Report - htjfdb.com/9ty16k

Report Overview

Submitted URL
htjfdb.com/9ty16k_ezak0g.html
IP
108.186.106.43
ASN
#54600 PEGTECHINC
Submitted
2023-03-22 23:43:51
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
10
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.htjfdb.com	unknown	2017-06-12T10:18:11Z	2023-03-26T03:00:16Z	1.3 kB	3.4 kB	108.186.106.43
sgnnusyd.top	unknown	2023-01-14T19:07:58Z	2023-03-23T00:43:41Z	6.9 kB	152 kB	104.21.86.140
595tuchuang.com	unknown	2022-12-21T13:40:45Z	2023-03-26T05:50:46Z	298 B	959 B	23.224.27.252
587tuchuang.com	unknown	2022-12-25T02:13:41Z	2023-03-25T16:50:48Z	378 B	46 kB	14.128.34.137
ia.51.la	59607	2017-10-31T09:01:51Z	2023-03-26T05:43:08Z	497 B	200 B	103.143.19.103
img.fjxozva.cn	unknown	2023-03-21T08:29:23Z	2023-03-26T07:38:51Z	304 B	360 kB	154.211.68.49
amwnsr2.oss-cn-hongkong.aliyuncs.com	unknown	2023-03-19T12:10:07Z	2023-03-25T13:12:38Z	421 B	467 kB	47.75.19.127
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	54.149.38.208
lbfm.lbpictupian.com	unknown	2022-10-09T18:47:38Z	2023-03-26T06:42:31Z	4.4 kB	106 kB	172.67.28.138
js.users.51.la	53024	2012-05-30T17:10:11Z	2023-03-26T05:43:06Z	276 B	2.7 kB	103.143.19.103
htjfdb.com	unknown	2017-05-26T23:23:08Z	2023-03-22T21:38:06Z	360 B	204 B	108.186.106.43
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-26T05:09:29Z	734 B	3.9 kB	104.18.21.226
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-26T05:09:36Z	3.0 kB	37 kB	103.235.46.191
dvcasha2.ocsp-certum.com	71753	2014-11-27T09:04:42Z	2023-03-26T05:45:08Z	696 B	3.7 kB	95.101.10.193
8499133.com	unknown	2022-10-27T07:16:22Z	2023-03-26T09:42:27Z	384 B	367 kB	172.247.109.214
667aaa.us	unknown	2023-02-17T06:50:57Z	2023-03-26T07:28:40Z	398 B	579 kB	45.61.212.53
cdn1229-1308348670.cos.ap-nanjing.myqcloud.com	unknown	2023-01-14T03:26:16Z	2023-03-26T11:56:23Z	825 B	595 kB	129.211.179.197
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	3.0 kB	8.0 kB	23.36.76.226
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	48 kB	34.120.237.76
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-26T05:09:32Z	359 B	1.9 kB	104.18.21.226
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-26T05:32:55Z	348 B	1.2 kB	104.18.32.68
qp.ezfxpuo.cn	unknown	2022-12-14T10:35:04Z	2023-03-25T05:11:25Z	377 B	229 kB	218.66.171.96
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-26T05:32:55Z	340 B	963 B	172.64.155.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-22 23:43:48	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-03-22 23:43:48	medium	Client IP	104.21.86.140	ET INFO HTTP Request to a *.top domain
2023-03-22 23:43:50	low	172.247.109.214	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-03-22 23:43:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-22 23:43:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-22 23:43:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-22 23:43:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-22 23:43:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-22 23:43:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-22 23:43:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	sgnnusyd.top/	254 B	2023-03-11	2023-04-09
Pretty URL sgnnusyd.top/ IP 104.21.86.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:21:49 Last Seen2023-04-09 12:30:48 Times Seen12 Hash 1c6a80dc7c6795adae7f2c48a244d24a 3284df60aad97148b67ea2da9ecab312ce650f00 f23b8bef244f4ec152ad7b324a577fb2961eb93649f32ba2e561023c5d683fb3 Loading...

	www.htjfdb.com/tj.js	258 B	2023-03-26	2023-09-11
Pretty URL www.htjfdb.com/tj.js IP 108.186.106.43 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:29:10 Last Seen2023-09-11 00:00:02 Times Seen41 Hash d1f474584cc0e6ed13f35b0792239d96 350ad9f452aff1665a52be0ed75a73c88459f27a e14ee04645959894557b821371a526a839ef5eaeb369511bfffd911ccb83fae4 Loading...

	js.users.51.la/21571025.js	4.9 kB	2023-03-26	2023-04-09
Pretty URL js.users.51.la/21571025.js IP 103.143.19.103 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:29:10 Last Seen2023-04-09 12:30:48 Times Seen10 Hash f4c982f8f421eba163125a01d823aa90 283f69e045f5ca21f7972e5b60dcd683f3d2e062 afdcf0816cca4e03dda82c565d5f90daaf812db655e1be630f962ea7d1cd6b1d Loading...

	hm.baidu.com/hm.js?bb5df629d89651b4be132773570ee52d	30 kB	2023-03-26	2023-03-26
Pretty URL hm.baidu.com/hm.js?bb5df629d89651b4be132773570ee52d IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:33:25 Last Seen2023-03-26 14:33:25 Times Seen1 Hash 38869e3fd3b10682c3eb6a0ce2822b3f f43fee685657270a5aa537aec223ca57fd75034d 10b0b16907822b74cb110700768a85cc730adf79379a83e247d824b642b0cf48 Loading...

	www.htjfdb.com/common.js	1.5 kB	2023-03-12	2023-03-26
Pretty URL www.htjfdb.com/common.js IP 108.186.106.43 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:46:42 Last Seen2023-03-26 14:33:25 Times Seen4 Hash 70136aae6dd862315d48927117f29202 39e5d48abb8c273629a4f4c01c8be3b642b7891f ca47fdf2990ab9e3863534e66334968fdf8eddf981d594a7a989ebb7d2649be1 Loading...

	sgnnusyd.top/template/smmmsp/ads/2dl.js	0 B	2023-03-07	2024-04-24
Pretty URL sgnnusyd.top/template/smmmsp/ads/2dl.js IP 104.21.86.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 21:26:14 Times Seen37047849 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sgnnusyd.top/	254 B	2023-03-11	2023-09-19
Pretty URL sgnnusyd.top/ IP 104.21.86.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:21:49 Last Seen2023-09-19 00:33:45 Times Seen18 Hash b4823fd6587ff3fb09e000acf8f8df30 9d4cbc03d36ac9438ca74912921d63c03b739a39 84e3de77dad4f414303f85b1470937c7e5bf31d2508b2928dcb05bec2f6085d2 Loading...

	sgnnusyd.top/template/smmmsp/ads/xx3.js	1.5 kB	2023-03-26	2023-03-26
Pretty URL sgnnusyd.top/template/smmmsp/ads/xx3.js IP 104.21.86.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:29:10 Last Seen2023-03-26 14:33:25 Times Seen2 Hash 04d9c1d1a0b50a9cf110fda9700ad41e 56754555c316b70bab81ed14268fa15fd8d664ba be2c187839ade6df88f4326a322d8817b08fc480bf605ad8972972ccb216cb4b Loading...

	www.htjfdb.com/9ty16k_ezak0g.html	43 B	2023-03-26	2023-03-26
Pretty URL www.htjfdb.com/9ty16k_ezak0g.html IP 108.186.106.43 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:29:10 Last Seen2023-03-26 14:33:25 Times Seen2 Hash cf9d8056d391cf5a538c1dfc2d7ebe26 fd697e1cd4b9560c057beb726e0669d017da361f 648d57c81ca26268a1814f401809cb07760e890111018d69766989914cd25702 Loading...

	sgnnusyd.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-24
Pretty URL sgnnusyd.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.86.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 21:17:40 Times Seen54843 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	sgnnusyd.top/template/smmmsp/ads/xx1.js	2.5 kB	2023-03-26	2023-03-26
Pretty URL sgnnusyd.top/template/smmmsp/ads/xx1.js IP 104.21.86.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:29:10 Last Seen2023-03-26 14:33:25 Times Seen2 Hash 9ec15a856a0be40de72b9a0b2b57eca2 b7e132e243399ca600763afb93d369947c75eec2 1112985b7cd2fb617b962c90456d8a16b1ad5750b3779c850e33d0e6cef5e1ca Loading...

	sgnnusyd.top/template/smmmsp/ads/xx2.js	742 B	2023-03-26	2023-03-26
Pretty URL sgnnusyd.top/template/smmmsp/ads/xx2.js IP 104.21.86.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 04:47:49 Last Seen2023-03-26 14:33:25 Times Seen3 Hash 0db9f54037d0c95ffd95acd98f2bae06 eeed1dadd21751bf69c69740602ad314be49e03f 210b27feaf9b8e973e206c6b6ce2dd8ae10b178cce82c41c0fc61f2072f2d7a4 Loading...

	hm.baidu.com/hm.js?b4880b6604705131f58605822b48ade5	30 kB	2023-03-26	2023-03-26
Pretty URL hm.baidu.com/hm.js?b4880b6604705131f58605822b48ade5 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:33:25 Last Seen2023-03-26 14:33:25 Times Seen1 Hash faeb80039f5480422e41d02dcf447d3a 3b120a993cc6178847af13cdf63becab7f075e9d 4cd2b2cc81737dd6c9eda5fcd735ef58e539e94eef7c7258ec3c5b6901337816 Loading...

	hm.baidu.com/hm.js?65dd0edee86b82f2424cf951cbae0bc3	30 kB	2023-03-26	2023-03-26
Pretty URL hm.baidu.com/hm.js?65dd0edee86b82f2424cf951cbae0bc3 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:33:25 Last Seen2023-03-26 14:33:25 Times Seen1 Hash 36a62e01c6814059c39f329bf69b4d05 b0ceaeabc22b8899cc54bec806922a1c709c243f 0e2ca6ce51e6aebea88500e58f559b2eea2a5c370eb4baeb3af911788038a834 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 012426ef265ac6fc075dcf834bd3b5a8	465 B	2023-03-26	2023-03-26
Pretty Observations First Seen2023-03-26 14:29:10 Last Seen2023-03-26 14:33:25 Times Seen2 Hash 012426ef265ac6fc075dcf834bd3b5a8 be9cf9906d3babf8c94224067626511c13e308e9 a50dc6da0c0ca5c7653b2ff7489a80cf1671c5d99d3fded978af18982dcb3bcc Loading...

		Size	First Seen	Last Seen
	#1 Write - ed772d4abcefe6173164a8079ac69fe1	155 B	2023-03-26	2023-04-07
Pretty Observations First Seen2023-03-26 14:29:10 Last Seen2023-04-07 07:03:51 Times Seen6 Hash ed772d4abcefe6173164a8079ac69fe1 4b5967f0aa73549a7d5448df56991bf1aec3f857 5767522a07538eb07c9a404166786bd4846f8eaef05fba42e885394c08d7d15c Loading...

	#2 Write - fc5b1e693ca3b25cff52e7a99ff54207	45 B	2023-03-12	2023-04-16
Pretty Observations First Seen2023-03-12 06:04:38 Last Seen2023-04-16 11:01:26 Times Seen13 Hash fc5b1e693ca3b25cff52e7a99ff54207 59712a8fc27e24ab569c37a8f17b76ce5c10709f 5de9dbf5b0df0fc4bcf18002dc681043036ec19ffbc067477af688e2b8cef756 Loading...

	#3 Write - 351a26a9ddbf26ea2ed2b21dbc37d3dc	120 B	2023-03-12	2023-04-16
Pretty Observations First Seen2023-03-12 06:04:38 Last Seen2023-04-16 11:01:26 Times Seen13 Hash 351a26a9ddbf26ea2ed2b21dbc37d3dc fabcff7e89098cbd0ad8cb3c480d5e3a374f57ed 5f027dad4c0d2176084e63f08b4d61eb19b2237651aa2dea1c953ebaab1eb7a8 Loading...

	#4 Write - 2584ea44c321b3d4fdd732fd3b2dcfc8	121 B	2023-03-14	2023-04-07
Pretty Observations First Seen2023-03-14 09:06:55 Last Seen2023-04-07 07:03:51 Times Seen9 Hash 2584ea44c321b3d4fdd732fd3b2dcfc8 2da62d28dc5077ed0a5c34c74f96f07d87e87dc6 5312bfb0f3b62691b31afd6d4600ce8147d4e40d8433a8f8d119fc058e5c350a Loading...

	#5 Write - 1d7ff3944fc17d4abad3d03b22edf799	51 B	2023-03-26	2023-04-01
Pretty Observations First Seen2023-03-26 04:47:49 Last Seen2023-04-01 11:17:29 Times Seen4 Hash 1d7ff3944fc17d4abad3d03b22edf799 4b4fb2d862a02aebecf070bd5b1835fbd17ceebe 85716b8a48bbd7806ed7399cc18c9fb0138b1033cfe79d4a86c59b7816944f7c Loading...

	#6 Write - 09e9897090396b22b3da94beeddc2f43	127 B	2023-03-14	2023-04-01
Pretty Observations First Seen2023-03-14 18:26:37 Last Seen2023-04-01 11:17:28 Times Seen5 Hash 09e9897090396b22b3da94beeddc2f43 b492e02c9aed537843055982ac19910af66c70b6 15c81836e2af83e68615ba960ca4fc480d1d45f963f1ec6e40859e5451cdb765 Loading...

	#7 Write - 3c60369b632b9353b8d80561ad686743	71 B	2023-03-26	2023-04-07
Pretty Observations First Seen2023-03-26 04:47:50 Last Seen2023-04-07 07:03:51 Times Seen7 Hash 3c60369b632b9353b8d80561ad686743 1ca12bc025e5ba467795085479016fa3a73147d5 a29e8a5d01b4730d5fe92e559a7f969b2e646d7d1d8c24d0b03765490223a035 Loading...

	#8 Write - 6cae685840e43d91f9e483c6d9b0e5ec	164 B	2023-03-26	2023-04-01
Pretty Observations First Seen2023-03-26 14:29:10 Last Seen2023-04-01 11:17:28 Times Seen3 Hash 6cae685840e43d91f9e483c6d9b0e5ec cb130c5e104452e18364e518f4ff489d009ef594 411a49c3d0ee40521fe2c59412e22c8d684e66aeb2be947deeb570856d46bf72 Loading...

	#9 Write - c45d5ee40667bede13fe09c55ccf25fc	446 B	2023-03-26	2023-03-26
Pretty Observations First Seen2023-03-26 14:29:10 Last Seen2023-03-26 14:33:25 Times Seen2 Hash c45d5ee40667bede13fe09c55ccf25fc 8b53bbd54538f4fd89b727db3827feac7bf9d417 fe72801832cc1291dae795b93277f4cb879bc96a3c7cf67de36f491f4bb41248 Loading...

	#10 Write - 68508fc9130939e33da003bf7ab3f229	142 B	2023-03-14	2023-04-16
Pretty Observations First Seen2023-03-14 08:40:13 Last Seen2023-04-16 11:01:26 Times Seen5 Hash 68508fc9130939e33da003bf7ab3f229 8a15430aea38c9c2be54f23315cba9c6bf30cff7 02c0d3651ae2647773641a1b565bc5051c3112fc4a13ace447f4aa5f04e5809a Loading...

	#11 Write - 8be8ccb9cc5c3a63ecf9388d7d6c724f	45 B	2023-03-26	2023-04-07
Pretty Observations First Seen2023-03-26 04:47:49 Last Seen2023-04-07 07:03:51 Times Seen7 Hash 8be8ccb9cc5c3a63ecf9388d7d6c724f f087cbdeec9bd6cca405a30652613a3ca455ef5d 0f00b3e354c4ceb04baa5f794276ee19504036ab1485cb2487a145c2a2f11964 Loading...

	#12 Write - 4b403e0379c592538b2ffaca930e3b0b	45 B	2023-03-26	2023-04-16
Pretty Observations First Seen2023-03-26 14:29:10 Last Seen2023-04-16 11:01:26 Times Seen11 Hash 4b403e0379c592538b2ffaca930e3b0b 94cff76cfb56e1e53cf00a1f08b7045a09d1287b fe1ff919b3ee82194da690da2fc5e4f2204b979ce5a7c890b6d2af02a341b2ac Loading...

	#13 Write - 5f5445904998e15b0aee20882dd7a775	121 B	2023-03-14	2023-04-09
Pretty Observations First Seen2023-03-14 17:44:05 Last Seen2023-04-09 12:30:48 Times Seen12 Hash 5f5445904998e15b0aee20882dd7a775 f73925fbb70e9f49f2213f4fd4237b56d7edf7b2 523bf7d1d54a33d9080b5fb7f8d576e69fa5ce59867c4b39af497f6f41903bb8 Loading...

	#14 Write - 0751066fe0437d62dbf30f1e3f16a15b	50 B	2023-03-14	2023-04-16
Pretty Observations First Seen2023-03-14 17:44:05 Last Seen2023-04-16 11:01:26 Times Seen13 Hash 0751066fe0437d62dbf30f1e3f16a15b 5bb84097a469ae17b7f9187e5ffed01a740229c5 43e09140c558edacd916b49192e0ca1aec0eb17f1c10aab222edb0e8e1c168cd Loading...

HTTP Transactions (80)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16061
Expires: Thu, 23 Mar 2023 04:11:21 GMT
Date: Wed, 22 Mar 2023 23:43:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3488
Expires: Thu, 23 Mar 2023 00:41:48 GMT
Date: Wed, 22 Mar 2023 23:43:40 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Mar 2023 23:15:03 GMT
content-type: application/json
age: 1717
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5285a032a285729d3e4a546310ed052d
d370c14bbc2d168cc3703bcb6b94ea0ece26e69d
a811aac1eb89de0666a7de8d3eda1dc3affa7ce5353219211a1beee1211536b5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A811AAC1EB89DE0666A7DE8D3EDA1DC3AFFA7CE5353219211A1BEEE1211536B5"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3591
Expires: Thu, 23 Mar 2023 00:43:31 GMT
Date: Wed, 22 Mar 2023 23:43:40 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Fp+fcT12jxGY0lGquHO68syhZwsoA6+RiQVMoCFy0x2Mi7/W+INAC8pALpHrQKjjmfADkFDYVVo=
x-amz-request-id: E0K7EG75X3S7X8EZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Mar 2023 22:59:42 GMT
age: 2638
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 23:43:40 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

htjfdb.com/9ty16k_ezak0g.html

108.186.106.43

301 Moved Permanently

0 B

URL HTTP/1.1
htjfdb.com/9ty16k_ezak0g.html
IP
108.186.106.43:0
ASN
#54600 PEGTECHINC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /9ty16k_ezak0g.html HTTP/1.1
Host: htjfdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 22 Mar 2023 23:43:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.htjfdb.com/9ty16k_ezak0g.html

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Mar 2023 23:17:23 GMT
age: 1577
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3815
Expires: Thu, 23 Mar 2023 00:47:16 GMT
Date: Wed, 22 Mar 2023 23:43:41 GMT
Connection: keep-alive

www.htjfdb.com/9ty16k_ezak0g.html

108.186.106.43

200 OK

484 B

URL HTTP/1.1
www.htjfdb.com/9ty16k_ezak0g.html
IP
108.186.106.43:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (597), with CRLF line terminators
Size
484 B (484 bytes)
Hash
a0e4b264371dd0b35aa0f4b764d94747
e9e53fdfe2e78b942283ea309bec63db213ed639
fe926c29bcd7b065c26c6261248d9f3b216d531bf87163a9c69f37517674911a

HTTP Headers

GET /9ty16k_ezak0g.html HTTP/1.1
Host: www.htjfdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 23:43:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

54.149.38.208

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.38.208:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c2KcP61GOtv3OODICy/09g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5htMYDl1JgUrRAEY6KjhGBBdOhQ=

www.htjfdb.com/common.js

108.186.106.43

200 OK

681 B

URL HTTP/1.1
www.htjfdb.com/common.js
IP
108.186.106.43:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Size
681 B (681 bytes)
Hash
3cb1c90c04f81b3c5e007bbb7a158420
a650a21fd616d5278524f64f6576ef844d169a7b
0dd610d3df6cba8b091f76701fe8be95e56f066a862507d74c0e3b1761b95601

HTTP Headers

GET /common.js HTTP/1.1
Host: www.htjfdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.htjfdb.com/9ty16k_ezak0g.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 23:43:40 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.htjfdb.com/tj.js

108.186.106.43

200 OK

258 B

URL HTTP/1.1
www.htjfdb.com/tj.js
IP
108.186.106.43:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with CRLF line terminators
Size
258 B (258 bytes)
Hash
d1f474584cc0e6ed13f35b0792239d96
350ad9f452aff1665a52be0ed75a73c88459f27a
e14ee04645959894557b821371a526a839ef5eaeb369511bfffd911ccb83fae4

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.htjfdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.htjfdb.com/9ty16k_ezak0g.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 23:43:40 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive

www.htjfdb.com/favicon.ico

108.186.106.43

200 OK

1.2 kB

URL HTTP/1.1
www.htjfdb.com/favicon.ico
IP
108.186.106.43:0
ASN
#54600 PEGTECHINC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.htjfdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.htjfdb.com/9ty16k_ezak0g.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 23:43:41 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 27 Mar 2023 23:43:41 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

sgnnusyd.top/

104.21.86.140

200 OK

4.8 kB

URL HTTP/1.1
sgnnusyd.top/
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
4.8 kB (4792 bytes)
Hash
1e1837f0006dee0ef3e827e13fef3a1b
2152a21866bbf2cc47fa4665903660468081c553
5cc08381e8ed358ce1cbbd23ae290820feff5e3e3164f9aeb65dfac344860fab

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.htjfdb.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHO35qQsrNgofCsKS51OYO7f%2BdFNIgr77995KbtsJJejrZgSVPwPakxG3VvLb6php9MN0Oih4CsXP6OI3FcaaWsDaroR95su8%2FmL4O97ujkiRAlWl%2BinK8oSg%2FpIqPk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c5dda67b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/common/style.css

104.21.86.140

200 OK

3.5 kB

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/common/style.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
3.5 kB (3548 bytes)
Hash
66cb8aa56779e7bb6c8372deea7a9335
466dabea62174668da14a602dd5e4172df88c48a
8af809a347ae484242398ac680f5be8092da7a1ebc160792f81eaa7987190ab6

HTTP Headers

GET /template/smmmsp/assets/css/common/style.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Apr 2020 12:40:16 GMT
Vary: Accept-Encoding
ETag: W/"5ea975b0-48a2"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDE7S6jd8d46vmR85a1GFVxe79TynGQ3pKSI9SLU5hDbHE%2FryfU%2BywN9gL8NWDRp3uhIWd1QM0%2FVoJz%2B3fpsSRWYWrI02UF5rmRXx64rIEa24syih9sRk8Mx7sKgrsA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c608cc7b52d-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/custom/banner.css

104.21.86.140

200 OK

321 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/custom/banner.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
321 B (321 bytes)
Hash
66e2134420e87365212f3432572d53a7
5ddf9c38c9b25f615d57d9a48eae0807ff6c2958
8fd908d798c5bd16d0a0f9d0d7dfd24d0b360c1dd8ec0bc8b66c9b55f3014ac6

HTTP Headers

GET /template/smmmsp/assets/css/custom/banner.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:47:46 GMT
Vary: Accept-Encoding
ETag: W/"5c7a4332-49c"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSY9qKSOUN%2FLA2rMsmqM8Jzf%2Bxk9%2BeunK4CLNZOQfUdNphXTHHwZtICusDoKqKrm4EXTAKe2Rx%2BLVKfEz7JMWoliK4GrIiBFVNRDbTrgcplasyZ%2Bga2Nj3OJqard5BY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c608cd0b52d-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/custom/main.css

104.21.86.140

200 OK

549 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/custom/main.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
549 B (549 bytes)
Hash
08b2e4bfeba023ec56e6a5d661ee59a7
331d65e1c07c021ac57febff6cbb3b7b7eb48186
d3846565e87aab70c9c517e975f30237535c1e8ac662706b68390c2f6e1bd9b6

HTTP Headers

GET /template/smmmsp/assets/css/custom/main.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:47:24 GMT
Vary: Accept-Encoding
ETag: W/"5c7a431c-7cd"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ7i240vReJ8%2FzKh7Ubdu3MUrBHbkhkerovx3hc3PXE3bvS4El8BkTUWslMsuUzzXGVE0SNM56q6xKc52qU1iWOSIAERfJd52gidsinl%2FJhqzVv4Rus5SPRJTkWRomU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c60890cfab8-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/custom/menu.css

104.21.86.140

200 OK

938 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/custom/menu.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
938 B (938 bytes)
Hash
5e9b4ea54bc46458dfac766b78829488
4bddb65ff8ba79a92d746da36efa218027b77116
0ead24b794fe0231b7f445698e80911aa1774f6e9b499383d7e15f0fc8a8d6ad

HTTP Headers

GET /template/smmmsp/assets/css/custom/menu.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:48:48 GMT
Vary: Accept-Encoding
ETag: W/"5c7a4370-1c3c"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4i6yFVZxpBih2BMNSZ9DRt6YQCuzKHE0Ka11CZdMBOYv8nzREBtrlnWQ3bkSfyv6gNDAK%2B6vx3MXfg6mt1HlWuxBwM%2FARDlqFMTE9IHLuj2LpHtI3PmmX4CvuO6SVc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c609cd5b52d-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/custom/footer.css

104.21.86.140

200 OK

191 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/custom/footer.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
191 B (191 bytes)
Hash
965c36f19e7092d48b083b9a9b69f169
77bc1fae75919cf2da412c4300a2e4d9307517e0
de90b36509f77eb3bb1c7d17361aa5294dee501bcad6eb4f788e23d3eef91951

HTTP Headers

GET /template/smmmsp/assets/css/custom/footer.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:49:08 GMT
ETag: W/"5c7a4384-242"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Age: 7915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyHtUIHINH3ahcmfo5SzM2WiMmtZUzb6F83ixGWJDr6QOyz6fB96XoL5V2H9O330diMxGh722swdYechrA3p7YOuf%2BmQl6oGobNT460xDNPyaSTWDngDmuPmDRG3P48%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c609910fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/common/flickity.min.css

104.21.86.140

200 OK

815 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/common/flickity.min.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
815 B (815 bytes)
Hash
bc40d4e4a3fd99000dfcfe3d5f01bf1e
70630dc523095734c9975cbe9122c8598ec56275
05805a64e2b9412ca8cb1c2f13989a9db83761b62e7a074649fbba0f086e36c9

HTTP Headers

GET /template/smmmsp/assets/css/common/flickity.min.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:49:50 GMT
Vary: Accept-Encoding
ETag: W/"5c7a43ae-ab1"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GuGLnMvTPkiuZ%2FiuDCL%2FvBFg%2FBHRqHHM7%2BnKqo5rgrYvmTz0YRdJEOKBE3PS02h2oOU3PZ9XEmypQcTU21cY6nqUH1BRj%2ByssDwSLtTafacM%2Bmp6YgZwg9%2FT8f1%2F4U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c60993bb521-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/ads/2dl.js

104.21.86.140

200 OK

0 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/ads/2dl.js
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /template/smmmsp/ads/2dl.js HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Last-Modified: Fri, 17 Mar 2023 06:37:18 GMT
ETag: "64140a9e-0"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Age: 7915
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXTa76zjh78TGtjMb6GVieNV9BenRfOuM5VXaP2mYtQ21tV3xGKSd2FDblaR4O6ZIavxmMzMshXqohRXTfjt0dBelXjZn5O0xaRrE2N2%2BM%2BaiJLbWe3BMC7O45I%2BL0E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c60a916fab8-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.86.140

200 OK

655 B

URL HTTP/1.1
sgnnusyd.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1238)
Size
655 B (655 bytes)
Hash
bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 17 Mar 2023 11:52:23 GMT
ETag: W/"64145477-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HudDEJfr0IW%2BMA4VQBbUK%2B%2BVlqxmmniqVjrACG5WsWgYZaNnQvPKUhvSSpLcFSRZ%2FM7JuNEmpk6yedFVgoFM8n3jQx3WSOrM0T%2B1pnnE9eNPDFt35XUFdRt%2FKHcz%2B5Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c60b948b521-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Fri, 24 Mar 2023 23:43:42 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip

sgnnusyd.top/template/smmmsp/assets/css/custom/img_list.css

104.21.86.140

200 OK

656 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/custom/img_list.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
656 B (656 bytes)
Hash
813a474b419fb5460acae1b3b978951e
2587685b7bcdc8bfc992d91e41b5c1239455b5df
92b54eb33215edf0c63ac28f6d3d4d1a0294fc4bab9893a8a8f274c7e46b4a6c

HTTP Headers

GET /template/smmmsp/assets/css/custom/img_list.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 11:24:28 GMT
Vary: Accept-Encoding
ETag: W/"5c7a67ec-cae"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kazqZ7Fw%2B1zJXscCl8Ifyd2S2N3dhCXVq18v06ZOrrRSujZWVVconbrIu4WvmRIuKAP0d3qFDnAys4RDCGwMbY8wtd8U411pIGVzFCuud79n7BIoEofID3OgNt7Zqs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c60ad310afa-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/theme/default.css

104.21.86.140

200 OK

24 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/theme/default.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
24 B (24 bytes)
Hash
45fdb73a80a833ea9b3a7707fcad0566
093d4fa40f57b35a96154fbe74fb5eb7376eda24
82871fdb8f75fa02a9f2a4c390da56fcdee1f4da212ebb27e345008c04530f7f

HTTP Headers

GET /template/smmmsp/assets/css/theme/default.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Content-Length: 24
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:50:38 GMT
ETag: "5c7a43de-18"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Age: 7915
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mstFbEPM8jw9iehoOZk0V3uPQu3d0bhlHonrDymyQuGhmGS0774IUiJ5q0a5diTjTycPnViwknL82LS1Xsw8dtKZocPx8cC5pC8wz6unQ5qH%2Fe0xa1k6fEk019sAFII%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c60adaab4f7-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/ads/xx1.js

104.21.86.140

200 OK

491 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/ads/xx1.js
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
491 B (491 bytes)
Hash
bdefd79bd2f63367de69ba9453f3a365
bc488f4cd61e09d4f4279d40cdfd01d2596f2d15
bbda8f1e5244a62faea228fc8cdab3db7a5746754aff8012ed9d1867999c5db0

HTTP Headers

GET /template/smmmsp/ads/xx1.js HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 16:37:39 GMT
Vary: Accept-Encoding
ETag: W/"64188bd3-9df"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lu656lpgCMC87XJoUy3Xr6YKrUvFAXETA%2BNndSt8%2FyA3yedkMsl08xSwHGzQK%2BHy6kf0USw%2Bg43yzhAqz3sq7RPtbTk%2BLzfbZnj0yuJfo9GIv83M4ib4WjFKfp56Ytc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c60b91bfab8-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/ads/xx2.js

104.21.86.140

200 OK

269 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/ads/xx2.js
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
269 B (269 bytes)
Hash
c66453e35fe2cc0976395a24a69fd03c
6c0ed22de288bad56219f1a1f225f134ab3e7c08
e1710f8d6987c06a5bc87448cd31c05f757f8d08104358240667aff49f6ca012

HTTP Headers

GET /template/smmmsp/ads/xx2.js HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 17 Mar 2023 06:45:03 GMT
ETag: W/"64140c6f-2e6"
Expires: Thu, 23 Mar 2023 09:31:47 GMT
Cache-Control: max-age=43200
CF-Cache-Status: HIT
Age: 7915
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6UtNxhBFmUOmt%2BC39lReJpzO6HxcYDU21WQboBsF0uzvinuRPBVPwn0KjfLjvN8yFSdhMPCv0P2G2884qchxINULdGirWrGR4bzSurxHBP2cdHEbYu%2FyGTiONv1D4E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c60b94ab521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/ads/xx3.js

104.21.86.140

200 OK

471 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/ads/xx3.js
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
471 B (471 bytes)
Hash
c200823945d4002e5ca080000b341a1d
ca3ae5dc8f8c61caca4557b7c90ed084c966fe9d
ec455ce8182716217666ad1a6918b005b0f293cc9de7ae23f657bb108bcb143a

HTTP Headers

GET /template/smmmsp/ads/xx3.js HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 16:37:40 GMT
Vary: Accept-Encoding
ETag: W/"64188bd4-606"
Expires: Thu, 23 Mar 2023 09:31:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7914
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb53VPlgki67D%2B5SfZRjnONupLr%2FdCp52PeiyJBqG%2FFjpCiFt127uJEiLVbGeYtPpiRCRRambPi3cyQonDvcQrMx31wjQ9bu2lZ5kpn6rL3QUu%2Fu3SBq9Tt62tXRSZQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c60bd370afa-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/common/pagination.css

104.21.86.140

200 OK

411 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/common/pagination.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
411 B (411 bytes)
Hash
756f111ee343465ac3fdfcd6a7d56aac
72d2d9ae0b73197af2e343e54e469692a39e276d
d14d1e91f99c7287522285b812621b4003acc0ddd7e0098f30cd048a21699b7c

HTTP Headers

GET /template/smmmsp/assets/css/common/pagination.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/template/smmmsp/assets/css/common/style.css

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:45:54 GMT
Vary: Accept-Encoding
ETag: W/"5c7a42c2-51e"
Expires: Thu, 23 Mar 2023 09:31:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7914
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TA%2ByQAhucNnTrgPf7U%2FY8%2FL0M7pnsenQ0pDDdFtZ0dXb4EAbU3EXq20uhK9jC1uFJkDmeDcdxZ%2FJS4iNJSVfArwnN%2B54y%2Fs%2BMxDHxwjt4%2BGlGEAuZ%2Fh8sep3ah5raQk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c60cd3e0afa-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/common/common.css

104.21.86.140

200 OK

528 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/common/common.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text, with CRLF line terminators
Size
528 B (528 bytes)
Hash
20cb2d9dcda1d9384faff84dccc54b34
53415d1e6f671fdbd93608a26335d66aeddbf72b
b3e62e6ede81f54ed5c4621c96b47da7226499766278004c8ab7686771b45a31

HTTP Headers

GET /template/smmmsp/assets/css/common/common.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/template/smmmsp/assets/css/common/style.css

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:45:28 GMT
Vary: Accept-Encoding
ETag: W/"5c7a42a8-5e2"
Expires: Thu, 23 Mar 2023 09:31:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7914
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOndJjLCNt56M5FhI%2Bl%2Bo4adJEoiLdLkpspxPEAxTuSpV2xVnJ%2FBSal9UZwoFRy67wVZvE8TTfwvbAHdEFC1I2qKob2HWKChy9fu2VNhESHgME7J2I0%2F9cSn%2FljFfNg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c60c950b521-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/common/icon.css

104.21.86.140

200 OK

324 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/common/icon.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
324 B (324 bytes)
Hash
25b281150e31f0d158beace91ac17b74
25210828fcf7fe46fd841b531b20bb7f72301d02
5a4896037e25ce7def690326ad152f7b3cad3d5f3da392591ca0574e6708d79b

HTTP Headers

GET /template/smmmsp/assets/css/common/icon.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/template/smmmsp/assets/css/common/style.css

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:46:36 GMT
Vary: Accept-Encoding
ETag: W/"5c7a42ec-496"
Expires: Thu, 23 Mar 2023 09:31:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7914
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbjpNHdGuJV67Rhhfyw20iba%2F7%2B84ZpD%2BJ%2B19jgUC5FozSXVJ72lEIFXEbgWVC8aar62ZHYeDtrp3AnTEI2DMfFnBCTM0S5NqZPxU%2F7R5W6oRgoq7nx8SRc21w0yDig%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c60c921fab8-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/theme/blue.css

104.21.86.140

200 OK

696 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/theme/blue.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
696 B (696 bytes)
Hash
d1b6791f4679bcab3ab01381c2504a49
6625522320cbe2f9339cb2f1208fd7c52ce774ca
8d57cfc0b7f72f5cae88513d97110c2237908888a2fd47971feb9ac6a33b80ed

HTTP Headers

GET /template/smmmsp/assets/css/theme/blue.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/template/smmmsp/assets/css/theme/default.css

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Jul 2020 14:19:36 GMT
Vary: Accept-Encoding
ETag: W/"5f1ee278-a2c"
Expires: Thu, 23 Mar 2023 09:31:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7914
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPdqbicdRxB6OxAUxaQWF3VrlE3wNZ0rkmyEiQ22ScSxuy6tJHpUzkHIJytkc4BXXjHW4rETF26xUkU3EGtB4IP5uuUCC3vkqHbHcZEApddeLhvNIsY456DY6DKSsRE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c60cdc2b4f7-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/css/custom/header.css

104.21.86.140

200 OK

517 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/css/custom/header.css
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
517 B (517 bytes)
Hash
0bb0fa81ed0f205181328e7758425737
8b9c97fbd73a1ac33397bfa5c26aac27a0557bd1
17024888daa4bf01f5097c4fc9e3c6fcdf09293ac13cf588a60a0ce424fb8bd0

HTTP Headers

GET /template/smmmsp/assets/css/custom/header.css HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 08:48:10 GMT
Vary: Accept-Encoding
ETag: W/"5c7a434a-5c8"
Expires: Thu, 23 Mar 2023 11:43:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ye44OBiKgXD7JjGXcM2s59JQtloPSIlRRGuYu%2BrfRCfxTL1PrV42aL9XecNbcgw%2FGxS3Ged9mkVTMJITDsKYSve8MLYhEnRI%2BSTebz0qcGb6FZU%2BIR766O19tK%2FoYXo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac24c609e041c12-OSL
alt-svc: h2=":443"; ma=60

sgnnusyd.top/template/smmmsp/assets/js/common/juqery/jquery.js

104.21.86.140

404 Not Found

109 B

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/js/common/juqery/jquery.js
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
109 B (109 bytes)
Hash
3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d

HTTP Headers

GET /template/smmmsp/assets/js/common/juqery/jquery.js HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 404 Not Found
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzHHGoZjqgxwvXsSR7jjPQwZqdoAX4pHDNSo8FEEOIBK5GLsbmuzv2FG5%2FTzIHigq00zJDvKIjBK4rbqC5GLP%2B0i1gOc3l4ZsjLoBAx%2BdTqcIAVnTOBaTss8JJ9L1Yk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c60acdeb52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Thu, 23 Mar 2023 01:45:10 GMT
Date: Wed, 22 Mar 2023 23:43:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Thu, 23 Mar 2023 01:45:10 GMT
Date: Wed, 22 Mar 2023 23:43:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Thu, 23 Mar 2023 01:45:10 GMT
Date: Wed, 22 Mar 2023 23:43:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Thu, 23 Mar 2023 01:45:10 GMT
Date: Wed, 22 Mar 2023 23:43:42 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7424 bytes)
Hash
05c7970e81559904d05b6e8cf693f085
709b01a360624eceafb1876f56378824aa4936b3
a4fd80c9bdce27961560d7c31e216706e9e32d42d1edd883e283c149505b3db0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7424
x-amzn-requestid: 4d4097db-ae95-4a34-8f92-a56c29e836e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CENb6FKDoAMF_cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417f5e5-772b562b3176f7ca0740db72;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 05:57:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: KfvwQv6CzrS1gbsqurHb4C_KGfAtJtBZFPUzx6z-IQ19s2WNeMdz5w==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 02:46:22 GMT
age: 75440
etag: "709b01a360624eceafb1876f56378824aa4936b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7419 bytes)
Hash
f777f840a3fc7e500c57a7cbdf88f26d
3518e8a18807209e94011806a96492e0d86ee9c9
44aa32fa1bf15785a4dd8cd6184772fb268113cbf459f5f30a70ff5ca66c9e05

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7419
x-amzn-requestid: bc02abbe-706d-42af-b963-0163b07b87c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbnE7OIAMFW2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-247606a3713a20d25cf83763;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: W_FZ-TYlfmS1JSvZVG4v_4Iag3ssm5J2oYgk0LBdKqv-Q0KST6FkDQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 12127
etag: "3518e8a18807209e94011806a96492e0d86ee9c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5950 bytes)
Hash
800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: ce85112e-428d-4ca1-9dac-1d6c8c6dc74a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CKyF9EI3oAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a96f2-05c5948d6f74948b1c67d68c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 05:49:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tu0ENc_6tfykYc23nLfwYEMsi5HIfaDWF6dvzVTfX5rfjr3JrmMrCA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:02:44 GMT
age: 57605
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d837d4e-ce18-46d7-b240-75b9b4a896bd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12642 bytes)
Hash
ba2db8d73f3c451a15890457345a7f44
fc3a53367d844a13ec4b9742fd86954e8c187245
da47b2bde2a7bbca671b6d39f193ff4aaf4ef64d7e6586a62a8c026094ade6c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d837d4e-ce18-46d7-b240-75b9b4a896bd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12642
x-amzn-requestid: 4bd678ba-79b1-4dc1-a58a-a7fe6e2e933b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFV8EQfoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5bf-3a673c87370eede03c329782;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:11:59 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: KOg5BN0h_1GUN1VZwRZGujervaMsYOVLKZuOMX9Ccu4tNkopImo4mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 10:38:51 GMT
age: 47091
etag: "fc3a53367d844a13ec4b9742fd86954e8c187245"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
f148d2e3cd5679fe5cb9cd58630517c7
b312f7c6526254709a0f7424502952e9eaff9c78
6e98a90935a53caa8871238088e77269e5d7215d16dccabe7e9e4af09f39f7b0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: a49dca74-54fa-457c-a5b6-e347fd139d1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8ovEgAIAMFcnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b749e-673461e13b7d2f4e7ad66e7f;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:35:26 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ATbmD8auxaSsKlj6KDtI9biU-euAHDVEIVMiHR7hmroViIWghZUsKQ==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:45 GMT
age: 7197
etag: "b312f7c6526254709a0f7424502952e9eaff9c78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sgnnusyd.top/template/smmmsp/assets/images/theme/default/share_person.png

104.21.86.140

200 OK

120 kB

URL HTTP/1.1
sgnnusyd.top/template/smmmsp/assets/images/theme/default/share_person.png
IP
104.21.86.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 209 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
120 kB (120413 bytes)
Hash
0d14c8e56fc563d379c937900ded0d55
203a9f011bade5af589203b10506e7e0cccc7668
eeebb7933f599e6ddab118b4501dc623b4511350acaca1ea40230c1722b520ac

HTTP Headers

GET /template/smmmsp/assets/images/theme/default/share_person.png HTTP/1.1
Host: sgnnusyd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/template/smmmsp/assets/css/custom/header.css

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: image/png
Content-Length: 120413
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2019 09:00:22 GMT
ETag: "5c7a4626-1d65d"
Expires: Fri, 21 Apr 2023 21:31:48 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 7914
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNc6xcRbXE%2FSFyoTNNmlTTMQqWAbU7WTNlv086R0ZsB7poiDRHd40j9Hp2rkKD0BJ8k0CDaioKj8%2BZLhtwVsQLPkTV%2FPZYxBgIfuxJubwFkyekFcq6Uy0Z2oPgeCmik%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c62e803b52d-OSL
alt-svc: h2=":443"; ma=60

34.120.237.76

200 OK

3.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc0bc3b0-2c17-4305-a4d7-d558f47aeace.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.2 kB (3165 bytes)
Hash
0e547b770b9e32980b318e1be9312f72
85abadbfd327a42779dcc4ba5fb918096a44c51d
8d10e97a58c7c70c62cdb2b2eb057b2d701813db8d794c87818caa0226fcbb73

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc0bc3b0-2c17-4305-a4d7-d558f47aeace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3165
x-amzn-requestid: 4ebffee3-ebba-4a57-a851-807d901bc7c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbmGjwIAMFy6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-552caa9c405a4c871b0f94b5;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: GvIoanR2CGriEmYEuAmYBlz_t4aWTFiI6PPkwStLsFXplOlQYc2_mQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 00:12:42 GMT
age: 84660
etag: "85abadbfd327a42779dcc4ba5fb918096a44c51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/yurydv50l2j0352yurydv50l2j23555.jpg

172.67.28.138

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/yurydv50l2j0352yurydv50l2j23555.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
12 kB (12549 bytes)
Hash
c53095c816d59c63f83c1a523bc9271d
dd7ffe0bc75a38b1bf216188ea6df56fef79018e
ba93e0cfea85072a55e633f2a7d490fbe6a615ef7b3cc399fe9abba50d7c7e1a

HTTP Headers

GET /upload/vod/2020/03-27/03/yurydv50l2j0352yurydv50l2j23555.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/jpeg
content-length: 12549
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13141, status=webp_bigger
etag: "5e7d07f7-3355"
last-modified: Thu, 26 Mar 2020 19:52:23 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac24c610b9ab518-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/jrennps12py0352jrennps12py25563.jpg

172.67.28.138

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/jrennps12py0352jrennps12py25563.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
12 kB (11901 bytes)
Hash
42718d1fbcce0d2d247dd6c85c253920
cabba5e338d0f2306c1242cfb56d125573d02f72
3ac27d43918099b40cba674dc5e8043366638d48cb50312486b9b27383240ac4

HTTP Headers

GET /upload/vod/2020/03-27/03/jrennps12py0352jrennps12py25563.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/jpeg
content-length: 11901
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12468, status=webp_bigger
etag: "5e7d07f9-30b4"
last-modified: Thu, 26 Mar 2020 19:52:25 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac24c60fb97b518-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/gv5t4h0hrau0352gv5t4h0hrau10529.jpg

172.67.28.138

200 OK

12 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/gv5t4h0hrau0352gv5t4h0hrau10529.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
12 kB (11668 bytes)
Hash
aa3835bfb68453a43515452d95cd34e4
0660fdf212413f672bdf0479b66733fdb2fc07e9
46712d96bb8ea2d39edbd6b40342847cd7a19a7d5fc47fa45f19108c3fb88697

HTTP Headers

GET /upload/vod/2020/03-27/03/gv5t4h0hrau0352gv5t4h0hrau10529.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/jpeg
content-length: 11668
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12228, status=webp_bigger
etag: "5e7d07ea-2fc4"
last-modified: Thu, 26 Mar 2020 19:52:10 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac24c610b98b518-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/w0zgjxxvn2h0352w0zgjxxvn2h06523.jpg

172.67.28.138

200 OK

7.0 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/w0zgjxxvn2h0352w0zgjxxvn2h06523.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.0 kB (6992 bytes)
Hash
0492338e94e5e5b2e6152bf665abfeb5
2ef1c3b2798a389a0ebd285127449317671cdf41
5ca6c5bd14e684580126858bb3ed8351fb814d25332338644439d431f984e3f9

HTTP Headers

GET /upload/vod/2020/03-27/03/w0zgjxxvn2h0352w0zgjxxvn2h06523.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/webp
content-length: 6992
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8349
content-disposition: inline; filename="w0zgjxxvn2h0352w0zgjxxvn2h06523.webp"
etag: "5e7d07e6-209d"
last-modified: Thu, 26 Mar 2020 19:52:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac24c60fb96b518-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/bhxsyebsh0p0352bhxsyebsh0p08527.jpg

172.67.28.138

200 OK

9.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/bhxsyebsh0p0352bhxsyebsh0p08527.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.7 kB (9722 bytes)
Hash
d5499a42d6738a9b9539574405f3d754
e3a6b5ba2eef35082b1367909f489324d2cb67de
5ddeb41fb7c2a2282b494a12a6b730381bbb1c2bed35c2b83347efdf61adba84

HTTP Headers

GET /upload/vod/2020/03-27/03/bhxsyebsh0p0352bhxsyebsh0p08527.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/webp
content-length: 9722
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10109
content-disposition: inline; filename="bhxsyebsh0p0352bhxsyebsh0p08527.webp"
etag: "5e7d07e9-277d"
last-modified: Thu, 26 Mar 2020 19:52:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac24c60fb94b518-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/4chyzee5yqj03524chyzee5yqj24559.jpg

172.67.28.138

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/4chyzee5yqj03524chyzee5yqj24559.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
11 kB (11315 bytes)
Hash
44938449ffa1599d8e2a34663ddfe2da
2e340adf10c32ddf730e7d500a9436e97e1e0690
a04e9e2b156872a989526d8075b6363fa17f2da0dd87c1dd6241b2f64a66724f

HTTP Headers

GET /upload/vod/2020/03-27/03/4chyzee5yqj03524chyzee5yqj24559.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/jpeg
content-length: 11315
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11874, status=webp_bigger
etag: "5e7d07f8-2e62"
last-modified: Thu, 26 Mar 2020 19:52:24 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac24c610b9db518-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/03/kelb22gae4t.jpg

172.67.28.138

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/03/kelb22gae4t.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
11 kB (11007 bytes)
Hash
7277466154d4bebfcf4373b8994b25a5
cd4ea883287fa3a316f0a25dc68223b113abbaf3
b1111bb574e88b8f9d5ebab1bdd58d1432bf951200ee95046cd0bcb63b859028

HTTP Headers

GET /upload/vod/2023/03/kelb22gae4t.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/jpeg
content-length: 11007
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11599, status=webp_bigger
etag: "6405c6a9-2d4f"
last-modified: Mon, 06 Mar 2023 10:55:37 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac24c610b9eb518-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/03/ktvx4xkv4vn.jpg

172.67.28.138

200 OK

7.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/03/ktvx4xkv4vn.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.7 kB (7732 bytes)
Hash
255b00498a38cfe1b2c48bab30302859
97661baef7c6d025b2adc505ef470f522f20c6bb
82a034f01495292f765ba558449dd9c79c2f7f53c1291433e631cf5b1fe0eac7

HTTP Headers

GET /upload/vod/2023/03/ktvx4xkv4vn.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/webp
content-length: 7732
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8827
content-disposition: inline; filename="ktvx4xkv4vn.webp"
etag: "6405c6b6-227b"
last-modified: Mon, 06 Mar 2023 10:55:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ac24c60fb91b518-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/03-27/03/emqecqhkdd30352emqecqhkdd307525.jpg

172.67.28.138

200 OK

10 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-27/03/emqecqhkdd30352emqecqhkdd307525.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
10 kB (9996 bytes)
Hash
096c68c21605bfba10f1d2432adea190
6fecb7bb204a05db7ba6dc07549d2b51c106dcac
2a6fab95e4686b778aa50370ce3b4695047eb9291e226f4f6673102b7fcfe579

HTTP Headers

GET /upload/vod/2020/03-27/03/emqecqhkdd30352emqecqhkdd307525.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/jpeg
content-length: 9996
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10530, status=webp_bigger
etag: "5e7d07e7-2922"
last-modified: Thu, 26 Mar 2020 19:52:07 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac24c60fb95b518-OSL
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7a9fa0ee62da46f17be0d0c01a5c57e6
03107a1b6b8663a71609ba29618cbb801a7c9a5d
ff82f97356c322bf3abb26fbc13aa78878d450ac5b8aaf286e0f5dfcc2c70405

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 26 Mar 2023 20:07:16 GMT
ETag: "03107a1b6b8663a71609ba29618cbb801a7c9a5d"
Last-Modified: Wed, 22 Mar 2023 20:07:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1908
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c639f82b50c-OSL

lbfm.lbpictupian.com/upload/vod/2023/03/s5ullw5c2to.jpg

172.67.28.138

200 OK

8.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/03/s5ullw5c2to.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.8 kB (8750 bytes)
Hash
8be19d16075a07e723266e4973747977
849273c9dfb2379d01016b238852fc41328be870
245cb26b3daaf40d546450356c7d50515803055e812cbf1708a97b2b1844bcd0

HTTP Headers

GET /upload/vod/2023/03/s5ullw5c2to.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:42 GMT
content-type: image/jpeg
content-length: 8750
last-modified: Mon, 06 Mar 2023 10:55:45 GMT
etag: "6405c6b1-222e"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac24c60fb93b518-OSL
X-Firefox-Spdy: h2

js.users.51.la/21571025.js

103.143.19.103

200 OK

2.3 kB

URL HTTP/1.1
js.users.51.la/21571025.js
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
ASCII text, with very long lines (4898)
Size
2.3 kB (2309 bytes)
Hash
1263d86c2a5319dcc90b9fff8d50ba62
10c6ab64986ff03427b5e0b630957e0704fa4506
9c6244d584984f1e0fa6fae14419e3fae7cf20f1f73eea87211f12075f4cc1ce

HTTP Headers

GET /21571025.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Server: CloudWAF
Date: Wed, 22 Mar 2023 23:43:43 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=577cf10f3400e7f188c; path=/
HWWAFSESTIME=1679528622586; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
05c01847b903d61c49491d9de84a41c6
217b7e1f2d218a1f69d9f3ea608a0443b05aa957
75334ac1d2514ae6b03ee4d27d333d98d653547c8681811d2d2bab711da00fdf

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Sun, 26 Mar 2023 21:10:48 GMT
ETag: "217b7e1f2d218a1f69d9f3ea608a0443b05aa957"
Last-Modified: Wed, 22 Mar 2023 21:10:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3225
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c6789d7b4fd-OSL

hm.baidu.com/hm.js?b4880b6604705131f58605822b48ade5

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?b4880b6604705131f58605822b48ade5
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
a5fdb7d0f42a65c01c02d81a2bfa2855
1c29a9d0ed3d9397cf87e4e22ab7ceb282401efe
e3b8f45f61a3536f3072846350777087911ff3c8f87bda869efca3b8d3924e26

HTTP Headers

GET /hm.js?b4880b6604705131f58605822b48ade5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.htjfdb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Wed, 22 Mar 2023 23:43:43 GMT
Etag: 340830124b075a6ff02b07b2b7e10194
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D43DDDA28BBDE744; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
d758ddd1ad7dc0ed992a094182934a4a
295a2a7fb1acbb9743f2be64196bac97f5793f87
8e78e07e68f2b726e29f7ac4fc0b88f1633522cac95d780ad4d0943b410cdbb3

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Sun, 26 Mar 2023 23:35:45 GMT
ETag: "295a2a7fb1acbb9743f2be64196bac97f5793f87"
Last-Modified: Wed, 22 Mar 2023 23:35:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac24c6b8d75b4fd-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aaf1812178357b2ebef633a2e18fce40
7f7395419a1891076940abc0baa2a4c86446b3fb
194eb86cad88d0cf4dc0bbd0d68d77a0550da79f6b285fdec60a7c7a3eb4e2a5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "194EB86CAD88D0CF4DC0BBD0D68D77A0550DA79F6B285FDEC60A7C7A3EB4E2A5"
Last-Modified: Tue, 21 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4786
Expires: Thu, 23 Mar 2023 01:03:29 GMT
Date: Wed, 22 Mar 2023 23:43:43 GMT
Connection: keep-alive

hm.baidu.com/hm.js?65dd0edee86b82f2424cf951cbae0bc3

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?65dd0edee86b82f2424cf951cbae0bc3
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (620)
Size
11 kB (11258 bytes)
Hash
ff896b9bf4f23b23c844b8f6ead836f0
7cd1479a8c1d29d78d708520fd041c916d3b6584
81e80b9dfa23cc3bcaece56a6932d5a75b5c8c54a66a7eeae175604c0e6c7e1c

HTTP Headers

GET /hm.js?65dd0edee86b82f2424cf951cbae0bc3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Wed, 22 Mar 2023 23:43:43 GMT
Etag: 4e7aafb6fcd2462e790d7f00a65a3f58
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=68F009F34AF2B752; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

dvcasha2.ocsp-certum.com/

95.101.10.193

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.193:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
1808b714ae2da9d090e6d8928ef19367
16fcf2288ac38b8f429702950915c26ec4c16b47
a26cf54fb3b0e5cfa9f6f8e787b80e67d956d36d92e9f622f6aa8d8727d7eb0a

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=881
Date: Wed, 22 Mar 2023 23:43:44 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

95.101.10.193

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.193:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
99ebd3f0c8045b345f29212a48b030cc
68ab224c05a98ae90d36f0c1b7c563282768ff77
a719b7e37c488755613464663622b5cbca053a41215a1b0b1af25eab7b76cb71

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Wed, 22 Mar 2023 23:43:44 GMT
Connection: keep-alive
X-N: S

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
0b3e29f4265497fe1b6e3157cc71c9f4
e62fa0e99224ac1d7cdcc11e334dbafb79c02ae7
3d94853e9aa2ba6f98214f3a709c31ef7ec23af42f03e2a4adcd206faee9848e

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:44 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2023 04:57:45 GMT
Expires: Wed, 29 Mar 2023 04:57:44 GMT
Etag: "e62fa0e99224ac1d7cdcc11e334dbafb79c02ae7"
Cache-Control: max-age=536639,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac24c6c7e0b069b-OSL

hm.baidu.com/hm.js?bb5df629d89651b4be132773570ee52d

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?bb5df629d89651b4be132773570ee52d
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (620)
Size
11 kB (11258 bytes)
Hash
68b78410e0df059a27d7d1c0692837d8
182fb4ed3de12dfe3d77df26ed4b418975a46670
1b35e0a5426295ab133bf5ec189dbb8851376b0b939fea05d35e87e4a49f0a0a

HTTP Headers

GET /hm.js?bb5df629d89651b4be132773570ee52d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Wed, 22 Mar 2023 23:43:43 GMT
Etag: 282d746c9aa947fb24ac6e920511169e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8610CE74965EB24B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=935431485&si=b4880b6604705131f58605822b48ade5&v=1.3.0&lv=1&sn=63185&r=0&ww=1280&u=http%3A%2F%2Fwww.htjfdb.com%2F9ty16k_ezak0g.html&tt=%E8%BF%9E%E4%BA%91%E6%B8%AF%E9%92%9F%E5%9F%8E%E4%BF%9D%E9%99%A9%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=935431485&si=b4880b6604705131f58605822b48ade5&v=1.3.0&lv=1&sn=63185&r=0&ww=1280&u=http%3A%2F%2Fwww.htjfdb.com%2F9ty16k_ezak0g.html&tt=%E8%BF%9E%E4%BA%91%E6%B8%AF%E9%92%9F%E5%9F%8E%E4%BF%9D%E9%99%A9%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=935431485&si=b4880b6604705131f58605822b48ade5&v=1.3.0&lv=1&sn=63185&r=0&ww=1280&u=http%3A%2F%2Fwww.htjfdb.com%2F9ty16k_ezak0g.html&tt=%E8%BF%9E%E4%BA%91%E6%B8%AF%E9%92%9F%E5%9F%8E%E4%BF%9D%E9%99%A9%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.htjfdb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 22 Mar 2023 23:43:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=10779B0D27D43AAB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

img.fjxozva.cn/sejie/640X180.gif

154.211.68.49

200 OK

359 kB

URL HTTP/1.1
img.fjxozva.cn/sejie/640X180.gif
IP
154.211.68.49:0
ASN
#399077 TERAEXCH

File type
GIF image data, version 89a, 640 x 180\012- data
Size
359 kB (359354 bytes)
Hash
8c68b35d1903857386707944d96519bf
298333d4f0670dbb5a96d51a3f0ed5d9dbdf8b89
9961d4e4435c2a41481a04e5ef72665d708503275d72c2b8662e05b514ec887d

HTTP Headers

GET /sejie/640X180.gif HTTP/1.1
Host: img.fjxozva.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Server: NgxFence
Date: Wed, 22 Mar 2023 23:43:43 GMT
Content-Type: image/gif
Content-Length: 359354
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 06:46:05 GMT
ETag: "63df50ad-57bba"
Expires: Fri, 21 Apr 2023 12:11:14 GMT
Cache-Control: max-age=2592000
X-Cache: HIT
Accept-Ranges: bytes

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=566214919&si=65dd0edee86b82f2424cf951cbae0bc3&su=http%3A%2F%2Fwww.htjfdb.com%2F&v=1.3.0&lv=1&sn=63186&r=0&ww=1268&u=http%3A%2F%2Fsgnnusyd.top%2F

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=566214919&si=65dd0edee86b82f2424cf951cbae0bc3&su=http%3A%2F%2Fwww.htjfdb.com%2F&v=1.3.0&lv=1&sn=63186&r=0&ww=1268&u=http%3A%2F%2Fsgnnusyd.top%2F
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=566214919&si=65dd0edee86b82f2424cf951cbae0bc3&su=http%3A%2F%2Fwww.htjfdb.com%2F&v=1.3.0&lv=1&sn=63186&r=0&ww=1268&u=http%3A%2F%2Fsgnnusyd.top%2F HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 22 Mar 2023 23:43:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=24E9CAF62D272AAE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=981697435&si=bb5df629d89651b4be132773570ee52d&su=http%3A%2F%2Fwww.htjfdb.com%2F&v=1.3.0&lv=1&sn=63186&r=0&ww=1268&u=http%3A%2F%2Fsgnnusyd.top%2F

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=981697435&si=bb5df629d89651b4be132773570ee52d&su=http%3A%2F%2Fwww.htjfdb.com%2F&v=1.3.0&lv=1&sn=63186&r=0&ww=1268&u=http%3A%2F%2Fsgnnusyd.top%2F
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=981697435&si=bb5df629d89651b4be132773570ee52d&su=http%3A%2F%2Fwww.htjfdb.com%2F&v=1.3.0&lv=1&sn=63186&r=0&ww=1268&u=http%3A%2F%2Fsgnnusyd.top%2F HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 22 Mar 2023 23:43:44 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5B662A76DD6025AA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

qp.ezfxpuo.cn/960X120.gif

218.66.171.96

200 OK

228 kB

URL HTTP/2
qp.ezfxpuo.cn/960X120.gif
IP
218.66.171.96:0
ASN
#133776 Quanzhou

File type
GIF image data, version 89a, 960 x 120\012- data
Size
228 kB (228436 bytes)
Hash
3410c612c418b48fbfa2267b122ba080
f3b2afff8b2f619cd5cceeafc1c6899182c1aade
d2336e807f8542eb27df7956f2ca225df80c9062b727b6f7e559f581d281a377

HTTP Headers

GET /960X120.gif HTTP/1.1
Host: qp.ezfxpuo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: NgxFence
date: Wed, 22 Mar 2023 23:43:44 GMT
content-type: image/gif
content-length: 228436
x-oss-request-id: 63F9A9C29DB57839357E4FFC
etag: "3410C612C418B48FBFA2267B122BA080"
last-modified: Tue, 21 Feb 2023 12:58:29 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10750440309597543641
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: NBDGEsQYtI+/oiZ7EiuggA==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
c25a5142e0faabb14cfd216dcdb62df9
cb04afc36c5fa0b527fb451ec4ea702a373f127c
c478691d30ffa7b2abc9b2e77d05ba2fd8091b8dc874a9948f69cd4090f887e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 15:03:48 GMT
Expires: Mon, 27 Mar 2023 15:03:47 GMT
Etag: "cb04afc36c5fa0b527fb451ec4ea702a373f127c"
Cache-Control: max-age=400202,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac24c6f7d05b524-OSL

8499133.com/8499/zzxx/960x80.gif

172.247.109.214

200 OK

367 kB

URL HTTP/2
8499133.com/8499/zzxx/960x80.gif
IP
172.247.109.214:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
367 kB (366944 bytes)
Hash
bde9cbff38e305f40a245a7cf87bd85a
4aaa627b0db260ac7f97a9223e93b1e2f35caba4
375eaceb954016306188bd02f6cc229f71c8e1ef337e99b6ec0a98fad9b3eb7e

HTTP Headers

GET /8499/zzxx/960x80.gif HTTP/1.1
Host: 8499133.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 22 Mar 2023 23:43:44 GMT
content-type: image/gif
content-length: 366944
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "59960-5f092cf09840f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

595tuchuang.com/960x80.gif

23.224.27.252

200 OK

853 B

URL HTTP/1.1
595tuchuang.com/960x80.gif
IP
23.224.27.252:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document, ASCII text, with very long lines (853), with no line terminators
Size
853 B (853 bytes)
Hash
5f69d632a371517fcae7f2025b812ed9
7a3b71e703106a3aa173aa97ad7254b569c33fae
3c4fcf1300dd51038a76d3f4c71ab6ff9e38e14c8210b0980a6da44eed66779c

HTTP Headers

GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 853
Pragma: no-cache
Cache-control: no-store

587tuchuang.com/960x80.gif

14.128.34.137

200 OK

46 kB

URL HTTP/1.1
587tuchuang.com/960x80.gif
IP
14.128.34.137:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 960 x 80\012- data
Size
46 kB (45891 bytes)
Hash
71f52eb6b257632ccf5f1ca592e24630
078e286ab14da4c78fd1a245b6d75a411b5dd6aa
05821b4f922a0eaa3454b7bef9da02cde5ae19ab2cc64e827eeadce056bcc670

HTTP Headers

GET /960x80.gif HTTP/1.1
Host: 587tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 23:43:44 GMT
Content-Type: image/gif
Content-Length: 45891
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 15:48:40 GMT
ETag: "63b6f158-b343"
Expires: Tue, 11 Apr 2023 08:48:41 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes

amwnsr2.oss-cn-hongkong.aliyuncs.com/zhandiantupian/weinisr960x60.gif

47.75.19.127

200 OK

466 kB

URL HTTP/1.1
amwnsr2.oss-cn-hongkong.aliyuncs.com/zhandiantupian/weinisr960x60.gif
IP
47.75.19.127:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
466 kB (466231 bytes)
Hash
2d5acfdeae9aa51b650a22e6cfe80eab
f3da6f58d7e2e93ac3b1a80e2a33d97809d407dd
51d3ee5801161b7a25ee9c244177cb229ae94864ea578fa36e113b2a8afb0d41

HTTP Headers

GET /zhandiantupian/weinisr960x60.gif HTTP/1.1
Host: amwnsr2.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 22 Mar 2023 23:43:43 GMT
Content-Type: image/gif
Content-Length: 466231
Connection: keep-alive
x-oss-request-id: 641B92AFDD75B73032779E64
Accept-Ranges: bytes
ETag: "2D5ACFDEAE9AA51B650A22E6CFE80EAB"
Last-Modified: Tue, 21 Mar 2023 09:15:13 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 25875504806329940
x-oss-storage-class: Standard
Content-Disposition: attachment=file
Content-MD5: LVrP3q6apRtlCiLmz+gOqw==
x-oss-server-time: 3

ia.51.la/go1?id=21571025&rt=1679528629861&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1679528629861&tt=&kw=&cu=http%253A%252F%252Fsgnnusyd.top%252F&pu=http%253A%252F%252Fwww.htjfdb.com%252F

103.143.19.103

200

0 B

URL HTTP/1.1
ia.51.la/go1?id=21571025&rt=1679528629861&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1679528629861&tt=&kw=&cu=http%253A%252F%252Fsgnnusyd.top%252F&pu=http%253A%252F%252Fwww.htjfdb.com%252F
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go1?id=21571025&rt=1679528629861&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1679528629861&tt=&kw=&cu=http%253A%252F%252Fsgnnusyd.top%252F&pu=http%253A%252F%252Fwww.htjfdb.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sgnnusyd.top/

HTTP/1.1 200 
Server: CloudWAF
Date: Wed, 22 Mar 2023 23:43:45 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=597368f85d0a181b95b; path=/
HWWAFSESTIME=1679528622804; path=/

667aaa.us/d978576ad7634777a7e4122bdd1a28a3.gif

45.61.212.53

200 OK

579 kB

URL HTTP/1.1
667aaa.us/d978576ad7634777a7e4122bdd1a28a3.gif
IP
45.61.212.53:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 750 x 120\012- data
Size
579 kB (579018 bytes)
Hash
54c2a3fb838c8e711bbe07220637d637
77e33ed77eb68c23320c059105fb2c900141301e
fc832269e62682138155c4f5e7f34f36512d1bfe69482fbc4a2cc3d27251c8e1

HTTP Headers

GET /d978576ad7634777a7e4122bdd1a28a3.gif HTTP/1.1
Host: 667aaa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "639ad110-8d5ca"
Date: Thu, 23 Feb 2023 10:11:06 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 15 Dec 2022 07:47:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-23
Content-Length: 579018

cdn1229-1308348670.cos.ap-nanjing.myqcloud.com/wns150x150.gif

129.211.179.197

200 OK

311 kB

URL HTTP/1.1
cdn1229-1308348670.cos.ap-nanjing.myqcloud.com/wns150x150.gif
IP
129.211.179.197:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
GIF image data, version 89a, 200 x 200\012- data
Size
311 kB (310983 bytes)
Hash
a220023dd0e44c9f8897f265ca9945ff
549e511d27e963e4ba2687ee6938f3ea22338c24
8c734c3e75e2be6741589f491e3dffc7b30b04db0d334a9f3851b2b52eccd3ca

HTTP Headers

GET /wns150x150.gif HTTP/1.1
Host: cdn1229-1308348670.cos.ap-nanjing.myqcloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 310983
Connection: keep-alive
Accept-Ranges: bytes
Date: Wed, 22 Mar 2023 23:43:44 GMT
ETag: "a220023dd0e44c9f8897f265ca9945ff"
Last-Modified: Thu, 29 Dec 2022 12:11:20 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 1860464640855114371
x-cos-request-id: NjQxYjkyYjBfY2Q0ZWI3MDlfMmIyZjJfNDMzMDZmOA==

cdn1229-1308348670.cos.ap-nanjing.myqcloud.com/wns960x60.gif

129.211.179.197

200 OK

283 kB

URL HTTP/1.1
cdn1229-1308348670.cos.ap-nanjing.myqcloud.com/wns960x60.gif
IP
129.211.179.197:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
GIF image data, version 89a, 960 x 60\012- data
Size
283 kB (283343 bytes)
Hash
5a692c7eac633dac0780648aaf931af0
09ee5b3024d7a33e8809183fa58375e2a8afd8bd
750e31815841d359971bd22357bf21fc5f13726cfbd604c35506f22092960688

HTTP Headers

GET /wns960x60.gif HTTP/1.1
Host: cdn1229-1308348670.cos.ap-nanjing.myqcloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sgnnusyd.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 283343
Connection: keep-alive
Accept-Ranges: bytes
Date: Wed, 22 Mar 2023 23:43:44 GMT
ETag: "5a692c7eac633dac0780648aaf931af0"
Last-Modified: Thu, 29 Dec 2022 12:11:21 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 7351191847357699362
x-cos-request-id: NjQxYjkyYjBfOGM1NGU0MDlfMWNmYzVfNDI0YThhNw==

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML