38.34.178.136 0 B IP 38.34.178.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: whitewall.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 07 May 2024 06:14:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.whitewall.top/
38.34.178.136 609 B IP 38.34.178.136:0
File type HTML document, ISO-8859 text, with very long lines (884), with CRLF line terminators
Hash e63446ec72569fc380bfa169dc8b6e2a
a489c309d64fbc70269a7c7ab46f28d78db76440
5f17b722cd108ab98f7e0896095b2d15dd14a527fe97e1ea20fa1e22f26384c5
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.whitewall.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 06:14:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.whitewall.top/common.js
38.34.178.136200 OK 735 B URL GET HTTP/1.1 www.whitewall.top/common.js
IP 38.34.178.136:80
Requested by http://www.whitewall.top/
File type JavaScript source, ASCII text, with very long lines (443), with CRLF line terminators
Hash 4c8bd2cd7e3ce1dba9f9bf7b89cb1a1d
a38b34b6eb60dfbc7b77d97b684d9de345f679e4
d710018c9c4d63455eee84bec2c34d5085fdf7a95f3316e80e840efece321fc5
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /common.js HTTP/1.1
Host: www.whitewall.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.whitewall.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 06:14:47 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.whitewall.top/tj.js
38.34.178.136200 OK 814 B IP 38.34.178.136:80
Requested by http://www.whitewall.top/
File type JavaScript source, ASCII text, with very long lines (554), with CRLF line terminators
Hash 9c145f9ac36e507aa38ecc80031c9532
c403339e0ddcdc3024dfbf3240e29e02c6d7ca0c
d293694b9ebd1744639c689c5619b5a819aa870e46b58a2f3aa3b616f1ad6c84
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /tj.js HTTP/1.1
Host: www.whitewall.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.whitewall.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 06:14:47 GMT
Content-Type: application/x-javascript
Content-Length: 814
Connection: keep-alive
www.whitewall.top/favicon.ico
38.34.178.136200 OK 1.2 kB URL GET HTTP/1.1 www.whitewall.top/favicon.ico
IP 38.34.178.136:80
Requested by http://www.whitewall.top/
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.whitewall.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.whitewall.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 06:14:48 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 12 May 2024 06:14:48 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
sdk.51.la/js-sdk-pro.min.js
47.246.44.240200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.240:80
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by http://www.whitewall.top/
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.whitewall.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Mon, 06 May 2024 10:11:17 GMT
x-oss-request-id: 6638ACC52A75193730E0DF2D
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1714990277
Via: cache15.l2de2[0,0,304-0,H], cache26.l2de2[1,0], ens-cache18.se2[0,0,200-0,H], ens-cache15.se2[0,0]
Vary: Accept-Encoding
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 72222
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Mon, 06 May 2024 10:11:19 GMT
X-Swift-CacheTime: 1295998
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62ca317150624996467016e
hm.baidu.com/hm.js?0b997391f530b51366ad692d54a90054
111.45.11.83200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?0b997391f530b51366ad692d54a90054
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by http://www.whitewall.top/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (616)
Hash 2a68cddcf68d61af99d73a7bfb2927cb
a368bafed5ad819bacf3cb01c4310bb89e5dbc27
867682f08613f22666e81b17e0151f26d011a24de28629524e7b58a6a8a3e4a1
GET /hm.js?0b997391f530b51366ad692d54a90054 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.whitewall.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 07 May 2024 06:14:59 GMT
Etag: 0df8a549f9583ae80694fbe6bbfc2172
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9D87C33F14EF13D3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
172.247.170.142200 OK 24 kB URL GET HTTP/1.1 9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
IP 172.247.170.142:443
Requested by http://www.whitewall.top/
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type HTML document, ASCII text, with very long lines (943), with CRLF, LF line terminators
Hash 84f1e63efb09884809f5ed060ad57e15
8c08023c0d90584a954b74b9d0879ec6b7b74028
6da6163491d1eb4e5f31e00280f15b8787287f239843856030d8b320938d1d74
GET /rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.whitewall.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:14:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 18:19:13 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6690
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3mTJxM48dTsZHBuCM6bqgeYmP0%2FZnmIY46WYHTykyXpdvv51xNvZV5IIxUoVxm%2FTZoQVHrISy3%2B71P4zY575lzQbtR5YMwt3eUWfnBrN0yaVykPsl274iyxAc4dGqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fd34974e36311c-LAX
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/static/font/iconfont.css?v=1715019514
172.247.170.142200 OK 1.1 kB URL GET HTTP/1.1 9n6s.xyz/static/font/iconfont.css?v=1715019514
IP 172.247.170.142:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
Hash a17f871478685b92195842a4db8bd22e
b11bde93bb87b2498459eef1a8b8971c3b1ae6f2
1d5a19546b47227cac00ccca55e6b6282f4ae223e7dc084414371ccb6fbf0393
GET /static/font/iconfont.css?v=1715019514 HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:07:59 GMT
Vary: Accept-Encoding
ETag: W/"661fe5cf-11b1"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1061
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtMjp7K4nnwHDHx24ZjpQtSqQtij0WBl3S2SNvlK9VBT1z1UT5sbbNZ%2FHoQTnPSly8EKi1L5kSXKt%2FBmvjpwL9XFPa1EyWiScfTj%2FjyJul%2Fp5hltUFchU6lD8dBiUg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb1f627f6d2b51-LAX
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=526591797&si=0b997391f530b51366ad692d54a90054&v=1.3.0&lv=1&sn=11550&r=0&ww=1280&u=http%3A%2F%2Fwww.whitewall.top%2F&tt=%E8%A1%A1%E6%B0%B4%E5%AD%94%E6%99%AE%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E8%B4%A3%E4%BB%BB%E5%85%AC%E5%8F%B8
111.45.11.83200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=526591797&si=0b997391f530b51366ad692d54a90054&v=1.3.0&lv=1&sn=11550&r=0&ww=1280&u=http%3A%2F%2Fwww.whitewall.top%2F&tt=%E8%A1%A1%E6%B0%B4%E5%AD%94%E6%99%AE%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E8%B4%A3%E4%BB%BB%E5%85%AC%E5%8F%B8
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by http://www.whitewall.top/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=526591797&si=0b997391f530b51366ad692d54a90054&v=1.3.0&lv=1&sn=11550&r=0&ww=1280&u=http%3A%2F%2Fwww.whitewall.top%2F&tt=%E8%A1%A1%E6%B0%B4%E5%AD%94%E6%99%AE%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E8%B4%A3%E4%BB%BB%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.whitewall.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 06:15:00 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0C651D544571B60F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
collect-v6.51.la/v6/collect?dt=4
203.107.86.226200 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://www.whitewall.top/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 409
Origin: http://www.whitewall.top
DNT: 1
Connection: keep-alive
Referer: http://www.whitewall.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Tue, 07 May 2024 06:15:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=b63306e39256c06e8d66971372c9724bef9f6c0104d0c36c020bf71aab24dae3; Path=/; HttpOnly
acw_tc=ac11000117150625003224648ea3259c51b9ab4e6791b557b879e3f9919ee3;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.whitewall.top
Access-Control-Allow-Credentials: true
9n6s.xyz/static/css/main.css?id=e9fed206503782bdc7035c0b3b9bbcb4
172.247.170.142200 OK 41 kB URL GET HTTP/1.1 9n6s.xyz/static/css/main.css?id=e9fed206503782bdc7035c0b3b9bbcb4
IP 172.247.170.142:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type Unicode text, UTF-8 text, with very long lines (65244), with no line terminators
Hash f5566ef94cbe43ca898099f0e315f29f
b6857c33a9b29787ed3d7d89b3cddb68ad025139
58dc71c1f94c73112989e59cf42edd8082e77bf7e75ae3ce4fa1ed3de726c540
GET /static/css/main.css?id=e9fed206503782bdc7035c0b3b9bbcb4 HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:08:03 GMT
Vary: Accept-Encoding
ETag: W/"661fe5d3-342a4"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1042
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BNq%2BHp%2BGG3%2B4qTZWBgE07r2%2BPN92hLMfKtaXWE5CWhckg0c46%2BNCl6zOIJW4wTQaC2yw0MY%2Bmu1asrAPcX%2FS6q2MJ6jObYfs5emF1RR56NfkLqKdXwwDZ3cfMOhzw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb1f652b252b51-LAX
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
hm.baidu.com/hm.js?212f82bbc0f7ab4bd2e6c0aa14d68287
111.45.11.83200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?212f82bbc0f7ab4bd2e6c0aa14d68287
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (625)
Hash f57c4ba8345b4ae909a95d96846d4fcc
3974534f2d46aee38c3ecdc4845e838146676319
94230419d84b5f34ee0ada09c4b730030e7b3fefb84c1b64388bc8c8f0fe0af2
GET /hm.js?212f82bbc0f7ab4bd2e6c0aa14d68287 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11263
Content-Type: application/javascript
Date: Tue, 07 May 2024 06:15:00 GMT
Etag: a56f9e2296967053723f8a6b3fa4b41e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5F1F844B5F3EACC3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
9n6s.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
103.19.191.89200 OK 655 B URL GET HTTP/1.1 9n6s.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type JavaScript source, ASCII text, with very long lines (1238)
Hash 9e8f56e8e1806253ba01a95cfc3d392c
a8af90d7482e1e99d03de6bf88fed2315c5dd728
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 15:20:25 GMT
ETag: W/"66310c39-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0w5PpwYAOmiYP0J6UB5MS%2BZbQyZ33y22sFeli3gXd0U66SLPWKD2ZxblkDEM7UBCcO6JsD04K5PX%2F5YLluCcucmOXr%2Br3UKXbZovPwTiX%2BNS%2F5xFQLlyyF60EIXLA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
CF-RAY: 87fb2abd3e8204c7-HKG
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 08 May 2024 18:52:21 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/plugin/layer/layer.js
103.19.191.89200 OK 1.5 kB URL GET HTTP/1.1 9n6s.xyz/plugin/layer/layer.js
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (2939)
Hash 5cd64e8e03e79afc04604b269b7ac135
b3127f426cf505c87eebcdb12aa22a77a89ae86d
6d52c70a965318389996695f6a597a1052197d3528eb3c8c06367bf440d16804
GET /plugin/layer/layer.js HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 10 Jan 2024 10:04:40 GMT
Vary: Accept-Encoding
ETag: W/"659e6bb8-be0"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1519
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CvAwJ3ikZAHRylwDjQyK9IhLBCI1JLbLr6cqncFSaEXv55N6kPDKy6wVLDLzCW29uoI9cgPO4sl7wLRDF7hmufsQympPpWy7oJBp5WM9W0hAYsYDC9y11uPSE67fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb2abd3bf784f3-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/siteConfig/free.js?v=1715019514
172.247.170.142200 OK 253 kB URL GET HTTP/1.1 9n6s.xyz/siteConfig/free.js?v=1715019514
IP 172.247.170.142:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 253 kB (252791 bytes)
Hash f2d1486a3c70a2a88ec7e25b87336244
eb0dd6284dae4badfb2a2ec47fc06e4a6d071d88
808746555c4a1f88e99400e5ad8088ee7e16bd1cc50a897aff2b261abf8baf78
GET /siteConfig/free.js?v=1715019514 HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 18:18:32 GMT
Vary: Accept-Encoding
ETag: W/"66391ef8-4fcda"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1060
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ys49RbkRWCXBUVjzFKkiYqiD3HA30myd3Jau78qj4p0DO2rf90f1m1KEa7EgU9rJ3Nky12CGNThe2SeYDMuwmqNha%2FLEk8PYFs79Xu0uC7RWn1C5W8CQsTd6qk%2F%2F7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb1f83cd4b2b51-LAX
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/plugin/base64.min.js
103.19.191.89200 OK 2.1 kB URL GET HTTP/1.1 9n6s.xyz/plugin/base64.min.js
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type JavaScript source, ASCII text, with very long lines (4802)
Hash d39810f112e1854b48eccf617b13ce42
b4002830ff104a839428168cb968833867fcc22f
8596adfd068f2ae2f74eb18cb94097a62ba423b75f5074555b820eb4619ec610
GET /plugin/base64.min.js HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 10 Jan 2024 10:04:40 GMT
Vary: Accept-Encoding
ETag: W/"659e6bb8-13a8"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1495
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YOCweCdNbRWhCU9T%2FilB3VUj5IsRUvlId3cwpAyhv6wK5%2BwxWlAMSNq1%2FUlyOEibs8q6nGjVX1xJ2TB%2BmQq%2Bnlzm4LQ66agxUsjDtPGWnEFGalisIN7BmdRrYW92BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb2abd398184f1-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1395963639&si=212f82bbc0f7ab4bd2e6c0aa14d68287&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11551&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
111.45.11.83200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1395963639&si=212f82bbc0f7ab4bd2e6c0aa14d68287&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11551&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1395963639&si=212f82bbc0f7ab4bd2e6c0aa14d68287&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11551&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 06:15:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=297FBD38628E47EB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
9n6s.xyz/static/font/iconfont.woff2?t=1691161820291
172.247.170.142200 OK 14 kB URL GET HTTP/1.1 9n6s.xyz/static/font/iconfont.woff2?t=1691161820291
IP 172.247.170.142:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type Web Open Font Format (Version 2), TrueType, length 14252, version 1.0
Hash bac7086648d56e73bcf7aab3122f0e0a
fc78ed11a3e49c9a7a348a2f10ed5e2910f3fb18
e7d3fbba3cb54f0a212fb93f4c0ad8d1eddb8080aa1a97300f39b5e3f3e5b8c0
GET /static/font/iconfont.woff2?t=1691161820291 HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/static/font/iconfont.css?v=1715019514
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: font/woff2
Content-Length: 14252
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:07:59 GMT
ETag: "661fe5cf-37ac"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1501
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAQDag0wFTnn3NR2rUrUDLPPIF9sDL97eb0ph4Aen0bwg1Dz8tpSywnZZ%2BuRqtVl%2BRF09JukZu5rYYk3iwFgKtjPpecGyCKjPoVPzvvFIzrWfgi6yshvU3VzsTQRVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
CF-RAY: 87fb2af808ec0fe3-LAX
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
Accept-Ranges: bytes
static.tigerbbs.com/5a6003f011147ad69a2fdf725cc738a2
47.246.44.238200 OK 104 kB URL GET HTTP/2 static.tigerbbs.com/5a6003f011147ad69a2fdf725cc738a2
IP 47.246.44.238:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerDigiCert Inc
Subject*.tigerbbs.com
Fingerprint30:7A:26:1C:98:DA:10:19:50:7E:FE:45:00:00:24:0C:9B:1F:14:41
ValidityMon, 07 Aug 2023 00:00:00 GMT - Fri, 23 Aug 2024 23:59:59 GMT
File type GIF image data, version 89a, 1023 x 160
Size 104 kB (104414 bytes)
Hash 5a6003f011147ad69a2fdf725cc738a2
6ebc5f496fcc872e4a290f47ee9a1833bfc730fe
51eac0ac8a567b63a9c7c7fa28cd5e41dfc52345cb7545e8981c51dfc7d2eadc
GET /5a6003f011147ad69a2fdf725cc738a2 HTTP/1.1
Host: static.tigerbbs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 104414
date: Tue, 30 Apr 2024 09:55:14 GMT
x-oss-request-id: 6630C0015E8AFF3333B463A6
x-oss-cdn-auth: success
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
content-md5: WmAD8BEUetaaL99yXMc4og==
x-oss-server-time: 3
ali-swift-global-savetime: 1714470914
via: cache12.l2fr1[0,0,304-0,H], cache13.l2fr1[1,0], ens-cache17.se2[0,0,200-0,H], ens-cache17.se2[1,0]
etag: "5A6003F011147AD69A2FDF725CC738A2"
last-modified: Fri, 17 Nov 2023 10:32:56 GMT
x-oss-hash-crc64ecma: 11747459827446531225
age: 591587
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 01 May 2024 05:46:05 GMT
x-swift-cachetime: 792549
access-control-allow-methods: GET
cache-control: 864000
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62ca517150625013628632e
X-Firefox-Spdy: h2
ig36.com/img/776hgtb.gif.txt
23.224.41.205 28 kB URL GET ig36.com/img/776hgtb.gif.txt
IP 23.224.41.205:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectig36.com
Fingerprint6F:4F:9A:47:3F:EA:6D:DA:DB:6E:FB:EB:41:B2:48:7D:87:89:D8:E5
ValidityMon, 18 Mar 2024 09:23:20 GMT - Sun, 16 Jun 2024 09:23:19 GMT
File type GIF image data, version 89a, 100 x 100
Hash ed97e7eb852fceae6be54528519ed5c1
dd630861e4e139e1b4917b1ef592a63efcea7ff0
cff97954912cc195d68335583bd04f9db2a1916bccf78937a77eeb757fc6f77a
GET /img/776hgtb.gif.txt HTTP/1.1
Host: ig36.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 09:34:00 GMT
Vary: Accept-Encoding
ETag: W/"661f9788-ef99"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
ig36.com/img/776wcttb.gif.txt
23.224.41.205 25 kB URL GET ig36.com/img/776wcttb.gif.txt
IP 23.224.41.205:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectig36.com
Fingerprint6F:4F:9A:47:3F:EA:6D:DA:DB:6E:FB:EB:41:B2:48:7D:87:89:D8:E5
ValidityMon, 18 Mar 2024 09:23:20 GMT - Sun, 16 Jun 2024 09:23:19 GMT
File type GIF image data, version 89a, 100 x 100
Hash 10f5c4cae76f3f565395adf6b02c0f63
f5286f9cd5ccf19a809af5442571dcdb47e2df18
a4ed8ca2724584ab094d73d0d577502858b345d7e309acaff5e24a47dc0f7132
GET /img/776wcttb.gif.txt HTTP/1.1
Host: ig36.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 09:34:06 GMT
Vary: Accept-Encoding
ETag: W/"661f978e-e115"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/siteConfig/notBack.js?v=1715019514
103.19.191.89200 OK 1.7 kB URL GET HTTP/1.1 9n6s.xyz/siteConfig/notBack.js?v=1715019514
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (3802), with no line terminators
Hash facdd806a3708bef3184bf2fc2bf1adb
6654b2a0c4709124a781d23137914238a426d129
734abc3a7d9c6d7f0c9c08b6c15f6b11832c1cbe0cbe1679f8d36d3861e6900c
GET /siteConfig/notBack.js?v=1715019514 HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:07:23 GMT
Vary: Accept-Encoding
ETag: W/"661fe5ab-efe"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1421
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53X4wVACWVz2JKvELHliZwP9P0mCYQr%2B8ejCfQ3iaS3sOhLyvYvZ0GoBkft%2BgxP5wzrdYRpbSrxOaYLpg%2F5K1OC6BC3YpWaxpXFMuDml4rVFdRGsXBysUw%2BV65emaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb2abf2f9f04c7-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
ig36.com/img/776qptb.gif.txt
23.224.41.205 32 kB URL GET ig36.com/img/776qptb.gif.txt
IP 23.224.41.205:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectig36.com
Fingerprint6F:4F:9A:47:3F:EA:6D:DA:DB:6E:FB:EB:41:B2:48:7D:87:89:D8:E5
ValidityMon, 18 Mar 2024 09:23:20 GMT - Sun, 16 Jun 2024 09:23:19 GMT
File type GIF image data, version 89a, 100 x 100
Hash 2788b45c478d61481de90781f84b5c7f
ee6c324cd226438993b2d261fc43da2ef52d7948
f47a3ea23d7b80fa8035d6da1de34cc1a43f05e5d273a8cc8d2ec58a747faf0b
GET /img/776qptb.gif.txt HTTP/1.1
Host: ig36.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 09:34:05 GMT
Vary: Accept-Encoding
ETag: W/"661f978d-11f56"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/plugin/crypto-js/crypto-js.min.js
103.19.191.89200 OK 18 kB URL GET HTTP/1.1 9n6s.xyz/plugin/crypto-js/crypto-js.min.js
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type JavaScript source, ASCII text, with very long lines (48292), with no line terminators
Hash 6a3da2523348261400a9b139c0c666f9
acc8c5736dee9de52b90fc98c1796778214c3077
6d0cf30d6a88e413af90d6e8cebd8ae37fa125bd2f04d39126019dc3174ab820
GET /plugin/crypto-js/crypto-js.min.js HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 10 Jan 2024 10:04:40 GMT
Vary: Accept-Encoding
ETag: W/"659e6bb8-bca4"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1518
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUQsAlDV3egEdRBxFQO4L6Y1ialzF6YiYTI1usEkj4T31ObWY87ISC%2FMx8%2Bd79vKT0sVQTpi5L7FCLS%2BsboBj3nujOBSbrNvVKNe%2BTdKZ03gfsvNsMbSpejEgYghOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb2abd3e8b04c7-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/config/img/video.webp?v=6024
103.19.191.89200 OK 4.0 kB URL GET HTTP/1.1 9n6s.xyz/config/img/video.webp?v=6024
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 230x150, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 3ee7f77f9bc4ddc21b9c44f7b32b6042
e0a1bf07f92ddcd1bcf9d0207fbb4c1d05e48666
5464db622cb1d3761bb1f9601f3fa10d4e9dbf19226dcc657393859f601b4d34
GET /config/img/video.webp?v=6024 HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: image/webp
Content-Length: 3998
Connection: keep-alive
Last-Modified: Mon, 20 Nov 2023 17:06:53 GMT
ETag: "655b922d-f9e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1261
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4DMviqnCZDRFtwoHI0O7HfnFd9JsN%2BW2sADFC2LYrxTuEgi3%2BKnQOqaKJfjAI1t6kj0usy2DqfV6rqYoYw23%2Bb18Zb9rp%2Bjio4U5WU8cDQWQswhJbBflvUqKeu2%2BzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb24698ecc8604-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
Accept-Ranges: bytes
9n6s.xyz/static/img/Snipaste_2022-05-31_17-17-24.jpg
172.247.170.142200 OK 16 kB URL GET HTTP/1.1 9n6s.xyz/static/img/Snipaste_2022-05-31_17-17-24.jpg
IP 172.247.170.142:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, comment: "Software: Snipaste", baseline, precision 8, 386x156, components 3
Hash 980e470e8f058da27f4ec8e70dc267df
e873f50de29ccf171dec7c27c9742ca337e3fada
c4f4aa41c515d92e818e1f3f0a81780dbdeb22950ab9f45490d5bdf379187fc2
GET /static/img/Snipaste_2022-05-31_17-17-24.jpg HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: image/jpeg
Content-Length: 15810
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:07:59 GMT
ETag: "661fe5cf-3dc2"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3527
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FLMLSSe8ssX8QXKwkEoFTdznaQld2HQ2B0NTSrM9zbuSyKj5W8%2Bnhp4E%2BOKqQOa%2BqO%2F5pcBnbNH1Yfc0%2FqwnoFxdIXhgBT8qxi9Hv%2Fe4UHWpE8CUILq0ICjRRRaOqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fed4388e580d54-LAX
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
Accept-Ranges: bytes
9n6s.xyz/siteConfig/configuration.js?v=1715019514
103.19.191.89200 OK 34 kB URL GET HTTP/1.1 9n6s.xyz/siteConfig/configuration.js?v=1715019514
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type ASCII text, with very long lines (43911)
Hash dfb5d46221b8e772d7657f20368ad584
58491ebd3374e41ba9f984f19965d368af7a35ba
6dbe6ea9523d5f462534a199c4296b331564465d12f11db88d0fbd7af4eae8e1
GET /siteConfig/configuration.js?v=1715019514 HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 20 Apr 2024 17:20:02 GMT
Vary: Accept-Encoding
ETag: W/"6623f942-abc8"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1460
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7YOhmHQHRULyf8Q4ZeUhlwL%2FDAn1mZr2YwJ9OOX1gOYfQCpp5%2BZNcE6QbHW5sQXvMwdV99HntCTSQfdbSeagX%2FXfrLlVoR9JuxJQiku04sc6ysEzODayH79WUNtgw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb2abd6e9a04c7-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
ig36.com/img/776Gtyctb.gif.txt
23.224.41.205 35 kB URL GET ig36.com/img/776Gtyctb.gif.txt
IP 23.224.41.205:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectig36.com
Fingerprint6F:4F:9A:47:3F:EA:6D:DA:DB:6E:FB:EB:41:B2:48:7D:87:89:D8:E5
ValidityMon, 18 Mar 2024 09:23:20 GMT - Sun, 16 Jun 2024 09:23:19 GMT
File type GIF image data, version 89a, 100 x 100
Hash d18ed8bb5f9ce5f368b35863b003706d
489354b56b6cdcaec0b4d0314fee0813b7fe378d
2ca118156b4542e1aada8505a904b34b21484ac95ff4255054f4c0564c822d7e
GET /img/776Gtyctb.gif.txt HTTP/1.1
Host: ig36.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 09:55:52 GMT
Vary: Accept-Encoding
ETag: W/"661f9ca8-adf4"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
zerossl.ocsp.sectigo.com/
172.64.149.23 728 B URL zerossl.ocsp.sectigo.com/
IP 172.64.149.23:0
Hash ec1eb20300d384da1a3e6c97f4eec8e9
ffdf3430e50fd674aa9530146e7ed6fdd537878c
a03a6cecafd5c0692d16d0a020f06a25b9eac9d1a408ecd18c80a45ce3983a8c
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 21:33:06 GMT
Expires: Mon, 13 May 2024 21:33:05 GMT
Etag: "ffdf3430e50fd674aa9530146e7ed6fdd537878c"
Cache-Control: max-age=572883,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87ff12ba1971b515-OSL
ig36.com/img/776Gyhtb.gif.txt
23.224.41.205 27 kB URL GET ig36.com/img/776Gyhtb.gif.txt
IP 23.224.41.205:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectig36.com
Fingerprint6F:4F:9A:47:3F:EA:6D:DA:DB:6E:FB:EB:41:B2:48:7D:87:89:D8:E5
ValidityMon, 18 Mar 2024 09:23:20 GMT - Sun, 16 Jun 2024 09:23:19 GMT
File type GIF image data, version 89a, 100 x 100
Hash e8ba93ee7cfc7adcef15cf7668ba50cf
72f63b61429b611b87147a8c73b427e98c34be2d
0f1fe54978f0b33fbb27aebde63fa5ae7b280b507b6fbf6e31ff66c5a605ed62
GET /img/776Gyhtb.gif.txt HTTP/1.1
Host: ig36.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 09:33:59 GMT
Vary: Accept-Encoding
ETag: W/"661f9787-9a09"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/static/img/Snipaste_2022-05-31_17-17-51.jpg
172.247.170.142200 OK 13 kB URL GET HTTP/1.1 9n6s.xyz/static/img/Snipaste_2022-05-31_17-17-51.jpg
IP 172.247.170.142:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, comment: "Software: Snipaste", baseline, precision 8, 601x81, components 3
Hash 48a7735f8ebee6bf81a9524f54251dec
9daa934a679a0d5c9853d9b7c2b008f1193a18b4
742ca6f5db04d8e4a976342cb4d359196dae3cf5a761b9896884784fdc3be3c3
GET /static/img/Snipaste_2022-05-31_17-17-51.jpg HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: image/jpeg
Content-Length: 13300
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:07:59 GMT
ETag: "661fe5cf-33f4"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1036
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2BIOJsRxORtwDSa2%2BG0aXExkux8DY%2FbCOuSVzFqukPhOeJOi13I6QTDtUr%2B2sCvE9KDTMozPJLaEu8caKnS0pkKVOuJzB9D7ECQcEdGLhOBzBwIl%2BL1RLBy3p1jIqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
CF-RAY: 87fb1f7ddca72f77-LAX
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
Accept-Ranges: bytes
9n6s.xyz/static/img/Snipaste_2022-05-31_17-17-37.jpg
103.19.191.89200 OK 6.5 kB URL GET HTTP/1.1 9n6s.xyz/static/img/Snipaste_2022-05-31_17-17-37.jpg
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, comment: "Software: Snipaste", baseline, precision 8, 324x46, components 3
Hash 0cf4bcb69defeb0ae9258ceea51b48ba
eb6e74d4479be4a8a99fcad9216cda7e6e15c7fe
ea88dddb28fb5d8c800ab96580b275f0580b09507ba1aefb7e369dc0e6b5f70f
GET /static/img/Snipaste_2022-05-31_17-17-37.jpg HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: image/jpeg
Content-Length: 6524
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:07:59 GMT
ETag: "661fe5cf-197c"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1422
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NiVD%2BtV4FeInbN6ai%2BayHv2zScDm2R9A01ekfInF7DZyW%2F9UipbgN%2B7EO%2Fvvm5u5R58LvjeGMGOjeqrSI0A%2FFHHXC0cPmLX56iHVMPFdcqa08ksDsRWOjKHCmqBuVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
CF-RAY: 87fb2abedf7804c7-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
Accept-Ranges: bytes
9n6s.xyz/static/img/register123.png
103.19.191.89200 OK 3.0 kB URL GET HTTP/1.1 9n6s.xyz/static/img/register123.png
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type PNG image data, 412 x 100, 8-bit colormap, non-interlaced
Hash f93cfc045fa5e26c06a74c8d10649912
56672c9c7a3296174b6682821c265afcb4538d0a
eba05b20e45aa232ab66fed10669f88d5c8f6b0f8266dcf49554cbe466688755
GET /static/img/register123.png HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: image/png
Content-Length: 3049
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:07:59 GMT
ETag: "661fe5cf-be9"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1520
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eBRk%2FJPxSzmvQVgn0FX62RIpANROeLJMCOTyGJHEmQiLQoYaAaYIa0867kmVf6nkxPZfd3HBOKUl0jOFVC3xWfZne7fKmVtViU9k8e2n%2BQHVD%2BCeRM90pZJ9vYGpkw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
CF-RAY: 87fb2abf6c2f84f1-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
Accept-Ranges: bytes
9n6s.xyz/static/js/page/homework.js?id=5dade44e742d7eca07b5d706b5dcca85
103.19.191.89200 OK 41 kB URL GET HTTP/1.1 9n6s.xyz/static/js/page/homework.js?id=5dade44e742d7eca07b5d706b5dcca85
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65274)
Hash 5dade44e742d7eca07b5d706b5dcca85
dcf435313e6ec3a43a3d6a8dfec8bbeec3b630cd
dbf2facc87c4b6782c5d1c8878bbf02ae685d40ac161af4983a1858d1d8326f8
GET /static/js/page/homework.js?id=5dade44e742d7eca07b5d706b5dcca85 HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:07:42 GMT
Vary: Accept-Encoding
ETag: W/"661fe5be-1b42b"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1497
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chU6pnRRhlmqTRhd2mEUw%2FFGXbz%2BlUMhNztxxXLr7rEIkPgnPm2myV4npWan73n283%2F4FzZsFFmqAD2eL19sVuq9Af0j2PKV8fJdI5aAsTAVg5h2zSNEvaqwPDRxJw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fb2abdea2384f1-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/static/img/download123.png
103.19.191.89200 OK 3.5 kB URL GET HTTP/1.1 9n6s.xyz/static/img/download123.png
IP 103.19.191.89:443
ASN #64050 BGPNET Global ASN
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type PNG image data, 416 x 100, 8-bit colormap, non-interlaced
Hash c2346e3b7c20e9c60d27dcc373dd3693
3621a307f2ffb63a3cde8b7b4490fc0725fe9cf9
87a3ce0dccb6ca752df06dfdf3f2a2713cb4b1190781243829880215c21e02f4
GET /static/img/download123.png HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: image/png
Content-Length: 3514
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 15:07:59 GMT
ETag: "661fe5cf-dba"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1358
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5P6ZCUzR7dVF0RPLIKLC%2BouQa%2BrCsTi%2FSV%2FYKGEo4VXB0RlwPpeUSyxgEQlsYwW6oh1AG0OMrQm2XxVroElTPYa5qv2xZtCF1XMx5kN2Phxkrd5WQzybYMy0zaJGqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
CF-RAY: 87fb2abfaff704c7-HKG
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
Accept-Ranges: bytes
hm.baidu.com/hm.js?4cc8694de692fa5afd826f9281d08f5f
111.45.11.83200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?4cc8694de692fa5afd826f9281d08f5f
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (620)
Hash 9cc47b52fc2c78b8ae05005b79c361e0
d53195e2d53df6c7968817e380e6f3396b823a66
a4b8f609d10e0f9c1147e96faa8eaacc0afc8b904025ca189c3ebc7313ebf2db
GET /hm.js?4cc8694de692fa5afd826f9281d08f5f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Tue, 07 May 2024 06:15:01 GMT
Etag: 73c691c3672f23fc319ff128e454ff1d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=620DFD9F0AA2D1F1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?cfba88a3dada33f119f6c95f95a4d5dd
111.45.11.83200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?cfba88a3dada33f119f6c95f95a4d5dd
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (618)
Hash 56d037dcb42875442dc64305c5fb6790
d14ec0ac4c190f1f1e982c269ee396408526d17b
0c464a4188b25119560795a931b04d1667b7a946a56ef87a99e19beed5f81ef6
GET /hm.js?cfba88a3dada33f119f6c95f95a4d5dd HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Tue, 07 May 2024 06:15:02 GMT
Etag: d4ce1296cd74996311d11f23d57f06f8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9C6819BFDF59E083; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
9n6s.xyz/config/img/index-tc-one.webp?v=6023
172.247.170.142200 OK 29 kB URL GET HTTP/1.1 9n6s.xyz/config/img/index-tc-one.webp?v=6023
IP 172.247.170.142:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type RIFF (little-endian) data, Web/P image
Hash 9029e282f289ff3a6a8f83020aa8d308
4c91f3c47f563e7ff567d0ffb87b6cdf39c21171
7daa7241c7124f566ea50e652a572e38cf8ac109f4491864c45122cc0708cacc
GET /config/img/index-tc-one.webp?v=6023 HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:02 GMT
Content-Type: image/webp
Content-Length: 28626
Connection: keep-alive
Last-Modified: Mon, 20 Nov 2023 17:06:54 GMT
ETag: "655b922e-6fd2"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1054
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcJqqhC59xjQsHw50KJp93l05MFep%2FtWEIe6JyecDr8YE7ZkE%2B0VvXkvfoCVtfHJD%2BcmgYkKHVxNF6%2BMayri5hqzy2oUW68JHwkXQS0CE34pZLaSifOycRSPIJ7wEw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
CF-RAY: 87fb1f9caf0d2b51-LAX
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
Accept-Ranges: bytes
ig76.com/img/365LB2.gif.txt
23.224.235.221 123 kB URL GET ig76.com/img/365LB2.gif.txt
IP 23.224.235.221:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerZeroSSL
Subjectwww.ig73.com
Fingerprint1D:64:D5:E5:7A:9E:3F:D7:CD:FF:11:87:6A:B2:18:F8:A1:18:91:A9
ValidityMon, 15 Apr 2024 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 375 x 180
Size 123 kB (123019 bytes)
Hash 7d0131dd77c04d35a7a80dd68a8e5881
4c72ced2dd4a5b1486bf0c692d9a4b81d68b83a1
e2bbc84e67fe47d32df794d3eb8c7de9ea0626eeeef806ca9addb216fda1e110
GET /img/365LB2.gif.txt HTTP/1.1
Host: ig76.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Mar 2024 09:56:40 GMT
Vary: Accept-Encoding
ETag: W/"65f96158-1e374"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
ak-d.tripcdn.com/images/1mq0o2224vri35ffk565C.png
23.36.76.241200 OK 6.5 kB URL GET HTTP/2 ak-d.tripcdn.com/images/1mq0o2224vri35ffk565C.png
IP 23.36.76.241:443
ASN #20940 Akamai International B.V.
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerDigiCert Inc
Subject*.tripcdn.com
Fingerprint37:57:9A:43:7C:01:BF:AC:55:12:09:2E:9C:81:DB:55:8C:23:6D:E6
ValidityFri, 22 Mar 2024 00:00:00 GMT - Sun, 23 Mar 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 31c5239ba279215de4c401d71d79e20b
63657b1d5a014b8c45af39ee4c1733fc6a0d6fa7
00e072b1ac183b979240ccd2d6ab4c39a6a6d762bce20209578f9ef5a93601b8
GET /images/1mq0o2224vri35ffk565C.png HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 6452
access-control-allow-origin: *
etag: 206.gitc0a9fd6.el7
last-modified: Sat, 16 Sep 2023 18:15:52 GMT
x-origin-ip: 47.254.151.48
x-edgeconnect-midmile-rtt: 4
x-edgeconnect-origin-mex-latency: 121
x-edgeconnect-cache-status: 1
aka-hit-miss: Hit
cache-control: max-age=6457978
expires: Sun, 21 Jul 2024 00:08:00 GMT
date: Tue, 07 May 2024 06:15:02 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-cache: Hit
x-cdn-pop: NO
unique-request-id: 860ec6c
c-via: akamai
timing-allow-origin: *
X-Firefox-Spdy: h2
ig76.com/img/365LB5.gif.txt
23.224.235.221 112 kB URL GET ig76.com/img/365LB5.gif.txt
IP 23.224.235.221:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerZeroSSL
Subjectwww.ig73.com
Fingerprint1D:64:D5:E5:7A:9E:3F:D7:CD:FF:11:87:6A:B2:18:F8:A1:18:91:A9
ValidityMon, 15 Apr 2024 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 460
Size 112 kB (111668 bytes)
Hash 5a1b3a1ea1c434e000eb597108932c5e
2d243e7122b0605432190d74f78514bcb7760031
492a8f35f9e87a801a8ec084638b79cfc8d262b44f448395f630d2f69e5a247f
GET /img/365LB5.gif.txt HTTP/1.1
Host: ig76.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Mar 2024 09:56:44 GMT
Vary: Accept-Encoding
ETag: W/"65f9615c-1b483"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
ak-d.tripcdn.com/images/1mq1u2224vrdq3a1uCFFF.png
23.36.76.241200 OK 21 kB URL GET HTTP/2 ak-d.tripcdn.com/images/1mq1u2224vrdq3a1uCFFF.png
IP 23.36.76.241:443
ASN #20940 Akamai International B.V.
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerDigiCert Inc
Subject*.tripcdn.com
Fingerprint37:57:9A:43:7C:01:BF:AC:55:12:09:2E:9C:81:DB:55:8C:23:6D:E6
ValidityFri, 22 Mar 2024 00:00:00 GMT - Sun, 23 Mar 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 053d60ab2f4e8887ec0fbbabc6c18095
a9e6213d656d246eb3ffe9a2da09a96abcd4281c
9a36652709a6faac586a09832bb22065ce1aed1ed34d0586e812512a9808312e
GET /images/1mq1u2224vrdq3a1uCFFF.png HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 21398
access-control-allow-origin: *
etag: 198.git8693dbd.el7
last-modified: Mon, 07 Aug 2023 21:44:39 GMT
x-origin-ip: 47.254.141.97
x-edgeconnect-cache-status: 1
aka-hit-miss: Hit
cache-control: max-age=7776000
expires: Mon, 05 Aug 2024 06:15:02 GMT
date: Tue, 07 May 2024 06:15:02 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-cache: Hit
x-cdn-pop: NO
unique-request-id: 860ec6e
c-via: akamai
timing-allow-origin: *
X-Firefox-Spdy: h2
ig76.com/img/365LB3.gif.txt
23.224.235.221 127 kB URL GET ig76.com/img/365LB3.gif.txt
IP 23.224.235.221:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerZeroSSL
Subjectwww.ig73.com
Fingerprint1D:64:D5:E5:7A:9E:3F:D7:CD:FF:11:87:6A:B2:18:F8:A1:18:91:A9
ValidityMon, 15 Apr 2024 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 375 x 180
Size 127 kB (126812 bytes)
Hash 1e9f2d8baeefcdcf3dd00392e2f05d57
d2fa5e75f4cd99a026c2fbc50a74963663638b76
5eab62b7d8ade7d15925f3511e205ceebacc38ac5651de0c27008bd9c2ea3688
GET /img/365LB3.gif.txt HTTP/1.1
Host: ig76.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Mar 2024 09:56:41 GMT
Vary: Accept-Encoding
ETag: W/"65f96159-1f25d"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
ig76.com/img/365LB4.gif.txt
23.224.235.221 222 kB URL GET ig76.com/img/365LB4.gif.txt
IP 23.224.235.221:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerZeroSSL
Subjectwww.ig73.com
Fingerprint1D:64:D5:E5:7A:9E:3F:D7:CD:FF:11:87:6A:B2:18:F8:A1:18:91:A9
ValidityMon, 15 Apr 2024 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 375 x 180
Size 222 kB (222531 bytes)
Hash ed4732e915a3b86b7cde520f52d09438
d4dbf253e9d6ae769c922884ddfbf420175cf255
b6fa64a16e1b26ae5e38df74d838aa3397ff37556bb4ea48a85a8bc7e3239109
GET /img/365LB4.gif.txt HTTP/1.1
Host: ig76.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Mar 2024 09:56:43 GMT
Vary: Accept-Encoding
ETag: W/"65f9615b-36e54"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
ig36.com/img/365DH123.gif.txt
23.224.41.205 48 kB URL GET ig36.com/img/365DH123.gif.txt
IP 23.224.41.205:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectig36.com
Fingerprint6F:4F:9A:47:3F:EA:6D:DA:DB:6E:FB:EB:41:B2:48:7D:87:89:D8:E5
ValidityMon, 18 Mar 2024 09:23:20 GMT - Sun, 16 Jun 2024 09:23:19 GMT
File type GIF image data, version 89a, 200 x 200
Hash 684459495f0a2d1607f7a2a0d9928e4d
3ba14a23adc6900dc6278c8eb2679106355c1136
ee19e3a24d5a6d86b414a76dd2d7a50d8dba56fecdfef438f3f5e958320b7306
GET /img/365DH123.gif.txt HTTP/1.1
Host: ig36.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:02 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 30 Mar 2024 13:38:54 GMT
Vary: Accept-Encoding
ETag: W/"660815ee-bcd4"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
ih91.com/img/JTwctxtBB.gif.txt
23.225.165.253 482 kB URL GET ih91.com/img/JTwctxtBB.gif.txt
IP 23.225.165.253:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectih91.com
FingerprintED:5E:C9:3B:90:17:C5:41:E2:C9:05:65:16:5B:BB:AE:81:18:A2:83
ValidityMon, 11 Mar 2024 11:49:10 GMT - Sun, 09 Jun 2024 11:49:09 GMT
File type GIF image data, version 89a, 750 x 360
Size 482 kB (481519 bytes)
Hash 572a813bf11addd95e3cc9584c926555
31a42936460b737c35ee2542a6d4bd8e6dd647ec
cc0ab76bb08862c6487607a2112541e30456be55d3f7543aea187518cd9e8c83
GET /img/JTwctxtBB.gif.txt HTTP/1.1
Host: ih91.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Oct 2023 11:07:02 GMT
Vary: Accept-Encoding
ETag: W/"653ceb56-76657"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
ih91.com/img/JTyhxtCC.gif.txt
23.225.165.253 324 kB URL GET ih91.com/img/JTyhxtCC.gif.txt
IP 23.225.165.253:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectih91.com
FingerprintED:5E:C9:3B:90:17:C5:41:E2:C9:05:65:16:5B:BB:AE:81:18:A2:83
ValidityMon, 11 Mar 2024 11:49:10 GMT - Sun, 09 Jun 2024 11:49:09 GMT
File type GIF image data, version 89a, 750 x 360
Size 324 kB (323465 bytes)
Hash 75d5a42b5640aa6bf83acbf3305ca5e2
d21de277397852234b2817c4fb48b40730283f89
6a1296b8772a3046ac3dca09cecd4b1d61def7ceb361a6b9e26d85d1ba066360
GET /img/JTyhxtCC.gif.txt HTTP/1.1
Host: ih91.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:01 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 03 Nov 2023 07:39:16 GMT
Vary: Accept-Encoding
ETag: W/"6544a3a4-55141"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
hm.baidu.com/hm.js?f11a544f1fb9e2e2d57d57997b979ba0
111.45.3.198200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?f11a544f1fb9e2e2d57d57997b979ba0
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (619)
Hash 4caf5c50d371068f27219c2a77cb3bde
89affe3da850d9bcf4112834badafac6a1557bed
2eb1569d199f7b9a674fda485311b3d8d865347b85b521ac104031a45422e9c9
GET /hm.js?f11a544f1fb9e2e2d57d57997b979ba0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 07 May 2024 06:15:02 GMT
Etag: ac4ae3f084f1208e86a3a873aae34a73
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=013132858AD23E63; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?cc6ee03e8bc09297df37b7c42bf1a521
111.45.3.198200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?cc6ee03e8bc09297df37b7c42bf1a521
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (619)
Hash 8d59d39d52913eba29384b8c44bc2546
7d516b8c0ebd45d5fc95ae8348fd4d8070801d48
90cd1ddaf94ed817f052d90ebec657fcf9a1f4fa514eaff9d90b828f745d1d3d
GET /hm.js?cc6ee03e8bc09297df37b7c42bf1a521 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 07 May 2024 06:15:02 GMT
Etag: f05dad9145b982839166df89bb75bef4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6F86975884BE69D9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1701635776&si=cfba88a3dada33f119f6c95f95a4d5dd&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11552&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
111.45.3.198200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1701635776&si=cfba88a3dada33f119f6c95f95a4d5dd&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11552&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1701635776&si=cfba88a3dada33f119f6c95f95a4d5dd&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11552&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 06:15:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B41F7B71DDC6930C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1507247402&si=4cc8694de692fa5afd826f9281d08f5f&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11552&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
111.45.11.83200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1507247402&si=4cc8694de692fa5afd826f9281d08f5f&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11552&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1507247402&si=4cc8694de692fa5afd826f9281d08f5f&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11552&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 06:15:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BD1B843ED5B6125B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=223042993&si=f11a544f1fb9e2e2d57d57997b979ba0&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11553&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
111.45.3.198200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=223042993&si=f11a544f1fb9e2e2d57d57997b979ba0&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11553&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=223042993&si=f11a544f1fb9e2e2d57d57997b979ba0&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11553&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 06:15:03 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6B867FF1AEE0FDF4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ig36.com/img/365NHAO1.gif.txt
23.224.41.205 830 kB URL GET ig36.com/img/365NHAO1.gif.txt
IP 23.224.41.205:0
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectig36.com
Fingerprint6F:4F:9A:47:3F:EA:6D:DA:DB:6E:FB:EB:41:B2:48:7D:87:89:D8:E5
ValidityMon, 18 Mar 2024 09:23:20 GMT - Sun, 16 Jun 2024 09:23:19 GMT
File type GIF image data, version 89a, 200 x 200
Size 830 kB (829929 bytes)
Hash 6d37fcc98f50e91ae5dc637d0a72c59e
a16edb1727884f047539f209483c04295f147f5c
adecc168ca24b95909d97f3ac3040a80290880e35ed3ef04d9a5885a3997acea
GET /img/365NHAO1.gif.txt HTTP/1.1
Host: ig36.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:02 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 24 Mar 2024 11:21:53 GMT
Vary: Accept-Encoding
ETag: W/"66000cd1-cb544"
Content-Encoding: gzip
Server: nbcdn2023
X-Cache-Status: HIT
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1479431202&si=cc6ee03e8bc09297df37b7c42bf1a521&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11553&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
111.45.3.198200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1479431202&si=cc6ee03e8bc09297df37b7c42bf1a521&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11553&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1479431202&si=cc6ee03e8bc09297df37b7c42bf1a521&su=http%3A%2F%2Fwww.whitewall.top%2F&v=1.3.0&lv=1&sn=11553&r=0&ww=1280&u=https%3A%2F%2F9n6s.xyz%2Frain%2Fa%2F788480.html%3Fchannel%3D788480%26ucid%3DFFFB5542%26utid%3D8650E8D4F3GG%23&tt=%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20_%E5%A3%AE%E5%BF%97%E5%87%8C%E4%BA%91%E7%94%B5%E5%BD%B1%E4%B8%BB%E9%A2%98%E6%9B%B2%20-%E8%8C%84%E5%AD%90%E7%9C%8B%E7%89%87%E5%BD%B1%E9%99%A2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 May 2024 06:15:03 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=07BFDFF02BB6C6D5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?8be2b3c50e74d4cc6dcfa0d44b068c21
111.45.3.198200 OK 0 B URL GET HTTP/1.1 hm.baidu.com/hm.js?8be2b3c50e74d4cc6dcfa0d44b068c21
IP 111.45.3.198:443
ASN #56040 China Mobile communications corporation
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hm.js?8be2b3c50e74d4cc6dcfa0d44b068c21 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Date: Tue, 07 May 2024 06:15:04 GMT
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: text/plain; charset=utf-8
cscccache.fangchengbao.com/fbprod/oss/file/8e4944cc28bd4.txt
221.194.141.170200 OK 1.6 kB URL GET HTTP/1.1 cscccache.fangchengbao.com/fbprod/oss/file/8e4944cc28bd4.txt
IP 221.194.141.170:443
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerDigiCert Inc
Subject*.fangchengbao.com
Fingerprint02:40:CD:2D:2A:3F:B5:22:AF:14:FB:D3:0E:5E:53:9A:D7:94:AC:2F
ValidityWed, 28 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (1571), with no line terminators
Hash b9ce7392253bda2602b967fd5f938f72
5e9fbf3cd1dc45dc8ea22fea90c4bf3bcf7b0d9d
80e9bd147bcf9b444295645964497ca6228dad3ddeff2706c60ca4fb28395282
GET /fbprod/oss/file/8e4944cc28bd4.txt HTTP/1.1
Host: cscccache.fangchengbao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:04 GMT
Content-Type: text/plain
Content-Length: 1571
Connection: keep-alive
Server: openresty
CloudServiceDiscount: CDN
x-obs-request-id: 0000018E32CBE6ED4B49E5EB714BA0FC
ETag: "b9ce7392253bda2602b967fd5f938f72"
Last-Modified: Tue, 12 Mar 2024 13:13:08 GMT
x-obs-version-id: G001118E32CB9B90FFFF9C89064443A7
x-obs-tagging-count: 0
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSlOc/+6zDiY/lshABP8d+WZjWuwhBZ0
X-CCDN-Expires: 1775641
via: CHN-HElangfang-AREACUCC2-CACHE64[4],CHN-HElangfang-AREACUCC2-CACHE50[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE7[12],CHN-TJ-GLOBAL1-CACHE50[0,TCP_HIT,7]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
X-CCDN-REQ-ID-46B1: 358a6d921c1e181ff73bdf8fcfe43e65
nginx-hit: 1
Age: 1842359
Accept-Ranges: bytes
Content-Disposition: inline
dl-open.u3sa2k.xyz/p
104.21.4.237204 No Content 0 B IP 104.21.4.237:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectu3sa2k.xyz
Fingerprint5C:C2:79:54:A6:48:95:B1:74:BB:18:21:7D:91:43:29:90:5F:63:6B
ValiditySat, 23 Mar 2024 20:29:56 GMT - Fri, 21 Jun 2024 20:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /p HTTP/1.1
Host: dl-open.u3sa2k.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://9n6s.xyz/
Origin: https://9n6s.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 07 May 2024 06:15:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Token, Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8096jBTwWFGdf4nvRWuS7b1jKeol1kjfNGC3JJXmO%2FR%2FsT%2FwY4CMgksGOVJ91cMefyyK775QhCFZyaojntz4Zdt6%2FQGKs9mkcE5fVgaXoz0lU9b3SF9%2FZgPGohQceM13wTq%2Bnc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff12cef879b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
dl-open.u3sa2k.xyz/p
104.21.4.237204 No Content 0 B IP 104.21.4.237:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjectu3sa2k.xyz
Fingerprint5C:C2:79:54:A6:48:95:B1:74:BB:18:21:7D:91:43:29:90:5F:63:6B
ValiditySat, 23 Mar 2024 20:29:56 GMT - Fri, 21 Jun 2024 20:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /p HTTP/1.1
Host: dl-open.u3sa2k.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9n6s.xyz/
Content-Type: application/json
Content-Length: 189
Origin: https://9n6s.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 07 May 2024 06:15:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Token, Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FDkLMtoym0Haq15MG%2F6iBaTFwVSbhebsMBSzGte2n10cdxCoAayY3kx6%2Fz6hTDZnNPrg9LhPUUQLuAQdyqOOEAA6xfKuV0zK%2BrIAA8mXmQ6cJCmgomWcgJgIOMCG2yJqfZJcWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff12d11b83b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
web-img.cfhd.cf.qq.com/y83wm3m72cd36dzioiyq51dnl3l8b844
153.0.228.201200 OK 134 kB URL GET HTTP/1.1 web-img.cfhd.cf.qq.com/y83wm3m72cd36dzioiyq51dnl3l8b844
IP 153.0.228.201:443
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGlobalSign nv-sa
Subject*.cfhd.cf.qq.com
Fingerprint8E:D3:34:C6:43:B1:16:E2:95:C8:D9:AD:AF:87:24:35:CA:36:04:87
ValidityThu, 07 Dec 2023 02:46:07 GMT - Tue, 07 Jan 2025 02:46:06 GMT
File type PNG image data, 455 x 884, 8-bit/color RGBA, non-interlaced
Size 134 kB (134510 bytes)
Hash 1f5c53e5833b08b06afe45e7f4cdbf7f
80594b1d91654106a0436843c6713f6314dae38a
bd8c244d6504064dd50f7c77a30b726a73dfa59a1a1dad9b00eb47e0b3585daa
GET /y83wm3m72cd36dzioiyq51dnl3l8b844 HTTP/1.1
Host: web-img.cfhd.cf.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Mon, 20 Nov 2023 19:52:09 GMT
Etag: "1f5c53e5833b08b06afe45e7f4cdbf7f"
Content-Type: image/png
Date: Mon, 20 Nov 2023 19:52:09 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 14407229084167336244
x-cos-request-id: NjU1YmI4ZTlfNzJiMzBiMGJfMTBjNDdfNjY2MmRhYw==
Content-Length: 134510
Accept-Ranges: bytes
X-NWS-LOG-UUID: 4916405231958716358
Connection: keep-alive
X-Cache-Lookup: Cache Hit
9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
23.224.129.69200 OK 24 kB URL GET HTTP/1.1 9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
IP 23.224.129.69:443
Requested by http://www.whitewall.top/
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type HTML document, ASCII text, with very long lines (943), with CRLF, LF line terminators
Hash 23315ec6185badffe82d990003704f19
2df0b918f8df7d568b3d15175b68379e50358ba1
65fa968a83eee5b4ed608e7597798c93ba23e8ffd9ec0fc1d26b16cc08387613
GET /rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 18:19:13 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6701
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8RYkOpA0BcmGgKb6aHcevodLUQBh7ZGYvccGGbC3VIHhdUVakFaEMZKyX3JGQvtJII8jpgZpdM%2B%2FhzljlftUpQ34jY0kfOmRww4gKCumt38%2BqKbSmNGZEWERSV95g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fd34e088d52a85-LAX
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
23.224.129.69200 OK 24 kB URL GET HTTP/1.1 9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
IP 23.224.129.69:443
Requested by http://www.whitewall.top/
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type HTML document, ASCII text, with very long lines (943), with CRLF, LF line terminators
Hash 23315ec6185badffe82d990003704f19
2df0b918f8df7d568b3d15175b68379e50358ba1
65fa968a83eee5b4ed608e7597798c93ba23e8ffd9ec0fc1d26b16cc08387613
GET /rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 18:19:13 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6701
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8RYkOpA0BcmGgKb6aHcevodLUQBh7ZGYvccGGbC3VIHhdUVakFaEMZKyX3JGQvtJII8jpgZpdM%2B%2FhzljlftUpQ34jY0kfOmRww4gKCumt38%2BqKbSmNGZEWERSV95g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fd34e088d52a85-LAX
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
112.213.126.139200 OK 24 kB URL GET HTTP/1.1 9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
IP 112.213.126.139:443
ASN #64050 BGPNET Global ASN
Requested by http://www.whitewall.top/
Certificate IssuerLet's Encrypt
Subject9n6s.xyz
Fingerprint94:62:4C:6D:28:14:CD:08:0C:B5:A2:82:60:DA:54:5D:87:C3:19:4E
ValidityTue, 30 Apr 2024 08:32:45 GMT - Mon, 29 Jul 2024 08:32:44 GMT
File type HTML document, ASCII text, with very long lines (943), with CRLF, LF line terminators
Hash 3e34be9c8574bbc9c70b8c318cf017d5
1a82a591e66e943b564d6aea4aa82b6a150a6220
f6eb7c833484b7422e8ce0bb5d616b7bc92ebd54ddebf6850e1af7e1de0fc148
GET /rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG HTTP/1.1
Host: 9n6s.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 06:15:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 18:19:13 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 78
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rQRFJfmrhc3kLOX3l2pS0EtF1a71hMvUd%2F0sORBQGQowc2OWRxwBSZr52cfdkRaZvF25nFU%2FLYqajaHu06Ys6mLp%2Fg86ACclKUE%2BHzUyrNlrDndb2iQzJI1Jp0hyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 87fd3d391ac584bd-HKG
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
Server: nbcdn2023
X-Cache-Status: HIT
cdn.staticfile.org/Swiper/8.0.5/swiper-bundle.min.js
104.18.49.74200 OK 139 kB URL GET HTTP/2 cdn.staticfile.org/Swiper/8.0.5/swiper-bundle.min.js
IP 104.18.49.74:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGoogle Trust Services LLC
Subjectcdn.staticfile.org
Fingerprint13:7C:E5:1B:86:D1:10:4A:B0:8D:70:4A:75:D6:29:72:5A:12:CC:80
ValidityFri, 12 Apr 2024 08:18:39 GMT - Thu, 11 Jul 2024 08:18:38 GMT
File type JavaScript source, ASCII text, with very long lines (65279)
Size 139 kB (139098 bytes)
Hash 3fd86e8ca0ce92c85684ab6b413133f3
b86e982e4b8d99decbdabae3f60db98c3d4bb6af
3e6977cc0a6e65fdaef2386d95b6e392ca2fa9ee5dcd9f572baa26c50c88ef16
GET /Swiper/8.0.5/swiper-bundle.min.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 06:15:00 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
cache-control: public, max-age=14400
x-cloud-cdn: true
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 12:31:32 GMT
cf-cache-status: HIT
age: 568578
expires: Tue, 07 May 2024 10:15:00 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff12b31f8656cc-OSL
X-Firefox-Spdy: h2
html2canvas.hertzen.com/dist/html2canvas.min.js
172.67.140.170200 OK 199 kB URL GET HTTP/2 html2canvas.hertzen.com/dist/html2canvas.min.js
IP 172.67.140.170:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerLet's Encrypt
Subjecthertzen.com
Fingerprint3D:B5:12:BA:11:21:5A:34:99:30:8B:A8:E8:1A:2D:11:EC:BB:88:B2
ValiditySun, 14 Apr 2024 00:07:56 GMT - Sat, 13 Jul 2024 00:07:55 GMT
Size 199 kB (198689 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dist/html2canvas.min.js HTTP/1.1
Host: html2canvas.hertzen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 06:15:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 22 Jan 2022 16:56:04 GMT
access-control-allow-origin: *
etag: W/"61ec3724-30821"
expires: Tue, 23 Apr 2024 01:46:34 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 9682:1D4C19:375FAAB:3896F32:662710A1
via: 1.1 varnish
age: 180
x-served-by: cache-osl6528-OSL
x-cache: HIT
x-cache-hits: 1
x-timer: S1714493855.578056,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 2a54686b52fbd04df6df1b3b0c3b8ba8a49fc03b
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoJ8xRjOTYbCKqxLC2YTb2W8diF%2BA18n16KODAZkWJaX2lWvH6VcRnSHTQ3kB6RVP9aKm9GibY9LELe5E7p3S0zbctHfH61MjNbzdrY%2FePkeAEkRsrXapesxbDn6oDkjLsNbiPRvy8SAjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff12b36bc55699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.staticfile.org/Swiper/6.7.0/swiper-bundle.min.css
104.18.49.74200 OK 14 kB URL GET HTTP/2 cdn.staticfile.org/Swiper/6.7.0/swiper-bundle.min.css
IP 104.18.49.74:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGoogle Trust Services LLC
Subjectcdn.staticfile.org
Fingerprint13:7C:E5:1B:86:D1:10:4A:B0:8D:70:4A:75:D6:29:72:5A:12:CC:80
ValidityFri, 12 Apr 2024 08:18:39 GMT - Thu, 11 Jul 2024 08:18:38 GMT
File type ASCII text, with very long lines (13619)
Hash b2b598cf96cd7c1726beb376544630cc
6fae9580f60ba0918b902059b4820471e4a2faba
1ff9a639b823d90c071161497de9bf22c507e778384b8a70a3e35a7f6d76c572
GET /Swiper/6.7.0/swiper-bundle.min.css HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 06:15:00 GMT
content-type: text/css
last-modified: Fri, 08 Dec 2023 23:07:52 GMT
etag: W/"6573a1c8-362f"
expires: Wed, 07 May 2025 06:15:00 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
x-cloud-fetchl: true
content-encoding: gzip
cf-cache-status: HIT
age: 560094
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff12b32f8c56cc-OSL
X-Firefox-Spdy: h2
cdn.staticfile.org/jquery/3.6.0/jquery.min.js
104.18.49.74200 OK 90 kB URL GET HTTP/2 cdn.staticfile.org/jquery/3.6.0/jquery.min.js
IP 104.18.49.74:443
Requested by https://9n6s.xyz/rain/a/788480.html?channel=788480&ucid=FFFB5542&utid=8650E8D4F3GG
Certificate IssuerGoogle Trust Services LLC
Subjectcdn.staticfile.org
Fingerprint13:7C:E5:1B:86:D1:10:4A:B0:8D:70:4A:75:D6:29:72:5A:12:CC:80
ValidityFri, 12 Apr 2024 08:18:39 GMT - Thu, 11 Jul 2024 08:18:38 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdn.staticfile.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9n6s.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 06:15:00 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
cache-control: public, max-age=14400
x-cloud-cdn: true
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 12:29:27 GMT
cf-cache-status: HIT
age: 564309
expires: Tue, 07 May 2024 10:15:00 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff12b31f8856cc-OSL
X-Firefox-Spdy: h2