r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15052
Expires: Tue, 29 Nov 2022 00:28:53 GMT
Date: Mon, 28 Nov 2022 20:18:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:18:01 GMT
Last-Modified: Mon, 28 Nov 2022 18:45:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 19:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3508
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4590
Expires: Mon, 28 Nov 2022 21:34:31 GMT
Date: Mon, 28 Nov 2022 20:18:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Nbj5RDm/lkUbM3u7yCYYWvekvSF8enObLs9boDLj2/UznYe6DJyVH7r5vFRrs0ijdfNVHeGbXgM=
x-amz-request-id: BJ96KCETRGXEP0CE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 19:45:09 GMT
age: 1972
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 20:18:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.7145.top/
156.237.140.57200 OK 554 B IP 156.237.140.57:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (670), with CRLF line terminators
Hash 9c20e2810a6905aa473b0b2bfb21a1ed
b6ddefc1bf91f488ff6ea3b15afa73a489c0c058
d71070868966c7a461a4fe1323374ae7808375154592bef4acc30dd8ca1f8390
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.7145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 20:11:12 GMT
cache-control: public,max-age=3600
age: 410
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.7145.top/common.js
156.237.140.57200 OK 561 B IP 156.237.140.57:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (499), with CRLF line terminators
Hash 287855360d13de35f112971cbf8d31db
9fd261c0c3179d0c9412459194479ea7dbd59eda
e1b90568f4b507805e3c69f040d40ae78517b1ac8dc09e1b3f44ca1eb695f7fc
Analyzer Verdict Alert fortinet Malware
GET /common.js HTTP/1.1
Host: www.7145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.7145.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:02 GMT
Content-Type: application/x-javascript
Content-Length: 561
Connection: keep-alive
www.7145.top/tj.js
156.237.140.57200 OK 258 B IP 156.237.140.57:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash ad4691a2d72ad99116e4e23e5d734186
1f4d735991de74cf20521f8ab8630779f59427d3
0c29cd12a668f248f8e820eb57c6e61ca511158c55ab796e2fe3227d231ac079
Analyzer Verdict Alert fortinet Malware
GET /tj.js HTTP/1.1
Host: www.7145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.7145.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:02 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.7145.top/favicon.ico
156.237.140.57200 OK 1.2 kB IP 156.237.140.57:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.7145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.7145.top/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:02 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 03 Dec 2022 20:18:02 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6137
Cache-Control: max-age=138670
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:18:02 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:49:12 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
tkc.tsdt2.top/
122.10.111.13200 OK 191 B IP 122.10.111.13:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 5bf60b461148897a2ec42e38f54d9600
79310df933ad7066446386cd2b469c1ee2e8bc22
f03056f464bc84a6094f5b4eb1f6e3a679243561161d29dc32a3ba2959fef0ed
GET / HTTP/1.1
Host: tkc.tsdt2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.7145.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:31:01 GMT
Accept-Ranges: bytes
ETag: "718a2d23cccd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 20:18:02 GMT
Content-Length: 191
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 480439e28ac5c6836d5a48130073cb09
31dbb79c01f45b176eb8b3ab417b06da6ef53374
286e3b44baea51d15515403efe79057e9518f0884e0d733d93ffc4e81536646d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 18:29:33 GMT
ETag: "31dbb79c01f45b176eb8b3ab417b06da6ef53374"
Last-Modified: Mon, 28 Nov 2022 18:29:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2034
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7715ca622ca7b512-OSL
push.services.mozilla.com/
52.89.114.252101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.114.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: easDFO94P8gCc8FGDgNhNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X3zjaamOO/C4ScoQiHuGTvvpvKY=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18056
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 20:18:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18056
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 20:18:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18056
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 20:18:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18056
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 20:18:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18056
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 20:18:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 43584
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 80207
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 80780
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U_gitOWWMPO7M5Dd0WktaigfRERa93d86MhziLjZ2qnuON_K5NauyQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:37 GMT
age: 80606
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 80197
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OWVkuAw6-nRNU_CVOgvsSSenSXnfSYSmJiKa60JvSaiJgPuXjJByZw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:46:41 GMT
age: 81082
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ukt.tsfi4.top/
154.212.113.41200 OK 191 B IP 154.212.113.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 64d4796fbbfbe259d1391afa41cb7d96
3cd75b6330efb71c9c9ddbcc34f628f09c0d4694
28244cff078b80f7d670a9ff127a9ff5304456bdc36fed148c3c59a332c4100d
GET / HTTP/1.1
Host: ukt.tsfi4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tkc.tsdt2.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 28 Nov 2022 14:48:30 GMT
Accept-Ranges: bytes
ETag: "e4ab7b383d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 20:18:03 GMT
Content-Length: 191
hm.baidu.com/hm.js?8d57755868d1d7e0c48dd60344b183ea
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8d57755868d1d7e0c48dd60344b183ea
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash 0478bfc4f59ca2f7701c2fddfd2d2a06
031b6ea4cc1bc4480adff4dc4f0cb795c626b55c
2a3523527ef384f722a223a367a4bdd5f3eed9fa76ab45648b7fe639b807b90b
GET /hm.js?8d57755868d1d7e0c48dd60344b183ea HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.7145.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 20:18:03 GMT
Etag: a90aaaefca80b11c6823d84523f286f6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2AA5C3D29874EA51; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=49998474&si=8d57755868d1d7e0c48dd60344b183ea&v=1.3.0&lv=1&sn=31489&r=0&ww=1280&u=http%3A%2F%2Fwww.7145.top%2F&tt=%E6%B5%B7%E5%AE%89%E6%9D%89%E7%8E%AB%E5%95%86%E5%8A%A1%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=49998474&si=8d57755868d1d7e0c48dd60344b183ea&v=1.3.0&lv=1&sn=31489&r=0&ww=1280&u=http%3A%2F%2Fwww.7145.top%2F&tt=%E6%B5%B7%E5%AE%89%E6%9D%89%E7%8E%AB%E5%95%86%E5%8A%A1%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=49998474&si=8d57755868d1d7e0c48dd60344b183ea&v=1.3.0&lv=1&sn=31489&r=0&ww=1280&u=http%3A%2F%2Fwww.7145.top%2F&tt=%E6%B5%B7%E5%AE%89%E6%9D%89%E7%8E%AB%E5%95%86%E5%8A%A1%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.7145.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 20:18:04 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9870E50E115144E1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ynn.tsms2.top/
122.10.27.117200 OK 6.7 kB IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 5cc1dfee540f8048598616ae1d6f2e2d
f6db0d9b96dd9f3e878fa58e92646335efc657b9
b59823f4a8b1c248f3caedcd25054b6f72cffcf55e29cde9303fb6a10167d485
GET / HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ukt.tsfi4.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=bolni79vegvsal1gvu1s58sc3b; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
ynn.tsms2.top/static/css/home.css
122.10.27.117200 OK 5.8 kB URL HTTP/1.1 ynn.tsms2.top/static/css/home.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (310)
Hash 450fb016075d2231047a4d127c2f1e41
bf8f539abbbff7c9d222cc450c94485102aec7b8
ba0f7991b02b9a60fa5635e68553a6c3d4db6229b6c398c72c7a2d191833bd7f
GET /static/css/home.css HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:05 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Aug 2021 06:28:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61249182-5337"
Expires: Tue, 29 Nov 2022 08:18:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/css/style.css
122.10.27.117200 OK 4.2 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/css/style.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (887)
Hash ec4722f8db320fe78d8c14f9fdc04fcf
510d4f52ed2f1c7b1e4024aff2ba400b8fd3a986
fbb75222bd3bb0bad750759217960850dacf63a03bc148c4bae0c982cfa4b107
GET /template/m1938pc/css/style.css HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:05 GMT
Content-Type: text/css
Last-Modified: Sun, 14 Nov 2021 12:42:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61910451-316c"
Expires: Tue, 29 Nov 2022 08:18:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/css/style1.css
122.10.27.117200 OK 14 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/css/style1.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, Unicode text, UTF-8 text
Hash 6ea39fbd3c140f07c0b85d329fe9c09c
704518ac82b5ff1b31891048cdfb56118a8e1761
5473ac3ccd7f3d26b01668b81815d1e5b060fec971902c25ef933c8763acc2e2
GET /template/m1938pc/css/style1.css HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: text/css
Last-Modified: Sat, 17 Jul 2021 02:43:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f243ec-e981"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/css/white.css
122.10.27.117200 OK 2.7 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/css/white.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, ASCII text, with very long lines (1029)
Hash 4bf86016b51a0923f29b60eebfdb70c6
01e7ccf779aaa148497ca4b8af6a40c51cdef9f1
1f7a20fb223b8a442b6bdb8c821db5cc5b2d99398f81b4d55bb30da51ebb432a
GET /template/m1938pc/css/white.css HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:57:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9aefe-27a6"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/css/mm-content.css
122.10.27.117200 OK 1.6 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/css/mm-content.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 4d6246aaee98074314419600ac04d334
0e4d3ce5fb1f58e7e50ad59d9f5be139bbf246a8
c263e97580e0dab7f547130c7cd2f7516df52c23b8b15ccd28c951f56b027afb
GET /template/m1938pc/css/mm-content.css HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:58:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af08-24d5"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/css/swiper.min.css
122.10.27.117200 OK 3.3 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/css/swiper.min.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (17459)
Hash e73a49e6a4e9772b6add191cf694bd34
00038fe32a6e97fbbeb281939adfb363cdd5f54f
5a1a24bd85867233f36de37f59b96bfeeb4290619781494713b8216902b30988
GET /template/m1938pc/css/swiper.min.css HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:57:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af06-455f"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/css/mp4.css
122.10.27.117200 OK 2.0 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/css/mp4.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 1e2a92a65ee9e4f64e313caf5f55cac7
1cf740b450511e90f6ecd93521242bd009e72fa0
05c205d18a8195d407372166178aa9c909b3eb74be5fc0032d0d3833fcc6bde8
GET /template/m1938pc/css/mp4.css HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Jul 2021 04:55:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60ed1ca6-2226"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/js/jquery.lazyload.js
122.10.27.117200 OK 737 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/js/jquery.lazyload.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2223)
Hash eaf0b0026f5fe118b17efd08675e64e7
716de738af0b4ee171aacce51ece7c6b0402dcac
3420e9519c1663b6969106be32c6dec9c3a77558ea88a6f79e02696e0a99ff14
GET /template/m1938pc/js/jquery.lazyload.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Feb 2022 16:39:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62014b3e-8b1"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/css/bootstrap.min.css
122.10.27.117200 OK 27 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/css/bootstrap.min.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (493)
Hash 05a25cdf37679d41a05c52e76e6c2cd2
16aacd64e4475ed3efd6e72370578e950bf76820
b3549f3f4ed086d81f6f6efbf4e909407a778d50fe3ff3ddea927cefc1ca6200
GET /template/m1938pc/css/bootstrap.min.css HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Jul 2021 05:00:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60ed1dd6-2226a"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/js/jquery.autocomplete.js
122.10.27.117200 OK 6.3 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/js/jquery.autocomplete.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 017ab50786774a4a7fae3a5bc3d7ffbd
e49fa45c10bf04810f6fceb896c35042c88417f6
fd1ec0a20c8c5f196840fc9c2e29decf3889f183fa0f566977454d9956e2a4ba
GET /template/m1938pc/js/jquery.autocomplete.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-6215"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/js/jquery.config.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/js/jquery.config.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/js/jquery.superslide.js
122.10.27.117200 OK 2.9 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/js/jquery.superslide.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ISO-8859 text, with very long lines (9089)
Hash 2728d1c0b6f67113e4fd43bfe1c5fd9f
3c02fa0572cee1ff2050f36a6700b9d40a5bcd0a
1094d4cbd8570de92dbe8a1ed928d25e8f5edfc186de9319156c50ee1582cbaf
GET /template/m1938pc/js/jquery.superslide.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-24d8"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/js/jquery.js
122.10.27.117200 OK 37 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/js/jquery.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
GET /template/m1938pc/js/jquery.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af28-169d5"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/js/jquery.base.js
122.10.27.117200 OK 2.4 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/js/jquery.base.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 770f78f611789c0759e08c48bc766c54
66d1671195b9f432b8b1986f677414b1e4330a25
b215bcf5c56080e433bdfaa98b797b25a111e97e8a7b2498fcfdca2342c8ca61
GET /template/m1938pc/js/jquery.base.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-1954"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/static/js/home.js
122.10.27.117200 OK 10 kB URL HTTP/1.1 ynn.tsms2.top/static/js/home.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (2677)
Hash 94964f375af85be8e991d7e6abd9a40b
d768fa9eafd3435729ff69c95aecdb442cb27952
5a46491195ed6546583712062a62c500342c792958f93477d125a00901ec9af4
GET /static/js/home.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Aug 2021 06:28:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61249190-95a5"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/ads/banner_s.js
122.10.27.117200 OK 1.2 kB URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/banner_s.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 0a5950891857f1c891b9ec1505a0a184
71e37302049813230aac5b91c715a041abf15340
530384e502f68addce050d680509ecace49b5ec492229d3f34461a5d75a1e506
GET /template/m1938pc/ads/banner_s.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Sun, 27 Nov 2022 10:16:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6383390e-20f7"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/ads/word_s.js
122.10.27.117200 OK 512 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/word_s.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 934d4e86b541c09067d9c6095673f850
ec3ea6f192887082d06b43fe4743426996e87d61
bc69ea798f10fb70e86efd6bdf3d3df33d395f902f3a543d8a46ace7a0259c2f
GET /template/m1938pc/ads/word_s.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:37:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6376552f-d49"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/ads/word_x.js
122.10.27.117200 OK 444 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/word_x.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d66f4d55718880a8d05e996c6b3ae068
a6dcaf7106e6b097dcdb1ba1f8d4508025773cf8
efcefe681cd6cd9ce35fbd3a94a7627972a4a2ba2efa50b22b774c408b8c8d89
GET /template/m1938pc/ads/word_x.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:37:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6376553f-a98"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/ads/banner_z.js
122.10.27.117200 OK 602 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/banner_z.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 26e1e6fa38ce20c7c4b55584ee90b448
11253f6f46dbce197bb6c00a21bd072c6b17f704
4aa0012a3106471b5bb23bc7f65e2ce3b9f2fb9915b7d810df5daf294c3a6dc4
GET /template/m1938pc/ads/banner_z.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Content-Length: 602
Last-Modified: Thu, 17 Nov 2022 15:36:36 GMT
Connection: keep-alive
ETag: "63765504-25a"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
ynn.tsms2.top/template/m1938pc/ads/1.js
122.10.27.117200 OK 726 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/1.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with very long lines (328)
Hash 919faba2aa9229a26a52ad3240d98411
1cf221b46da17e9aedacc172c92e49f34480e01d
a040dab5f58db4d49f8e83f1de1a930d3457aa18b64e8e9706ea7f067ef0db6f
GET /template/m1938pc/ads/1.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 15:34:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6380e081-b2a"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/ads/2.js
122.10.27.117200 OK 929 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/2.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash e25aca94c780cc610cbd9b7741dfde86
9d3ed2ee55a7fbb8f5c404bbe75e6aced8a38d4c
802bacec193e06dbd0358bf44016c34bc1cd5ebcf112cf7df7a72272a9c27c06
GET /template/m1938pc/ads/2.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:06 GMT
Content-Type: application/javascript
Content-Length: 929
Last-Modified: Fri, 04 Nov 2022 12:29:17 GMT
Connection: keep-alive
ETag: "6365059d-3a1"
Expires: Tue, 29 Nov 2022 08:18:06 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
ynn.tsms2.top/template/m1938pc/ads/3.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/3.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/3.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/ads/4.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/4.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/4.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/ads/5.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/5.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/5.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/js/jquery.config.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/js/jquery.config.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/ads/6.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/6.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/6.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/ads/7.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/7.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/7.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/ads/9.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/9.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/9.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/ads/8.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/8.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/8.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/ads/dp66.js
122.10.27.117200 OK 594 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/dp66.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 9e956bb23176832849f3713f88f4c124
d45d349b371bc3485961f620c44ef1cd3dd4baeb
e73fa7fced7f70c732092751ad3b0747bde10f3703284d51a0c68d4fd7b63dfa
GET /template/m1938pc/ads/dp66.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 15:34:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6380e06e-45c"
Expires: Tue, 29 Nov 2022 08:18:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ynn.tsms2.top/template/m1938pc/ads/10.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/10.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/10.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/ads/3.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/3.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/3.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ynn.tsms2.top/template/m1938pc/ads/banner_x.js
122.10.27.117200 OK 922 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/banner_x.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 3deb687d6f898da93a9d44b235db116d
b974640da61f0b2249c9528cb68bfd0da0d3f048
c3ef600e134a3d197c8996ae5804837b1ac3c2c771b8885c11a1244e4ac4fe34
GET /template/m1938pc/ads/banner_x.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: application/javascript
Content-Length: 922
Last-Modified: Fri, 18 Nov 2022 08:35:15 GMT
Connection: keep-alive
ETag: "637743c3-39a"
Expires: Tue, 29 Nov 2022 08:18:07 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
ynn.tsms2.top/template/m1938pc/ads/4.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/4.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/4.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash 436c7366e69655487f181e3426bdb032
23c8f38ad9d23a364257a4d9050a650fbc45255e
c8a40a3bab2792ba6c12d135b8f423646838248ee29c624481c66f3d94459cd0
GET /hm.js?e7191e5689b911df153e7a3714bcb7c3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 20:18:07 GMT
Etag: ae6c8055089366c4fd140de122833d36
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5F81581D294134BE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adf17e0b7003afdfff053a2fb6f34d84
b13b3d0040bfd70a410aca202f2eea14e7c41439
0874d91418ffa3b45b15728365b300be3f8ddb479346b30ba4294bee11f7f2af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0874D91418FFA3B45B15728365B300BE3F8DDB479346B30BA4294BEE11F7F2AF"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Mon, 28 Nov 2022 22:50:58 GMT
Date: Mon, 28 Nov 2022 20:18:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adf17e0b7003afdfff053a2fb6f34d84
b13b3d0040bfd70a410aca202f2eea14e7c41439
0874d91418ffa3b45b15728365b300be3f8ddb479346b30ba4294bee11f7f2af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0874D91418FFA3B45B15728365B300BE3F8DDB479346B30BA4294BEE11F7F2AF"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Mon, 28 Nov 2022 22:50:58 GMT
Date: Mon, 28 Nov 2022 20:18:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adf17e0b7003afdfff053a2fb6f34d84
b13b3d0040bfd70a410aca202f2eea14e7c41439
0874d91418ffa3b45b15728365b300be3f8ddb479346b30ba4294bee11f7f2af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0874D91418FFA3B45B15728365B300BE3F8DDB479346B30BA4294BEE11F7F2AF"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Mon, 28 Nov 2022 22:50:58 GMT
Date: Mon, 28 Nov 2022 20:18:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adf17e0b7003afdfff053a2fb6f34d84
b13b3d0040bfd70a410aca202f2eea14e7c41439
0874d91418ffa3b45b15728365b300be3f8ddb479346b30ba4294bee11f7f2af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0874D91418FFA3B45B15728365B300BE3F8DDB479346B30BA4294BEE11F7F2AF"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Mon, 28 Nov 2022 22:50:58 GMT
Date: Mon, 28 Nov 2022 20:18:07 GMT
Connection: keep-alive
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash fa0acaa1fb3ca19ec28b115fb36f5481
b649f0edad44702aa826dd879527f7269c96afe2
ce3d2a548038fba368ff3f9b80eedb3b172bc1027aa27385ee154d38ea5efe0c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 28 Nov 2022 20:18:07 GMT
Last-Modified: Mon, 28 Nov 2022 00:18:55 GMT
ETag: "6383fe6f-1d7"
Expires: Wed, 30 Nov 2022 00:18:55 GMT
Cache-Control: max-age=100848
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669666687
Via: cache25.l2de2[47,46,200-0,M], cache25.l2de2[49,0], cache7.se1[69,69,200-0,M], cache7.se1[71,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 28 Nov 2022 20:18:07 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16696666878798395e
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 02946fd395e3e88cd7c1dc9f202b0442
2323ddeee5ca7b1deaa149dffb60f74e0f90ce0a
1489f8e4ffbf80ddc9e088a6d0115e26952747cb52ecc7dee7ca938b281fc6c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 01:54:30 GMT
Expires: Mon, 05 Dec 2022 01:54:29 GMT
Etag: "2323ddeee5ca7b1deaa149dffb60f74e0f90ce0a"
Cache-Control: max-age=537981,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7715ca7fbb811c0e-OSL
si1.go2yd.com/get-image/0yFUidjGHhQ
163.171.140.79200 OK 121 kB URL HTTP/2 si1.go2yd.com/get-image/0yFUidjGHhQ
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 500 x 280\012- data
Size 121 kB (121040 bytes)
Hash 72f445e66343e28d92a588cd7858f2dc
0138a721a5a93bdac4700c65cc6f6490009d3c19
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0
GET /get-image/0yFUidjGHhQ HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:07 GMT
content-type: image/gif
content-length: 121040
x-application-context: application
x-kss-request-id: 926b8f9ca982487692c4e63ce22e4a6e
etag: "72f445e66343e28d92a588cd7858f2dc"
content-md5: cvRF5mND4o2SpYjNeFjy3A==
last-modified: Mon, 28 Feb 2022 07:36:54 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:5 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:12 (Cdn Cache Server V2.0), 1.1 tb118:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
x-ws-request-id: 6385177f_PShlamstdAMS1cc96_14504-40020
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
ynn.tsms2.top/template/m1938pc/ads/5.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/5.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/5.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:07 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1825104954&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=31492&r=0&ww=1252&u=http%3A%2F%2Fynn.tsms2.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1825104954&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=31492&r=0&ww=1252&u=http%3A%2F%2Fynn.tsms2.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=1825104954&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=31492&r=0&ww=1252&u=http%3A%2F%2Fynn.tsms2.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 20:18:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7346E15F4FC2B64B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b6bc30ca3d5411774e8fa37354d8a7b7
2078cfa752e0ac2e09e6abf13ef2b01fecc8beb4
327a90351898b2912754273c43e0bfd6e29948641d3a97a7bec5c0f8b31957a7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 05:12:56 GMT
Expires: Sun, 04 Dec 2022 05:12:55 GMT
Etag: "2078cfa752e0ac2e09e6abf13ef2b01fecc8beb4"
Cache-Control: max-age=463486,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7715ca80dbf6b521-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6450b8c8d395deccee438fd3d2235023
20d5f10297f406e00bd84990562580d1c0cb4e11
469e061907f2688d238373d4902dfbb9d855bf23b3025a09f2ca961e52aa5fac
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:53:47 GMT
Expires: Fri, 02 Dec 2022 12:53:46 GMT
Etag: "20d5f10297f406e00bd84990562580d1c0cb4e11"
Cache-Control: max-age=318337,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7715ca80fffeb509-OSL
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/biq2pyxgzmz1337biq2pyxgzmz046418.jpg
104.22.12.214200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/biq2pyxgzmz1337biq2pyxgzmz046418.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 04ae7c8896aa8fdb1d9336871dcd94ec
512dbbc7904195b2aef805189b8a7cfa0233f2b1
7ea8a722e0837e4652983275b2fd941d0db8ee04768fd5b7813b09e8a6df1683
GET /upload/vod/2022/11-28/13/biq2pyxgzmz1337biq2pyxgzmz046418.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 4534
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6716
content-disposition: inline; filename="biq2pyxgzmz1337biq2pyxgzmz046418.webp"
etag: "63844900-1a3c"
last-modified: Mon, 28 Nov 2022 05:37:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f5e0f0b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/wra5bqknibj1336wra5bqknibj436402.jpg
104.22.12.214200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/wra5bqknibj1336wra5bqknibj436402.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 678e1673bdad286e19d70af8d3ff8208
18daf0b2d834162eec3b68b30edb113881fa7535
7cb61f96c61580fe3985063e429f77ca151ffd91949a7a12124b6670eec718ed
GET /upload/vod/2022/11-28/13/wra5bqknibj1336wra5bqknibj436402.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 6390
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7619
content-disposition: inline; filename="wra5bqknibj1336wra5bqknibj436402.webp"
etag: "638448eb-1dc3"
last-modified: Mon, 28 Nov 2022 05:36:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f5e0c0b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/zifqmcf5thj1337zifqmcf5thj056420.jpg
104.22.12.214200 OK 6.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/zifqmcf5thj1337zifqmcf5thj056420.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b81d6a69d6066dfecab237ff328f8692
eb2b5a11c4e100f84f4f3d953bb112f81ca5aa6d
4b0ac511812ad98ab64f64b7c9d50fbcc2cfa2a9c3f214e478d25dd9787581a7
GET /upload/vod/2022/11-28/13/zifqmcf5thj1337zifqmcf5thj056420.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 6582
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7774
content-disposition: inline; filename="zifqmcf5thj1337zifqmcf5thj056420.webp"
etag: "63844901-1e5e"
last-modified: Mon, 28 Nov 2022 05:37:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f5e120b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/zzkzao5vzqj1336zzkzao5vzqj446404.jpg
104.22.12.214200 OK 5.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/zzkzao5vzqj1336zzkzao5vzqj446404.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65d48a44e7a6e7c75e13e5a0e48a9499
8711d4f93eb6c1f4819e99f9245babaa0a1b0315
b4d532770687de782423efbe84fba80d7c5071a4417bf34c89886fbc3793c74c
GET /upload/vod/2022/11-28/13/zzkzao5vzqj1336zzkzao5vzqj446404.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 5760
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6787
content-disposition: inline; filename="zzkzao5vzqj1336zzkzao5vzqj446404.webp"
etag: "638448ec-1a83"
last-modified: Mon, 28 Nov 2022 05:36:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f6e1c0b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/vqzfo2tmggj1336vqzfo2tmggj466408.jpg
104.22.12.214200 OK 9.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/vqzfo2tmggj1336vqzfo2tmggj466408.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 64d4732e726a79193fabf84ada97ff96
e02aea2cb7a841591e75318fabac41fd42c3ab84
edbf33e51dc34de6d6e55d344bbd58ba94be5f13cef10b8fcf9b80b1680712ee
GET /upload/vod/2022/11-28/13/vqzfo2tmggj1336vqzfo2tmggj466408.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 9210
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10111
content-disposition: inline; filename="vqzfo2tmggj1336vqzfo2tmggj466408.webp"
etag: "638448ee-277f"
last-modified: Mon, 28 Nov 2022 05:36:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f6e230b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/rkqv0cw43wv1337rkqv0cw43wv066422.jpg
104.22.12.214200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/rkqv0cw43wv1337rkqv0cw43wv066422.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e4dd6122fa96e67bdd827ac3f6382eb
a1b0c2542396400f809351125c7b83ad72c05b23
d683bc82e9004d1013205fa7e0741636972a55617b2b6661c1a2a3eae04f6973
GET /upload/vod/2022/11-28/13/rkqv0cw43wv1337rkqv0cw43wv066422.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 5972
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7178
content-disposition: inline; filename="rkqv0cw43wv1337rkqv0cw43wv066422.webp"
etag: "63844902-1c0a"
last-modified: Mon, 28 Nov 2022 05:37:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f5e130b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/gh2kmjyepea1337gh2kmjyepea036416.jpg
104.22.12.214200 OK 7.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/gh2kmjyepea1337gh2kmjyepea036416.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b375e2c89b155742f36c8beed3a4bce
060f518170e28917486cf0be6a75a2c8c8d876ee
08f6d6cdafbad536380cc14365bf409499ec66cda8096f8866dd0ec177c81043
GET /upload/vod/2022/11-28/13/gh2kmjyepea1337gh2kmjyepea036416.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 7312
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8381
content-disposition: inline; filename="gh2kmjyepea1337gh2kmjyepea036416.webp"
etag: "638448ff-20bd"
last-modified: Mon, 28 Nov 2022 05:37:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f5e0e0b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/m1d13uf1zb41336m1d13uf1zb4456406.jpg
104.22.12.214200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/m1d13uf1zb41336m1d13uf1zb4456406.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 78143d81a6410cdb4abbfc3c275549ec
827419c5fece0b1e0f715920e77bce2e103526d8
e6fb586bce18e0e1e4e21e4869be7ee3f1ce196eca8b25c37b40500f8a4e02fd
GET /upload/vod/2022/11-28/13/m1d13uf1zb41336m1d13uf1zb4456406.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 7536
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8575
content-disposition: inline; filename="m1d13uf1zb41336m1d13uf1zb4456406.webp"
etag: "638448ed-217f"
last-modified: Mon, 28 Nov 2022 05:36:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f6e240b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/soirtimtdke1337soirtimtdke026414.jpg
104.22.12.214200 OK 7.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/soirtimtdke1337soirtimtdke026414.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f0217931c4d1bb964fd5d4d7493dadf0
f9e0491614b1862707d4d1e9dd984e43c31d0380
6f656ca80ada7782c2a11f5761f6eef09e95503e330312a674c6e3704c611d85
GET /upload/vod/2022/11-28/13/soirtimtdke1337soirtimtdke026414.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 7788
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8803
content-disposition: inline; filename="soirtimtdke1337soirtimtdke026414.webp"
etag: "638448fe-2263"
last-modified: Mon, 28 Nov 2022 05:37:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f5e0d0b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/ruqs4y0lwb21336ruqs4y0lwb2476410.jpg
104.22.12.214200 OK 5.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/ruqs4y0lwb21336ruqs4y0lwb2476410.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f3d04d9a2b26a3c1996ba1874c5cd0b8
9026278079b04c7721a2898714e77f593145b5dc
498d32e1061cf91d1cdba57499253509afb2981a99bf7e7d34bd6cab5ddf3c56
GET /upload/vod/2022/11-28/13/ruqs4y0lwb21336ruqs4y0lwb2476410.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 5002
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6974
content-disposition: inline; filename="ruqs4y0lwb21336ruqs4y0lwb2476410.webp"
etag: "638448ef-1b3e"
last-modified: Mon, 28 Nov 2022 05:36:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f6e1e0b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/hkfymyqeyzo1337hkfymyqeyzo016412.jpg
104.22.12.214200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/hkfymyqeyzo1337hkfymyqeyzo016412.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b6a1b75fdbbbc62b67e20adec964b32
6b0c0d95e5d3efe3a2f3239a60098b3aed49f8fc
ce448ff141fe27bda993185d3d36282d01a4782938314109462bcc10be79726e
GET /upload/vod/2022/11-28/13/hkfymyqeyzo1337hkfymyqeyzo016412.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 7068
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7950
content-disposition: inline; filename="hkfymyqeyzo1337hkfymyqeyzo016412.webp"
etag: "638448fd-1f0e"
last-modified: Mon, 28 Nov 2022 05:37:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f6e210b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/f2vx3skhukb1337f2vx3skhukb076424.jpg
104.22.12.214200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/f2vx3skhukb1337f2vx3skhukb076424.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 279795da51e95bb9f0ccbffd7aa9d23e
20515c99db3fb036d2563714ba6ee8e4bcca33c5
9f378be30e3c48ef6c7044cafb4016506c4a0962287f9faf18c2780422a77350
GET /upload/vod/2022/11-28/13/f2vx3skhukb1337f2vx3skhukb076424.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 8372
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8965
content-disposition: inline; filename="f2vx3skhukb1337f2vx3skhukb076424.webp"
etag: "63844903-2305"
last-modified: Mon, 28 Nov 2022 05:37:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca7f5e170b06-OSL
X-Firefox-Spdy: h2
ynn.tsms2.top/template/m1938pc/ads/6.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/6.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/6.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b19592c48b0246eaac8c1fdb93b729ff
72b7aad349897ff050ecb53a9cccf1e861a8f085
a4c74757431adcc78e32e5ae392ea295100f8469ab2d13eee217c55e4a332d8e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 11:18:43 GMT
Expires: Fri, 02 Dec 2022 11:18:42 GMT
Etag: "72b7aad349897ff050ecb53a9cccf1e861a8f085"
Cache-Control: max-age=312633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7715ca80cd271c0e-OSL
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/fbdxipfogzc1337fbdxipfogzc126436.jpg
104.22.12.214200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/fbdxipfogzc1337fbdxipfogzc126436.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3cda3f090ea670616a74fe0e1c333bf2
23861d951afaae3b2fab3cb133eca0d668f83613
f320c403bfec4842f5212091d5ab1ea8de8185817682d856aaabade7d5771fab
GET /upload/vod/2022/11-28/13/fbdxipfogzc1337fbdxipfogzc126436.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 8618
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9718
content-disposition: inline; filename="fbdxipfogzc1337fbdxipfogzc126436.webp"
etag: "63844908-25f6"
last-modified: Mon, 28 Nov 2022 05:37:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 263
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca8229890b06-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5e55977e9041a271cd8a46b7a0e3940f
67b861915c6129d21f7bc7a65727eb07986b8383
b5e2be457cd15cb9c8e369bb2da790d25d174a19e58ae7a4942111e52a8eafad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 03:27:09 GMT
Expires: Sun, 04 Dec 2022 03:27:08 GMT
Etag: "67b861915c6129d21f7bc7a65727eb07986b8383"
Cache-Control: max-age=457139,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7715ca80fccfb500-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash e904e4a0fa96604bc27739943c46f73d
10e51a8174661946b79ee0b0b829951a8847aba7
337a539caa7f0cf8c999fcce8776ff7de326338aedac55caa124a18b5b693655
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 16:44:16 GMT
ETag: "10e51a8174661946b79ee0b0b829951a8847aba7"
Last-Modified: Mon, 28 Nov 2022 16:44:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 927
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7715ca830a9fb4f7-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1fbb7f61e76866ea359f7919c12bef99
e60b44b493885b9e3bfcd727a512d8fded812887
87e51cc1ada762613fa8ddea12a61e0bfc1056f679cc8f7e4a464e4a6e77861a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 03:39:04 GMT
Expires: Sun, 04 Dec 2022 03:39:03 GMT
Etag: "e60b44b493885b9e3bfcd727a512d8fded812887"
Cache-Control: max-age=457854,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7715ca830b96b509-OSL
ynn.tsms2.top/template/m1938pc/ads/7.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/7.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/7.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc17bd94df3f1cb89d9f6ecec3395cdc
84767b3aa545724c32214690676c540047a5c5b0
69bdca54e3b62bce483cd79b8c689a14ac889bc1ffa4356b45544b575018ce81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69BDCA54E3B62BCE483CD79B8C689A14AC889BC1FFA4356B45544B575018CE81"
Last-Modified: Sun, 27 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12496
Expires: Mon, 28 Nov 2022 23:46:24 GMT
Date: Mon, 28 Nov 2022 20:18:08 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash e053ed8d426c334af5f866a5546149e1
690239b69989ef7846ec8e0475e5a7968db53373
dcb731865e0605ba3f90259d572808f5c0e0da7019f360d68688b23847134135
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 18:15:49 GMT
ETag: "690239b69989ef7846ec8e0475e5a7968db53373"
Last-Modified: Mon, 28 Nov 2022 18:15:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2893
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7715ca83fd48b4f7-OSL
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/z5cnhhffkc21337z5cnhhffkc2116432.jpg
104.22.12.214200 OK 5.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/z5cnhhffkc21337z5cnhhffkc2116432.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 979c63dcf73da57e4b809f0e298513a1
8f1c81bf0795a67519c77e6d5ed80c51ff8790fd
7e7d577b8cc0e63fe1ac6e5baa8970602140212d10c17d8c33a5bf739e3c034d
GET /upload/vod/2022/11-28/13/z5cnhhffkc21337z5cnhhffkc2116432.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 5884
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8088
content-disposition: inline; filename="z5cnhhffkc21337z5cnhhffkc2116432.webp"
etag: "63844907-1f98"
last-modified: Mon, 28 Nov 2022 05:37:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca8229840b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/jx1zni3hbpp1337jx1zni3hbpp126434.jpg
104.22.12.214200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/jx1zni3hbpp1337jx1zni3hbpp126434.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8f8fc385d18ed906263dab09f280cf8
29307dd53a1ce2f462d5f24106de21273ee3d71c
5a7b9309b314c7779f84ecf681af5b1533fd501bdd86ba73c35bbd3b6e92a204
GET /upload/vod/2022/11-28/13/jx1zni3hbpp1337jx1zni3hbpp126434.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 7716
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8926
content-disposition: inline; filename="jx1zni3hbpp1337jx1zni3hbpp126434.webp"
etag: "63844908-22de"
last-modified: Mon, 28 Nov 2022 05:37:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca8229870b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/pdouzskgahn1337pdouzskgahn086426.jpg
104.22.12.214200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/pdouzskgahn1337pdouzskgahn086426.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d9937c3e2aab9fe6808335add2fcd8ce
b339dbd376298be0d7ed321ef4192cbd55420231
6e1ca55d8deda262d1d76346294860e7917ccb18b84f1051685c97bfe04f7d0b
GET /upload/vod/2022/11-28/13/pdouzskgahn1337pdouzskgahn086426.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 7184
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8626
content-disposition: inline; filename="pdouzskgahn1337pdouzskgahn086426.webp"
etag: "63844904-21b2"
last-modified: Mon, 28 Nov 2022 05:37:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca8219760b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/1jql54fywwj13371jql54fywwj106430.jpg
104.22.12.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/1jql54fywwj13371jql54fywwj106430.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a90fdd79c523bbf73db12f5c9545fbe
42aab6d0cf7b02d22bf84831e9f1af4928109aec
33cdf7591ef8683e8e830707cdc8b2564ea40a83d8bd39521ef77018c240e072
GET /upload/vod/2022/11-28/13/1jql54fywwj13371jql54fywwj106430.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 8698
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9883
content-disposition: inline; filename="1jql54fywwj13371jql54fywwj106430.webp"
etag: "63844906-269b"
last-modified: Mon, 28 Nov 2022 05:37:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca8229810b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/l432zekapwn1337l432zekapwn096428.jpg
104.22.12.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/l432zekapwn1337l432zekapwn096428.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1be853a56372d31df2de7c0090643fc8
4d8466e459013861a6e31254032119a821b6b84a
f0ce9d820575ad38965af536db13de606c6e7235b0ed8234961f169d270e506a
GET /upload/vod/2022/11-28/13/l432zekapwn1337l432zekapwn096428.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 6944
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8146
content-disposition: inline; filename="l432zekapwn1337l432zekapwn096428.webp"
etag: "63844905-1fd2"
last-modified: Mon, 28 Nov 2022 05:37:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca82297d0b06-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash eceb80e0cc6d0bf508d07eb6ca1815cd
59cc8072a5f6f157d18ef32bee9c09bf4bddb504
170807983ebafae8a64338433ed0d1de2e175e39e859cb8cd10b474ea8c05fa8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5957
Cache-Control: max-age=98174
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:18:08 GMT
Etag: "6383dcba-2d7"
Expires: Tue, 29 Nov 2022 23:34:22 GMT
Last-Modified: Sun, 27 Nov 2022 21:55:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 727
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b18b5da0170c02161720b237b11521da
d923bb1d21c80b24212c2676c4d5b55b290c79a0
741f04dc02eac3466b19c5148e31cd0734b90bd25432e510fea3d1488d5fc4fe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 04:52:22 GMT
Expires: Mon, 05 Dec 2022 04:52:21 GMT
Etag: "d923bb1d21c80b24212c2676c4d5b55b290c79a0"
Cache-Control: max-age=548652,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7715ca80da7e1c06-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
47.246.44.231200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
IP 47.246.44.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 21 Oct 2022 10:44:11 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:58:09 GMT
nw-session-id: 202210211458090102080352141D4BD2FDd8djs02dy
nw-session-trace: 2022-10-21T14:58:09.500113241+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:58:09 GMT
x-tt-logid: 202210211458090102080352141D4BD2FD
via: n150-056-037, cache10.l2de2[0,0,206-0,H], cache21.l2de2[0,0], cache21.l2de2[1,0], cache2.se1[0,0,200-0,H], cache8.se1[5,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=5
x-tt-trace-host: 01cbee9379081dede4563ed816372eaed9e22e817cb6a172f5515b36a1d0b0b16b0992519978341c8c47dea2460ef9488fea2a1af46ef3a756f47ed19c1f3caa455c050d0adbbab5c58656198a7c70892c0a0b1880236b0a5587be96287d217bf8
x-response-lb: image
ali-swift-global-savetime: 1666349051
age: 3317637
x-cache: HIT TCP_MEM_HIT dirn:3:96481635
x-swift-savetime: Fri, 21 Oct 2022 10:50:02 GMT
x-swift-cachetime: 31535649
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16696666887156501e
X-Firefox-Spdy: h2
ynn.tsms2.top/template/m1938pc/ads/8.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/8.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/8.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cc395115151e2948866f38f0e30dd454
1c2def5cc3947ceba47199edaccbbd2024c68429
d8c58a3cca7fc54552b46d64b49144588def98bc925f8ab2bd1ec409b45554ba
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 15:45:39 GMT
Expires: Fri, 02 Dec 2022 15:45:38 GMT
Etag: "1c2def5cc3947ceba47199edaccbbd2024c68429"
Cache-Control: max-age=328649,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7715ca830835b521-OSL
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/kdssmlvdbv51337kdssmlvdbv5136438.jpg
104.22.12.214200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/kdssmlvdbv51337kdssmlvdbv5136438.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd439f0f926fef8806ef326315821dcf
9c7cecc4e40cd76ede8bb71ca66f6f21558cac96
2e757053680d3470df2a549835344c1344536d4ac36a90269b78e3ce6e93e6b5
GET /upload/vod/2022/11-28/13/kdssmlvdbv51337kdssmlvdbv5136438.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 8654
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9948
content-disposition: inline; filename="kdssmlvdbv51337kdssmlvdbv5136438.webp"
etag: "63844909-26dc"
last-modified: Mon, 28 Nov 2022 05:37:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 263
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca856dbb0b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/sex4higml3v1337sex4higml3v146440.jpg
104.22.12.214200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/sex4higml3v1337sex4higml3v146440.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c19497aaa8536ecebb8b8271e3341e63
3ef40f1a295daa27369b9aa9e373f2456940772c
99d17b579fd95b4bbfecef4ca3515e9410834214ac53fa387a14d9fd774dce11
GET /upload/vod/2022/11-28/13/sex4higml3v1337sex4higml3v146440.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/jpeg
content-length: 10606
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11100, status=webp_bigger
etag: "6384490a-2b5c"
last-modified: Mon, 28 Nov 2022 05:37:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 263
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7715ca856dbf0b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/oovsempbwbj1337oovsempbwbj156442.jpg
104.22.12.214200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/oovsempbwbj1337oovsempbwbj156442.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 157f95b46862af018b3271613188190e
bd7fbb9ba37b89f40774188df880fbb84a3bd9b7
b37a267c41c01c5e5f49e75ca5e06744a942e5b391777e1a0075b5d2d05b70d3
GET /upload/vod/2022/11-28/13/oovsempbwbj1337oovsempbwbj156442.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 6444
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7360
content-disposition: inline; filename="oovsempbwbj1337oovsempbwbj156442.webp"
etag: "6384490b-1cc0"
last-modified: Mon, 28 Nov 2022 05:37:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 263
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca856dc40b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/lln52cojz3p1337lln52cojz3p166444.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/lln52cojz3p1337lln52cojz3p166444.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 2807c331428ca09cf501effb5e165a54
4905b3b20362065794226f43b0388cd59a1bbf4c
a42c1a5eafba9fabf0f2bd40040b2ed69508c7866a9b51b9117064603678e511
GET /upload/vod/2022/11-28/13/lln52cojz3p1337lln52cojz3p166444.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/jpeg
content-length: 10004
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10457, status=webp_bigger
etag: "6384490c-28d9"
last-modified: Mon, 28 Nov 2022 05:37:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 262
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7715ca856dc80b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/keb352u0aqy1337keb352u0aqy176446.jpg
104.22.12.214200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/keb352u0aqy1337keb352u0aqy176446.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d0592c6a1b194fae0045a0afcd6f01bd
9b5e46eeafd1da95775015d48bf9a181d8705530
8f4ab7669b127ce76481a8da7ae8343c83bc7b9ecdb1d7945746a3182d4d97ae
GET /upload/vod/2022/11-28/13/keb352u0aqy1337keb352u0aqy176446.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 8530
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9489
content-disposition: inline; filename="keb352u0aqy1337keb352u0aqy176446.webp"
etag: "6384490d-2511"
last-modified: Mon, 28 Nov 2022 05:37:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 262
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca856dce0b06-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash cc395115151e2948866f38f0e30dd454
1c2def5cc3947ceba47199edaccbbd2024c68429
d8c58a3cca7fc54552b46d64b49144588def98bc925f8ab2bd1ec409b45554ba
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 15:45:39 GMT
Expires: Fri, 02 Dec 2022 15:45:38 GMT
Etag: "1c2def5cc3947ceba47199edaccbbd2024c68429"
Cache-Control: max-age=328649,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7715ca844a3a1c0e-OSL
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/h32h4u3ji5p1337h32h4u3ji5p186448.jpg
104.22.12.214200 OK 8.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/h32h4u3ji5p1337h32h4u3ji5p186448.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f648b252e22c6a053a6f4c9269825d8
8a2eacd8f6ee5e5d9a3ae793ba50627b6f92a552
603f7a27fa859494796e0fef9ca802b2ea6614bce01fc30a4cf01a1a93ac729c
GET /upload/vod/2022/11-28/13/h32h4u3ji5p1337h32h4u3ji5p186448.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/webp
content-length: 8056
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8529
content-disposition: inline; filename="h32h4u3ji5p1337h32h4u3ji5p186448.webp"
etag: "6384490e-2151"
last-modified: Mon, 28 Nov 2022 05:37:18 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 263
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca857dd20b06-OSL
X-Firefox-Spdy: h2
u1010.com/4b3c4c0b91ab44a293f636576b61f61d.gif
103.170.15.45200 OK 269 kB URL HTTP/2 u1010.com/4b3c4c0b91ab44a293f636576b61f61d.gif
IP 103.170.15.45:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 269 kB (268903 bytes)
Hash d60a666b8a2b332244f82df2f7c985b7
ef8e353e1202ec391da338e5dbdea6796e579de3
f06bf9345b4c684ab9b191073da5134b2b76cd0c5196427aa69c509e675e4bd6
GET /4b3c4c0b91ab44a293f636576b61f61d.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6378c9eb-41a67"
server: nginx
date: Mon, 28 Nov 2022 09:18:37 GMT
content-type: image/gif
last-modified: Sat, 19 Nov 2022 12:19:55 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-35
content-length: 268903
X-Firefox-Spdy: h2
u1102.com/214791aa005b4c46b6a9f04058cfb808.gif
45.61.212.171200 OK 322 kB URL HTTP/2 u1102.com/214791aa005b4c46b6a9f04058cfb808.gif
IP 45.61.212.171:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 322 kB (322130 bytes)
Hash 6e9a6af4964e174da5597e2be162e59c
a75f9890ad7e1334f11b4dbe0da134266d78e329
b43e284062fe514e5108a9c8601616ea2771a2d64a3b32644ae7adea063599d3
GET /214791aa005b4c46b6a9f04058cfb808.gif HTTP/1.1
Host: u1102.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364e2f0-4ea52"
server: nginx
date: Mon, 28 Nov 2022 15:52:21 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 10:01:20 GMT
accept-ranges: bytes
x-cache: HIT from cloud-us5-cdnb-11
content-length: 322130
X-Firefox-Spdy: h2
u1022.com/8e5c0e404b9b4ccfbf1a21cc4b180b59.gif
103.170.15.58200 OK 66 kB URL HTTP/2 u1022.com/8e5c0e404b9b4ccfbf1a21cc4b180b59.gif
IP 103.170.15.58:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 300 x 220\012- data
Hash 45c27704a7e5bf04a6ee9ca43a4a5710
30c46b532a8fad2580b72262df8233f9f3d92eac
784d9eae2229b2cb0aaf6ec5c3db20652d4046d2db82611b9ae293b61de4affb
GET /8e5c0e404b9b4ccfbf1a21cc4b180b59.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff68-10124"
server: nginx
date: Fri, 04 Nov 2022 20:08:06 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:02:48 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-48
content-length: 65828
X-Firefox-Spdy: h2
ynn.tsms2.top/template/m1938pc/ads/9.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/9.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/9.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
n0544.com/cadfaad6bf3a48caadd756dfd170308c.gif
20.222.167.138200 OK 106 kB URL HTTP/1.1 n0544.com/cadfaad6bf3a48caadd756dfd170308c.gif
IP 20.222.167.138:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Size 106 kB (106506 bytes)
Hash 6d54569d13361f2790967b7e4121586e
9536ee76ac74f72529df2def312ff0ec014bcf29
9423946c26a250564157b32a00e6716649ef7e761e2f5cf826dbb83c532f3194
GET /cadfaad6bf3a48caadd756dfd170308c.gif HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 04 Nov 2022 10:01:44 GMT
ETag: W/"6364e308-71fb4"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u1044.com/c0ea67357fab443e9f882a89c29f0f29.gif
103.170.15.58200 OK 376 kB URL HTTP/2 u1044.com/c0ea67357fab443e9f882a89c29f0f29.gif
IP 103.170.15.58:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 376 kB (375501 bytes)
Hash 3cc130e8c73445ee88904b1d2945a002
ea12d90d3525af1eef53258ce9681b0093cf717e
29c94fe20be25178fb7896728930c7857d8f7db1e223295be8acf0fd4de68936
GET /c0ea67357fab443e9f882a89c29f0f29.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff5a-5bacd"
server: nginx
date: Mon, 28 Nov 2022 09:05:23 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:02:34 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-48
content-length: 375501
X-Firefox-Spdy: h2
88883aaa.com/2fd1ff8304ce4683ad375e9c692230a2.gif
103.170.15.89200 OK 636 kB URL HTTP/1.1 88883aaa.com/2fd1ff8304ce4683ad375e9c692230a2.gif
IP 103.170.15.89:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 120\012- data
Size 636 kB (635680 bytes)
Hash 1cb325d5859a93c29e41953b1089d4ef
ba867d7f6fd51ccf98e3e62b3786b109198ed236
903053e8dc64064819c2c30f1672015877d8cf7f5f2e7ca70ba8060ddda4b8fb
GET /2fd1ff8304ce4683ad375e9c692230a2.gif HTTP/1.1
Host: 88883aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637727c3-9b320"
Date: Sun, 27 Nov 2022 12:14:35 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 18 Nov 2022 06:35:47 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-19
Content-Length: 635680
ynn.tsms2.top/template/m1938pc/ads/10.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 ynn.tsms2.top/template/m1938pc/ads/10.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/10.js HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 20:18:09 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/1do1pfer45c13371do1pfer45c196450.jpg
104.22.12.214200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/1do1pfer45c13371do1pfer45c196450.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fce1c7456ea9ed20de791aa248d1252a
b00bedc9757cd8cd951af595c3ff4e802fc8a900
8e570722f88e4c94fc1d3730f47d09e91410fc2d7dab03f01db2d03072f2a266
GET /upload/vod/2022/11-28/13/1do1pfer45c13371do1pfer45c196450.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:09 GMT
content-type: image/webp
content-length: 6914
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8198
content-disposition: inline; filename="1do1pfer45c13371do1pfer45c196450.webp"
etag: "6384490f-2006"
last-modified: Mon, 28 Nov 2022 05:37:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 263
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca88ba750b06-OSL
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6258804
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Mon, 28 Nov 2022 20:18:09 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
mt66g.com/image/c960X160.gif
23.224.145.198200 OK 226 kB URL HTTP/2 mt66g.com/image/c960X160.gif
IP 23.224.145.198:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 226 kB (226350 bytes)
Hash dc050a09c8f91b6a1cd31f0e14a26f82
cd2aeab9db3c276e676bf0c7f32bf18059c6b522
335eab09ae4eccb826c619213a55977bf822b21117d2b4c7d6ffe5831c327163
GET /image/c960X160.gif HTTP/1.1
Host: mt66g.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:08 GMT
content-type: image/gif
content-length: 226350
last-modified: Mon, 24 Oct 2022 09:26:09 GMT
etag: "63565a31-3742e"
expires: Fri, 23 Dec 2022 09:27:20 GMT
cache-control: max-age=2592000
server: dns
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
u1077.com/6ba61e82d9854d649a1c65d94346189b.gif
103.170.15.58200 OK 297 kB URL HTTP/2 u1077.com/6ba61e82d9854d649a1c65d94346189b.gif
IP 103.170.15.58:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 297 kB (297356 bytes)
Hash e63728bfd7747ecc0a25bfdb2b851365
9e5716e96d0685245024cb501a8897e87717ce6e
3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6
GET /6ba61e82d9854d649a1c65d94346189b.gif HTTP/1.1
Host: u1077.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff89-4898c"
server: nginx
date: Fri, 25 Nov 2022 20:56:30 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:03:21 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-48
content-length: 297356
X-Firefox-Spdy: h2
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash e872de12ba5b29656bc805990ff0c373
1b51195a4359ae991406cbf9fd7cbdedcd16e502
181db6d8abf752804f4bb939ab330214b6fcfec0998051c64acce4ee3df8f499
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3759
Cache-Control: max-age=134850
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 20:18:09 GMT
Etag: "63847494-1d7"
Expires: Wed, 30 Nov 2022 09:45:39 GMT
Last-Modified: Mon, 28 Nov 2022 08:43:00 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/uc0naxwnv2d1337uc0naxwnv2d266452.jpg
104.22.12.214200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/uc0naxwnv2d1337uc0naxwnv2d266452.jpg
IP 104.22.12.214:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 20d4aa3716d979ecd11f2d9506854095
60f95d7303f038e284a463828e43b4002d44be12
280b2fc5df3f6e1ddfb0962425da77fcfd66884e42fe45abb75eca7439312a6a
GET /upload/vod/2022/11-28/13/uc0naxwnv2d1337uc0naxwnv2d266452.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:09 GMT
content-type: image/jpeg
content-length: 10443
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11019, status=webp_bigger
etag: "63844916-2b0b"
last-modified: Mon, 28 Nov 2022 05:37:26 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7715ca88ba7d0b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/eeqzt3p531c1337eeqzt3p531c286456.jpg
104.22.12.214200 OK 2.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/eeqzt3p531c1337eeqzt3p531c286456.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 19fe01c6e321972a0dac9b7d37834109
9da8e6f0722e48c04e24b6870db15e7f1afb2d0f
009dfca0e13dfedd60de4409885e96c216f99985944c36476627a96d5fd17791
GET /upload/vod/2022/11-28/13/eeqzt3p531c1337eeqzt3p531c286456.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:09 GMT
content-type: image/webp
content-length: 2496
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5429
content-disposition: inline; filename="eeqzt3p531c1337eeqzt3p531c286456.webp"
etag: "63844918-1535"
last-modified: Mon, 28 Nov 2022 05:37:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca88ca930b06-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/yxzudw44kuh1337yxzudw44kuh276454.jpg
104.22.12.214200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/yxzudw44kuh1337yxzudw44kuh276454.jpg
IP 104.22.12.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 582183bc4ef5f6270da96c5714a95967
6188642c0c2a317400cea92dfd570f215c5d95e2
f154e41a6011fa6c73cc3fc1b525b54349daa53365ddc7c963c3c71ebf8bf536
GET /upload/vod/2022/11-28/13/yxzudw44kuh1337yxzudw44kuh276454.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:09 GMT
content-type: image/webp
content-length: 8386
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9155
content-disposition: inline; filename="yxzudw44kuh1337yxzudw44kuh276454.webp"
etag: "63844917-23c3"
last-modified: Mon, 28 Nov 2022 05:37:27 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7715ca88ca890b06-OSL
X-Firefox-Spdy: h2
ynn.tsms2.top/api.php/timming/index?t=0.30023098516842994
122.10.27.117200 OK 114 B URL HTTP/1.1 ynn.tsms2.top/api.php/timming/index?t=0.30023098516842994
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with no line terminators
Hash 88c2c3b7020632d02d5a4cd2b4744913
1c6310246b7df2189ae850d1e19d27f18e2fdb6a
3e2c07c4a4b5218545cc97bfe5b42934ab9f214fdb8d20ee7e102b1b70cf0153
GET /api.php/timming/index?t=0.30023098516842994 HTTP/1.1
Host: ynn.tsms2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ynn.tsms2.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 20:18:09 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=js855cdqkmagle7jcekq1nj6oj; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
185.10.104.115200 OK 159 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 159 kB (158841 bytes)
Hash 0fe2b657af16774b05246565ba38f750
f462d3e76599f914aa520aee1f9b022b2cf4c20d
09bf9bfc931fb7f7148485fdd621fb2894388da405c46230d6584f3e213f878d
GET /bjh/0fe2b657af16774b05246565ba38f750.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 28 Nov 2022 20:18:09 GMT
content-type: image/gif
content-length: 158841
expires: Sun, 06 Nov 2022 14:31:54 GMT
last-modified: Fri, 06 May 2022 07:12:41 GMT
etag: "0fe2b657af16774b05246565ba38f750"
age: 1227676
accept-ranges: bytes
content-md5: D+K2V68Wd0sFJGVlujj3UA==
x-bce-content-crc32: 1847957523
x-bce-debug-id: LkDe7ELpS/HFvbW7rsucaCF0I6lETOythvYbJ4tPO3z/Ol3FG0dfLOEbH2JfEEROliO4yOGwGb/QtdL2Bye0zw==
x-bce-request-id: ea667217-d061-40f8-b1c5-0acc4524f7d2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 03 Nov 2022 14:31:54 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [3], czix243 [1]
ohc-file-size: 158841
x-cache-status: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 82927611a8c787e7be944e85b926e59f
33a982a4cc16216dc0da624cbc7ac7e304458a85
47eb83f37816ea6ca6470c3d59a7833199821d45e0ba5752ffd181d02f048bc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47EB83F37816EA6CA6470C3D59A7833199821D45E0BA5752FFD181D02F048BC5"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15126
Expires: Tue, 29 Nov 2022 00:30:16 GMT
Date: Mon, 28 Nov 2022 20:18:10 GMT
Connection: keep-alive
hm.baidu.com/hm.js?adcca6f1017c682dc84c135157a96e7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?adcca6f1017c682dc84c135157a96e7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash 5ed499a957b12fb118abd0c757afd342
a3240e429cd60462cd3fb4070cd807f812a49315
28222a268ca4e964c3aa6c5410f41551654a548b0b1d31d46dfb6a50a447715e
GET /hm.js?adcca6f1017c682dc84c135157a96e7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11261
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 20:18:09 GMT
Etag: b4e518dcd22fab6f9224a79ba471182d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C8F47DC2756A9F92; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
211.152.148.44200 OK 1.1 MB URL HTTP/2 p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
IP 211.152.148.44:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 1.1 MB (1086086 bytes)
Hash fe1357abf524bc560d11e4af8beddaf9
175486b7fa4830246014f760a759f4aacf460b7c
fac07ee4c01eab6eeb7c10dbaca74fbfde9a4dbfc0fa88325cf32ecdc405603a
GET /dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif HTTP/1.1
Host: p1.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 20:18:09 GMT
content-type: image/gif
content-length: 1086086
server: NWS_Oversea_AP
cache-control: max-age=5184000
expires: Fri, 27 Jan 2023 20:18:08 GMT
last-modified: Fri, 06 Jan 2023 02:12:34 GMT
x-nws-log-uuid: 29feb73d-4a2c-41b4-8dc4-8b381dd2bbdb
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-nws-uuid-verify: cc071a6f9f823c40073205cbcbcfc590
m-traceid: 9vdrgg3fvl9uw4gwn4ip
age: 1116376
timing-allow-origin: *
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
X-Firefox-Spdy: h2
vgvjkw.com/e56118d487df470a95ed3ab64d8647ff.gif
103.189.109.76200 OK 286 kB URL HTTP/2 vgvjkw.com/e56118d487df470a95ed3ab64d8647ff.gif
IP 103.189.109.76:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 286 kB (285785 bytes)
Hash 92285e93786dd0e69700a7b81ee67d1e
a9026bec9dc218806e865b3643d5fbe9a94f4edb
9f02528d2edc78634ebfd71d3c682cd679682715dc20afb446b9c8b5c26e1ae1
GET /e56118d487df470a95ed3ab64d8647ff.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "635b961a-45c59"
server: nginx
date: Mon, 28 Nov 2022 06:27:50 GMT
content-type: image/gif
last-modified: Fri, 28 Oct 2022 08:43:06 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-066
content-length: 285785
X-Firefox-Spdy: h2
768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
120.77.166.19200 OK 264 kB URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 28 Nov 2022 20:18:09 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63851781B800053436EB7B97
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=480629910&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=31494&r=0&ww=1252&u=http%3A%2F%2Fynn.tsms2.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=480629910&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=31494&r=0&ww=1252&u=http%3A%2F%2Fynn.tsms2.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=480629910&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.3.0&lv=1&sn=31494&r=0&ww=1252&u=http%3A%2F%2Fynn.tsms2.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 20:18:10 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=042C785EAF88E6E5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZJu4cMNnQTavxqB1MnRFluzfZC59BcUnIHgXh9h6LJWYgsFL83rHoQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 16:15:25 GMT
age: 14565
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
47.75.19.45200 OK 251 kB URL HTTP/1.1 sezantp.oss-cn-hongkong.aliyuncs.com/3658-365-960x80.gif
IP 47.75.19.45:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 251 kB (250863 bytes)
Hash 146302635db0d447d3779d91b77d8389
281b62ad456eee28791ca926602b14ac6e84d9d7
efd5d5f699b6633ef18e5bb91fe5fd45604d6648f7249bfb1b5a29acc7b9f9b2
GET /3658-365-960x80.gif HTTP/1.1
Host: sezantp.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 28 Nov 2022 20:18:09 GMT
Content-Type: image/gif
Content-Length: 250863
Connection: keep-alive
x-oss-request-id: 63851781D14BBC30381DC875
Accept-Ranges: bytes
ETag: "146302635DB0D447D3779D91B77D8389"
Last-Modified: Fri, 18 Nov 2022 08:30:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3277067101677540170
x-oss-storage-class: Standard
Content-MD5: FGMCY12w1EfTd52Rt32DiQ==
x-oss-server-time: 1
hm.baidu.com/hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash be7cf83f152e6b8d1b682f8bf18ed1b9
7681af67f8d662db5f19b89c0b9395f23aa8ce10
5ffeb878f22046a59cc30c609bff020cdaba9269a609fd6147cb96d971ac59d1
GET /hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 20:18:10 GMT
Etag: 6e9ba5ac4f1604216c936e5e24d5585f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4B5790B7FAAC51B0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?118d8c4b51d138a967fb082395b27809
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?118d8c4b51d138a967fb082395b27809
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash b93e7b8606a5f0f774d8276241511907
a03891df44eff148fbf37795c20986e60e2bf3c0
d24d6994ed27d626a8fbe2460dcecb0529a61f33b4bfc2f25df064f5fa0a8ef6
GET /hm.js?118d8c4b51d138a967fb082395b27809 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 20:18:10 GMT
Etag: 096bc82c3f9ece47a455a89956fe6dde
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=29CBAA342AE92A21; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 20:15:44 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Wed, 28 Dec 2022 20:15:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash b7560c74c1bb7b35fafcdd0127124bb5
a469c52c0327c0139db53a9ef4831d5578df177d
f8a47e53aa121316467bb0f953ad46c90013966e09f0a61f4a8e2dad1f974dd2
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 20:18:10 GMT
Etag: 66c6f6fdb9af849533130f0376dc2010
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=43FD22C1F4F3E37F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash c0ddc23f01cc5c24cfac6d8e5a08d9c9
6472c49eecb3bfb75c5ad86855517a1150edc759
2d452830fa22dcf8c2d90b9bb1b4fdec627e053cf3614384498e7215fb9d61b4
GET /hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 20:18:10 GMT
Etag: 444967462e9c70be8a8652ceecd595a6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=37C7D040B3641D35; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.163200 OK 532 kB URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.163:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 532 kB (531945 bytes)
Hash 904c4f51a02c9f03f27ac2593d4c061e
faa7b399e3dc1e36e450636f0fafcaaca901f59e
107d811d56db4017059b2c99a4829faa9e20ce7fa395b3182bdb456ff93fbee6
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 28 Nov 2022 20:18:08 GMT
Content-Type: image/gif
Content-Length: 531945
Connection: keep-alive
x-oss-request-id: 6385178022C82A303224542E
Accept-Ranges: bytes
ETag: "904C4F51A02C9F03F27AC2593D4C061E"
Last-Modified: Sun, 20 Nov 2022 05:06:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9035815038154931791
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgIC4ltzNpBgiIDdlODc5YmI4ZDVjNjQ3ZDk5OTI1NWRlZmIwMjk2Zjc5
Content-MD5: kExPUaAsnwPyesJZPUwGHg==
x-oss-server-time: 5
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 57ac07dcb0ef86bde593ab49591df884
e60cfd19ee0c2c5fc225356edd0a7b511ae9edaa
434c5deb32973bb2758d91319536238e4d780d6242186c3d4390e2e11ead37a1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 17:54:43 GMT
ETag: "e60cfd19ee0c2c5fc225356edd0a7b511ae9edaa"
Last-Modified: Mon, 28 Nov 2022 17:54:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7715ca908f02b512-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 57ac07dcb0ef86bde593ab49591df884
e60cfd19ee0c2c5fc225356edd0a7b511ae9edaa
434c5deb32973bb2758d91319536238e4d780d6242186c3d4390e2e11ead37a1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 17:54:43 GMT
ETag: "e60cfd19ee0c2c5fc225356edd0a7b511ae9edaa"
Last-Modified: Mon, 28 Nov 2022 17:54:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7715ca909ef6fab8-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 57ac07dcb0ef86bde593ab49591df884
e60cfd19ee0c2c5fc225356edd0a7b511ae9edaa
434c5deb32973bb2758d91319536238e4d780d6242186c3d4390e2e11ead37a1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 17:54:43 GMT
ETag: "e60cfd19ee0c2c5fc225356edd0a7b511ae9edaa"
Last-Modified: Mon, 28 Nov 2022 17:54:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7715ca90bce6b509-OSL
hm.baidu.com/hm.js?5f6f6952a111398e4db76c6944ccaba1
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?5f6f6952a111398e4db76c6944ccaba1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 3384f042ffd40c0519d321999b9d01af
e7c399e86353dcb5336715faad7c8ab805d227d4
0a410e1813d85b8d6b24a2aac0df4f3363dbd5ce742d4114e162e4ee73d58770
GET /hm.js?5f6f6952a111398e4db76c6944ccaba1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 20:18:10 GMT
Etag: a76e6b7f863eb8bd683c124a1a217c7e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0DD65B992E103CBA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 57ac07dcb0ef86bde593ab49591df884
e60cfd19ee0c2c5fc225356edd0a7b511ae9edaa
434c5deb32973bb2758d91319536238e4d780d6242186c3d4390e2e11ead37a1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 20:18:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 17:54:43 GMT
ETag: "e60cfd19ee0c2c5fc225356edd0a7b511ae9edaa"
Last-Modified: Mon, 28 Nov 2022 17:54:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7715ca922978b512-OSL
hm.baidu.com/hm.js?bd1c4e4e3b958139dfa1d89e8e7306ed
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?bd1c4e4e3b958139dfa1d89e8e7306ed
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 86b66efb5036a31ab25c6f7a0900e209
4b39fbc509ee43a9c5a53b30557728eae5401f21
38443d074290b32fcd73d4d59db6a9dd3702bc3ab587fd7750346892875dab19
GET /hm.js?bd1c4e4e3b958139dfa1d89e8e7306ed HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 20:18:10 GMT
Etag: e58aba19b5242c39e9d92fd472b26e70
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FE005B5D45D5B465; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/635242fd5fe50f0585d3ef8f.gif HTTP/1.1
Host: img.u1555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
X-Firefox-Spdy: h2
hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
106.227.30.48200 OK 0 B URL HTTP/2 hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
IP 106.227.30.48:0
GET /static/tongji/plugins/UrlChangeTracker.js HTTP/1.1
Host: hmcdn.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ynn.tsms2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 28 Nov 2022 20:18:09 GMT
content-type: application/x-javascript
last-modified: Tue, 20 Oct 2020 09:42:15 GMT
etag: "5f8eb0f7-4b3c"
content-encoding: br
age: 151510
accept-ranges: bytes
tracecode: 00557334490254889226093005
vary: Accept-Encoding
timing-allow-origin: *
ohc-global-saved-time: Sun, 27 Nov 2022 02:12:58 GMT
ohc-cache-hit: nc5ct85 [2], tjctcache59 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2