sm.166du.com/sm.txt
743 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (741), with CRLF line terminators
Hash 0c440af4b4ae7474fc25593f0136f7fa
02974a9a75a4a8b672572bb9080f34bd195c4c39
65e7f1012bc08f6cc7d028303aa165bdc20f3bf3f8c0bca99719d14d295d28d0
GET /sm.txt HTTP/1.1
Host: sm.166du.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 743
Cache-Control: max-age=600
Connection: close
Server: openresty tg@tenfyBot
172.247.4.236:1188/?u=aHR0cDovL3NtLjE2NmR1LmNvbS9zbS50eHQ=&p=L3NtLnR4dA==
137 B URL 172.247.4.236:1188/?u=aHR0cDovL3NtLjE2NmR1LmNvbS9zbS50eHQ=&p=L3NtLnR4dA==
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0908220c26dc2f60f995b29231e4268c
c0b47504b887a0316e76968a765ba5d862d7e980
08709a93281d5ff17e9451886eafa108e0fdf5c90248aa182c581c24281a3e50
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?u=aHR0cDovL3NtLjE2NmR1LmNvbS9zbS50eHQ=&p=L3NtLnR4dA== HTTP/1.1
Host: 172.247.4.236:1188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sm.166du.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 23 Nov 2023 16:40:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
91iav.com/
743 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (741), with CRLF line terminators
Hash 0c440af4b4ae7474fc25593f0136f7fa
02974a9a75a4a8b672572bb9080f34bd195c4c39
65e7f1012bc08f6cc7d028303aa165bdc20f3bf3f8c0bca99719d14d295d28d0
GET / HTTP/1.1
Host: 91iav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 743
Cache-Control: max-age=600
Connection: close
Server: openresty tg@tenfyBot
91iav.com/
743 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (741), with CRLF line terminators
Hash 0c440af4b4ae7474fc25593f0136f7fa
02974a9a75a4a8b672572bb9080f34bd195c4c39
65e7f1012bc08f6cc7d028303aa165bdc20f3bf3f8c0bca99719d14d295d28d0
GET / HTTP/1.1
Host: 91iav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://sm.166du.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 743
Cache-Control: max-age=600
Connection: close
Server: openresty tg@tenfyBot
172.247.4.236:1188/?u=aHR0cDovLzkxaWF2LmNvbS8=&p=Lw==
266 B URL 172.247.4.236:1188/?u=aHR0cDovLzkxaWF2LmNvbS8=&p=Lw==
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (353), with CRLF line terminators
Hash 7bf4f992d8a1f1396043c58672a4d2e3
f9f60264044ce7371b10f556d793867f222eb751
05696c7c94af7089a442fb21d53b604b88298461c6daa965153d98048d473dae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?u=aHR0cDovLzkxaWF2LmNvbS8=&p=Lw== HTTP/1.1
Host: 172.247.4.236:1188
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://91iav.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 23 Nov 2023 16:40:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
js.takshing2010.com/download/289_0.html
200 OK 16 kB URL User Request GET HTTP/1.1 js.takshing2010.com/download/289_0.html
IP
ASN #4837 CHINA UNICOM China169 Backbone
Certificate IssuerLet's Encrypt
Subject*.takshing2010.com
Fingerprint2F:3D:A8:F7:97:AF:D5:B2:89:4B:6C:E7:6B:8E:F9:7A:52:EB:51:2F
ValidityThu, 23 Nov 2023 00:51:22 GMT - Wed, 21 Feb 2024 00:51:21 GMT
Hash b6679b9e354e4f8fe4d35ce2b79cca40
1ddbc244ed9d3ee35b717c461b01309947f7956e
f5e7e6059d1e88232afca4d3d6e0459b038cc1d10ceee23d8a6a380e6929b6aa
GET /download/289_0.html HTTP/1.1
Host: js.takshing2010.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://172.247.4.236:1188/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Nov 2023 16:40:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 15502
Connection: keep-alive
Server: openresty
X-CCDN-Expires: 2590169
via: CHN-HEshijiazhuang-AREACUCC11-CACHE27[2],CHN-HEshijiazhuang-AREACUCC11-CACHE25[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE7[5],CHN-TJ-GLOBAL1-CACHE25[0,TCP_HIT,2]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
X-CCDN-REQ-ID-46B1: ced8abeaa5df9072589374a52f322c9b
nginx-hit: 1
Age: 1831
Accept-Ranges: bytes
js.takshing2010.com/js/two/js/jquery.min.js
200 OK 33 kB URL GET HTTP/1.1 js.takshing2010.com/js/two/js/jquery.min.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://js.takshing2010.com/download/289_0.html
Certificate IssuerLet's Encrypt
Subject*.takshing2010.com
Fingerprint2F:3D:A8:F7:97:AF:D5:B2:89:4B:6C:E7:6B:8E:F9:7A:52:EB:51:2F
ValidityThu, 23 Nov 2023 00:51:22 GMT - Wed, 21 Feb 2024 00:51:21 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (32086), with CRLF line terminators
Hash 2c396fff199a7303387bd1d7aaaff4c5
4009c594ca39acb4917ebf414b2564e25792edab
5e8046935585b7d6f301e1f8707c0498003edeeb32abe6def0bb285bb51a5b8e
GET /js/two/js/jquery.min.js HTTP/1.1
Host: js.takshing2010.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/download/289_0.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Nov 2023 16:40:56 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 33285
Connection: keep-alive
Server: openresty
Content-Encoding: gzip
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
ETag: "e0275cc10eada69c"
via: CHN-HEshijiazhuang-AREACUCC11-CACHE27[22],CHN-HEshijiazhuang-AREACUCC11-CACHE17[0,TCP_HIT,21],CHN-TJ-GLOBAL1-CACHE11[10],CHN-TJ-GLOBAL1-CACHE115[0,TCP_HIT,4]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
X-CCDN-REQ-ID-46B1: 1f047a896217f0d0fb1895d03cb732e2
nginx-hit: 1
Cache-Control: public
Age: 9623
X-CCDN-Expires: 2592000
Accept-Ranges: bytes
js.takshing2010.com/js/two/js/twojs.js
200 OK 1.6 kB URL GET HTTP/1.1 js.takshing2010.com/js/two/js/twojs.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://js.takshing2010.com/download/289_0.html
Certificate IssuerLet's Encrypt
Subject*.takshing2010.com
Fingerprint2F:3D:A8:F7:97:AF:D5:B2:89:4B:6C:E7:6B:8E:F9:7A:52:EB:51:2F
ValidityThu, 23 Nov 2023 00:51:22 GMT - Wed, 21 Feb 2024 00:51:21 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (518)
Hash 53a4d1f117e7b7a11fd82f7e1d6dd5d5
ea526cea7c23ffebc736fcfdc863e4f58d13ccb1
f745baf6c1f44e2646090e622e3a72909c83276bd842f6c1b57f5a18f2fcb9ae
GET /js/two/js/twojs.js HTTP/1.1
Host: js.takshing2010.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/download/289_0.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Nov 2023 16:40:56 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1569
Connection: keep-alive
Server: openresty
Content-Encoding: gzip
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
ETag: "15d0df19bcec5c0b"
X-CCDN-Expires: 2591713
via: CHN-HEshijiazhuang-AREACUCC11-CACHE53[2],CHN-HEshijiazhuang-AREACUCC11-CACHE47[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE33[9],CHN-TJ-GLOBAL1-CACHE47[0,TCP_HIT,5]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
X-CCDN-REQ-ID-46B1: c4c2adde3462a86aba463f4ebf6ca6b4
nginx-hit: 1
Cache-Control: public
Age: 25701
Accept-Ranges: bytes
js.takshing2010.com/js/two/js/289.js
200 OK 222 B URL GET HTTP/1.1 js.takshing2010.com/js/two/js/289.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://js.takshing2010.com/download/289_0.html
Certificate IssuerLet's Encrypt
Subject*.takshing2010.com
Fingerprint2F:3D:A8:F7:97:AF:D5:B2:89:4B:6C:E7:6B:8E:F9:7A:52:EB:51:2F
ValidityThu, 23 Nov 2023 00:51:22 GMT - Wed, 21 Feb 2024 00:51:21 GMT
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 4d3cc0de02f07a2a25d39f3b94de202f
2e2300f14a0c946681855b3337169c64ba5fb8cf
7460b84142b7b8f59ae39625c821986bf122ba3292d4b0d00c95f99446e6309f
GET /js/two/js/289.js HTTP/1.1
Host: js.takshing2010.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/download/289_0.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Nov 2023 16:40:56 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 222
Connection: keep-alive
Server: openresty
Content-Encoding: gzip
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
ETag: "60ab81acd411a53d"
X-CCDN-Expires: 2590169
via: CHN-HEshijiazhuang-AREACUCC11-CACHE58[3],CHN-HEshijiazhuang-AREACUCC11-CACHE1[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE40[5],CHN-TJ-GLOBAL1-CACHE98[0,TCP_HIT,1]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
X-CCDN-REQ-ID-46B1: 4447513d7640cc4a1e3b75bf6f55ff22
nginx-hit: 1
Cache-Control: public
Age: 25561
Accept-Ranges: bytes
js.takshing2010.com/js/five/js/md5.js
200 OK 2.9 kB URL GET HTTP/1.1 js.takshing2010.com/js/five/js/md5.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://js.takshing2010.com/download/289_0.html
Certificate IssuerLet's Encrypt
Subject*.takshing2010.com
Fingerprint2F:3D:A8:F7:97:AF:D5:B2:89:4B:6C:E7:6B:8E:F9:7A:52:EB:51:2F
ValidityThu, 23 Nov 2023 00:51:22 GMT - Wed, 21 Feb 2024 00:51:21 GMT
File type ASCII text, with CRLF line terminators
Hash ee3a962f93b0031161f08e7c6503f961
742ebc274ad08267f56e51e585c8720a32c9e3a5
dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474
GET /js/five/js/md5.js HTTP/1.1
Host: js.takshing2010.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/download/289_0.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Nov 2023 16:40:56 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2942
Connection: keep-alive
Server: openresty
Content-Encoding: gzip
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
ETag: "ffda5da30ac811d2"
X-CCDN-Expires: 2591714
via: CHN-HEshijiazhuang-AREACUCC11-CACHE20[3],CHN-HEshijiazhuang-AREACUCC11-CACHE52[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE101[7],CHN-TJ-GLOBAL1-CACHE52[0,TCP_HIT,3]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
X-CCDN-REQ-ID-46B1: 86d550841d3c869bb1f22f6925a94c24
nginx-hit: 1
Cache-Control: public
Age: 25701
Accept-Ranges: bytes
js.takshing2010.com/js/two/js/zhutongji.js
200 OK 223 B URL GET HTTP/1.1 js.takshing2010.com/js/two/js/zhutongji.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://js.takshing2010.com/download/289_0.html
Certificate IssuerLet's Encrypt
Subject*.takshing2010.com
Fingerprint2F:3D:A8:F7:97:AF:D5:B2:89:4B:6C:E7:6B:8E:F9:7A:52:EB:51:2F
ValidityThu, 23 Nov 2023 00:51:22 GMT - Wed, 21 Feb 2024 00:51:21 GMT
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 9b2a61ccd320fc0ce7d8e0e94ac1b18a
19307b3664e161bee3c6763edae451783da375a5
a3c092f5579fd9bf60f9983382692283de4a651a43540400bb00249e853a3cfd
GET /js/two/js/zhutongji.js HTTP/1.1
Host: js.takshing2010.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/download/289_0.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Nov 2023 16:40:56 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 223
Connection: keep-alive
Server: openresty
Content-Encoding: gzip
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
ETag: "3b62847c6f4ae3b9"
via: CHN-HEshijiazhuang-AREACUCC11-CACHE18[50],CHN-HEshijiazhuang-AREACUCC11-CACHE16[0,TCP_HIT,50],CHN-TJ-GLOBAL1-CACHE73[4],CHN-TJ-GLOBAL1-CACHE32[0,TCP_HIT,2]
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
X-CCDN-REQ-ID-46B1: 9129229721d5f97fa83242e1cada6fd0
nginx-hit: 1
Cache-Control: public
Age: 6044
X-CCDN-Expires: 2592000
Accept-Ranges: bytes
hm.baidu.com/hm.js?6aea8cb130c5ae22d7efb1f7083ee6fa
200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?6aea8cb130c5ae22d7efb1f7083ee6fa
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://js.takshing2010.com/download/289_0.html
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type ASCII text, with very long lines (619)
Hash 4850bfb4aed5b12ce0b6aea21ac13858
db8ca07fe135d23b79a52a77497e269d522dbc30
fd9790abc65544820d8c4cf6174a1e481996c58bfa70c7c1e08b1b885082ed7d
GET /hm.js?6aea8cb130c5ae22d7efb1f7083ee6fa HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Thu, 23 Nov 2023 16:40:58 GMT
Etag: 2fbdd6bf575306ef6187c0f4af919f58
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EAD8F4F3A4BBB0B3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1830426812&si=6aea8cb130c5ae22d7efb1f7083ee6fa&su=http%3A%2F%2F172.247.4.236%3A1188%2F&v=1.3.0&lv=1&sn=58876&r=0&ww=1280&u=https%3A%2F%2Fjs.takshing2010.com%2Fdownload%2F289_0.html
43 B URL GET hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1830426812&si=6aea8cb130c5ae22d7efb1f7083ee6fa&su=http%3A%2F%2F172.247.4.236%3A1188%2F&v=1.3.0&lv=1&sn=58876&r=0&ww=1280&u=https%3A%2F%2Fjs.takshing2010.com%2Fdownload%2F289_0.html
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://js.takshing2010.com/download/289_0.html
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1830426812&si=6aea8cb130c5ae22d7efb1f7083ee6fa&su=http%3A%2F%2F172.247.4.236%3A1188%2F&v=1.3.0&lv=1&sn=58876&r=0&ww=1280&u=https%3A%2F%2Fjs.takshing2010.com%2Fdownload%2F289_0.html HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 23 Nov 2023 16:40:58 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=54290E305A7501FA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
i.87251865.com/20231025/9b30bdcc4b22e4b7784345ff43336c61.pgs
31 kB URL GET i.87251865.com/20231025/9b30bdcc4b22e4b7784345ff43336c61.pgs
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://js.takshing2010.com/download/289_0.html
File type PNG image data, 166 x 165, 8-bit/color RGBA, non-interlaced\012- data
Hash 16220e7188b91e4860f9067ef4e26445
6aacfdba3189ef6fcbc80e1b94ab1b12a1adafe8
a43b48777295acbb3511aed81fb344b0af0ccc4db4ae768ffda0208e95a22547
GET /20231025/9b30bdcc4b22e4b7784345ff43336c61.pgs HTTP/1.1
Host: i.87251865.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 30720
Connection: keep-alive
Server: Default-server-KS-CLOUD-NT-MP-01-20
Date: Wed, 25 Oct 2023 09:29:37 GMT
Expires: Fri, 24 Nov 2023 09:29:37 GMT
Age: 2531481
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, X-Token
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
x-link-via: yyun17:443;ntmp01:80;
X-Cache-Status: HIT from KS-CLOUD-NT-MP-01-20, HIT from KS-CLOUD-YY-UN-17-21
X-Cdn-Request-ID: fc2b835dae0d686eb2609e0612469ca3
hm.baidu.com/hm.js?3f1d4be0fbe06a73d16bab8e7fc19c37
11 kB URL GET hm.baidu.com/hm.js?3f1d4be0fbe06a73d16bab8e7fc19c37
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by https://js.takshing2010.com/download/289_0.html
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type ASCII text, with very long lines (619)
Hash 12c7912861510eeb90f699c447532989
3c0369f2c41759e35774b27983651a7416dd8b71
c97d698643a8e4825c4fe89177564f5e402beff382976e7b3c2afc3f89e08648
GET /hm.js?3f1d4be0fbe06a73d16bab8e7fc19c37 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Thu, 23 Nov 2023 16:40:58 GMT
Etag: fda276b328e421aad6f224c04942ffbf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2893DFAED60E1AFC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
i.87251865.com/20231025/bb637570dce1e0fa19b053d3331d88ed.pgs
52 kB URL GET i.87251865.com/20231025/bb637570dce1e0fa19b053d3331d88ed.pgs
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by https://js.takshing2010.com/download/289_0.html
File type PNG image data, 787 x 937, 8-bit/color RGBA, non-interlaced\012- data
Hash 5075ba0b73e9f6822b4e8be64cffe825
33ab81370723498794596024d907b4586c9f7206
5387c9a1e2ac76e228e07587c6dca57a2f458b5b14a061e1c07df3c592e7af5d
GET /20231025/bb637570dce1e0fa19b053d3331d88ed.pgs HTTP/1.1
Host: i.87251865.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 52224
Connection: keep-alive
Server: Default-server-KS-CLOUD-LIS-MP-12-25
Date: Wed, 25 Oct 2023 09:29:38 GMT
Expires: Fri, 24 Nov 2023 09:29:38 GMT
Age: 2531480
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token, X-Token
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
x-link-via: yyun17:443;lismp12:80;
X-Cache-Status: HIT from KS-CLOUD-LIS-MP-12-25, HIT from KS-CLOUD-YY-UN-17-01-L
X-Cdn-Request-ID: 1955d7a341f4a1ebaf831d03fa2940a9
i.87251865.com/20231025/c146c41aced7429257024fd52ebdb2c6.pgs
0 B URL GET i.87251865.com/20231025/c146c41aced7429257024fd52ebdb2c6.pgs
IP
Requested by https://js.takshing2010.com/download/289_0.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /20231025/c146c41aced7429257024fd52ebdb2c6.pgs HTTP/1.1
Host: i.87251865.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
i.87251865.com/20231025/a9232f7f80d4a49050d467050744a7f1.pgs
0 B URL GET i.87251865.com/20231025/a9232f7f80d4a49050d467050744a7f1.pgs
IP
Requested by https://js.takshing2010.com/download/289_0.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /20231025/a9232f7f80d4a49050d467050744a7f1.pgs HTTP/1.1
Host: i.87251865.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
i.87251865.com/20231025/e84b4641ae16699dd310e49a10c701f6.pgs
0 B URL GET i.87251865.com/20231025/e84b4641ae16699dd310e49a10c701f6.pgs
IP
Requested by https://js.takshing2010.com/download/289_0.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /20231025/e84b4641ae16699dd310e49a10c701f6.pgs HTTP/1.1
Host: i.87251865.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
i.87251865.com/20231025/c67d00421b3c63a9470514499c61b6ad.pgs
0 B URL GET i.87251865.com/20231025/c67d00421b3c63a9470514499c61b6ad.pgs
IP
Requested by https://js.takshing2010.com/download/289_0.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /20231025/c67d00421b3c63a9470514499c61b6ad.pgs HTTP/1.1
Host: i.87251865.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
cizmq.com/gs.js
0 B IP
Requested by https://js.takshing2010.com/download/289_0.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gs.js HTTP/1.1
Host: cizmq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
cizmq.com/gs.js
0 B IP
Requested by https://js.takshing2010.com/download/289_0.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gs.js HTTP/1.1
Host: cizmq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.takshing2010.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
172.247.4.237
103.235.46.191
58.20.136.6
0.0.0.0