03 Feb 2023 15:30:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793c5c4adb61fac0-OSL
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash be64ae331ee1b32ba2a64c5bc93b45a1
259a0566695fba8ad1e5af228da4ff3f8ce7605f
8dda2d27e82e1efd36936b0740557065e941b532e8cabbacc6b3041663fdbd1f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 03 Feb 2023 15:34:12 GMT
last-modified: Wed, 01 Feb 2023 20:07:08 GMT
expires: Wed, 08 Feb 2023 20:07:07 GMT
etag: "259a0566695fba8ad1e5af228da4ff3f8ce7605f"
cache-control: max-age=599329,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb6
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 793c3ab8fd9d35f8-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675438452
via: cache25.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0], cache2.se1[3,0]
age: 1376
x-cache: HIT TCP_MEM_HIT dirn:2:453968982
x-swift-savetime: Fri, 03 Feb 2023 15:34:23 GMT
x-swift-cachetime: 1789
timing-allow-origin: *, *
eagleid: 2ff62c9616754398280115643e, 2ff62c9616754398280115643e
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5b34100eff5c3cdff1dc740fbf083371
01cd0fe4a7d983a970105b4395dfe0cb9c5ba011
d13155c2787e17e18c16ed2a671df1ad1520071bd94303b5c7b8e8db657cac89
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 15:57:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 15:30:37 GMT
ETag: "01cd0fe4a7d983a970105b4395dfe0cb9c5ba011"
Last-Modified: Fri, 03 Feb 2023 15:30:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793c5c4aeaf2b4fd-OSL
imgsrc.baidu.com/super/pic/item/5266d0160924ab18dd4485f270fae6cd7a890ba0.jpg
104.193.88.109200 OK 0 B URL HTTP/1.1 imgsrc.baidu.com/super/pic/item/5266d0160924ab18dd4485f270fae6cd7a890ba0.jpg
IP 104.193.88.109:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /super/pic/item/5266d0160924ab18dd4485f270fae6cd7a890ba0.jpg HTTP/1.1
Host: imgsrc.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zu4.ytvw11.top/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 03 Feb 2023 15:57:07 GMT
Content-Type: image/gif
Content-Length: 196656
Connection: close
Access-Control-Allow-Origin: *
Etag: dcf1803214d0b363ae68f4b8337ad429
Expires: Sun, 05 Mar 2023 15:57:07 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT