Report - jiantuo.net/

Report Overview

Submitted URL
jiantuo.net/
IP
154.23.115.81
ASN
#137969 HONG KONG BRIDGE INFO-TECH LIMITED
Submitted
2022-09-07 01:31:14
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
www.ddys054.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	71 kB	192.161.82.59
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	37 kB	103.235.46.191
zz.bdustatic.com	671229	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	741 B	104.26.9.99
js.users.51.la	53024	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	2.7 kB	103.143.19.103
vkhhjp.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	445 kB	103.170.15.46
jcyunk2.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	290 kB	45.61.212.57
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.148.62
dimg04.c-ctrip.com	139731	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.0 MB	104.110.17.24
ocsp.digicert.cn	37572	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	47.246.44.205
ia.51.la	59607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	840 B	200 B	103.143.19.103
p26.toutiaoimg.com	75286	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	1.2 kB	120.52.95.235
jiantuo.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	196 B	154.23.115.81
www.jiantuo.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	3.5 kB	154.23.115.81
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	696 B	3.8 kB	104.18.20.226
acoozzh.top	439448	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	401 kB	172.67.189.203
si1.go2yd.com	325918	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	756 B	265 kB	163.171.140.79
kvezz.com	237784	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	423 B	64.32.13.142
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.7 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
fmlb.netlbtu.com	187701	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.1 kB	128 kB	104.21.235.174
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	104.18.32.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-07	medium	js.users.51.la/21276283.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	www.jiantuo.net/index.php	44 B	2023-03-07	2023-03-07
Pretty URL www.jiantuo.net/index.php IP 154.23.115.81 ASN #137969 HONG KONG BRIDGE INFO-TECH LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-03-07 13:17:11 Times Seen1 Hash fc200343637645b71519e708971661bf 1585ff41d0c3f2b97fc44d8c2a32fcc465adeb61 32460f2068c4be499e2ed878f4d5cae57e5222f6cb19b6606ab9271b9704bd49 Loading...

	www.jiantuo.net/common.js	1.5 kB	2023-03-07	2023-03-07
Pretty URL www.jiantuo.net/common.js IP 154.23.115.81 ASN #137969 HONG KONG BRIDGE INFO-TECH LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-03-07 13:17:11 Times Seen1 Hash 4897dbe677bdfb68da3e36bb7818604e 984793bfe7d38a46aab5e593a8c2449c4148056c 9536ba48d89997899019cc2dd1565307a5c3a2246a76c77238b8d0405a0a7e6c Loading...

	www.jiantuo.net/tj.js	258 B	2023-03-07	2023-03-07
Pretty URL www.jiantuo.net/tj.js IP 154.23.115.81 ASN #137969 HONG KONG BRIDGE INFO-TECH LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:12 Last Seen2023-03-07 13:17:11 Times Seen1 Hash 274cf6decff90d9ee1e3adf37a49094f 7be5dd484cb6bb4ce3ea8a610d8e3cf4b5202b8a 28fc2ffe8469415c66e90d33ebf74fd756f23a8829c6eb02966b0b02e9ae7ffe Loading...

	www.ddys054.top/	74 B	2023-03-07	2024-04-25
Pretty URL www.ddys054.top/ IP 192.161.82.59 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:24 Last Seen2024-04-25 08:56:37 Times Seen684 Hash fecf0e0d3357fa72cd59069c9f081f16 3dff6fff704b485a0317d2612a55318fd2f1e515 27aa2c388fd2005b3bc0f4e3c9bc51d6aa1f2ffac10b78e5ccf06adef7da2bdd Loading...

	hm.baidu.com/hm.js?206e0ebe9beac414c579cfd9af445e33	30 kB	2023-03-07	2023-03-07
Pretty URL hm.baidu.com/hm.js?206e0ebe9beac414c579cfd9af445e33 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-03-07 13:17:11 Times Seen1 Hash 614eed09cfae962f4a8e4f29edb36ba8 3c246caf1ea3286dc63d45ddb754c346032e6827 e642621ddea60463f341a27601659b6d99340c7256ead196f3f7d8fd3facb759 Loading...

	hm.baidu.com/hm.js?e01da3ff3a2684df3d39a3f70c20cecb	30 kB	2023-03-07	2023-03-07
Pretty URL hm.baidu.com/hm.js?e01da3ff3a2684df3d39a3f70c20cecb IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-03-07 13:17:11 Times Seen1 Hash 0801135684a97ba981c96d28c86d15d9 41057d4c56091ff28196d3ea85b6853dd1efa5ad 89b586df44777649f7265f7909e35bb78d762b6257758fd2af99b8dfbc226c91 Loading...

	hm.baidu.com/hm.js?bfe6b26f78903861e446f74e1a2f35ef	30 kB	2023-03-07	2023-03-07
Pretty URL hm.baidu.com/hm.js?bfe6b26f78903861e446f74e1a2f35ef IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-03-07 13:17:11 Times Seen1 Hash 5dfff8cba32ab75a41fcaaabfec6a09f 01ac4e7bf32f8be32d4f54b60144a4ea59a85940 7216a2226aa32fe9e2be9e0f9a71aed097c15da6b19bd532359fa1df3f8884db Loading...

	www.ddys054.top/static/js/jquery.js	93 kB	2023-03-07	2024-04-26
Pretty URL www.ddys054.top/static/js/jquery.js IP 192.161.82.59 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:44 Last Seen2024-04-26 19:54:41 Times Seen4832 Hash 383771ef1692bfcc3f2b6917ca985778 a1ce0bfa507f23cc414a9a7634bd73b994bb3b35 20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734 Loading...

	www.ddys054.top/template/m1938pc/ads/aaa.js	396 B	2023-03-07	2023-03-17
Pretty URL www.ddys054.top/template/m1938pc/ads/aaa.js IP 192.161.82.59 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:47 Last Seen2023-03-17 10:15:32 Times Seen1 Hash 849627eef6308cb5fb51c21a27af90a6 8b36d5f6b8ad8e44f85d8fe0271e5eb8e62a7916 c1fbcfcf90b7e58b38a2ea0062689d952a5746d4743aca0eb5dd9d943aec92cc Loading...

	www.ddys054.top/	254 B	2023-03-07	2023-03-17
Pretty URL www.ddys054.top/ IP 192.161.82.59 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:47 Last Seen2023-03-17 10:15:32 Times Seen1 Hash 45a6ac9b987929b7fdb2358d01de5d33 d94b0eba8c7156da5beac9b207748a64b819ecf5 5603ef3fe2fa8ee56e346fd80fc1d1462a3e0edee610b9193d7fcf43cd9714f0 Loading...

	js.users.51.la/21276283.js	4.9 kB	2023-03-07	2023-03-17
Pretty URL js.users.51.la/21276283.js IP 103.143.19.103 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:24 Last Seen2023-03-17 12:34:33 Times Seen1 Hash 90866912c2d2cf9e446d7944b71c5017 9e04f7ad8494e3a87fca9c16b8edc97fc6186bd9 e037eddfb14fe53349ee931874c18b7983dda619c9bd11f4575d634a9f9bfd0f Loading...

	www.ddys054.top/	254 B	2023-03-07	2023-03-26
Pretty URL www.ddys054.top/ IP 192.161.82.59 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:45 Last Seen2023-03-26 05:56:09 Times Seen4 Hash c889ebb85460466bbc2c13d0ae16977c 01e82247121a9350e971cad024ea1efd0fcb9a44 e8ae1626c3c41f98b92fad9ab62c13eef4cfb611c1d3f36d28f753e6a43a6ace Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8ca81abe9bf89655e1f5ecfae845f4e2	466 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 13:17:11 Last Seen2023-03-07 13:17:11 Times Seen1 Hash 8ca81abe9bf89655e1f5ecfae845f4e2 20eec798004e5b8a205a445cf6a6a6719bbf1858 dfa3ff9f118de965326ce12c04226f3403cafc8f228a23dba13b11af93f67a99 Loading...

		Size	First Seen	Last Seen
	#1 Write - bf245b3e19432ca35e81b33ed7a8323e	447 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 13:17:11 Last Seen2023-03-07 13:17:11 Times Seen1 Hash bf245b3e19432ca35e81b33ed7a8323e f7409bfab9b046a9dc3c33915478d312d49cad50 ee25551420f1b06030a3900cb57c66e3422d392e6d1c06487cd0cf0a3cdf3439 Loading...

HTTP Transactions (72)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 01:04:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j6iGIxD2MEE3tZjrcfaYBTxd26vBsFZuqkdr_1-NS0oawWFNebSbNA==
Age: 1588

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6902
Expires: Wed, 07 Sep 2022 03:26:05 GMT
Date: Wed, 07 Sep 2022 01:31:03 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Tue, 06 Sep 2022 03:46:34 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JfFayiD3iATW2Fzzj5QjWvinv5KCVLFTJcZ4i5vvwOEcrV3qsMqb4g==
age: 78270
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 01:31:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

jiantuo.net/

154.23.115.81

301 Moved Permanently

0 B

URL HTTP/1.1
jiantuo.net/
IP
154.23.115.81:0
ASN
#137969 HONG KONG BRIDGE INFO-TECH LIMITED

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Sep 2022 01:30:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.jiantuo.net/index.php

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 07 Sep 2022 00:38:18 GMT
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 00:48:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: X0QUYDDRxzc91V0s-F84-S2BKE4mGHahPkLpzkqRVSaAE88gxUoQfA==
Age: 3165

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4406
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 01:31:04 GMT
Last-Modified: Wed, 07 Sep 2022 00:17:38 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

www.jiantuo.net/index.php

154.23.115.81

200 OK

545 B

URL HTTP/1.1
www.jiantuo.net/index.php
IP
154.23.115.81:0
ASN
#137969 HONG KONG BRIDGE INFO-TECH LIMITED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (702), with CRLF line terminators
Size
545 B (545 bytes)
Hash
d3aedfc4bb1b7f893e570ce396e60d0b
493be895508bed25ff2c139dfa61419638fe7761
4f7f9f1fc7e76a97ae467870e5d531c4145c9dfb8988dfaadc319ce41bca8a77

HTTP Headers

GET /index.php HTTP/1.1
Host: www.jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 01:30:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

54.148.148.62

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.148.62:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Knj+WElh2UjfzjXNn9+VrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YigNI+iP2juYwtYzjDf+7MdnrGA=

www.jiantuo.net/common.js

154.23.115.81

200 OK

681 B

URL HTTP/1.1
www.jiantuo.net/common.js
IP
154.23.115.81:0
ASN
#137969 HONG KONG BRIDGE INFO-TECH LIMITED

File type
HTML document text\012- HTML document, ASCII text, with very long lines (440), with CRLF line terminators
Size
681 B (681 bytes)
Hash
1178df7392b87ca4a7e82d9feb540707
4572a16e2716ef32801768e59003d47e0e525f40
3d10626e8aec01eae90869f6d9e41420aac3dee418464c430f96e69de5cf3589

HTTP Headers

GET /common.js HTTP/1.1
Host: www.jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jiantuo.net/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 01:30:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.jiantuo.net/tj.js

154.23.115.81

200 OK

258 B

URL HTTP/1.1
www.jiantuo.net/tj.js
IP
154.23.115.81:0
ASN
#137969 HONG KONG BRIDGE INFO-TECH LIMITED

File type
ASCII text, with CRLF line terminators
Size
258 B (258 bytes)
Hash
274cf6decff90d9ee1e3adf37a49094f
7be5dd484cb6bb4ce3ea8a610d8e3cf4b5202b8a
28fc2ffe8469415c66e90d33ebf74fd756f23a8829c6eb02966b0b02e9ae7ffe

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jiantuo.net/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 01:30:55 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive

www.jiantuo.net/favicon.ico

154.23.115.81

200 OK

1.2 kB

URL HTTP/1.1
www.jiantuo.net/favicon.ico
IP
154.23.115.81:0
ASN
#137969 HONG KONG BRIDGE INFO-TECH LIMITED

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.jiantuo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jiantuo.net/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 12 Sep 2022 01:30:56 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
24c71b38eb6a85ce86b3c579bc4e3489
ea16b2e16ff80fb67aee001075c0e9a559b96054
cdcc84506372c591eaace9a5e85666d3a48ef9b59cfadc597b2b69e536d9984f

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 01:31:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Sep 2022 23:30:37 GMT
ETag: "ea16b2e16ff80fb67aee001075c0e9a559b96054"
Last-Modified: Tue, 06 Sep 2022 23:30:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 333
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746baed00a65b4f7-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6214 bytes)
Hash
f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 03:42:05 GMT
age: 78540
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa395dcd-c2bf-4b9e-a70f-5dc4000d8b8f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.2 kB (3187 bytes)
Hash
ed39b35d8a767c2aad6a77fadc60f233
f9767c74a6f717635f67ac541f0126f5a63bd7d3
343efa10126cf70588f1968dea7c77ec3ff8a121e1152f1f9b9b4960fc42bddb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa395dcd-c2bf-4b9e-a70f-5dc4000d8b8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3187
x-amzn-requestid: 8a44698f-2fd0-4980-9882-971810debb88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X6Wf9GyaoAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63140465-3a46f65e5f8c4522065c5ad5;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 01:50:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hs1q2aYJyrggLRzjgYyKwmMhT6W4EG5yqc9CRM9zupXi_jOi5yvNiA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 18:22:32 GMT
age: 25713
etag: "f9767c74a6f717635f67ac541f0126f5a63bd7d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8501 bytes)
Hash
b8270b1deb7d093ca8add7908bcc5136
d7f050173460584cecb8e280aefeb0e0f3a8c1d6
148080cd0f4f5aafcfc5a9d737dd99e101895f83a177e0dc15d27079cf6b56bb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8501
x-amzn-requestid: aff7d553-fc1f-4bc7-a6fd-cb87cfdbfa55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrUuG2sIAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bf51-1d866fbd1db11e75426ec057;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V6rtVoPZ2axpHxUOh0tuLzdMmqpsqyf_MmYEW9y0djaxQYp_zt4_kQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:31 GMT
age: 13294
etag: "d7f050173460584cecb8e280aefeb0e0f3a8c1d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12661 bytes)
Hash
79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 11793
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8756 bytes)
Hash
44ee4c9bd1e550045d69f24ad511070c
3bf0d51801523d7014ac76b5ab90c989fc7a770f
ee48c13050faa498f79222216f9c71b20b3a4e5e8e5c59c7156c276ab942703c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8756
x-amzn-requestid: d48113bc-fe40-4d59-b700-194b1092ab67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqmxQEbVoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630db807-14ff6f5b0ffb9a7f08e57906;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:11:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YKs0giofWi83MnLBqx6zAu1NGd_A9-l6y2pULUBn2RK0-H3KNRzrUg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 12:47:43 GMT
age: 45802
etag: "3bf0d51801523d7014ac76b5ab90c989fc7a770f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74f48f7-6138-4042-9b4c-f63bb036324f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11972 bytes)
Hash
124a0c0a970006aa660031b5e0ec70d9
3dcd7b5ca2cc9ab604df554b341d1e08bffaa3d7
14c5c6aaf110c123037eb860ecc9d386d46af55fe54cb50f9d1ad430f7e0c516

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74f48f7-6138-4042-9b4c-f63bb036324f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11972
x-amzn-requestid: e71daf97-7463-492d-b55a-0eab022d8b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0nI2G1tIAMFk2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b89e-7d6c6d1769649d371c505453;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 08:02:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lNUnWV03HGfGLUSblwFyCjoiSuPlolly4h94cFFZcve3AmtJNkiH7g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:16 GMT
age: 13729
etag: "3dcd7b5ca2cc9ab604df554b341d1e08bffaa3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.ddys054.top/

192.161.82.59

200 OK

14 kB

URL HTTP/1.1
www.ddys054.top/
IP
192.161.82.59:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3679), with CRLF, LF line terminators
Size
14 kB (13820 bytes)
Hash
48de3263b7b45133688ba19212780055
abfec1a64a084f5bb20fceccc9742394f1c8840c
28047e97696c97232b7f0f4b30459e617b0188adb78235c99e7b01e73a210aee

HTTP Headers

GET / HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jiantuo.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: PHPSESSID=1bbc3uk9nprmag1hv63j4jgla3; path=/
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 13820

fmlb.netlbtu.com/upload/vod/2022/08-20/12/od2uxezydkq1230od2uxezydkq1618619.jpg

104.21.235.174

200 OK

7.9 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-20/12/od2uxezydkq1230od2uxezydkq1618619.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.9 kB (7863 bytes)
Hash
f8007ef32c55c5faf0451d025e6d64dc
e8be110f17a27def5c89498d31b6400868c3b2b7
1f06ebce86a63df8918339a5e421bfafcb5e8d33dd3f381d2be5bd7b9f87fa4e

HTTP Headers

GET /upload/vod/2022/08-20/12/od2uxezydkq1230od2uxezydkq1618619.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 7863
cf-bgj: h2pri
etag: "0ba478c4db4d81:0"
last-modified: Sat, 20 Aug 2022 04:30:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oIRFOFgUMeX8uwVoD0f7VRbpJMRARs4lO2Stw86pR3XX48N7pBGhYR3JgIpvz%2BZsTfFQGIK%2B5BP%2FPiHKCi0omorVGIrYt60CxV3rb5n1z4YHiGIVcpMIw6WVNOwmpjcd3rt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef376a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-31/12/ogta4c5chro1206ogta4c5chro5722813.jpg

104.21.235.174

200 OK

12 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/ogta4c5chro1206ogta4c5chro5722813.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (12007 bytes)
Hash
77f18a195e01651883d6cec37e1ae907
323e253c143f145cf73c45e987ab6b2524120ec7
a722bab950e1b18f0d0d2339fe6412ee89d0c1e0ae582cdbc48cf19723d9bb2d

HTTP Headers

GET /upload/vod/2022/08-31/12/ogta4c5chro1206ogta4c5chro5722813.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 12007
cf-bgj: h2pri
etag: "686f1c1defbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWHfL8BnxfavSZ9gBN3uE6oB35CfMlsKRo8RaBup1sPTzlJWo7R06gBHXsg9dHe0LKePjfQ9bsVw%2BSXJYrYjK6JcBRY4KSrGQDmZ9VvSxiPZgQ%2BmcRTNCXRHM96ro%2FvG%2Bq8C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef876a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-31/12/3oajauvpbpb12073oajauvpbpb0022819.jpg

104.21.235.174

200 OK

11 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/3oajauvpbpb12073oajauvpbpb0022819.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (10689 bytes)
Hash
483832a477f4edee3f0fdc3b81a68ab4
a2bfa3c154c654156a0b334a695c6f3a67a5209d
0eac3a30a3111f40c42fb994f5f22b0012d9fa02af4c38c2729667635e5e50b2

HTTP Headers

GET /upload/vod/2022/08-31/12/3oajauvpbpb12073oajauvpbpb0022819.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 10689
cf-bgj: h2pri
etag: "e791b61eefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:07:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoP6OjL%2BL%2B0S2foE2iYJkcSDAxBduTmiDr12fX9FjZuRRrLetpg4HRauG4U9Eyqn8En2648VTlAybrHdgW5P5IdprbqMYXguoBOmaX7vZdwR8qjL0b9tJZ8eHZm%2BxdXox26o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef976a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-31/12/3h5qhkkxzkm12063h5qhkkxzkm5922817.jpg

104.21.235.174

200 OK

6.5 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/3h5qhkkxzkm12063h5qhkkxzkm5922817.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.5 kB (6459 bytes)
Hash
6be6ae5deac1335461fff729b1a5e739
929573e694012d49b43aedd1dec760d872cda74f
44e6e0598163d1ee3dfa44f7fc39d2ce0fcb55fd6065cf009739380aeb95fd43

HTTP Headers

GET /upload/vod/2022/08-31/12/3h5qhkkxzkm12063h5qhkkxzkm5922817.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 6459
cf-bgj: h2pri
etag: "7f482c1eefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6937
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aamDOUuxc9tlzWG2ll59lwBvMOmv%2FpGcdUiRCBC%2BrYeg%2BtrgyXd09%2BSunY2puoUkXV%2BP2sAKTZ5ZIcU7FeiGZvGEoRPxncX8LpKb0k2jVgaA5OBcrrxCw1fzZGwt6mR7dFl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14efa76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-20/12/0xnbfpv5jte12300xnbfpv5jte1418615.jpg

104.21.235.174

200 OK

5.4 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-20/12/0xnbfpv5jte12300xnbfpv5jte1418615.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.4 kB (5412 bytes)
Hash
3fee48c56c5dfc85cf267119d43162c3
4516a17f0829439061b208689bbbbc26492e1bb0
ceb8abca1eb678798d0325b910106a06026d207f3df26c04ec84a8cf742bd9d2

HTTP Headers

GET /upload/vod/2022/08-20/12/0xnbfpv5jte12300xnbfpv5jte1418615.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 5412
cf-bgj: h2pri
etag: "ab622e8b4db4d81:0"
last-modified: Sat, 20 Aug 2022 04:30:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsT5c1oPjSM3lK8IBqavrh0RrES7MoTXRWMW19hGmgPA23RmERRDsWPFcO7dxJvkRAiibLXK30ummNIUM6ExxaDa0f6pSRZ8hesHOIImoa4M1RddXbJ0D2xrSqWz3LkXwHnz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0f76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-21/11/53yhdn4ttk4115153yhdn4ttk40318941.jpg

104.21.235.174

200 OK

8.8 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-21/11/53yhdn4ttk4115153yhdn4ttk40318941.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.8 kB (8777 bytes)
Hash
a51d1e789e8320a4fa962abbad3b4c1f
1e917165c474da7b0f913e57da4f42816b3084ef
cec3c6c0f5a81c00ea68af707680d263f4d11c631f5cfcaac039f3c8cee6f517

HTTP Headers

GET /upload/vod/2022/08-21/11/53yhdn4ttk4115153yhdn4ttk40318941.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 8777
cf-bgj: h2pri
etag: "3820954811b5d81:0"
last-modified: Sun, 21 Aug 2022 03:51:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snuwHH8Pm39fD7Lxl%2BPhpBESns3KBiUgh85KCbYOCLrYzKXWIABtQuQvu6GiYP%2Fj5bGD0yXDIwPrKhgD9gUdBIvVkoxTZe03IZvM5IaXcirPEDIY4eYlJFfY4ue001Cw59VG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0a76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.ddys054.top/template/m1938pc/css/zui.css

192.161.82.59

200 OK

15 kB

URL HTTP/1.1
www.ddys054.top/template/m1938pc/css/zui.css
IP
192.161.82.59:0
ASN
#40065 CNSERVERS

File type
assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
15 kB (15198 bytes)
Hash
6f5aa0cf8202076c79fd657900529f6f
2e509a321310355e06c90abfd9b415ef08f6a02b
47ccaf7fd4f05353155d637f76473918470672e4c69f5d8e5df82f685a040bd4

HTTP Headers

GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 07 May 2021 10:47:34 GMT
Accept-Ranges: bytes
ETag: "0e7b632e43d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 15198

www.ddys054.top/template/m1938pc/css/ate.css

192.161.82.59

200 OK

4.5 kB

URL HTTP/1.1
www.ddys054.top/template/m1938pc/css/ate.css
IP
192.161.82.59:0
ASN
#40065 CNSERVERS

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4498 bytes)
Hash
1164a38c5186eff1838f351d96dbd192
1f5c06f7969ca9602774591594b1d4170137cdc3
fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2

HTTP Headers

GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 07 May 2021 10:47:33 GMT
Accept-Ranges: bytes
ETag: "805073622e43d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 4498

www.ddys054.top/template/m1938pc/ads/aaa.js

192.161.82.59

200 OK

399 B

URL HTTP/1.1
www.ddys054.top/template/m1938pc/ads/aaa.js
IP
192.161.82.59:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (396), with no line terminators
Size
399 B (399 bytes)
Hash
dde28d41e1ebbdb9c4c446ddfcc02ed6
5f28574ddf8f6cb696ac47511c5a31c0abcac0f5
0c78935217564d2d7f75ecc96752089404ad376a402f71066cefe73141e3a288

HTTP Headers

GET /template/m1938pc/ads/aaa.js HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 18 Jul 2022 12:41:45 GMT
Accept-Ranges: bytes
ETag: "fe7d5cbda39ad81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 399

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
258f174885c200be903bf46500b20e09
4a53eb13952452b668bbbad725b08bf2e147aae3
c9652d84768b493aa73d8bf5b826094d17369f8c1e8781365c6e3544cbad4cbd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9652D84768B493AA73D8BF5B826094D17369F8C1E8781365C6E3544CBAD4CBD"
Last-Modified: Mon, 05 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13518
Expires: Wed, 07 Sep 2022 05:16:23 GMT
Date: Wed, 07 Sep 2022 01:31:05 GMT
Connection: keep-alive

fmlb.netlbtu.com/upload/vod/2022/08-31/12/ogzozbmi2au1206ogzozbmi2au5822815.jpg

104.21.235.174

200 OK

10 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/ogzozbmi2au1206ogzozbmi2au5822815.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10396 bytes)
Hash
c8305deedcca4d5f686ef9a648715c9b
b5cf26fc0afeff93ff1508dee760ea60dd3afef2
d134d2f80900e68ad304c7c75b50491ba5e150bb21e1a5ca44b51f56e4798d81

HTTP Headers

GET /upload/vod/2022/08-31/12/ogzozbmi2au1206ogzozbmi2au5822815.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 10396
cf-bgj: h2pri
etag: "f0ffa11defbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:58 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAxpw7db%2FdYVpYT2nnpAiNEXBKvygTbKhypajs13FSpnP06U%2BE7yyRsOou0oWMPdZn%2FI5mb0%2FSI4zOnAXmFSDFvCjMeDItHbzYsG0zGEwpQREwkmcvHYHknJlNGdoI%2F1Z9%2Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef776a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-31/12/cwa1tygvy2h1206cwa1tygvy2h5522807.jpg

104.21.235.174

200 OK

7.7 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/cwa1tygvy2h1206cwa1tygvy2h5522807.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.7 kB (7699 bytes)
Hash
19457b5fefe38b38666b6afe71ac0f40
0f6e2a66949608a172472eb50c113a8c23fb9bb3
d1ec6da0b9f8057db936e81e974a959d1b4952eb3c77e653601b6125642b9805

HTTP Headers

GET /upload/vod/2022/08-31/12/cwa1tygvy2h1206cwa1tygvy2h5522807.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 7699
cf-bgj: h2pri
etag: "85cb811befbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:55 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AVbmMdE%2BHhTPVFmeybsO%2BbQGtaKN6VXuVCFeYV1p5BUChGrjRfqxaMHqp%2BFcXyuiivaCrS4ceg4zNqtpvlZpkOBZhyZfgrGQqGc5qFcbAM7Em4d9aP%2FEDtgVjuT35j4phRE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef176a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-21/11/rketpjcef5k1151rketpjcef5k2518943.jpg

104.21.235.174

200 OK

9.5 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-21/11/rketpjcef5k1151rketpjcef5k2518943.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.5 kB (9466 bytes)
Hash
1e46e876d6d7784a372ad703360206e9
7f1b0cf536f218c52faa511b13e00e2f0a3dac8e
9a8c26eca277196269e8c494c7b56e5f8eba7759f0223ccb7423a90e01ead44b

HTTP Headers

GET /upload/vod/2022/08-21/11/rketpjcef5k1151rketpjcef5k2518943.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:05 GMT
content-type: image/jpeg
content-length: 9466
cf-bgj: h2pri
etag: "8442184911b5d81:0"
last-modified: Sun, 21 Aug 2022 03:51:25 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bLT65ujwwLtoCO9MMYaWD%2BPX5EoPruFPmP66qMDKxZexQP0aLaV5JJN1TqppN7%2BlsjhSJMo5i2f%2B%2F8PrYvPvPXU4X%2Bey23E%2B33IQ%2FGFZ%2BRxRMgXmZB48y%2FmfDuASTfUoFWw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0c76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
31eb22596f0981dd27ba396ec8b5a1a0
edd98af351a2b61b3b954583d8283f40f88b3d3b
c1c27524138555b76c887475763b2d5ed0e4470c891b0a9b4c965c544cb3cb5f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 01:31:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 14:54:12 GMT
Expires: Sat, 10 Sep 2022 14:54:11 GMT
Etag: "edd98af351a2b61b3b954583d8283f40f88b3d3b"
Cache-Control: max-age=306784,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746baed2c84ab500-OSL

fmlb.netlbtu.com/upload/vod/2022/08-31/12/tzpr3nyl4v51206tzpr3nyl4v55622811.jpg

104.21.235.174

200 OK

5.7 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/tzpr3nyl4v51206tzpr3nyl4v55622811.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.7 kB (5666 bytes)
Hash
11593e338fa82b9a7c93d94b074ea276
56eda58e12b0b42c06b4713e615a6273e4b1a58c
a5d90957679172bcf6640a5501b323cfd91869dacccf46d7e0ad1d96448ae756

HTTP Headers

GET /upload/vod/2022/08-31/12/tzpr3nyl4v51206tzpr3nyl4v55622811.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 5666
cf-bgj: h2pri
etag: "8eb48f1cefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:56 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=906fGzTKDnt1CdzbPWyjizWgAgLQMd%2FDkJVo6vw4c%2F%2FsHLISNiY9lAhpz5BWSTn2zYpMSteD2Roa9WX8muaiZ6yUwMrQinwaV5%2BlVbSvrOqvRszMt5YjINBz3izIFNdCUINH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef476a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-31/12/q43vdralqsc1206q43vdralqsc5622809.jpg

104.21.235.174

200 OK

7.8 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/q43vdralqsc1206q43vdralqsc5622809.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.8 kB (7760 bytes)
Hash
e18a8143cffaff55708e3d587c477415
f108ec0f0af951475e994f9c9f087e1e5ee9aaea
5fcd686052281dfed24c7e5524319bbbf3c031a62b34b27f4b01405ba00a88cb

HTTP Headers

GET /upload/vod/2022/08-31/12/q43vdralqsc1206q43vdralqsc5622809.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 7760
cf-bgj: h2pri
etag: "10cd71cefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:56 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unZ9pvdyERs5o85AmOFRhGbNFbBZPnT7HgNX5bYDBp62peBVtR69ofep2K9mdfwfKNadJME2eAi5FKFSdHNx1d7ahbxO%2FG%2FInCMEH71Abq%2BNYxQbDWk3fMsfIhiEhwnxzKeY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed14ef676a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-31/12/dtm3eedrjwo1206dtm3eedrjwo5422805.jpg

104.21.235.174

200 OK

7.5 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-31/12/dtm3eedrjwo1206dtm3eedrjwo5422805.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.5 kB (7496 bytes)
Hash
4576da931c391d07c422e4aa0b9c2015
4da6828931f5c5c06052d0b3f8ee1b409ce04366
fb137f8b2f391c8526c168d176a525bcd24dc4c8e9178621876ec49a0f1ef6d3

HTTP Headers

GET /upload/vod/2022/08-31/12/dtm3eedrjwo1206dtm3eedrjwo5422805.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 7496
cf-bgj: h2pri
etag: "d82f71aefbcd81:0"
last-modified: Wed, 31 Aug 2022 04:06:54 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8%2BAM%2B%2Bau6JLvSoeXQ0qEeLLjgkbzs%2BiqeA%2Byr1JTEspnfQ0x%2F67wU6lNnX0rbx9lHZ7cbE3YbW00lBQJkaxDP%2BxXP%2FNFPFN5L1fiROPwW0fQqmQnHx6KS3ASvEAwR4vvrkJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0e76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-21/11/wpzcbnzl0s11151wpzcbnzl0s10218939.jpg

104.21.235.174

200 OK

9.7 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-21/11/wpzcbnzl0s11151wpzcbnzl0s10218939.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.7 kB (9708 bytes)
Hash
b12161fdf98c05c27691f21e1bbf8420
dc718406b2079400a8dacbae8a74c08bd6c88467
66116dfc411d79e5a26af9a70d86a1a35cd1f4b4a7be182516ede36cb5b944c6

HTTP Headers

GET /upload/vod/2022/08-21/11/wpzcbnzl0s11151wpzcbnzl0s10218939.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 9708
cf-bgj: h2pri
etag: "4f1e8b3b11b5d81:0"
last-modified: Sun, 21 Aug 2022 03:51:02 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogVZyUOq9ketlehCnIIEssV7fmXp5D9fJXDxrftUpgCbTEz7jdDQejZuxn81myEqIahNqS4YU9vuZ5G3DTIuK96OHd%2F0TM47nYOjWZWJWfcAFbkYn3kW3H8OALV0DyB8JMMJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0b76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/08-20/12/djdbnllc2kg1230djdbnllc2kg1518617.jpg

104.21.235.174

200 OK

7.7 kB

URL HTTP/2
fmlb.netlbtu.com/upload/vod/2022/08-20/12/djdbnllc2kg1230djdbnllc2kg1518617.jpg
IP
104.21.235.174:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.7 kB (7683 bytes)
Hash
841159e7450f246869d95d2f649c8a97
ad00448d00ca1376f61322639b28e2ded30e506a
26f97573323baa79f5e9c7276082ce670fe777f06016371c6bf1c10909e91c7f

HTTP Headers

GET /upload/vod/2022/08-20/12/djdbnllc2kg1230djdbnllc2kg1518617.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/jpeg
content-length: 7683
cf-bgj: h2pri
etag: "87e7b38b4db4d81:0"
last-modified: Sat, 20 Aug 2022 04:30:15 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKlZobX5UaoOCbY6Pxp%2FgJc9Wg0%2FeKH%2B4SrR8d3OITyGKcmzJ0THamPBQDXBxLSf88VWZAXr35yCaZ8tFZs55FSUioakQ91Z6%2B%2Bxr4dO3j00cFM7d0icDHiYoyPTXE8fpMGq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed16f0d76a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: text/html
content-length: 162
location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

www.ddys054.top/static/js/jquery.js

192.161.82.59

200 OK

33 kB

URL HTTP/1.1
www.ddys054.top/static/js/jquery.js
IP
192.161.82.59:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (32089), with CRLF line terminators
Size
33 kB (32864 bytes)
Hash
635cabcaf3cdeab18470446e80239302
9ab64e394a159396d23d246a7419fe043aa2f7a4
6063409071aa83fdff4be7c3d2134ab8b8f2c32dcd5ce08e44a2d83ab5b2bb42

HTTP Headers

GET /static/js/jquery.js HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 10 Mar 2019 13:12:51 GMT
Accept-Ranges: bytes
ETag: "80cbdbf642d7d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:56 GMT
Content-Length: 32864

dimg04.c-ctrip.com/images/01037120009ujdjqk8377.gif?proc=autoorient

104.110.17.24

200 OK

263 kB

URL HTTP/2
dimg04.c-ctrip.com/images/01037120009ujdjqk8377.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 100 x 100\012- data
Size
263 kB (263443 bytes)
Hash
19c96e5431bd8f5f0497f32d77a332d6
e660df146e1661e26f954ae36f0382ebec1cad97
0c52e0ab9db25405bd3269c29190c5a8d73a429fbed2467f7bad27fd5c5a0ff4

HTTP Headers

GET /images/01037120009ujdjqk8377.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 263443
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14184959
expires: Sat, 18 Feb 2023 05:47:05 GMT
date: Wed, 07 Sep 2022 01:31:06 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0106o120009uiu2p481C6.gif?proc=autoorient

104.110.17.24

200 OK

191 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0106o120009uiu2p481C6.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 480 x 120\012- data
Size
191 kB (190584 bytes)
Hash
4bd8328c77b699efe6eae465d231b708
f6c1f857e163eaa5af28768a8136be424484fae7
78d253c6d8ed67033500b85a878f803c7efcc5bd59fa03a6fdb58d970c8394a8

HTTP Headers

GET /images/0106o120009uiu2p481C6.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 190584
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13860004
expires: Tue, 14 Feb 2023 11:31:10 GMT
date: Wed, 07 Sep 2022 01:31:06 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0105u120009uiu9op34EA.gif?proc=autoorient

104.110.17.24

200 OK

394 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0105u120009uiu9op34EA.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 480 x 120\012- data
Size
394 kB (393511 bytes)
Hash
313e8cf9a429840b5eb15a5464516298
f83576b11e0a1978fddf7974ab14c296fede51b8
17f40a4f6403fe62aea555b54f593a5991bd28afd2d99ba62441bc5d3a34ef36

HTTP Headers

GET /images/0105u120009uiu9op34EA.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 393511
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13879086
expires: Tue, 14 Feb 2023 16:49:12 GMT
date: Wed, 07 Sep 2022 01:31:06 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/01071120009uj7klk4406.gif?proc=autoorient

104.110.17.24

200 OK

190 kB

URL HTTP/2
dimg04.c-ctrip.com/images/01071120009uj7klk4406.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 100 x 100\012- data
Size
190 kB (189825 bytes)
Hash
4636d766691a6cdc04e2b88bdecae86d
c955346f093be97ab794a98a2763f1268d8e9660
1a4cbfb350c6ea8e8fe609fdea1b770d986752cdbf67e88eafe06ed7b7e2bca8

HTTP Headers

GET /images/01071120009uj7klk4406.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 189825
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 264
cache-control: max-age=14230888
expires: Sat, 18 Feb 2023 18:32:34 GMT
date: Wed, 07 Sep 2022 01:31:06 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
f5db207eb683903f57d1e1d1b4fb5a13
61a5dca5b9236ba6d7cf6f02a2a712031e3d5d5c
c730f43908a13209d4cc35db1930f317b61b55e9a23475f3a99ea73e1ca5914e

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 01:31:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Sep 2022 22:45:53 GMT
ETag: "61a5dca5b9236ba6d7cf6f02a2a712031e3d5d5c"
Last-Modified: Tue, 06 Sep 2022 22:45:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 329
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746baed40c3ab4f7-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
76692545dc335a822bfbe13c41571b57
847bd2f0f812bce43cee6c6e161e2adfef7c1769
db77b28c709c2bffabac9450f66c8e676214289f1728d287ce97abbe3850b40d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 01:31:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 15:06:40 GMT
Expires: Mon, 12 Sep 2022 15:06:39 GMT
Etag: "847bd2f0f812bce43cee6c6e161e2adfef7c1769"
Cache-Control: max-age=480332,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746baed408eeb500-OSL

acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif

172.67.189.203

200 OK

400 kB

URL HTTP/2
acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
172.67.189.203:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
400 kB (400264 bytes)
Hash
b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ddys054.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Wed, 28 Sep 2022 23:19:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 699106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOH54O%2FVLSfBeExSAiIoEtZebV3y79BkauCj4l2wJy9yQt39aUe3jlSzjN22lYlBc7ZsjO4YpZPWtYKQ%2BVmIoqZeJ3BpUX7Abl9Pv9Ttka96KWgvZd5MYs1w3BUVGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed48f44b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.ddys054.top/template/m1938pc/images/1.gif

192.161.82.59

200 OK

254 B

URL HTTP/1.1
www.ddys054.top/template/m1938pc/images/1.gif
IP
192.161.82.59:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/m1938pc/images/1.gif HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 07 May 2021 10:47:37 GMT
Accept-Ranges: bytes
ETag: "563214652e43d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:57 GMT
Content-Length: 254

www.ddys054.top/template/m1938pc/images/video-play.png

192.161.82.59

200 OK

1.6 kB

URL HTTP/1.1
www.ddys054.top/template/m1938pc/images/video-play.png
IP
192.161.82.59:0
ASN
#40065 CNSERVERS

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/template/m1938pc/css/zui.css

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 07 May 2021 10:47:37 GMT
Accept-Ranges: bytes
ETag: "661634652e43d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:57 GMT
Content-Length: 1567

www.ddys054.top/template/m1938pc/images/video-mask.png

192.161.82.59

200 OK

107 B

URL HTTP/1.1
www.ddys054.top/template/m1938pc/images/video-mask.png
IP
192.161.82.59:0
ASN
#40065 CNSERVERS

File type
PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

HTTP Headers

GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.ddys054.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/template/m1938pc/css/zui.css

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 07 May 2021 10:47:34 GMT
Accept-Ranges: bytes
ETag: "66c95632e43d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 07 Sep 2022 01:30:57 GMT
Content-Length: 107

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e3baded74ef21a515069ec5194af1c06
f4b20e21fca604a53206d8f4ed19dfd5b17534a8
e940d6ce3ee65528862fb8d0b544a835101f7fa34f7b6a2759aa82bf2209c530

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 01:31:06 GMT
Ali-Swift-Global-Savetime: 1662514266
Via: cache20.l2de2[188,188,200-0,M], cache20.l2de2[190,0], cache1.se1[211,211,200-0,M], cache1.se1[213,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 07 Sep 2022 01:31:06 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516625142663274357e

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e3baded74ef21a515069ec5194af1c06
f4b20e21fca604a53206d8f4ed19dfd5b17534a8
e940d6ce3ee65528862fb8d0b544a835101f7fa34f7b6a2759aa82bf2209c530

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 01:31:06 GMT
Ali-Swift-Global-Savetime: 1662514266
Via: cache2.l2de2[188,188,200-0,M], cache2.l2de2[189,0], cache3.se1[211,210,200-0,M], cache3.se1[213,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 07 Sep 2022 01:31:06 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716625142663335469e

si1.go2yd.com/get-image/0yFUidjGHhQ

163.171.140.79

200 OK

121 kB

URL HTTP/2
si1.go2yd.com/get-image/0yFUidjGHhQ
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 500 x 280\012- data
Size
121 kB (121040 bytes)
Hash
72f445e66343e28d92a588cd7858f2dc
0138a721a5a93bdac4700c65cc6f6490009d3c19
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0

HTTP Headers

GET /get-image/0yFUidjGHhQ HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/gif
content-length: 121040
x-application-context: application
x-kss-request-id: 926b8f9ca982487692c4e63ce22e4a6e
etag: "72f445e66343e28d92a588cd7858f2dc"
content-md5: cvRF5mND4o2SpYjNeFjy3A==
last-modified: Mon, 28 Feb 2022 07:36:54 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:5 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:12 (Cdn Cache Server V2.0), 1.1 tb118:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
x-ws-request-id: 6317f45a_PShlamstdAMS1cc96_805-46492
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2

si1.go2yd.com/get-image/0xle6Gs65qR

163.171.140.79

200 OK

142 kB

URL HTTP/2
si1.go2yd.com/get-image/0xle6Gs65qR
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 500 x 280\012- data
Size
142 kB (142511 bytes)
Hash
f1647a6b3887c0cd3eedccc8d61b790e
7f8cace768f5e978ab421e4511e8b2fe8544f65d
b3e8b0b20b32071c827c56f3b9e57537175610f8f8e6c59439665e2e2d80d931

HTTP Headers

GET /get-image/0xle6Gs65qR HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: image/gif
content-length: 142511
server: Tengine
x-application-context: application
x-kss-request-id: 1d1c290058c84bbdad5290984dd718ff
etag: "f1647a6b3887c0cd3eedccc8d61b790e"
content-md5: 8WR6aziHwM0+7czI1ht5Dg==
last-modified: Thu, 10 Feb 2022 08:00:01 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ks135:0 (Cdn Cache Server V2.0), 1.1 PSzjnbsxlb228:0 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:7 (Cdn Cache Server V2.0)
x-ws-request-id: 6317f45a_PShlamstdAMS1cc96_805-46493
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2

js.users.51.la/21276283.js

103.143.19.103

200 OK

2.3 kB

URL HTTP/1.1
js.users.51.la/21276283.js
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
ASCII text, with very long lines (4898)
Size
2.3 kB (2310 bytes)
Hash
f10d7734daf1b544bbefc81fb249c6f7
f23322adb00e9dbb1a20638936e87c3680b616bd
b2983efc4c9a40406bc800615ee2f4c4c15eb430d2593a68d3ae3e7e32e685df

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /21276283.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: CloudWAF
Date: Wed, 07 Sep 2022 01:31:06 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=d8bd73e8b2c02391be1; path=/
HWWAFSESTIME=1662514263443; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

vkhhjp.com/9337ea14512440999f889eb8a9c83838.gif

103.170.15.46

200 OK

445 kB

URL HTTP/2
vkhhjp.com/9337ea14512440999f889eb8a9c83838.gif
IP
103.170.15.46:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
445 kB (445140 bytes)
Hash
8dc9eeb6e2f698ff336e098bf7c002a6
5be86ef65976a88e36ad3f30fe64d700f1883e0d
0de22c84ec1ac628f800ba4c39c5967868975d2cfc7d00d9244a6431925b9454

HTTP Headers

GET /9337ea14512440999f889eb8a9c83838.gif HTTP/1.1
Host: vkhhjp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=86400
etag: "630f4567-6cad4"
server: nginx
date: Wed, 31 Aug 2022 12:03:29 GMT
content-type: image/gif
last-modified: Wed, 31 Aug 2022 11:26:31 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-36
content-length: 445140
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?e01da3ff3a2684df3d39a3f70c20cecb

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?e01da3ff3a2684df3d39a3f70c20cecb
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (627)
Size
11 kB (11340 bytes)
Hash
62206dc3b86a8da35361127e2b900a03
ab55fad5ee30e316c6f63aba9acb9b0ce1b04ad2
f5a854eb683d7aee3e2c3a06e38b4736b4c25d023af6f4b655e99a5c80515d8a

HTTP Headers

GET /hm.js?e01da3ff3a2684df3d39a3f70c20cecb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jiantuo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Wed, 07 Sep 2022 01:31:06 GMT
Etag: 2ff9c6b5a6d849cbdab7dc35ec73a2cf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=02A41C7DEFE50B6B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

jcyunk2.com/02ed850c424c4194a40ddd5fbd5e2b16.gif

45.61.212.57

200 OK

290 kB

URL HTTP/1.1
jcyunk2.com/02ed850c424c4194a40ddd5fbd5e2b16.gif
IP
45.61.212.57:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
290 kB (290150 bytes)
Hash
a0802cece6f8ee845c514dabeb1be17b
c70eabf0009169cdf262ed33f80d07b71dd2733f
ce5a0609aabbbc9f28df8e70935f210d03153851b44d1f49a27060647042c96e

HTTP Headers

GET /02ed850c424c4194a40ddd5fbd5e2b16.gif HTTP/1.1
Host: jcyunk2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63077036-46d66"
Date: Sat, 03 Sep 2022 05:33:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 25 Aug 2022 12:51:02 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-27
Content-Length: 290150

hm.baidu.com/hm.js?206e0ebe9beac414c579cfd9af445e33

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?206e0ebe9beac414c579cfd9af445e33
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (628)
Size
11 kB (11341 bytes)
Hash
77ca56384174f36cecf387c85eadbe98
9939116cc2f196c9b2a70c02ad36069a71561051
1342fff2722b0c06b648103b5e567116a9b9863be639dd092bad66fc6b5f3527

HTTP Headers

GET /hm.js?206e0ebe9beac414c579cfd9af445e33 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11341
Content-Type: application/javascript
Date: Wed, 07 Sep 2022 01:31:06 GMT
Etag: 9e81aeeb4b0e518c029340af8d286cfb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8BD5783FA0E6B63E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

ia.51.la/go1?id=21276283&rt=1662514260635&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1662514260635&tt=%25E5%25AE%2585%25E7%2594%25B7%25E5%25BD%25B1%25E8%25A7%2586-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A4%25BE%25E5%258C%25BA-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A6%258F%25E5%2588%25A9-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E6%25B0%25B8%25E4%25B9%2585%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fwww.ddys054.top%252F&pu=http%253A%252F%252Fwww.jiantuo.net%252F

103.143.19.103

200

0 B

URL HTTP/1.1
ia.51.la/go1?id=21276283&rt=1662514260635&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1662514260635&tt=%25E5%25AE%2585%25E7%2594%25B7%25E5%25BD%25B1%25E8%25A7%2586-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A4%25BE%25E5%258C%25BA-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A6%258F%25E5%2588%25A9-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E6%25B0%25B8%25E4%25B9%2585%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fwww.ddys054.top%252F&pu=http%253A%252F%252Fwww.jiantuo.net%252F
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go1?id=21276283&rt=1662514260635&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=0&cd=24&ds=&ing=1&ekc=&sid=1662514260635&tt=%25E5%25AE%2585%25E7%2594%25B7%25E5%25BD%25B1%25E8%25A7%2586-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A4%25BE%25E5%258C%25BA-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A6%258F%25E5%2588%25A9-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E6%25B0%25B8%25E4%25B9%2585%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fwww.ddys054.top%252F&pu=http%253A%252F%252Fwww.jiantuo.net%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ddys054.top/

HTTP/1.1 200 
Server: CloudWAF
Date: Wed, 07 Sep 2022 01:31:07 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=763b32dd4d8198fb657; path=/
HWWAFSESTIME=1662514266076; path=/

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2043303302&si=e01da3ff3a2684df3d39a3f70c20cecb&v=1.2.97&lv=1&sn=22381&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.jiantuo.net%2Findex.php&tt=%E8%BE%BD%E5%AE%81%E6%8F%AA%E8%B0%93%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2043303302&si=e01da3ff3a2684df3d39a3f70c20cecb&v=1.2.97&lv=1&sn=22381&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.jiantuo.net%2Findex.php&tt=%E8%BE%BD%E5%AE%81%E6%8F%AA%E8%B0%93%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2043303302&si=e01da3ff3a2684df3d39a3f70c20cecb&v=1.2.97&lv=1&sn=22381&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.jiantuo.net%2Findex.php&tt=%E8%BE%BD%E5%AE%81%E6%8F%AA%E8%B0%93%E6%95%99%E8%82%B2%E5%92%A8%E8%AF%A2%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jiantuo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Sep 2022 01:31:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1E7D4529E97185CE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
4cd6238d7bcf7c800771e58320a59935
efce61580230d08294c0518339580d046b1b1e36
aa9d08df70c356e8cd0a2b2288b4cb008f45b98e333502a4071aa9f023bffb8d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3107
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 01:31:07 GMT
Last-Modified: Wed, 07 Sep 2022 00:39:20 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 727

hm.baidu.com/hm.js?bfe6b26f78903861e446f74e1a2f35ef

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?bfe6b26f78903861e446f74e1a2f35ef
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (626)
Size
11 kB (11339 bytes)
Hash
bfc7127762cdb89e65690706a00103ce
e5c1a66dcf0f770464dea99f8b91fd214032f25d
9c72e8b6e21cd98e88e5c6c2fd0f1ab08cf1fb9ac2098161b61ca7225f35a3af

HTTP Headers

GET /hm.js?bfe6b26f78903861e446f74e1a2f35ef HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Wed, 07 Sep 2022 01:31:07 GMT
Etag: 5e14d110b181d0542e94ef7fdfb6283c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3F8B55E39C506D22; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=1745752219&si=206e0ebe9beac414c579cfd9af445e33&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22381&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=1745752219&si=206e0ebe9beac414c579cfd9af445e33&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22381&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=1745752219&si=206e0ebe9beac414c579cfd9af445e33&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22381&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Sep 2022 01:31:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6FA840B4ADD5F554; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=934603530&si=bfe6b26f78903861e446f74e1a2f35ef&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22382&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=934603530&si=bfe6b26f78903861e446f74e1a2f35ef&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22382&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=923&et=0&ja=0&ln=en-us&lo=0&rnd=934603530&si=bfe6b26f78903861e446f74e1a2f35ef&su=http%3A%2F%2Fwww.jiantuo.net%2F&v=1.2.97&lv=1&sn=22382&r=0&ww=1264&ct=!!&u=http%3A%2F%2Fwww.ddys054.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E7%A6%8F%E5%88%A9-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E6%B0%B8%E4%B9%85%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Sep 2022 01:31:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2724F06F95267845; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

zz.bdustatic.com/linksubmit/push.js

104.26.9.99

403 Forbidden

0 B

URL HTTP/2
zz.bdustatic.com/linksubmit/push.js
IP
104.26.9.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /linksubmit/push.js HTTP/1.1
Host: zz.bdustatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Wed, 07 Sep 2022 01:31:06 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tvmi7RyHRc%2BTNIlzaW4LtFSwbQGoQFk1jNeNpmnEd5vJQujj1XAFr0FuNJCLi3clscm7UY%2FU2JMy6N8%2FRDFA%2FRMx1yXEIGrW6aKDPFpX%2F3o0tLY8pDDbShuOYmNRKAtZ9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746baed49f7a1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image

120.52.95.235

200 OK

0 B

URL HTTP/2
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
IP
120.52.95.235:0
ASN
#133119 China Unicom IP network

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ddys054.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 01:31:08 GMT
content-type: image/gif
content-length: 677521
server: openresty
imagex-fmt: gif2gif
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
x-bdcdn-cache-status: TCP_HIT
x-length: 677521
x-powered-by: ImageX
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
x-response-lb: image
x-tt-logid: 2021123008073501015013614530ADE9B0
server-timing: cdn-cache;desc=HIT, edge;dur=2
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
via: CHN-HElangfang-AREACUCC1-CACHE48[2],CHN-HElangfang-AREACUCC1-CACHE35[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE60[39],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,36]
x-hcs-proxy-type: 1
x-ccdn-cachettl: 31536000
nginx-hit: 1
cache-control: max-age=31536000
age: 6385923
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations