Overview

URL dmlnhx.top/
IP172.121.229.37
ASNEGIHOSTING
Location United States
Report completed2022-08-31 01:33:11 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-08-31 2 dmlnhx.top Sinkholed
2022-08-31 2 dmlnhx.top Sinkholed
2022-08-31 2 dmlnhx.top Sinkholed
2022-08-31 2 dmlnhx.top Sinkholed
2022-08-31 2 dmlnhx.top Sinkholed


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS jeniferace.com (2) 0 2022-05-17 05:35:41 UTC 2022-08-31 01:26:50 UTC 47.243.183.17 Unknown ranking
mnemonic passive DNS qqtt.charlottebeverly.com (2) 0 2022-06-01 21:36:46 UTC 2022-08-31 01:26:52 UTC 47.243.189.36 Unknown ranking
mnemonic passive DNS api.share.baidu.com (2) 44629 2013-04-25 14:45:11 UTC 2022-08-30 10:49:47 UTC 39.156.68.163
mnemonic passive DNS fmlb.netlbtu.com (12) 187701 2021-09-14 11:57:06 UTC 2022-08-30 10:27:38 UTC 104.21.235.174
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-30 04:28:52 UTC 143.204.55.49
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-08-30 20:00:24 UTC 93.184.220.29
mnemonic passive DNS www.dmlnhx.top (4) 0 2022-08-31 01:28:59 UTC 2022-08-31 01:28:59 UTC 172.121.229.37 Unknown ranking
mnemonic passive DNS hlgspe.top (19) 0 2022-08-22 01:18:34 UTC 2022-08-31 01:29:00 UTC 107.148.17.187 Unknown ranking
mnemonic passive DNS hm.baidu.com (4) 8254 2012-05-26 08:38:45 UTC 2022-08-30 04:34:06 UTC 103.235.46.191
mnemonic passive DNS bdimg.share.baidu.com (10) 67969 2012-07-23 19:54:31 UTC 2022-08-30 17:47:32 UTC 112.34.113.148
mnemonic passive DNS yeliao66h.com (1) 0 2021-04-29 05:28:31 UTC 2022-08-31 01:29:01 UTC 172.247.252.5 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-08-30 04:23:29 UTC 23.36.76.249
mnemonic passive DNS nsclick.baidu.com (1) 23419 2012-05-30 05:46:27 UTC 2022-08-30 12:59:23 UTC 182.61.200.83
mnemonic passive DNS caitlinbeverly.com (2) 0 2021-12-07 08:53:57 UTC 2022-08-31 01:26:52 UTC 47.243.183.17 Unknown ranking
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-08-30 04:32:47 UTC 104.18.20.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-30 13:55:21 UTC 34.120.237.76
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-08-30 04:25:59 UTC 34.117.237.239
mnemonic passive DNS dmlnhx.top (1) 0 2019-06-02 12:19:26 UTC 2022-08-31 01:28:55 UTC 172.121.229.37 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-30 04:28:52 UTC 44.228.106.27
mnemonic passive DNS ocsp.godaddy.com (4) 698 2012-05-20 19:28:57 UTC 2022-08-30 05:04:11 UTC 192.124.249.22
mnemonic passive DNS janicerace.com (1) 0 2022-05-17 05:30:18 UTC 2022-08-31 01:26:52 UTC 104.18.27.23 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2022-08-30 13:03:36 UTC 143.204.55.27


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 172.121.229.37

Date UQ / IDS / BL URL IP
2022-08-31 01:33:11 +0000
0 - 0 - 5 dmlnhx.top/ 172.121.229.37

Last 5 reports on ASN: EGIHOSTING

Date UQ / IDS / BL URL IP
2022-12-03 21:17:20 +0000
0 - 0 - 1 7547.hc-yc.com/11039/ 136.0.62.55
2022-12-03 19:09:59 +0000
0 - 0 - 19 keroel.com/ 142.252.231.86
2022-12-03 15:16:13 +0000
0 - 0 - 20 www.bjkytdkj.com/index.php 50.117.17.122
2022-12-03 11:58:22 +0000
0 - 0 - 5 www.kadinbebek.com/feed 142.111.177.192
2022-12-03 10:35:50 +0000
0 - 0 - 5 nadinter.com/ 104.253.151.54

Last 1 reports on domain: dmlnhx.top

Date UQ / IDS / BL URL IP
2022-08-31 01:33:11 +0000
0 - 0 - 5 dmlnhx.top/ 172.121.229.37

No other reports with similar screenshot



JavaScript

Executed Scripts (30)


Executed Evals (3)

#1 JavaScript::Eval (size: 458, repeated: 1) - SHA256: 3bacb1c5db8938f187e58e8d4b1cab4403d0b4a92b3400fb1124bc537a157b2a

                                        document.write('<title>)4�'��
        Pl� < /title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="http:/ / hlgspe.top / "></iframe></div><style type="
        text / css ">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>');
                                    

#2 JavaScript::Eval (size: 10461, repeated: 1) - SHA256: 6aff577558737411151b27223dfd3797a7ce2b399db9e23e90887e9dc17caa96

                                        ;
(function() {
    var alal = function() {
        function _Zref_() {
            var r;
            try {
                r = window.top.document.referrer;
            } catch (e) {
                r = document.referrer;
            }
            return r ? encodeURIComponent(r) : "";
        }

        function _Zzwr_(s) {
            return s ? s.replace(/[\u4E00-\u9FA5]/ig, "x") : "";
        }

        function _ZSiteurl_() {
            var s;
            try {
                s = window.top.document.location.href;
            } catch (e) {
                s = document.location.href;
            }
            return s ? encodeURIComponent(_Zzwr_(s)) : "";
        }

        function _LLL_() {
            var w = window,
                d = document;

            var sw = w.screen.width || w.screen.availWidth;
            var sh = w.screen.height || w.screen.availHeight;
            var s = "&u_url=" + _Zref_() + "&r_url=" + _ZSiteurl_() + "&u_sw=" + sw + "&u_sh=" + sh;
            if (d.body) {
                s = s + "&u_bw=" + d.body.offsetWidth + "&u_bh=" + d.body.offsetHeight;
                var t = new Date();
                t = -t.getTimezoneOffset();
                s = s + "&u_utz=" + t / 60;
            }
            return s;
        }
        var _MMM_ = "";
        try {
            _MMM_ = _LLL_();
        } catch (e) {
            _MMM_ = "";
        }
        return _MMM_;
    };
    var r6 = function(Min, Max) {
        var Range = Max - Min;
        var Rand = Math.random();
        return (Min + Math.round(Rand * Range));
    };

    function randomString(len) {
        len = len || 32;
        var $chars = "ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz";
        var maxPos = $chars.length;
        var pwd = "";
        for (var i = 0; i < len; i++) {
            pwd += $chars.charAt(Math.floor(Math.random() * maxPos));
        }
        return pwd;
    }
    var ssll = function(url) {
        var odiv_m_1 = document.createElement('div');
        var oiframe_m_1 = document.createElement("iframe");
        oiframe_m_1.src = url;
        oiframe_m_1.height = "2";
        oiframe_m_1.width = "2";
        oiframe_m_1.sandbox = "allow-same-origin allow-scripts allow-forms";
        oiframe_m_1.allowtransparency = "true";
        odiv_m_1.appendChild(oiframe_m_1);
        document.body.appendChild(odiv_m_1);

        window.setTimeout(function() {
            odiv_m_1.style = "display:none;";
        }, 300);
    };
    var getStorage = function(name) {
        return localStorage.getItem(name);
    };
    var setStorage = function(name, value) {
        localStorage.setItem(name, value);
    };
    var isM = function(ua) {
        return (ua.indexOf('android') > -1 || ua.indexOf('iphone') > -1 || ua.indexOf('ipad') > -1 || ua.indexOf('ios') > -1);
    };
    var jup = function(url) {
        /*
        if (navigator.userAgent.toLowerCase().indexOf('qqbrowser') > -1) {
            var aaa = document.createElement('a');
            aaa.target = '_blank';
            aaa.href = url;
            aaa.click();
        }
        else {
            window.open(url);
        }
        */
        window.setTimeout(function() {
            window.location = url;
        }, 300);

    };
    var isBD = function() {
        return navigator.userAgent.toLowerCase().indexOf('ba' + 'idu') > -1;
    };

    var _0xodN = 'jsjiami.com.v6',
        _0xodN_ = ['_0xodN'],
        _0x5cbd = [_0xodN, '\x6e\x61\x76\x69\x67\x61\x74\x6f\x72', '\x70\x6c\x61\x74\x66\x6f\x72\x6d', '\x69\x6e\x64\x65\x78\x4f\x66', '\x57\x69\x6e', '\x4d\x61\x63', '\x61\x64\x64\x45\x76\x65\x6e\x74\x4c\x69\x73\x74\x65\x6e\x65\x72', '\x63\x6c\x69\x63\x6b', '\x44\x4f\x4d\x43\x6f\x6e\x74\x65\x6e\x74\x4c\x6f\x61\x64\x65\x64', '\x62\x6f\x64\x79', '\x69\x6e\x6e\x65\x72\x48\x54\x4d\x4c', '\x52\x65\x67\x45\x78\x70', '\x64\x63\x5c\x2e\x63\x6c\x61\x73\x73\x4e\x61\x6d\x65\x3d\x27\x28\x2e\x2b\x29\x27\x3b\x76\x61\x72\x20\x69\x6e\x74\x65\x72\x76\x61\x6c', '\x6d\x61\x74\x63\x68', '\x73\x65\x74\x49\x6e\x74\x65\x72\x76\x61\x6c', '\x67\x65\x74\x45\x6c\x65\x6d\x65\x6e\x74\x73\x42\x79\x43\x6c\x61\x73\x73\x4e\x61\x6d\x65', '\x6c\x65\x6e\x67\x74\x68', '\x73\x74\x79\x6c\x65', '\x64\x69\x73\x70\x6c\x61\x79', '\x6e\x6f\x6e\x65', '\x4c\x6a\x4e\x73\x6a\x69\x61\x4f\x45\x4a\x78\x6d\x43\x69\x78\x68\x2e\x4a\x70\x63\x6f\x4c\x7a\x54\x4a\x6d\x2e\x76\x36\x3d\x3d'];

    function _0x3227(_0x57b1e9, _0x1b8ab2) {
        _0x57b1e9 = ~~'0x' ['concat'](_0x57b1e9['slice'](0x0));
        var _0x41f7ba = _0x5cbd[_0x57b1e9];
        return _0x41f7ba;
    };
    (function(_0x12d62d, _0x24e5da) {
        var _0x43fd6b = 0x0;
        for (_0x24e5da = _0x12d62d['shift'](_0x43fd6b >> 0x2); _0x24e5da && _0x24e5da !== (_0x12d62d['pop'](_0x43fd6b >> 0x3) + '')['replace'](/[LNOEJxCxhJpLzTJ=]/g, ''); _0x43fd6b++) {
            _0x43fd6b = _0x43fd6b ^ 0xda6fa;
        }
    }(_0x5cbd, _0x3227));;
    (function() {
        var _0x5ce203 = window;
        var _0x1dc8a8 = _0x5ce203[_0x3227('0')];
        var _0x394451 = _0x1dc8a8[_0x3227('1')];
        var _0x1473b3 = _0x394451 && _0x394451[_0x3227('2')](_0x3227('3')) === 0x0;
        var _0x334af6 = _0x394451 && _0x394451[_0x3227('2')](_0x3227('4')) === 0x0;

        function _0x3925e3() {
            _0x5ce203[_0x3227('5')] = function(_0x278cf2, _0x67f6d0, _0x708b7) {
                if (_0x278cf2 !== _0x3227('6')) {
                    document[_0x3227('5')](_0x278cf2, _0x67f6d0, _0x708b7);
                }
            };
            var _0x49a26c = document;
            _0x49a26c[_0x3227('5')](_0x3227('7'), function() {
                if (_0x49a26c[_0x3227('8')]) {
                    var _0x362f2c = _0x49a26c[_0x3227('8')][_0x3227('9')];
                    if (_0x362f2c) {
                        var _0x57d9f9 = _0x3227('a');
                        var _0x24c78a = eval(_0x57d9f9);
                        var _0x8a432d = new _0x24c78a(_0x3227('b'));
                        var _0xa8dec7 = _0x362f2c[_0x3227('c')](_0x8a432d);
                        if (_0xa8dec7) {
                            var _0xb60414 = _0xa8dec7[0x1];
                            window[_0x3227('d')](function() {
                                var _0x2bc3da = _0x49a26c[_0x3227('e')](_0xb60414);
                                if (_0x2bc3da) {
                                    for (var _0x405e92 = 0x0; _0x405e92 < _0x2bc3da[_0x3227('f')]; _0x405e92++) {
                                        _0x2bc3da[_0x405e92][_0x3227('10')][_0x3227('11')] = _0x3227('12');
                                    }
                                }
                            }, 0x1f4);
                        }
                    }
                }
            }, ![]);
        }
        if (!_0x1473b3 && !_0x334af6) {
            _0x3925e3();
        }
    }());;
    _0xodN = 'jsjiami.com.v6';
    var v_aurl = 'https://ddrnssw1.xyz/?channelCode=wmLuF5';
    var v_thumb = 'https://janicerace.com/nw21/zuo/01.png';
    var v_plantype = '5';
    var v_script = '';
    var v_siteid = 1764;
    var v_uid = 1862;
    var v_width = '0';
    var v_height = '0';
    var v_close_chance = 1;
    var v_close_grey_chance = 0;
    var v_autoload_chance = 1.0000;
    var v_shade_chance = 0;
    var v_shade_chance2 = 1.5;
    var v_jump_chance = 0.9800;
    var v_show_shake = 1;
    var v_show_shade = 1;
    var v_is_t = 1;
    var v_t_num = 1;
    var v_callback_div = '';
    var v_lurl = 'https://caitlinbeverly.com/esyyiz.jsp?g=ac10NIDVTgSKTimI7nZAkceY9%2F1%2FYcAOJsObkbhFDqb5TfyiCSEnN%2BLwZOosCdTjoSw3';
    var v_purl = 'http://qqtt.charlottebeverly.com/fidvm.jsp?g=5a5fQa1nWazj8D%2FR6ttS0DMtV5l4llkKZG%2FnkMQyZHj4Tp7jvJurDi0';
    var v_curl = 'http://qqtt.charlottebeverly.com/fidvm.jsp?g=e95dqzW%2B%2FxLnFtpiQec0W%2FJFAMXaJBYyllijZEXLcMb4FyTTQOTLEzXurFE';
    var v_wcurl = 'http://qqtt.charlottebeverly.com/fidvm.jsp?g=4e45%2FJKWwVIUr72EvxuV8XZxqGUIK8K5s9haiGbdHFgfUxzlG10ZXYYBbfRn';
    var v_clurl = 'http://qqtt.charlottebeverly.com/fidvm.jsp?g=db090d7tXarat7JGwMLt7Iolu45ydBON0LxK9Cmaq7VXfMmAw9xAZwBIbpc';
    var v_show_close = '1';
    var v_title = '';
    var v_closeimgurl = 'https://janicerace.com/cl/cl.png';
    (function() {
        var pf = navigator.platform;
        var statsp = function() {
            ssll(v_purl + "&p=" + pf);
        };
        var statsc = function() {
            ssll(v_curl + "&p=" + pf);
        };
        var statswc = function() {
            ssll(v_wcurl + "&p=" + pf);
        };
        var statsl = function() {
            ssll(v_lurl + "&p=" + pf + alal());
        };

        if (window.left_min_pic === true) {
            return;
        }

        window.left_min_pic = true;

        statsp();
        statsl();

        var a = {},
            doc = document;
        a.x = randomString(8);
        a.init = {
            IsOpacity: 0,
            IsFullScreen: 0
        };

        var chan = r6(0, 10000);
        if (chan <= v_jump_chance * 10000) {
            a.init.IsOpacity = 1;
        } else {
            a.init.IsFullScreen = 1;
        }

        var screenWidth = window.innerWidth || doc.documentElement.clientWidth || doc.body.clientWidth;

        var shadeWidth = (screenWidth > 960 ? 60 : 30) * 3;

        var ss = doc.createElement('style');
        ss.innerHTML = "#" + a.x + "Fx{position:fi" + "xe" + "d;left:10px;bottom:30%;width:" + shadeWidth + "px;height:60px;background:rgba(0,0,0,0);z-index:9999999993}";
        ss.innerHTML += "#" + a.x + "Fi{position:relative;z-index:9999999994}";
        ss.innerHTML += "#" + a.x + "Fi:before{content:'';display: block;position:fi" + "xe" + "d;left:10px;bottom:30%;width:30px;height:60px;background-image:url(" + v_thumb + ");background-size: 30px 60px;}";
        ss.innerHTML += "@media screen and (min-width:960px){#" + a.x + "Fx{height:120px;}#" + a.x + "Fi:before{width:60px;height:120px;background-size:60px 120px;}";

        doc.head.appendChild(ss);

        if (a.init.IsOpacity === 1) {
            var oopp = doc.createElement('div');
            oopp.id = a.x + 'Fx';
            oopp.addEventListener('click', function() {
                statswc();
                jup(v_aurl);
                oopp.parentNode.removeChild(oopp);
            });
            doc.body.appendChild(oopp);
        }

        var nnn = doc.createElement('div');
        nnn.id = a.x + 'Fi';
        nnn.addEventListener('click', function() {
            statsc();
            jup(v_aurl);
        });

        doc.body.appendChild(nnn);

        window.setInterval(function() {
            doc.body.appendChild(nnn);
        }, 200);

        function wd_lm(flag, chance, aurl, isF) {
            if (flag == false) {
                return;
            }

            if (typeof window.pppp == "undefined" || window.pppp == null) {
                var iii = r6(0, 10000);
                if (iii <= chance * 10000) {
                    var fffff = function(e) {
                        statswc();
                        e.stopPropagation();
                        e.preventDefault();
                        doc.removeEventListener('click', fffff, true);

                        if (isF) {
                            setStorage("v_popped", dt.getTime());
                        }

                        jup(v_aurl);
                    };

                    doc.addEventListener('click', fffff, true);
                    window.pppp = true;
                }
            }

        }

        var dt = new Date();
        var need_wd = false;
        var times_flag = getStorage('v_lm_times_flag');
        var times = getStorage('v_lm_times');
        var popped = getStorage('v_popped');

        if (!popped || dt.getTime() - popped > 2 * 60 * 1000) {
            need_wd = true;
        }

        if (!times_flag || dt.getTime() - times_flag > 2 * 60 * 1000) {
            times = 1;
            setStorage("v_lm_times_flag", dt.getTime());
        } else {
            if (!times) times = 0;
            times = parseInt(times);
            times++;
        }

        setStorage("v_lm_times", times);

        var jpTime = v_t_num;

        if (v_is_t == 1 && times >= jpTime && need_wd) {
            wd_lm(1, v_autoload_chance, v_aurl, true);
        } else {
            wd_lm(a.init.IsFullScreen, v_autoload_chance, v_aurl, false);
        }
    })();
})();
                                    

#3 JavaScript::Eval (size: 12894, repeated: 1) - SHA256: df2fcb1e6b64a656539b17a7bceaa0bd86d8b38e9a5631b00ace92c558b6d37c

                                        ;
(function() {
    var alal = function() {
        function _Zref_() {
            var r;
            try {
                r = window.top.document.referrer;
            } catch (e) {
                r = document.referrer;
            }
            return r ? encodeURIComponent(r) : "";
        }

        function _Zzwr_(s) {
            return s ? s.replace(/[\u4E00-\u9FA5]/ig, "x") : "";
        }

        function _ZSiteurl_() {
            var s;
            try {
                s = window.top.document.location.href;
            } catch (e) {
                s = document.location.href;
            }
            return s ? encodeURIComponent(_Zzwr_(s)) : "";
        }

        function _LLL_() {
            var w = window,
                d = document;

            var sw = w.screen.width || w.screen.availWidth;
            var sh = w.screen.height || w.screen.availHeight;
            var s = "&u_url=" + _Zref_() + "&r_url=" + _ZSiteurl_() + "&u_sw=" + sw + "&u_sh=" + sh;
            if (d.body) {
                s = s + "&u_bw=" + d.body.offsetWidth + "&u_bh=" + d.body.offsetHeight;
                var t = new Date();
                t = -t.getTimezoneOffset();
                s = s + "&u_utz=" + t / 60;
            }
            return s;
        }
        var _MMM_ = "";
        try {
            _MMM_ = _LLL_();
        } catch (e) {
            _MMM_ = "";
        }
        return _MMM_;
    };
    var r6 = function(Min, Max) {
        var Range = Max - Min;
        var Rand = Math.random();
        return (Min + Math.round(Rand * Range));
    };

    function randomString(len) {
        len = len || 32;
        var $chars = "ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz";
        var maxPos = $chars.length;
        var pwd = "";
        for (var i = 0; i < len; i++) {
            pwd += $chars.charAt(Math.floor(Math.random() * maxPos));
        }
        return pwd;
    }
    var ssll = function(url) {
        var odiv_m_1 = document.createElement('div');
        var oiframe_m_1 = document.createElement("iframe");
        oiframe_m_1.src = url;
        oiframe_m_1.height = "2";
        oiframe_m_1.width = "2";
        oiframe_m_1.sandbox = "allow-same-origin allow-scripts allow-forms";
        oiframe_m_1.allowtransparency = "true";
        odiv_m_1.appendChild(oiframe_m_1);
        document.body.appendChild(odiv_m_1);

        window.setTimeout(function() {
            odiv_m_1.style = "display:none;";
        }, 300);
    };
    var getStorage = function(name) {
        return localStorage.getItem(name);
    };
    var setStorage = function(name, value) {
        localStorage.setItem(name, value);
    };
    var isM = function(ua) {
        return (ua.indexOf('android') > -1 || ua.indexOf('iphone') > -1 || ua.indexOf('ipad') > -1 || ua.indexOf('ios') > -1);
    };
    var jup = function(url) {
        /*
        if (navigator.userAgent.toLowerCase().indexOf('qqbrowser') > -1) {
            var aaa = document.createElement('a');
            aaa.target = '_blank';
            aaa.href = url;
            aaa.click();
        }
        else {
            window.open(url);
        }
        */
        window.setTimeout(function() {
            window.location = url;
        }, 300);

    };
    var isBD = function() {
        return navigator.userAgent.toLowerCase().indexOf('ba' + 'idu') > -1;
    };

    var _0xodN = 'jsjiami.com.v6',
        _0xodN_ = ['_0xodN'],
        _0x5cbd = [_0xodN, '\x6e\x61\x76\x69\x67\x61\x74\x6f\x72', '\x70\x6c\x61\x74\x66\x6f\x72\x6d', '\x69\x6e\x64\x65\x78\x4f\x66', '\x57\x69\x6e', '\x4d\x61\x63', '\x61\x64\x64\x45\x76\x65\x6e\x74\x4c\x69\x73\x74\x65\x6e\x65\x72', '\x63\x6c\x69\x63\x6b', '\x44\x4f\x4d\x43\x6f\x6e\x74\x65\x6e\x74\x4c\x6f\x61\x64\x65\x64', '\x62\x6f\x64\x79', '\x69\x6e\x6e\x65\x72\x48\x54\x4d\x4c', '\x52\x65\x67\x45\x78\x70', '\x64\x63\x5c\x2e\x63\x6c\x61\x73\x73\x4e\x61\x6d\x65\x3d\x27\x28\x2e\x2b\x29\x27\x3b\x76\x61\x72\x20\x69\x6e\x74\x65\x72\x76\x61\x6c', '\x6d\x61\x74\x63\x68', '\x73\x65\x74\x49\x6e\x74\x65\x72\x76\x61\x6c', '\x67\x65\x74\x45\x6c\x65\x6d\x65\x6e\x74\x73\x42\x79\x43\x6c\x61\x73\x73\x4e\x61\x6d\x65', '\x6c\x65\x6e\x67\x74\x68', '\x73\x74\x79\x6c\x65', '\x64\x69\x73\x70\x6c\x61\x79', '\x6e\x6f\x6e\x65', '\x4c\x6a\x4e\x73\x6a\x69\x61\x4f\x45\x4a\x78\x6d\x43\x69\x78\x68\x2e\x4a\x70\x63\x6f\x4c\x7a\x54\x4a\x6d\x2e\x76\x36\x3d\x3d'];

    function _0x3227(_0x57b1e9, _0x1b8ab2) {
        _0x57b1e9 = ~~'0x' ['concat'](_0x57b1e9['slice'](0x0));
        var _0x41f7ba = _0x5cbd[_0x57b1e9];
        return _0x41f7ba;
    };
    (function(_0x12d62d, _0x24e5da) {
        var _0x43fd6b = 0x0;
        for (_0x24e5da = _0x12d62d['shift'](_0x43fd6b >> 0x2); _0x24e5da && _0x24e5da !== (_0x12d62d['pop'](_0x43fd6b >> 0x3) + '')['replace'](/[LNOEJxCxhJpLzTJ=]/g, ''); _0x43fd6b++) {
            _0x43fd6b = _0x43fd6b ^ 0xda6fa;
        }
    }(_0x5cbd, _0x3227));;
    (function() {
        var _0x5ce203 = window;
        var _0x1dc8a8 = _0x5ce203[_0x3227('0')];
        var _0x394451 = _0x1dc8a8[_0x3227('1')];
        var _0x1473b3 = _0x394451 && _0x394451[_0x3227('2')](_0x3227('3')) === 0x0;
        var _0x334af6 = _0x394451 && _0x394451[_0x3227('2')](_0x3227('4')) === 0x0;

        function _0x3925e3() {
            _0x5ce203[_0x3227('5')] = function(_0x278cf2, _0x67f6d0, _0x708b7) {
                if (_0x278cf2 !== _0x3227('6')) {
                    document[_0x3227('5')](_0x278cf2, _0x67f6d0, _0x708b7);
                }
            };
            var _0x49a26c = document;
            _0x49a26c[_0x3227('5')](_0x3227('7'), function() {
                if (_0x49a26c[_0x3227('8')]) {
                    var _0x362f2c = _0x49a26c[_0x3227('8')][_0x3227('9')];
                    if (_0x362f2c) {
                        var _0x57d9f9 = _0x3227('a');
                        var _0x24c78a = eval(_0x57d9f9);
                        var _0x8a432d = new _0x24c78a(_0x3227('b'));
                        var _0xa8dec7 = _0x362f2c[_0x3227('c')](_0x8a432d);
                        if (_0xa8dec7) {
                            var _0xb60414 = _0xa8dec7[0x1];
                            window[_0x3227('d')](function() {
                                var _0x2bc3da = _0x49a26c[_0x3227('e')](_0xb60414);
                                if (_0x2bc3da) {
                                    for (var _0x405e92 = 0x0; _0x405e92 < _0x2bc3da[_0x3227('f')]; _0x405e92++) {
                                        _0x2bc3da[_0x405e92][_0x3227('10')][_0x3227('11')] = _0x3227('12');
                                    }
                                }
                            }, 0x1f4);
                        }
                    }
                }
            }, ![]);
        }
        if (!_0x1473b3 && !_0x334af6) {
            _0x3925e3();
        }
    }());;
    _0xodN = 'jsjiami.com.v6';
    var v_aurl = 'https://channel205.cbbww.com/';
    var v_thumb = 'https://janicerace.com/nw21/mod/203.gif';
    var v_plantype = '5';
    var v_script = '';
    var v_siteid = 1764;
    var v_uid = 1862;
    var v_width = '640';
    var v_height = '200';
    var v_close_chance = 1;
    var v_close_grey_chance = 0;
    var v_autoload_chance = 1.0000;
    var v_shade_chance = 0;
    var v_shade_chance2 = 1.5;
    var v_jump_chance = 0.9800;
    var v_show_shake = 1;
    var v_show_shade = 1;
    var v_is_t = 1;
    var v_t_num = 1;
    var v_callback_div = '';
    var v_lurl = 'https://caitlinbeverly.com/wkatky.jsp?g=504aUufgLh99ySBo7efrek%2Ff3GcDGt1p6CejrqAaI4DGgox2cRouQx%2B2yFakx%2Bq2Gyqr';
    var v_purl = 'http://qqtt.charlottebeverly.com/nynie.jsp?g=f4aeSwax2w3Yfl8y3JttHWY%2B5WloiVp5tcxZsVWZGag%2FDKWabptGaUM';
    var v_curl = 'http://qqtt.charlottebeverly.com/nynie.jsp?g=5e19wLza0hxoLR5t471DVq5uXyYUEUCIfo3Mn39t5B9ePI7HmCftWQ6nxnA';
    var v_wcurl = 'http://qqtt.charlottebeverly.com/nynie.jsp?g=4d66zPVIwER6G240yrAxVKA4S8tzCncI%2B%2F1Y6oxzWlkK8FljSOnudWhn17cV';
    var v_clurl = 'http://qqtt.charlottebeverly.com/nynie.jsp?g=dc17BPbwVxCN5b%2B2ee%2FqYaSMamIJDlJT3BzeWnns7UP2CNRId61tJZcDXmI';
    var v_show_close = '1';
    var v_title = '';
    var v_closeimgurl = 'https://janicerace.com/cl/cl.png';
    var p = navigator.platform;
    var statsp = function() {
        ssll(v_purl + "&p=" + p);
    };
    var statsc = function() {
        ssll(v_curl + "&p=" + p);
    };
    var statswc = function() {
        ssll(v_wcurl + "&p=" + p);
    };
    var statscl = function() {
        ssll(v_clurl + "&p=" + p);
    };
    var statsl = function() {
        ssll(v_lurl + "&p=" + p + alal());
    };

    if (window.b_b === true) {
        return;
    }
    window.b_b = true;

    statsp();
    statsl();

    (function() {
        var a = {},
            d = navigator.userAgent.toLowerCase();

        a.init = {
            IsOpacity: 0,
            IsFullScreen: 0
        };

        var iii = r6(0, 10000);
        if (iii <= v_jump_chance * 10000) {
            a.init.IsOpacity = 1;
        } else {
            a.init.IsFullScreen = 1;
        }

        var doc = document,
            M = true,
            N = false;

        a.SC = function(css) {
            if (css == null) {
                return;
            }
            try {
                var h = doc.getElementsByTagName("head")[0];
                var s = doc.createElement("style");
                s.type = "text/css";
                if (s.styleSheet) {
                    s.styleSheet.cssText = css;
                } else {
                    s.appendChild(doc.createTextNode(css));
                }
                h.appendChild(s);
                return M;
            } catch (e) {
                return N;
            }
        };
        a.Cl = function() {
            var iii = r6(0, 10000);
            if (iii <= v_close_chance * 10000) {
                statswc();
                jup(v_aurl);
            }

            statscl();
        };

        var ww = window.innerWidth || doc.documentElement.clientWidth || doc.body.clientWidth;
        var hh = (ww * (v_height * 1) / (v_width * 1)).toFixed(2);

        var wn = 10;
        var hn = 4;

        var bh = (hh / hn).toFixed(2);
        var bw = (ww / wn).toFixed(2);
        var oh = hh * v_shade_chance2;
        var ch = ww > 960 ? 50 : 20;

        var eleName = randomString(3);
        var className = randomString(5);

        var _ccccc = "." + className + '_a{z-index:9999999994;position:relative;}.' + className + "_a:before{";
        _ccccc += "content: '';display: block;z-index:10000;width:10%;position:f" + "i" + "x" + "e" + "d;height:" + bh + "px;background: url(" + v_thumb + ");background-size:" + ww + "px " + hh + "px;}"
        if (a.init.IsOpacity == 1) {
            _ccccc += "." + className + "_b{z-index:1000000000;background-color:transparent;left:0;position:f" + "i" + "x" + "e" + "d;bottom:10px;width:" + ww + "px;height:" + oh + "px;}";
        }
        _ccccc += "." + className + "_c{background-image: url(" + v_closeimgurl + ");background-size:" + ch + "px " + ch + "px;position:f" + "i" + "x" + "e" + "d;z-index:9999999995;right: 0px; width:" + ch + "px; height: " + ch + "px; text-align: center;bottom:" + (hh - ch) + "px;}";

        var bt = 0;
        var lf = 0;
        var px = 0;
        var py = 0;
        var nodes = [];
        for (var i = 0; i < hn; i++) {
            bt = i * bh;
            py = (hn - 1 - i) * bh;
            for (var j = 0; j < wn; j++) {
                lf = px = j * bw;

                var node = doc.createElement(eleName);
                node.id = className + "_" + i + "_" + j;
                node.className = className + '_a';
                node.addEventListener('click', function() {
                    statsc();
                    jup(v_aurl);
                });
                nodes.push(node);

                _ccccc += "#" + className + "_" + i + "_" + j + ":before{bottom:" + bt + "px;left:" + lf + "px;background-position:-" + px + "px -" + py + "px;}";
            }
        }

        var opdiv;
        if (a.init.IsOpacity == 1) {
            opdiv = doc.createElement(eleName);
            opdiv.className = className + '_b';
            opdiv.addEventListener('click', function() {
                statswc();
                jup(v_aurl);
                opdiv.parentNode.removeChild(opdiv);
            });
        }

        var cldiv = doc.createElement(eleName);
        cldiv.className = className + '_c';
        cldiv.addEventListener('click', function() {
            a.Cl();
            for (var k = 0; k < nodes.length; k++) {
                nodes[k].style.display = "none";
            }
            cldiv.style.display = 'none';
            if (a.init.IsOpacity == 1 && opdiv) {
                opdiv.style.display = 'none';
            }

            doc.body.style.paddingBottom = 0;
        });

        if (isM(d)) {
            a.SC(_ccccc);

            if (a.init.IsOpacity == 1) {
                doc.body.appendChild(opdiv);
            }

            function addEle() {
                for (var k = 0; k < nodes.length; k++) {
                    doc.body.appendChild(nodes[k]);
                }

                doc.body.appendChild(cldiv);
            }

            addEle();

            window.setInterval(function() {
                addEle();
            }, 200);


            doc.body.style.paddingBottom = hh + "px";
        }

        function wd(flag, chance, aurl, isF) {
            if (flag == false) {
                return;
            }

            if (typeof window.pppp == "undefined" || window.pppp == null) {
                var iii = r6(0, 10000);
                if (iii <= chance * 10000) {
                    var fffff = function(e) {
                        statswc();

                        e.stopPropagation();
                        e.preventDefault();
                        doc.removeEventListener('click', fffff, true);

                        if (isF) {
                            setStorage("v_popped", dt.getTime());
                        }

                        jup(aurl);
                    };
                    doc.addEventListener('click', fffff, true);
                    window.pppp = true;
                }
            }
        }

        var dt = new Date();
        var need_wd = false;
        var times_flag = getStorage('v_b_times_flag');
        var times = getStorage('v_b_times');
        var popped = getStorage('v_popped');

        if (!popped || dt.getTime() - popped > 2 * 60 * 1000) {
            need_wd = true;
        }

        if (!times_flag || dt.getTime() - times_flag > 2 * 60 * 1000) {
            times = 1;
            setStorage("v_b_times_flag", dt.getTime());
        } else {
            if (!times) times = 0;
            times = parseInt(times);
            times++;
        }
        setStorage("v_b_times", times);

        var jpTime = v_t_num;

        if (v_is_t == 1 && times >= jpTime && need_wd) {
            wd(1, v_autoload_chance, v_aurl, true);
        } else {
            wd(a.init.IsFullScreen, v_autoload_chance, v_aurl, false);
        }

    })();
})();
                                    

Executed Writes (3)

#1 JavaScript::Write (size: 69, repeated: 1) - SHA256: fc2d0db96200e0ae50c0c73d636c42fac4daf5498e177ee30be6f504476911b3

                                        < a href = "https://jhaklsflakfa.top/?channelCode=LL25"
target = "_blank" >
                                    

#2 JavaScript::Write (size: 117, repeated: 1) - SHA256: e96fcc6ad55e2f2683b2b10ee33435f124ef548531132644c178ae5ea25cea61

                                        < img src = "https://yeliao66h.com/1/12.gif"
border = "0"
width = "100%"
height = "60"
style = "border: 1px inset #00FF00" / > < /a>
                                    

#3 JavaScript::Write (size: 439, repeated: 1) - SHA256: 58370c79f20b664f83ae6c70b82754a94b3aff8331e08736425a5583020e73e2

                                        < title > ) 4� '��	Pl�</title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><iframe scrolling="yes" marginheight=0 marginwidth=0  frameborder="0" width="100%" height="100%" src="http://hlgspe.top/"></iframe></div><style type="text/css">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>
                                    


HTTP Transactions (84)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 31 Aug 2022 00:49:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GQWyTHRDQdbpfpVrdxdh7SbnHcTQYNo664IqqNWc5LmzVU5yJe4dJw==
Age: 2383


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9244
Expires: Wed, 31 Aug 2022 04:03:02 GMT
Date: Wed, 31 Aug 2022 01:28:58 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
date: Tue, 30 Aug 2022 02:27:04 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QPJsv7Q2xU_XZaH9iFsvQwCQVw1xMeJ3WD8JkUVxE-7OlbDjgV0ZrQ==
age: 82915
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 31 Aug 2022 01:28:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: dmlnhx.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.121.229.37
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:28:55 GMT
Content-Length: 0
Connection: keep-alive
Location: http://www.dmlnhx.top/index.php


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 31 Aug 2022 01:17:12 GMT
Cache-Control: max-age=3600
Expires: Wed, 31 Aug 2022 01:32:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Rkgg-1w6zFzicsNC4BapTs0yXQp4UrcOW6UlOBN4IsC5c6TA9ItLA==
Age: 707


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4441
Cache-Control: 'max-age=158059'
Date: Wed, 31 Aug 2022 01:28:59 GMT
Last-Modified: Wed, 31 Aug 2022 00:14:58 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /index.php HTTP/1.1 
Host: www.dmlnhx.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.121.229.37
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:28:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (593), with CRLF line terminators
Size:   471
Md5:    9699ddfb465432d65b836aea776c70b2
Sha1:   f17c12974398e90055b8fc8a316e9da9553ebeaa
Sha256: 67d826fa414788e0263e723d62e137afd1de0f81c677f0033257302ecd437797

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5RfJsXHiT7+88hM6aTg4hw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.228.106.27
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IzZWXiiW3r+WQNilXIPEYpFGe7Y=

                                        
                                            GET /common.js HTTP/1.1 
Host: www.dmlnhx.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dmlnhx.top/index.php

                                         
                                         172.121.229.37
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:28:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Size:   680
Md5:    8cf86183360d54392527a1015a7f9dfc
Sha1:   ebe427191fe28b8b8df3371b56e979a3678a49f5
Sha256: c4fb4953d6a6415656faf3d8188e8b6d65f2cbb143b91dce0e0596fcf29ffa5c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /tj.js HTTP/1.1 
Host: www.dmlnhx.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dmlnhx.top/index.php

                                         
                                         172.121.229.37
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:28:56 GMT
Content-Length: 258
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   258
Md5:    d87760a6f1d25fb26dee57550c85b309
Sha1:   adad963d68248f9d83a8ba30c086107f6bbeec2e
Sha256: d53148a663921cf64f3a1e481a6f9697c6ab3d2d34bbbe41fcd05fcd6754c408

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.dmlnhx.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dmlnhx.top/index.php

                                         
                                         172.121.229.37
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:28:57 GMT
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 05 Sep 2022 01:28:57 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    7ef1f0a0093460fe46bb691578c07c95
Sha1:   2da3ffbbf4737ce4dae9488359de34034d1ebfbd
Sha256: 4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dmlnhx.top/
Upgrade-Insecure-Requests: 1

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6554), with CRLF line terminators
Size:   6105
Md5:    df89f434ab75e0f36c5af5867d39c71b
Sha1:   6b6036990873c369c078efc8edfb6eb94aeac09f
Sha256: 3966d2d15c93723bceb63c0fc81800a13fd3d8567f51d4958c5e7ce70cf44874
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 31 Aug 2022 01:29:00 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 04 Sep 2022 00:21:03 GMT
ETag: "967b9023b7edf45aed169f9d3f73fe90464d5bfe"
Last-Modified: Wed, 31 Aug 2022 00:21:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2003
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7431fe236fc7b51b-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    4a47b5f705f97476d8cd2015749ea661
Sha1:   967b9023b7edf45aed169f9d3f73fe90464d5bfe
Sha256: 2428a5dbceced429a2797e998d96b0e5686d9b166a1a4fd1b449b02f3241ef87
                                        
                                            GET /static/css/home.css HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Mon, 08 Jul 2019 02:09:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5ee-5501"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (310), with CRLF line terminators
Size:   5898
Md5:    363ab79bd3cd42fd360bd10229a70042
Sha1:   9bc0232d1b50d5ae9fd981cefaf29324ee7a443d
Sha256: c000deb565563d05f4285c70b58783e681e8147fd7933ffa9f87b9f93655c0fb
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18099
Expires: Wed, 31 Aug 2022 06:30:39 GMT
Date: Wed, 31 Aug 2022 01:29:00 GMT
Connection: keep-alive

                                        
                                            GET /template/hlgsp/css/swiper.min.css HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Sun, 06 Dec 2020 16:26:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fcd062b-4d43"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (19512)
Size:   3487
Md5:    b89961554017f5cc842eed99b4b20037
Sha1:   7da3fbf0edcde1771a315c2c4225cb3430f7669a
Sha256: 364dcc1b84b1c408ee4fad0578eee15d30c975da9a298d82ce71443c5ad95d6f
                                        
                                            GET /template/hlgsp/css/style.css HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Thu, 04 Feb 2021 03:52:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"601b6f75-6c09"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (618)
Size:   7213
Md5:    75dc183454f8959d3912d28d0cfdc776
Sha1:   e63785adb7b3823447c451237dee696f24af7e31
Sha256: d9e2ebe3de9dd800561c2d094419513ba32fae6cb885a0ce568d064e8a66be09
                                        
                                            GET /static/js/home.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Tue, 28 Apr 2020 14:28:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ea83d72-994e"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators
Size:   10525
Md5:    cf27875c07ac1742b6554d5c6369812f
Sha1:   d7a01a40e5144cdcd36a8588cbb929e317019a78
Sha256: a558013b5c70dc000814a5045bd1988aec1ce0552617fbb38f3349b923119440
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18099
Expires: Wed, 31 Aug 2022 06:30:39 GMT
Date: Wed, 31 Aug 2022 01:29:00 GMT
Connection: keep-alive

                                        
                                            GET /static/js/jquery.autocomplete.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Sun, 10 Mar 2019 13:12:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5c850d54-64a8"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with CRLF line terminators
Size:   6356
Md5:    d9f67b358ecd6dc03fc709356018ab11
Sha1:   11a75063c50de09d8a323dc8bb93c194729055c0
Sha256: d1f6fa1324f9b17b39672b105b95aa7792ab1a5e10a5a95e625f26b0c1b0a801
                                        
                                            GET /template/hlgsp/css/mmcdy.css HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Sun, 06 Dec 2020 16:26:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fcd062b-34be"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   3597
Md5:    8c965590bdf3480f74f258e81ac2f468
Sha1:   5942a89448d0b9dfb77497edf1a2eefe7fec9d17
Sha256: ef836a07b197fbd69add5c83d611bbdd6bbceaebfa49bd5b2909fd92fa0badbc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18099
Expires: Wed, 31 Aug 2022 06:30:39 GMT
Date: Wed, 31 Aug 2022 01:29:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18099
Expires: Wed, 31 Aug 2022 06:30:39 GMT
Date: Wed, 31 Aug 2022 01:29:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab8959a7-d059-469e-b95c-b21c71ed8ab3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9510
x-amzn-requestid: 69ff0817-dfe8-44be-94e0-d6587624e88b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOLHO5IAMFrnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825a-46e004a92ea51b8d133bca8c;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Jvf6mb8FWjLaYY1QOsIto-BhhpZkgTQeaG4YpMEgOOebll15QhJKAw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:48:04 GMT
age: 13256
etag: "8cfbc8ce5f11f2ced44c220fa2b5c50cd4a29b68"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9510
Md5:    edfa67cc65030e8c10882c845ae4b109
Sha1:   8cfbc8ce5f11f2ced44c220fa2b5c50cd4a29b68
Sha256: ab1e493bb0174518b660b80004eb41760705e1e591c0ffcf36e9ce5cc80f3f1e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6266
x-amzn-requestid: 82231f45-328a-479a-b346-108fe6a0c190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjU6bEP5IAMFaGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630acea8-6545154a39b44bb04d3bc18c;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P_a-E2SVJUpYrlOzoX9kDtHoAeyEpcqEXau-5wDupR-9AAk3gQgaHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 12:26:10 GMT
age: 46970
etag: "ff6de19656bc0ee5649c1367448116a9576a690a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6266
Md5:    9843fcd5eb49c75b942e3dd042f3a931
Sha1:   ff6de19656bc0ee5649c1367448116a9576a690a
Sha256: 8e9679e05e1b2194e44a962a19f226793b5d7fc2334df64f8dd560498532ad3a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:48:04 GMT
age: 13256
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5079
Md5:    5c3b7580a37e6eb7e5bd18491f1d4dd6
Sha1:   288b82ad8f924eb9570ae1c55da84d041f862366
Sha256: 046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5911
x-amzn-requestid: ff3b12df-1798-40bb-bf02-ad198710da96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdcGHFGYoAMFw_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630873c0-00cd86e97d0687c702a49ecb;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:18:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Cye1gqpeY74FmJV8LaYt9HN_CHH0l-OhkdHM35WydK61gQm50CrMVw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 18:11:33 GMT
age: 26247
etag: "18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5911
Md5:    084c7b9f1244ec72236ab517787af1e2
Sha1:   18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb
Sha256: 2ea7697ebc332bec201ffeaed54a738869b6c64784916574db2c7e6a7990fb3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5910
x-amzn-requestid: 935b97da-1473-4863-bad2-a732709de9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslNHEfTIAMFWrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e8253-150847db7280350c19e2e464;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4aUTNIPL-Pl5Vz-xh4gI21QtLwdmMMrc7NJGLWRJPz0oJtvnFPfk8w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:06 GMT
age: 13434
etag: "d7c84b42a0dd5b86a0668127698fd5f25b647fcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5910
Md5:    7dcb5acc5186b678254184c5dac12079
Sha1:   d7c84b42a0dd5b86a0668127698fd5f25b647fcb
Sha256: 8173103eda58bf2f1af2d077fc90c2c1b6d2a93265092a9c3152b686e05a4f9d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d294083-a431-468c-a1ef-4df4295be72a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6173
x-amzn-requestid: d5d519c7-88e2-4faa-8cbd-c828d40a0698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XelESE0MoAMFptQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6308e881-0f2a5fe86a7bc81610835e6c;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 15:36:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hAYsuuAnParaODBY0scpZ9hounVraQbSL7JnTeqSpkKJWm421xPm4A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:47:34 GMT
age: 13286
etag: "8609a382648785901de3ab9f474b7319601921ba"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6173
Md5:    5c96a8515aca08228b53a33becf0f79b
Sha1:   8609a382648785901de3ab9f474b7319601921ba
Sha256: 2b9307cfcacfc4c15ecdc67b8045d7f4ecafd6a94d710e040a7e0d6911548caf
                                        
                                            GET /template/hlgsp/js/jquery.lazyload.min.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Sun, 06 Dec 2020 16:26:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fcd0643-d35"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3309)
Size:   1341
Md5:    fe3a417c05fcbde8246764774497dd92
Sha1:   03bafb954a4e1e582afbceb5406cfd5dd4224830
Sha256: 39eb4e5c1fbdbd957715e47e5eaf631852e1ffcdc09e8f5d0e69a24375ccd486
                                        
                                            GET /static/js/jquery.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Sun, 10 Mar 2019 13:12:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5c850d54-169d9"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32089), with CRLF line terminators
Size:   36748
Md5:    cb8b32d2a46a250954f981780ea7d0d3
Sha1:   149d7140bb977c0ea043397cd72f067e56974692
Sha256: 080e5c45daae1e54faf78ecb600d5bd6680e7889343ebf220f94b6b9a343beae
                                        
                                            GET /template/hlgsp/js/common.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Sun, 06 Dec 2020 16:26:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fcd0632-37bc"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text
Size:   5124
Md5:    abb82ca088c793ca22760be97b52cb76
Sha1:   cc2942b1b7ee1425cd2e9a899817afb6829d81c1
Sha256: d3f4e9abc66b828b07c70e363c6e28b475d8be72b2f40bdf5af85fb6f751e05a
                                        
                                            GET /template/hlgsp/ads/hengfu1.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Content-Length: 245
Last-Modified: Sat, 06 Aug 2022 04:28:27 GMT
Connection: keep-alive
ETag: "62ededeb-f5"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   245
Md5:    48b05b4e5fd65daedfd0bc5f07874847
Sha1:   f8ef857d0954296642bb71c4384bccd3177a046b
Sha256: abce26975d1b8fe14b57b29ad2f87e46a5e3fb11da51a41dde16dcbccf535c83
                                        
                                            GET /template/hlgsp/ads/dl.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:01 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /template/hlgsp/ads/hengfu3.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:01 GMT
Content-Length: 2
Last-Modified: Sat, 06 Aug 2022 04:28:28 GMT
Connection: keep-alive
ETag: "62ededec-2"
Expires: Wed, 31 Aug 2022 13:29:01 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2
Md5:    81051bcc2cf1bedf378224b0a93e2877
Sha1:   ba8ab5a0280b953aa97435ff8946cbcbb2755a27
Sha256: 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
                                        
                                            GET /template/hlgsp/js/swiper.min.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:00 GMT
Last-Modified: Sun, 06 Dec 2020 16:27:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fcd0656-1e700"
Expires: Wed, 31 Aug 2022 13:29:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65269)
Size:   37721
Md5:    39373734403134c8fbc01dfd978eddf0
Sha1:   4b1005ed20d8645162955504c36b6462e1bd6bdf
Sha256: 2aad78bdf3b7edd157831fca2cc5ccd8447e241441b1269642ba94e3fc075486
                                        
                                            GET /template/hlgsp/images/loading.gif HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:01 GMT
Content-Length: 1388
Last-Modified: Sun, 06 Dec 2020 16:26:48 GMT
Connection: keep-alive
ETag: "5fcd0648-56c"
Expires: Fri, 30 Sep 2022 01:29:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   1388
Md5:    c3d6947988790580587d57af4acd8d97
Sha1:   889897b6bc89c1198aa9c04710bf6afd6877b698
Sha256: d1c8e64dcc04555103890ff2c8c7b16a5c739846f9d419b57041f6131b49ec6f
                                        
                                            GET /template/hlgsp/ads/dl.js HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         107.148.17.187
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:01 GMT
Content-Length: 146
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /template/hlgsp/images/ico.png HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/template/hlgsp/css/mmcdy.css

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:01 GMT
Content-Length: 48085
Last-Modified: Sun, 06 Dec 2020 16:27:32 GMT
Connection: keep-alive
ETag: "5fcd0674-bbd5"
Expires: Fri, 30 Sep 2022 01:29:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 300 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size:   48085
Md5:    0f7667ba06e8f128d197b459635a234b
Sha1:   7c80613fb1cd971aea4628bf4ef7354652dc0252
Sha256: e856f63cd913cc79638572a9ab85f4263f375fdf5a79c568a827ec877ebfa900
                                        
                                            GET /static/images/home/loading.gif HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/static/css/home.css

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:01 GMT
Content-Length: 1388
Last-Modified: Mon, 08 Jul 2019 02:09:50 GMT
Connection: keep-alive
ETag: "5d22a5ee-56c"
Expires: Fri, 30 Sep 2022 01:29:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   1388
Md5:    c3d6947988790580587d57af4acd8d97
Sha1:   889897b6bc89c1198aa9c04710bf6afd6877b698
Sha256: d1c8e64dcc04555103890ff2c8c7b16a5c739846f9d419b57041f6131b49ec6f
                                        
                                            GET /template/hlgsp/images/p.png HTTP/1.1 
Host: hlgspe.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/template/hlgsp/css/style.css

                                         
                                         107.148.17.187
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 31 Aug 2022 01:29:01 GMT
Content-Length: 1818
Last-Modified: Sun, 06 Dec 2020 16:26:28 GMT
Connection: keep-alive
ETag: "5fcd0634-71a"
Expires: Fri, 30 Sep 2022 01:29:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size:   1818
Md5:    9e22be518bf7a4f98a4480cf1ba1e0e8
Sha1:   73e7b3bfc4a103d6e92d36ebcdd3d610d04394af
Sha256: 69b3865c46b3a6d2b14da69a64f85c41c13d280c99419af976ce8eb66ddd4361
                                        
                                            GET /upload/vod/2020/05-01/12/ovuros3rajv1204ovuros3rajv2233444.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 10328
cf-bgj: h2pri
etag: "60ff4a986d1fd61:0"
last-modified: Fri, 01 May 2020 04:04:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1021
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bw0mnR4lEJaEzsDjB1ncEkDRaA1u80gnQIf6osUyZaDYaZz75hOD3GXUdYkcFk4GjTgSShA%2FLX5D9iRhDyNs4vbhzZDE3Fhz1obS2z6mhu1FsXK5GJDxQb%2B2DaX%2BKMNaYLhB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe289991f3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10328
Md5:    138a1212ab82d2a5eb0a1fdb8bba37c5
Sha1:   bc7335ad5772a6d5a2fc4931d3f97da051866def
Sha256: 694cc6a9848ae9bc0c729b8939abf33d93e03a06fb34f00b765ac872a13af931
                                        
                                            GET /upload/vod/2020/05-01/12/rxgrcb0qlpk1204rxgrcb0qlpk1733434.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 10012
last-modified: Fri, 01 May 2020 04:04:17 GMT
etag: "4690b6956d1fd61:0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StniYZEwHfgHJ5nwJThc%2B988EU%2F%2BzQa7hAXRVUjqwaVnqGIcHgj546UFMMd3%2ByoCla9tUFryavKAXZFYcOKlA3C1NNXkhweouOoqiky15V0CweZY5pyf9iWcRwXw6lnJKC6b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28b9a0f3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10012
Md5:    68c4b55292545d01b704349345de2082
Sha1:   376e0cb444567b588b0331d7eced9b192e5735de
Sha256: dbd3b5a5846af5e9232c16eab5ffc60357c245e845c83e69716daefd49722c9a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "32C63736A9B2595D93FADDFDD8D0DB23ED4AE652CF7696417AFC4BC57870C5FB"
Last-Modified: Mon, 29 Aug 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6604
Expires: Wed, 31 Aug 2022 03:19:05 GMT
Date: Wed, 31 Aug 2022 01:29:01 GMT
Connection: keep-alive

                                        
                                            GET /upload/vod/2020/05-01/12/kgrtpstw0vs1204kgrtpstw0vs1333424.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 9552
cf-bgj: h2pri
etag: "e4f934936d1fd61:0"
last-modified: Fri, 01 May 2020 04:04:13 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl%2Ff9tmppCSRyDc4%2BBkPZxn6h9YoRZk%2FP8J4ppN48GqAq1d1k2hEAqzoyKUBAmp4VpHDIGyOgNXRHXHhmjzKcVH%2BeiZXvNfwbrekv8x4icIY%2BB2GKnt9VrYw3eyfY0AbWDbx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28998af3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9552
Md5:    cc38589a58c76a42f38959a8c0897a28
Sha1:   a7d7396d721a0367af867d1100fb432f822165c8
Sha256: 702b334a889bfb400c2403dbacb476c8435f54023ed883b7139a50e89db996df
                                        
                                            GET /upload/vod/2020/05-01/12/eddyhcqlvcu1204eddyhcqlvcu1633430.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 9065
cf-bgj: h2pri
etag: "74d9b9946d1fd61:0"
last-modified: Fri, 01 May 2020 04:04:16 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSFSeZX0DvYAT0k6FWZbi6ol3dfngjEvjCtBb1Fmu4gEi2xuDTgwEmoGN6LwflPiPXG07cVtaXKrQJyT%2F4SQUih8Dbepy8ReId9PN0m2XDEVmWI16LX5RPA8P3SzHKTMGdX9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28a996f3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9065
Md5:    d2ba9e79d53162e787f5cbcf54632bf2
Sha1:   85bb91c3454c5e04523a0747084c9117ffa295a8
Sha256: ef8a718e186209f062620b3b4427e063bd252a546c718c8abd011a3c146d019b
                                        
                                            GET /upload/vod/2020/05-01/12/0efdbwyhu4012040efdbwyhu401433426.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 14140
cf-bgj: h2pri
etag: "94cfb5936d1fd61:0"
last-modified: Fri, 01 May 2020 04:04:14 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5GPOj2Zsl4rXdQKeFr7Ag9%2B7gHdgM%2F5Lidmxl%2BEYZb%2BCjoBIO7JiLUsOiqAUKhcsoeQqM095PK%2Btcatg7xRWrqmE3eJOxa%2BD%2BzJ%2F351RARD0jTkxhZ%2BZDRzJdVC1w2vRN0A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28a994f3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   14140
Md5:    835c209248671d3c1be4f808a9f4fad1
Sha1:   49d7449473ce3a753c1ac222f2bf3b2650c15a0f
Sha256: 0feac7785107fa2523bba9bdfc1cf51ff9d4b0f2e715be3a12becb9c3923fbeb
                                        
                                            GET /upload/vod/2020/05-01/12/qlnxb2savkq1204qlnxb2savkq1933438.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 7325
last-modified: Fri, 01 May 2020 04:04:19 GMT
etag: "f571ba966d1fd61:0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2cciJQLp4p3YWMf%2Bc41RIkLKQUYouMKC5TAfRnngqMEmmPmh%2FOq73EvJnAOu6FogHDjODzGQEFyOfQr%2BMj3cJLf8lM0J5qyWZLmuwmxlghlpDXW3vOX34ZS4pfcDcHweRYt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28998df3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   7325
Md5:    1bbfdde88e62eb04e53152e927dc57b6
Sha1:   cce8e4bd7fbc7fed44c93c6f72f1606092beec0f
Sha256: eb957069e4321fb3c1c100982ad0aa7832fcba2a07d4299f709dab2bac789292
                                        
                                            GET /upload/vod/2020/05-01/12/nhpsukn4ojg1204nhpsukn4ojg1833436.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 8201
last-modified: Fri, 01 May 2020 04:04:18 GMT
etag: "daec34966d1fd61:0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHKb5PjQZrncj%2B2QwpN1A7bVR64yMhXioHMV7uAtObixsNQBWO5WEMGzMS601fxMi%2F%2FeXjd9etIk2MuMhldCzYvzG96rXAm%2B98BdxMldUbM4f7v7agE12PQzuxmHXzsNP98q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28998cf3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   8201
Md5:    ebd2262d5681ec3d25e69cd83db954cd
Sha1:   d30c6b14f611bfd37d19bf13c769aab3258eeec7
Sha256: b8dbd12f813cdb899f62e8b14303105edf61b61b144ee533859ebeb6117ee1ab
                                        
                                            GET /upload/vod/2020/05-01/12/k2w3uhv504o1204k2w3uhv504o1533428.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 10190
last-modified: Fri, 01 May 2020 04:04:15 GMT
etag: "a5f138946d1fd61:0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMAr9FE69T%2Fpo9eOpfCXmgijLYTzJQUsf%2F3rIy5m8Vh%2BxB9X%2BWXbn385LFX1g3BcXCJdyFLYp60FD5tCURW15uFe%2BQSfc33XzP%2FkkJmPlu5%2BlBBiMOvrH2xzvwkgiUud2ptV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28a995f3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10190
Md5:    6d791c013b10468597168cde0aead3ee
Sha1:   fab4adeca56ce6fb63e126992ba491d293b1828e
Sha256: 5d6a735c31b8221f4a9df12415183302cebcdf50f5f4b21d89fe6e57e60dca95
                                        
                                            GET /upload/vod/2020/05-01/12/pmtq2fyre2s1204pmtq2fyre2s2133442.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 10051
last-modified: Fri, 01 May 2020 04:04:21 GMT
etag: "26f1bb976d1fd61:0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8yoa68fNg9jUbP5n%2B9dO5IW1y7l2Uw2PNRSFQN02YcLVWKbrZ%2BKsfyJjaX0R%2BLdw85%2Fn1rJ7AFonTNg6RXKxGImTjEBK6EobpEL8QdoCfUJs2deNy0yvHQgNQC4L%2BiyEVbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28998ff3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10051
Md5:    784b9e3fa0dd4efe732186d98e98fe8e
Sha1:   eaefa778fe09060b035657110834d15fb73ed30b
Sha256: 2b5d5d7af7c7e8f804d2990b0202da366f29b3dfd532429613c73d3a383684c7
                                        
                                            GET /upload/vod/2020/05-01/12/nwxlh1zfave1204nwxlh1zfave1633432.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 9160
last-modified: Fri, 01 May 2020 04:04:16 GMT
etag: "453238956d1fd61:0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSJk808TgJ0YfwdOgaXB5Hkow3YNulU4Y93F7iRy80XE2Jl3%2FJx1Wez6gMA0zfl6Nb5MuBdwoN1DH9NG%2BcDVLT4gBx6hWZBHSDsyEUs5UEoCrEff0LnaB0dVmgas9UiE1ECb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28b99ef3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9160
Md5:    c4c3b6ba3f1f0c4dc83dd26e22986b62
Sha1:   dda022880ae7128f5f3ebb0c55b1c2bb57c75ac4
Sha256: 48b8c2667d90404d486701f5e2b7fa7a9f8c2bcfaefe094d1a94142fad3ba656
                                        
                                            GET /upload/vod/2020/05-01/12/s1thsdyaflk1204s1thsdyaflk2233446.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 10401
last-modified: Fri, 01 May 2020 04:04:22 GMT
etag: "ae47c7986d1fd61:0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ec6dm5oJy0VEA21C7vk2LDHZsNQq6ykRaOdw5eKV%2BjUiJIfdrSfZB6frheUFgXtMNBj%2Bx9%2B2HWLIdxG3HhxprsQzdNybRpwXKniEHPbAlm7fupX7vW1UhL9ga6rpwWYCtwG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28a993f3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   10401
Md5:    9d7acafcc077572791b8460d560409b5
Sha1:   388e612ea6eeee59b8d254a96d9c6db7c8e911b9
Sha256: 1dc37d5fdbb2a37bda214f8799070dd7b6f86c04d15247b97b80fabb6025a81b
                                        
                                            GET /upload/vod/2020/05-01/12/ckhwtgm00pu1204ckhwtgm00pu2033440.jpg HTTP/1.1 
Host: fmlb.netlbtu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.174
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 9053
last-modified: Fri, 01 May 2020 04:04:20 GMT
etag: "eb933d976d1fd61:0"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMzT%2BPBTECfFxOMzYrB2Ljpzbf%2FhnZWEGEkOlfupOSZd8wkcstYKkybtIjvmDj%2FAwqD0jJ%2BKSfpEPsBCzIK7BC%2FIY4rKYTNHqy0Wli5%2BFYTREq%2FJ%2BTaj5xKT7VBqJY3JhEg0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe28998ef3fb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size:   9053
Md5:    c198128b9c2aa993a798c578ac8d24d5
Sha1:   1e1e6125572a359e0d7afaca34f9b19669ec973f
Sha256: aff94dfb5dc10fd67fed978b513126a4ae1b758c898510b3bddbe5b1dbc76574
                                        
                                            GET /hm.js?59c73e28dfebfd1b546f842ef76a3c3b HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dmlnhx.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Date: Wed, 31 Aug 2022 01:29:01 GMT
Etag: d018808e21ad2962f23e4c4d5e179e06
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=533135AADFCBDB3A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (627)
Size:   11340
Md5:    2d54c858f00fcd15736837545cbc3ffd
Sha1:   68230b6c62a0d8a7f9bddc76d3d9893d3c08a6be
Sha256: 0945cfc72ff5f817f3d8a441be426a3604c27ce9ffb7c41bc66ec94b9c9b4c37
                                        
                                            GET /static/api/js/share.js?cdnversion=461640 HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 6218
Date: Wed, 31 Aug 2022 01:29:02 GMT
Etag: "2981715462"
Expires: Wed, 31 Aug 2022 01:59:02 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:07 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (17305), with no line terminators
Size:   6218
Md5:    a78bd68ac53bbc7eff7039d2c4e2c4ab
Sha1:   52e17a124e5ef7c4729e2000f8a7ffa14c2a4eb9
Sha256: dbaf841ced63da2a82e537cf643b52d50b71620c39b5fbb6c90965ba8b78fd8e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 31 Aug 2022 01:29:01 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 30 Aug 2022 22:46:47 GMT
Expires: Wed, 31 Aug 2022 22:46:47 GMT
ETag: "42290c1dc024529c600c7010c90b3ffcf53365f6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    dccdd9d58a428262aaaf2953c034962e
Sha1:   42290c1dc024529c600c7010c90b3ffcf53365f6
Sha256: 4559ac63536b6350571975dc7ec9befec45b4d2d1ba70715a8f8eb24e9636456
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 31 Aug 2022 01:29:01 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 30 Aug 2022 22:46:47 GMT
Expires: Wed, 31 Aug 2022 22:46:47 GMT
ETag: "42290c1dc024529c600c7010c90b3ffcf53365f6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    dccdd9d58a428262aaaf2953c034962e
Sha1:   42290c1dc024529c600c7010c90b3ffcf53365f6
Sha256: 4559ac63536b6350571975dc7ec9befec45b4d2d1ba70715a8f8eb24e9636456
                                        
                                            GET /hm.js?697e66b12b4eafa25235cd3e4a57a860 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11341
Date: Wed, 31 Aug 2022 01:29:01 GMT
Etag: 21981db1b3e32d075c078d31cb4153bb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=32D34E8B4D716617; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (628)
Size:   11341
Md5:    e4db64dd5d054e3542f0f4f14853a0da
Sha1:   c56f2f2e60fce8046b2de33e6c84d666c53f2b44
Sha256: 8a35310145080c19600c4476a16316501ddac3579343f658363d448a51471c66
                                        
                                            GET /static/api/js/share/share_api.js?v=226108fe.js HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 374
Date: Wed, 31 Aug 2022 01:29:02 GMT
Etag: "2151209923"
Expires: Wed, 31 Aug 2022 01:59:02 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:08 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (636), with no line terminators
Size:   374
Md5:    d83d9b2e8f9991d48228eacaa36ed9d8
Sha1:   43f570d57795ff92f4f9765ca13fe8e7c04004dc
Sha256: 0823a3af4f618739366bd95c18c78716313d835adb2b20bcfa1bf44265fb7cfb
                                        
                                            GET /static/api/js/view/share_view.js?v=3ae6026d.js HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 751
Date: Wed, 31 Aug 2022 01:29:02 GMT
Etag: "2738411398"
Expires: Wed, 31 Aug 2022 01:59:02 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:09 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (1410), with no line terminators
Size:   751
Md5:    2f70d93b9f03bdfbd94c882baa358ba0
Sha1:   f2ff3411db7c99b8c38f88ef83d8d2c1e36cc97c
Sha256: 2d79560384a4a5d390dc9979d68b9db79d01076b2e89a110d16a42af3dbfaadc
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=836&et=0&ja=0&ln=en-us&lo=0&rnd=31193717&si=59c73e28dfebfd1b546f842ef76a3c3b&v=1.2.97&lv=1&sn=7277&r=0&ww=1152&ct=!!&u=http%3A%2F%2Fwww.dmlnhx.top%2Findex.php&tt=%E5%A4%A9%E6%B0%B4%E5%A2%92%E9%A4%90%E8%B4%A7%E8%BF%90%E4%BB%A3%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dmlnhx.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 31 Aug 2022 01:29:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BED02991F7370AD6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /xykdlynt/jizpq1xyu0rhxkva8foia/1764/jizpq HTTP/1.1 
Host: jeniferace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.243.183.17
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF8
                                        
Server: nginx/1.2.4
Date: Wed, 31 Aug 2022 01:29:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.14p1
Last-Modified: Wed, 31 Aug 2022 01:29:02 GMT
Cache-Control: no-cache, must-revalidate
Pramga: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: Content-Type, Content-Range, Content-Disposition, Content-Description
P3P: CP=CAO PSA OUR
Set-Cookie: showed_plan_108=1137; path=/; SameSite=None; Secure; expires=Wednesday, 31-Aug-2022 01:34:02 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (41853), with no line terminators
Size:   7018
Md5:    e0644509a444ac27040dc33a0c5ebdab
Sha1:   dcea9d1675b2b57ddd909837b26b41f2159f0696
Sha256: bcf932047d064a2354739c7d03a521fbbae3fa32359bdb67adb07237fa6ec5eb
                                        
                                            GET /nw21/zuo/01.png HTTP/1.1 
Host: janicerace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.27.23
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 31 Aug 2022 01:29:02 GMT
content-length: 11544
last-modified: Sat, 20 Feb 2021 09:36:43 GMT
etag: "6030d82b-2d18"
expires: Fri, 30 Sep 2022 01:29:02 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2349162
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7431fe2fff6db517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 160, 8-bit/color RGBA, non-interlaced\012- data
Size:   11544
Md5:    a6e4d31aecf50cf3506de1020e842e28
Sha1:   867e03922aefdfe315f9d819b61f5e7410fdda8a
Sha256: 829343340fa0fafff16c5104438cd760dfabea997e9c257ef2402ee64de6755e
                                        
                                            GET /xykdlynt/jizpq1xyu0rhxkva4foia/1764/jizpq HTTP/1.1 
Host: jeniferace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.243.183.17
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF8
                                        
Server: nginx/1.2.4
Date: Wed, 31 Aug 2022 01:29:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.14p1
Last-Modified: Wed, 31 Aug 2022 01:29:02 GMT
Cache-Control: no-cache, must-revalidate
Pramga: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: Content-Type, Content-Range, Content-Disposition, Content-Description
P3P: CP=CAO PSA OUR
Set-Cookie: showed_plan_104=1206; path=/; SameSite=None; Secure; expires=Wednesday, 31-Aug-2022 01:34:02 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (51585), with no line terminators
Size:   8318
Md5:    140509177461d27d84c0b71ccf2b14c6
Sha1:   01d908635aa862995f87920ce54dc447261790c9
Sha256: 6c4f86d42156d3458b901e7d85edbe2f823ef6c506de84fc4fe0e99cc30e2f3d
                                        
                                            GET /static/api/js/share/api_base.js HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 580
Date: Wed, 31 Aug 2022 01:29:02 GMT
Etag: "3610826631"
Expires: Wed, 31 Aug 2022 01:59:02 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:08 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (1468), with no line terminators
Size:   580
Md5:    a2f2cddb86ee350731a332b4c44f5e0d
Sha1:   e8ec70d2a62da5fff2ce1b684a4a9d112d640315
Sha256: 142e59628a500e248c6155c8fe279eeb70bc6aebf516c1bb6cd9486ea1b207b1
                                        
                                            GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=127268820&si=697e66b12b4eafa25235cd3e4a57a860&su=http%3A%2F%2Fwww.dmlnhx.top%2F&v=1.2.97&lv=1&sn=7278&r=0&ww=1140&ct=!!&u=http%3A%2F%2Fhlgspe.top%2F&tt=%E7%81%AB%E9%BE%99%E6%9E%9C%E8%A7%86%E9%A2%91-%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Wed, 31 Aug 2022 01:29:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4341A4F60938D5D3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /static/api/js/view/view_base.js HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 728
Date: Wed, 31 Aug 2022 01:29:02 GMT
Etag: "2688079746"
Expires: Wed, 31 Aug 2022 01:59:02 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:09 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (1616), with no line terminators
Size:   728
Md5:    7ee144ca4be853ced65e63463259e6eb
Sha1:   a171d2b09ecb55590628a71a7f50fc05eb2d7e92
Sha256: 89119613d47f7bd1c2daf15d878fea5cfbca158fbd90930fcf106b4dc177d9f6
                                        
                                            GET /1/12.gif HTTP/1.1 
Host: yeliao66h.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.247.252.5
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 31 Aug 2022 01:29:01 GMT
content-length: 2019069
last-modified: Mon, 11 Jul 2022 11:44:02 GMT
etag: "62cc0d02-1ecefd"
expires: Fri, 30 Sep 2022 01:29:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   2019069
Md5:    174bc54ad660f7975ebc086afe427b82
Sha1:   b2644cf7d91aded61f3d770c72d1444f3575e05e
Sha256: e505580bc17ec59127f8beab6ca3e9bb34e32c8a742a198950bf2ccfc17f5d9f
                                        
                                            GET /static/api/js/base/tangram.js?v=37768233.js HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 36055
Date: Wed, 31 Aug 2022 01:29:02 GMT
Etag: "814241156"
Expires: Wed, 31 Aug 2022 01:59:02 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:07 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (32769)
Size:   36055
Md5:    1a17164900cba54de0776f3d66b38647
Sha1:   115ecb2a379ead464545695c324301d95164b16c
Sha256: 2eb4ae8ab6cc0e3b820134d3da036902344908846eecc4f7d0adb6dbdab23a79
                                        
                                            GET /nynie.jsp?g=f4aeSwax2w3Yfl8y3JttHWY%2B5WloiVp5tcxZsVWZGag%2FDKWabptGaUM&p=Linux%20x86_64 HTTP/1.1 
Host: qqtt.charlottebeverly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/
Upgrade-Insecure-Requests: 1

                                         
                                         47.243.189.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.2.4
Date: Wed, 31 Aug 2022 01:29:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.14p1
Last-Modified: Wed, 31 Aug 2022 01:29:03 GMT
Cache-Control: no-cache, must-revalidate
Pramga: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   69
Md5:    c74c0086f9e17ed07db4e47a4bb6ea33
Sha1:   6565e20dca1d34598b03daf7d583a41452de4620
Sha256: 3640d8162c65ec7f4edcafda864ec1623fc59710202aea4bbb83806e51033ada
                                        
                                            GET /static/api/js/trans/data.js?v=17af2bd2.js HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 412
Date: Wed, 31 Aug 2022 01:29:03 GMT
Etag: "3812154305"
Expires: Wed, 31 Aug 2022 01:59:03 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:08 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (750), with no line terminators
Size:   412
Md5:    29c5b785d50a87ce5a4313b5019eb7b5
Sha1:   b7860a71e25a8824fcd02da0e0db33a065c92918
Sha256: 02b7badc488407efd854be77e566b70ab9d31b1b85097ee8e85678b38825e00e
                                        
                                            GET /fidvm.jsp?g=5a5fQa1nWazj8D%2FR6ttS0DMtV5l4llkKZG%2FnkMQyZHj4Tp7jvJurDi0&p=Linux%20x86_64 HTTP/1.1 
Host: qqtt.charlottebeverly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/
Upgrade-Insecure-Requests: 1

                                         
                                         47.243.189.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.2.4
Date: Wed, 31 Aug 2022 01:29:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.14p1
Last-Modified: Wed, 31 Aug 2022 01:29:03 GMT
Cache-Control: no-cache, must-revalidate
Pramga: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   68
Md5:    839ac0bd3c9ec6ae47487e2b0ddca0d7
Sha1:   9895cdefa19bdaac60e64d00e95bb6b8a01339fc
Sha256: 8d0a171653905658f3578f94c894b50a477af9de906188e5088dabcece53b955
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 31 Aug 2022 01:29:02 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 30 Aug 2022 20:44:14 GMT
Expires: Wed, 31 Aug 2022 20:44:14 GMT
ETag: "70d80de9906fa1514a316280d39ea2f32d083929"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    4fb9998131c60423ea923f1f06a6100a
Sha1:   70d80de9906fa1514a316280d39ea2f32d083929
Sha256: 61f7ce92aec247aad1a4b9602cbc512b9c5e35737b8fb3252b31f7f62cb34a8f
                                        
                                            GET /static/api/js/component/partners.js?v=96dbe85a.js HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 790
Date: Wed, 31 Aug 2022 01:29:03 GMT
Etag: "3493386128"
Expires: Wed, 31 Aug 2022 01:59:03 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:07 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (1866), with no line terminators
Size:   790
Md5:    1fe5dfa0f217378c6a269d0907572b26
Sha1:   e02e330ef145b006002710a57642d06bfcf5bd76
Sha256: 53912ed51acc9f854c807eb4e0ce6a23e51e6614e1c9881c0e0eaaae7b65bb94
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 31 Aug 2022 01:29:02 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 30 Aug 2022 20:44:14 GMT
Expires: Wed, 31 Aug 2022 20:44:14 GMT
ETag: "70d80de9906fa1514a316280d39ea2f32d083929"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    4fb9998131c60423ea923f1f06a6100a
Sha1:   70d80de9906fa1514a316280d39ea2f32d083929
Sha256: 61f7ce92aec247aad1a4b9602cbc512b9c5e35737b8fb3252b31f7f62cb34a8f
                                        
                                            GET /static/api/css/share_style0_32.css?v=5090ac8b.css HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 831
Date: Wed, 31 Aug 2022 01:29:03 GMT
Etag: "3786987277"
Expires: Wed, 31 Aug 2022 01:59:03 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:04 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (3755), with no line terminators
Size:   831
Md5:    b285529cc8961b4ace7ad9357d213bb2
Sha1:   4d9f3d6fc78ff2e77a58ff6cd6553f80dc3dd12c
Sha256: 44fea272339fc0c5709de07b60a91f8cbfa9750ef1657c4b2f0c64b0214154df
                                        
                                            GET /getnum?url=http%3A%2F%2Fhlgspe.top%2F&callback=bd__cbs__6fb67c HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         39.156.68.163
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 31 Aug 2022 01:29:03 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=ADE2BE5249B2E3A2F5DE72961E1E845E:FG=1; max-age=31536000; expires=Thu, 31-Aug-23 01:29:03 GMT; domain=.baidu.com; path=/; version=1
Content-Length: 43


--- Additional Info ---
Magic:  ASCII text
Size:   43
Md5:    280bac4b91edcd354fec1284162796bb
Sha1:   a3fea3dbfc780f03f656216e305234d392b2c9c0
Sha256: 92feeb7ef7502d68812708983193fd0e7450aabb4cb8eed99eeeac679e678134
                                        
                                            GET /esyyiz.jsp?g=ac10NIDVTgSKTimI7nZAkceY9%2F1%2FYcAOJsObkbhFDqb5TfyiCSEnN%2BLwZOosCdTjoSw3&p=Linux%20x86_64&u_url=http%3A%2F%2Fwww.dmlnhx.top%2F&r_url=http%3A%2F%2Fhlgspe.top%2F&u_sw=1280&u_sh=1024&u_bw=1128&u_bh=1757&u_utz=0 HTTP/1.1 
Host: caitlinbeverly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         47.243.183.17
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.2.4
Date: Wed, 31 Aug 2022 01:29:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.14p1
Last-Modified: Wed, 31 Aug 2022 01:29:03 GMT
Cache-Control: no-cache, must-revalidate
Pramga: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   87
Md5:    799832e8ab209ce5f8a5523cb21cff8d
Sha1:   392c9cd7e635d0bf7f6899afd22ef234d11f650c
Sha256: 598f8496dd58a6870fa8ad7891d4b4b4f8a6e67824e242e1146d08c9448316ff
                                        
                                            GET /wkatky.jsp?g=504aUufgLh99ySBo7efrek%2Ff3GcDGt1p6CejrqAaI4DGgox2cRouQx%2B2yFakx%2Bq2Gyqr&p=Linux%20x86_64&u_url=http%3A%2F%2Fwww.dmlnhx.top%2F&r_url=http%3A%2F%2Fhlgspe.top%2F&u_sw=1280&u_sh=1024&u_bw=1128&u_bh=1797&u_utz=0 HTTP/1.1 
Host: caitlinbeverly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hlgspe.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         47.243.183.17
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.2.4
Date: Wed, 31 Aug 2022 01:29:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.14p1
Last-Modified: Wed, 31 Aug 2022 01:29:03 GMT
Cache-Control: no-cache, must-revalidate
Pramga: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   87
Md5:    ae18614ba2b9a57fde32efd36a576870
Sha1:   6a0c98b699ab122c18273b726293570127f67821
Sha256: 3b3fa5e29c44b4cf7eac2ee687989ab516ff253a0a019df3c282831e9dd210a6
                                        
                                            GET /static/api/js/trans/logger.js?v=60603cb3.js HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         112.34.113.148
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1034
Date: Wed, 31 Aug 2022 01:29:05 GMT
Etag: "3887650637"
Expires: Wed, 31 Aug 2022 01:59:05 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:08 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  ASCII text, with very long lines (2159), with no line terminators
Size:   1034
Md5:    56b6c00869999857d8a8f9c27a2b53f9
Sha1:   e38f99caca30ca16e0bae04ddcbee49785d1fb37
Sha256: 4e41ba0ecfe5cae8269b3fdab5fe6bdc96cd6c9bb3379f85b18a74945c3dc2a4
                                        
                                            GET /v.gif HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         39.156.68.163
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Encoding: gzip
Content-Length: 23
Server: bfe
Date: Wed, 31 Aug 2022 01:29:05 GMT

                                        
                                            GET /v.gif?pid=307&type=3071&sign=&desturl=http%253A%252F%252Fwww.dmlnhx.top%252F&linkid=l7gxwy4bawx&apitype=1 HTTP/1.1 
Host: nsclick.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hlgspe.top/

                                         
                                         182.61.200.83
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Wed, 31 Aug 2022 01:29:06 GMT
Pragma: no-cache
Server: nginx/1.8.0
Tracecode: 17465269722500977418083109