r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5240
Expires: Wed, 23 Nov 2022 04:27:29 GMT
Date: Wed, 23 Nov 2022 03:00:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2604
Cache-Control: max-age=116070
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:00:09 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 11:14:39 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 02:09:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3048
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6031
Expires: Wed, 23 Nov 2022 04:40:40 GMT
Date: Wed, 23 Nov 2022 03:00:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kGP1exn4G2meT4BxTrF4n9Fbe8aoWwcbcOGGwo09CcixOAI1KuCYotHCYBFAKJCycylMCPWxW4M=
x-amz-request-id: YS72253DCWGYV3TY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 02:39:49 GMT
age: 1220
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 03:00:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
by6331.com/
45.192.68.61301 Moved Permanently 0 B IP 45.192.68.61:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: by6331.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 03:00:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.by6331.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 02:08:53 GMT
cache-control: public,max-age=3600
age: 3077
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3681
Cache-Control: max-age=112086
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:00:10 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:08:16 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.82.48.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.48.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Jkf07xmySkf1BWeTpqG5QA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dUtv+bhJ+Z1Tga5D4GPzFOe4yz4=
www.by6331.com/index.php
45.192.68.61200 OK 544 B IP 45.192.68.61:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (682), with CRLF line terminators
Hash 330053b6cf019bf3c9e13e48e71d10e5
e6d79b63a8076d06982254109bc2ac7a648422ce
9712c406b65f70f246be22312db2fecec5262fb295f37190682eaac3cb4079ed
GET /index.php HTTP/1.1
Host: www.by6331.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.by6331.com/tj.js
45.192.68.61200 OK 258 B IP 45.192.68.61:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash 50f99e75d656793a1df8c60d7fc58053
beb5d685e0a65b91b871ec233f7b15274ef85074
2e0a50f7d290a85aced062988bdaa739a3f121a185d57111c26146d26c013c9c
GET /tj.js HTTP/1.1
Host: www.by6331.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.by6331.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:10 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
www.by6331.com/common.js
45.192.68.61200 OK 563 B IP 45.192.68.61:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (499), with CRLF line terminators
Hash 853a83781762fd1ed2011396522b0608
e07d6581f8ea1211a37cb1fde11adce7c79342d4
23be316830eb9a0d1f09b88a7c8565fb09ba53cf8332c33d67501ef73784b26c
GET /common.js HTTP/1.1
Host: www.by6331.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.by6331.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:10 GMT
Content-Type: application/x-javascript
Content-Length: 563
Connection: keep-alive
www.by6331.com/favicon.ico
45.192.68.61200 OK 1.2 kB URL HTTP/1.1 www.by6331.com/favicon.ico
IP 45.192.68.61:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.by6331.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.by6331.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:11 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 28 Nov 2022 03:00:11 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash d3779068e95064dbd3d447acf78f2f7e
fa25061e1aaa4ff28f6717ce9cd573606d75d9df
5f83d384314e1dd3b25613fc6ee9276455234697572fabc1a1583d57f74f761f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 27 Nov 2022 02:15:22 GMT
ETag: "fa25061e1aaa4ff28f6717ce9cd573606d75d9df"
Last-Modified: Wed, 23 Nov 2022 02:15:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 836
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e6a7354a1eb50b-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20919
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 03:00:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20919
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 03:00:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20919
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 03:00:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20919
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 03:00:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or1B6k7o4cYqVXfndjJsKLOV-aYKX8bfHCQIUqNzvofjQSnIf8f04A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:52:42 GMT
age: 18449
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21fc9852ed2db17695d7038195b9283f
cda806d600c9e63e50d8ec42549fb107e4915068
55a7098369eb94f4333a1079ed6ad570121b7c76eeafb35022224b86d9b7edbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6910
x-amzn-requestid: 0d4fa715-c66a-4bcb-985c-f2c2ea71b3a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-pvrF-xoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c2330-67041f796d1906cc51e31b73;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 01:17:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: npd-DJrCfYjrwW7kfMwT38YWatTTdpr7bMRc0ikcXDwefQq-OR3ByQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 20:05:57 GMT
age: 24854
etag: "cda806d600c9e63e50d8ec42549fb107e4915068"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:28 GMT
age: 18223
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 218956a7601433bcf0f6ff484dbd5b52
d005c3afc835a854efdfa9cceb54b81153bb9899
dcc6527a7705c8e870e6aaf6744319ba0541a9fdfef58ca897361309d11b2b2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6180
x-amzn-requestid: 77d0b21a-db56-431c-8bc1-15ce409beadd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7nE2FyqIAMFnEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aebb8-6661a45a00c174e87e789791;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:08:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 4i-DyxmOE3pf55HCp1_oYxYPupFwEdMiQH8YRPQlyj-HMHtlRUfS4g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 03:57:57 GMT
age: 82934
etag: "d005c3afc835a854efdfa9cceb54b81153bb9899"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:52 GMT
age: 18859
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 309227dc1b5f9193c6be8f5a010fa348
dff12e88a784a954012f257d3689862c52251d01
2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lfLcMzlaKoOXDhvCk6dJCuqkINEqJX20JltVNZMLUFhQeNPpN8cVFg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:14 GMT
age: 18237
etag: "dff12e88a784a954012f257d3689862c52251d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rdg.tsdt3.top/
122.10.111.13200 OK 191 B IP 122.10.111.13:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 5bf60b461148897a2ec42e38f54d9600
79310df933ad7066446386cd2b469c1ee2e8bc22
f03056f464bc84a6094f5b4eb1f6e3a679243561161d29dc32a3ba2959fef0ed
GET / HTTP/1.1
Host: rdg.tsdt3.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.by6331.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:31:01 GMT
Accept-Ranges: bytes
ETag: "718a2d23cccd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 23 Nov 2022 03:00:10 GMT
Content-Length: 191
ukt.tsfi4.top/
154.212.113.41200 OK 190 B IP 154.212.113.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 33b2b3562144d92889f9d520776e444f
ad83e094c2275d646d476d4a2d28f16128bb44da
85aa8db1c1ec91222464167c1a99530b010474116e6ba5a205fbb02963bebdca
GET / HTTP/1.1
Host: ukt.tsfi4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rdg.tsdt3.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2022 14:42:15 GMT
Accept-Ranges: bytes
ETag: "9d57a9d80fed81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 23 Nov 2022 03:00:11 GMT
Content-Length: 190
hm.baidu.com/hm.js?fd2550db2d28d2cfae0c3f4a6eb12b88
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?fd2550db2d28d2cfae0c3f4a6eb12b88
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (626)
Hash b67e391ebad797256e158c5a1dc9d569
27924bba0acbc13e7ff783edec52b2e020f2bac2
f0a1055e50e3c3bc92f79b2b79a706ad96512e5532a30344cd14111e39a53039
GET /hm.js?fd2550db2d28d2cfae0c3f4a6eb12b88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.by6331.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11339
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 03:00:12 GMT
Etag: 47acf9c2e67fd11765538b168971aa4d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=96E4865BF134F2A0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1421352588&si=fd2550db2d28d2cfae0c3f4a6eb12b88&v=1.2.97&lv=1&sn=61498&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.by6331.com%2Findex.php&tt=%E8%A5%BF%E5%AE%89%E6%B6%A3%E7%AC%94%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1421352588&si=fd2550db2d28d2cfae0c3f4a6eb12b88&v=1.2.97&lv=1&sn=61498&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.by6331.com%2Findex.php&tt=%E8%A5%BF%E5%AE%89%E6%B6%A3%E7%AC%94%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1421352588&si=fd2550db2d28d2cfae0c3f4a6eb12b88&v=1.2.97&lv=1&sn=61498&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.by6331.com%2Findex.php&tt=%E8%A5%BF%E5%AE%89%E6%B6%A3%E7%AC%94%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.by6331.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 23 Nov 2022 03:00:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9A8CC863041431C1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hnn.tsms4.top/
122.10.27.117200 OK 6.3 kB IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash a00cad2a987da6ad6299925ae94c74fe
81cbb942ccad5b3cfaaf83336859b8b19dd2aecb
c397fb7ed4642ab0d2d3c630a912e04dad57901661e25d15fe9b4ee938ffe738
GET / HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ukt.tsfi4.top/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=eg9mvdr0ihu3m014lmb0s805ek; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
hnn.tsms4.top/static/css/home.css
122.10.27.117200 OK 5.8 kB URL HTTP/1.1 hnn.tsms4.top/static/css/home.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (310)
Hash 450fb016075d2231047a4d127c2f1e41
bf8f539abbbff7c9d222cc450c94485102aec7b8
ba0f7991b02b9a60fa5635e68553a6c3d4db6229b6c398c72c7a2d191833bd7f
GET /static/css/home.css HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:13 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Aug 2021 06:28:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61249182-5337"
Expires: Wed, 23 Nov 2022 15:00:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/css/style.css
122.10.27.117200 OK 4.2 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/css/style.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (887)
Hash ec4722f8db320fe78d8c14f9fdc04fcf
510d4f52ed2f1c7b1e4024aff2ba400b8fd3a986
fbb75222bd3bb0bad750759217960850dacf63a03bc148c4bae0c982cfa4b107
GET /template/m1938pc/css/style.css HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/css
Last-Modified: Sun, 14 Nov 2021 12:42:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61910451-316c"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/css/white.css
122.10.27.117200 OK 2.7 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/css/white.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, ASCII text, with very long lines (1029)
Hash 4bf86016b51a0923f29b60eebfdb70c6
01e7ccf779aaa148497ca4b8af6a40c51cdef9f1
1f7a20fb223b8a442b6bdb8c821db5cc5b2d99398f81b4d55bb30da51ebb432a
GET /template/m1938pc/css/white.css HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:57:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9aefe-27a6"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/css/style1.css
122.10.27.117200 OK 14 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/css/style1.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type assembler source, Unicode text, UTF-8 text
Hash 6ea39fbd3c140f07c0b85d329fe9c09c
704518ac82b5ff1b31891048cdfb56118a8e1761
5473ac3ccd7f3d26b01668b81815d1e5b060fec971902c25ef933c8763acc2e2
GET /template/m1938pc/css/style1.css HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/css
Last-Modified: Sat, 17 Jul 2021 02:43:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60f243ec-e981"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/css/mm-content.css
122.10.27.117200 OK 1.6 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/css/mm-content.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 4d6246aaee98074314419600ac04d334
0e4d3ce5fb1f58e7e50ad59d9f5be139bbf246a8
c263e97580e0dab7f547130c7cd2f7516df52c23b8b15ccd28c951f56b027afb
GET /template/m1938pc/css/mm-content.css HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:58:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af08-24d5"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/css/swiper.min.css
122.10.27.117200 OK 3.3 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/css/swiper.min.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (17459)
Hash e73a49e6a4e9772b6add191cf694bd34
00038fe32a6e97fbbeb281939adfb363cdd5f54f
5a1a24bd85867233f36de37f59b96bfeeb4290619781494713b8216902b30988
GET /template/m1938pc/css/swiper.min.css HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/css
Last-Modified: Wed, 16 Jun 2021 07:57:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af06-455f"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/css/mp4.css
122.10.27.117200 OK 2.0 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/css/mp4.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 1e2a92a65ee9e4f64e313caf5f55cac7
1cf740b450511e90f6ecd93521242bd009e72fa0
05c205d18a8195d407372166178aa9c909b3eb74be5fc0032d0d3833fcc6bde8
GET /template/m1938pc/css/mp4.css HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Jul 2021 04:55:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60ed1ca6-2226"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/js/jquery.lazyload.js
122.10.27.117200 OK 737 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/js/jquery.lazyload.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (2223)
Hash eaf0b0026f5fe118b17efd08675e64e7
716de738af0b4ee171aacce51ece7c6b0402dcac
3420e9519c1663b6969106be32c6dec9c3a77558ea88a6f79e02696e0a99ff14
GET /template/m1938pc/js/jquery.lazyload.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Feb 2022 16:39:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62014b3e-8b1"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/css/bootstrap.min.css
122.10.27.117200 OK 27 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/css/bootstrap.min.css
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (493)
Hash 05a25cdf37679d41a05c52e76e6c2cd2
16aacd64e4475ed3efd6e72370578e950bf76820
b3549f3f4ed086d81f6f6efbf4e909407a778d50fe3ff3ddea927cefc1ca6200
GET /template/m1938pc/css/bootstrap.min.css HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Jul 2021 05:00:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60ed1dd6-2226a"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/js/jquery.autocomplete.js
122.10.27.117200 OK 6.3 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/js/jquery.autocomplete.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 017ab50786774a4a7fae3a5bc3d7ffbd
e49fa45c10bf04810f6fceb896c35042c88417f6
fd1ec0a20c8c5f196840fc9c2e29decf3889f183fa0f566977454d9956e2a4ba
GET /template/m1938pc/js/jquery.autocomplete.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-6215"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/js/jquery.superslide.js
122.10.27.117200 OK 2.9 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/js/jquery.superslide.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ISO-8859 text, with very long lines (9089)
Hash 2728d1c0b6f67113e4fd43bfe1c5fd9f
3c02fa0572cee1ff2050f36a6700b9d40a5bcd0a
1094d4cbd8570de92dbe8a1ed928d25e8f5edfc186de9319156c50ee1582cbaf
GET /template/m1938pc/js/jquery.superslide.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-24d8"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/js/jquery.config.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/js/jquery.config.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hnn.tsms4.top/template/m1938pc/js/jquery.js
122.10.27.117200 OK 37 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/js/jquery.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
GET /template/m1938pc/js/jquery.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af28-169d5"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/js/jquery.base.js
122.10.27.117200 OK 2.4 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/js/jquery.base.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 770f78f611789c0759e08c48bc766c54
66d1671195b9f432b8b1986f677414b1e4330a25
b215bcf5c56080e433bdfaa98b797b25a111e97e8a7b2498fcfdca2342c8ca61
GET /template/m1938pc/js/jquery.base.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Jun 2021 07:58:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c9af10-1954"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/static/js/home.js
122.10.27.117200 OK 10 kB URL HTTP/1.1 hnn.tsms4.top/static/js/home.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (2677)
Hash 94964f375af85be8e991d7e6abd9a40b
d768fa9eafd3435729ff69c95aecdb442cb27952
5a46491195ed6546583712062a62c500342c792958f93477d125a00901ec9af4
GET /static/js/home.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Aug 2021 06:28:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61249190-95a5"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/ads/banner_s.js
122.10.27.117200 OK 1.2 kB URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/banner_s.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d717a6d2a5e928658e6178d2bbff15f3
5a915fa8f858af36464a265f68d528f7eee34282
9c8f71e1f40a8e3acb43b8d9dc59b34ca13eb968d0a1e19efb82acbd46f6d06a
GET /template/m1938pc/ads/banner_s.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Sat, 19 Nov 2022 15:39:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6378f8b4-203a"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/ads/word_s.js
122.10.27.117200 OK 512 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/word_s.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 934d4e86b541c09067d9c6095673f850
ec3ea6f192887082d06b43fe4743426996e87d61
bc69ea798f10fb70e86efd6bdf3d3df33d395f902f3a543d8a46ace7a0259c2f
GET /template/m1938pc/ads/word_s.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:37:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6376552f-d49"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/ads/word_x.js
122.10.27.117200 OK 444 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/word_x.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d66f4d55718880a8d05e996c6b3ae068
a6dcaf7106e6b097dcdb1ba1f8d4508025773cf8
efcefe681cd6cd9ce35fbd3a94a7627972a4a2ba2efa50b22b774c408b8c8d89
GET /template/m1938pc/ads/word_x.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:37:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6376553f-a98"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/ads/banner_z.js
122.10.27.117200 OK 602 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/banner_z.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 26e1e6fa38ce20c7c4b55584ee90b448
11253f6f46dbce197bb6c00a21bd072c6b17f704
4aa0012a3106471b5bb23bc7f65e2ce3b9f2fb9915b7d810df5daf294c3a6dc4
GET /template/m1938pc/ads/banner_z.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Content-Length: 602
Last-Modified: Thu, 17 Nov 2022 15:36:36 GMT
Connection: keep-alive
ETag: "63765504-25a"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
hnn.tsms4.top/template/m1938pc/ads/2.js
122.10.27.117200 OK 929 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/2.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash e25aca94c780cc610cbd9b7741dfde86
9d3ed2ee55a7fbb8f5c404bbe75e6aced8a38d4c
802bacec193e06dbd0358bf44016c34bc1cd5ebcf112cf7df7a72272a9c27c06
GET /template/m1938pc/ads/2.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Content-Length: 929
Last-Modified: Fri, 04 Nov 2022 12:29:17 GMT
Connection: keep-alive
ETag: "6365059d-3a1"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
hnn.tsms4.top/template/m1938pc/ads/1.js
122.10.27.117200 OK 697 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/1.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0a0e38bc4bb4b846c1cf9f4e1799ff36
f21a633b712a2a21c357b711f6169ba212d76ac0
05e28dd7f66e091a68a7767d20c8141902599d036ec90616f9609b7c4db565bc
GET /template/m1938pc/ads/1.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: application/javascript
Last-Modified: Fri, 18 Nov 2022 08:29:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6377427a-b16"
Expires: Wed, 23 Nov 2022 15:00:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/ads/3.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/3.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/3.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hnn.tsms4.top/template/m1938pc/ads/4.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/4.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/4.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hnn.tsms4.top/template/m1938pc/js/jquery.config.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/js/jquery.config.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/js/jquery.config.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:14 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6753078
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Wed, 23 Nov 2022 03:00:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11338049
expires: Mon, 03 Apr 2023 08:27:44 GMT
date: Wed, 23 Nov 2022 03:00:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
104.110.17.24200 OK 894 kB URL HTTP/2 dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /images/03950120009rs7dn26B5E.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 893726
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6219367
expires: Fri, 03 Feb 2023 02:36:22 GMT
date: Wed, 23 Nov 2022 03:00:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
hnn.tsms4.top/template/m1938pc/ads/5.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/5.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/5.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
96.6.16.143200 OK 457 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z0462215cypa2gv406F9.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 650 x 350\012- data
Size 457 kB (457345 bytes)
Hash c715f378075493153db049a8d2e70e1c
8c86edc72c9fa616aa484a42b84cff16c35f06b9
7ea2d9498a4d7b0467811099cc382871149c383a4d2639f222b0b928494c91dd
GET /images/0Z0462215cypa2gv406F9.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 457345
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6753005
expires: Thu, 09 Feb 2023 06:50:20 GMT
date: Wed, 23 Nov 2022 03:00:15 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
hnn.tsms4.top/template/m1938pc/ads/8.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/8.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/8.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hnn.tsms4.top/template/m1938pc/ads/7.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/7.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/7.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hnn.tsms4.top/template/m1938pc/ads/6.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/6.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/6.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hnn.tsms4.top/template/m1938pc/ads/9.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/9.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/9.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hnn.tsms4.top/template/m1938pc/ads/10.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/10.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/10.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hnn.tsms4.top/template/m1938pc/ads/3.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/3.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/3.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hnn.tsms4.top/template/m1938pc/ads/dp66.js
122.10.27.117200 OK 590 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/dp66.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 538403db8818be50e49bb1c06d336c01
1f62588eff9ef8296f20fa4313c88b13df0be46e
5d550089195b982f184f2c10c65adb836fe361030e53674fad103e3118af46cb
GET /template/m1938pc/ads/dp66.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 15:36:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6376550c-467"
Expires: Wed, 23 Nov 2022 15:00:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hnn.tsms4.top/template/m1938pc/ads/banner_x.js
122.10.27.117200 OK 922 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/banner_x.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text, with CRLF line terminators
Hash 3deb687d6f898da93a9d44b235db116d
b974640da61f0b2249c9528cb68bfd0da0d3f048
c3ef600e134a3d197c8996ae5804837b1ac3c2c771b8885c11a1244e4ac4fe34
GET /template/m1938pc/ads/banner_x.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: application/javascript
Content-Length: 922
Last-Modified: Fri, 18 Nov 2022 08:35:15 GMT
Connection: keep-alive
ETag: "637743c3-39a"
Expires: Wed, 23 Nov 2022 15:00:15 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b67b9663419a50a314b4d2095a7428
4c62bb07a119c0fa22dadee96566f8a329e51397
c73fed3853cc2400de906c998edc583f306acaa49e5ebee46f4fd72fb7813f42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C73FED3853CC2400DE906C998EDC583F306ACAA49E5EBEE46F4FD72FB7813F42"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8844
Expires: Wed, 23 Nov 2022 05:27:39 GMT
Date: Wed, 23 Nov 2022 03:00:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b67b9663419a50a314b4d2095a7428
4c62bb07a119c0fa22dadee96566f8a329e51397
c73fed3853cc2400de906c998edc583f306acaa49e5ebee46f4fd72fb7813f42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C73FED3853CC2400DE906C998EDC583F306ACAA49E5EBEE46F4FD72FB7813F42"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8844
Expires: Wed, 23 Nov 2022 05:27:39 GMT
Date: Wed, 23 Nov 2022 03:00:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b67b9663419a50a314b4d2095a7428
4c62bb07a119c0fa22dadee96566f8a329e51397
c73fed3853cc2400de906c998edc583f306acaa49e5ebee46f4fd72fb7813f42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C73FED3853CC2400DE906C998EDC583F306ACAA49E5EBEE46F4FD72FB7813F42"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8844
Expires: Wed, 23 Nov 2022 05:27:39 GMT
Date: Wed, 23 Nov 2022 03:00:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b67b9663419a50a314b4d2095a7428
4c62bb07a119c0fa22dadee96566f8a329e51397
c73fed3853cc2400de906c998edc583f306acaa49e5ebee46f4fd72fb7813f42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C73FED3853CC2400DE906C998EDC583F306ACAA49E5EBEE46F4FD72FB7813F42"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8844
Expires: Wed, 23 Nov 2022 05:27:39 GMT
Date: Wed, 23 Nov 2022 03:00:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b67b9663419a50a314b4d2095a7428
4c62bb07a119c0fa22dadee96566f8a329e51397
c73fed3853cc2400de906c998edc583f306acaa49e5ebee46f4fd72fb7813f42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C73FED3853CC2400DE906C998EDC583F306ACAA49E5EBEE46F4FD72FB7813F42"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8844
Expires: Wed, 23 Nov 2022 05:27:39 GMT
Date: Wed, 23 Nov 2022 03:00:15 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/yby44urskux0425yby44urskux4310546.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/yby44urskux0425yby44urskux4310546.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 107c6d88fe360f3a5830a58bb2b9ab37
bfec58af279e35ef640c856eea622f4acadb6962
5762f940c9d771138ea4c0eef08b8a720649ff7040fc5637e7d20df848d1d1e0
GET /upload/vod/2019/11-08/04/yby44urskux0425yby44urskux4310546.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/jpeg
content-length: 10750
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11410, status=webp_bigger
etag: "5dc47dc7-2c92"
last-modified: Thu, 07 Nov 2019 20:25:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7006
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e6a74d48f4b506-OSL
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash 33c02492ccf63106478321edd9fa444d
feb5d64363eda44397018f495497a645e386429e
f4153205c2b2e0756bdf40c2fac2add8927ca068cc267885866305d206bb09da
GET /hm.js?e7191e5689b911df153e7a3714bcb7c3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11328
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 03:00:15 GMT
Etag: 53eefc4365497b23606510a9e4bfa384
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EE80BC3D2E6888AC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hnn.tsms4.top/template/m1938pc/ads/4.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/4.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/4.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/kkeohv1lmdk0426kkeohv1lmdk3110612.jpg
172.67.28.138200 OK 9.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/kkeohv1lmdk0426kkeohv1lmdk3110612.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f9d22b3515d7b2362625f3ed650754c8
5614ad825e99b5d22f146dd3f0662df531031f2f
c9655d8eafa19b7e0cf43f87e10fc582862198db28782e614763888d07de4b27
GET /upload/vod/2019/11-08/04/kkeohv1lmdk0426kkeohv1lmdk3110612.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/webp
content-length: 9814
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11419
content-disposition: inline; filename="kkeohv1lmdk0426kkeohv1lmdk3110612.webp"
etag: "5dc47df7-2c9b"
last-modified: Thu, 07 Nov 2019 20:26:31 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7006
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a74db920b506-OSL
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 86b66a59010fbb2f77e4f24f404f8d33
291eb652e13ff34f2fe1e531713c4e7036af22c6
10005c975ff98e7a1745c48b82e6d8fcd0e2510af1be12b6f0909afbe8d16973
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 27 Nov 2022 00:05:33 GMT
ETag: "291eb652e13ff34f2fe1e531713c4e7036af22c6"
Last-Modified: Wed, 23 Nov 2022 00:05:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1748
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e6a74e6d3b1c0a-OSL
hnn.tsms4.top/template/m1938pc/ads/5.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/5.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/5.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/eut14dvkujt0424eut14dvkujt4010457.jpg
172.67.28.138200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/eut14dvkujt0424eut14dvkujt4010457.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ab4cbd0088cc77d45e24dff21ded17f3
6d2afc2b21af225985cd0a9816d833ee1c218f89
d9d3c1f60bd38629e53be8ae72546810d4583cf2543e6e7b5c20ada7c0f7af1d
GET /upload/vod/2019/11-08/04/eut14dvkujt0424eut14dvkujt4010457.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/webp
content-length: 8698
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9639
content-disposition: inline; filename="eut14dvkujt0424eut14dvkujt4010457.webp"
etag: "5dc47d88-25a7"
last-modified: Thu, 07 Nov 2019 20:24:40 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a74d38edb506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/rvxeuwxresq0425rvxeuwxresq2810523.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/rvxeuwxresq0425rvxeuwxresq2810523.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 7d6086a027afe77deb76c193e6c5fd3b
46cf15eb6767054f9ef72bb7b4f0f357b80ea747
58a5230f3a362d79c85669fed6c856faa94dfba587241ad2bce6dc60a6bbe34f
GET /upload/vod/2019/11-08/04/rvxeuwxresq0425rvxeuwxresq2810523.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/jpeg
content-length: 11111
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11625, status=webp_bigger
etag: "5dc47db8-2d69"
last-modified: Thu, 07 Nov 2019 20:25:28 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e6a74d38f0b506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/jpbz5dde0cn0425jpbz5dde0cn1110501.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/jpbz5dde0cn0425jpbz5dde0cn1110501.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00dae59e7a832ae2779c1f3cc17ba8ee
7b2d1e88a036060331e1859961481c320318f487
9cfd2f603ee58e5239b6c9596442cdf9fc3b1d01f443251d35af7448d44495c0
GET /upload/vod/2019/11-08/04/jpbz5dde0cn0425jpbz5dde0cn1110501.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/webp
content-length: 10216
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10980
content-disposition: inline; filename="jpbz5dde0cn0425jpbz5dde0cn1110501.webp"
etag: "5dc47da7-2ae4"
last-modified: Thu, 07 Nov 2019 20:25:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a74d38e9b506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/gblxla335j50425gblxla335j55910567.jpg
172.67.28.138200 OK 9.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/gblxla335j50425gblxla335j55910567.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash d470cf5e4d9c7c976d8b5ac645fc8ea5
6c0f44e7102c063d6f798fb0b9d12d6b2cc6684e
c5f9253be72960c8101e0cd69f03f55c3d0e5af8e08f1e9023a398a389687e9d
GET /upload/vod/2019/11-08/04/gblxla335j50425gblxla335j55910567.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/jpeg
content-length: 9682
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10201, status=webp_bigger
etag: "5dc47dd7-27d9"
last-modified: Thu, 07 Nov 2019 20:25:59 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e6a74d48f1b506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/io4o0gtwmpi0424io4o0gtwmpi5610479.jpg
172.67.28.138200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/io4o0gtwmpi0424io4o0gtwmpi5610479.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75b4cc4c046812ba5345484f013b38dc
0a59080946df64538ffbafec6278b9fe2a3ec95e
a9237357bd7ebc9d11fab31b12f01422ca59b869bc0d33fa9b678fe8bf780042
GET /upload/vod/2019/11-08/04/io4o0gtwmpi0424io4o0gtwmpi5610479.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/webp
content-length: 8648
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11070
content-disposition: inline; filename="io4o0gtwmpi0424io4o0gtwmpi5610479.webp"
etag: "5dc47d98-2b3e"
last-modified: Thu, 07 Nov 2019 20:24:56 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a74d38efb506-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 401b9ec0d600f5878c41dd73af5c9725
b1f64badeebb9ffbdb2efe3dcb4488a4c3a0a995
89f48f6cdee35c8912b21490856649ac5ef1d4040b857b3a8930cff01afc047c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2750
Cache-Control: max-age=157238
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:00:15 GMT
Etag: "637d4537-2d7"
Expires: Thu, 24 Nov 2022 22:40:53 GMT
Last-Modified: Tue, 22 Nov 2022 21:55:03 GMT
Server: ECS (amb/6BA6)
X-Cache: HIT
Content-Length: 727
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 963c2629bba7fd5548dcfd063279ad7a
b6c4868e41e5bdd97f393014031eed362be89727
ce141531a28385f5a17781403424fa9fc0aa192bbd87af451b351e8fbd3f776f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 05:12:56 GMT
Expires: Sun, 27 Nov 2022 05:12:55 GMT
Etag: "b6c4868e41e5bdd97f393014031eed362be89727"
Cache-Control: max-age=352959,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6a74f8b7eb518-OSL
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/2qindkptfv104272qindkptfv13510701.jpg
172.67.28.138200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/2qindkptfv104272qindkptfv13510701.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4699c81e5a2189ee8c523b3626c04ebd
fdb61bccbfc9fbba24ca602fa21c6ab283ae74d9
28b415b7c5c3c23ec1d895ef46d97025756a21d5571648f0d94cd90256261448
GET /upload/vod/2019/11-08/04/2qindkptfv104272qindkptfv13510701.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/webp
content-length: 8602
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9404
content-disposition: inline; filename="2qindkptfv104272qindkptfv13510701.webp"
etag: "5dc47e37-24bc"
last-modified: Thu, 07 Nov 2019 20:27:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a74dc92ab506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/mj1utq2kl220426mj1utq2kl221510589.jpg
172.67.28.138200 OK 4.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/mj1utq2kl220426mj1utq2kl221510589.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fdb5907b7348683ec08f55833cab3f8f
ed3e9d965fc6efa62829ac240597ee7c45c7bd01
c6658414bea9798244d99b42ede33d711fc8361e6ddc34acc2dac9370118d922
GET /upload/vod/2019/11-08/04/mj1utq2kl220426mj1utq2kl221510589.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/webp
content-length: 3996
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6287
content-disposition: inline; filename="mj1utq2kl220426mj1utq2kl221510589.webp"
etag: "5dc47de7-188f"
last-modified: Thu, 07 Nov 2019 20:26:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a74db91db506-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dedfef5f0ddd4b3038dd83f9dd65a236
364afb20ae6d4047cd5e81d2b124d64da540c8a8
ceaaede2db45be28bf25364e3c92b5d161bdc37bfae1ff3d4935a233dadb5ecf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 01:54:28 GMT
Expires: Mon, 28 Nov 2022 01:54:27 GMT
Etag: "364afb20ae6d4047cd5e81d2b124d64da540c8a8"
Cache-Control: max-age=427451,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6a74ebd45b51d-OSL
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/brvnd2fmeym0427brvnd2fmeym0210657.jpg
172.67.28.138200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/brvnd2fmeym0427brvnd2fmeym0210657.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 923d04ac468d41a400519f28e2a1e37d
d74b178f13bc111d5f424c02756e04ca74e83416
b2fc0eb51b8686d495eaea9482b6a55d41e6cf88963f6a0f72f192535331a89a
GET /upload/vod/2019/11-08/04/brvnd2fmeym0427brvnd2fmeym0210657.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:15 GMT
content-type: image/webp
content-length: 6856
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7739
content-disposition: inline; filename="brvnd2fmeym0427brvnd2fmeym0210657.webp"
etag: "5dc47e17-1e3b"
last-modified: Thu, 07 Nov 2019 20:27:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a74dc928b506-OSL
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=819584298&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=61500&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fhnn.tsms4.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=819584298&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=61500&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fhnn.tsms4.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=819584298&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=61500&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fhnn.tsms4.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 23 Nov 2022 03:00:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1E873F7F6122B3CD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/qnewh3fppd30426qnewh3fppd34710635.jpg
172.67.28.138200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/qnewh3fppd30426qnewh3fppd34710635.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ee0c347b63abbb13a912a5f8f17b716b
372c9f146737f15ba86d2d322850f3933b805f5b
63ec25329543c6bb7fe8bcbfec56f450cb27d8b0d73da8ec77855ae49c9cdb04
GET /upload/vod/2019/11-08/04/qnewh3fppd30426qnewh3fppd34710635.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:16 GMT
content-type: image/webp
content-length: 12808
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13667
content-disposition: inline; filename="qnewh3fppd30426qnewh3fppd34710635.webp"
etag: "5dc47e07-3563"
last-modified: Thu, 07 Nov 2019 20:26:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a74db922b506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/0dzkhogugbe04270dzkhogugbe1810679.jpg
172.67.28.138200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/0dzkhogugbe04270dzkhogugbe1810679.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 36868fcbee9fd276b826d81837db00df
9e8512d8778594f5ad38e761bfb07d937e9cc8f4
1164b48e6d4f78cfa632eb963b4e4fe052a3c45870a3e4bdb68abb0acda0f13b
GET /upload/vod/2019/11-08/04/0dzkhogugbe04270dzkhogugbe1810679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:16 GMT
content-type: image/webp
content-length: 6934
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9352
content-disposition: inline; filename="0dzkhogugbe04270dzkhogugbe1810679.webp"
etag: "5dc47e27-2488"
last-modified: Thu, 07 Nov 2019 20:27:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a74dc929b506-OSL
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
47.246.44.225200 OK 498 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
IP 47.246.44.225:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 497844
date: Fri, 21 Oct 2022 10:44:11 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:58:09 GMT
nw-session-id: 202210211458090102080352141D4BD2FDd8djs02dy
nw-session-trace: 2022-10-21T14:58:09.500113241+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 497844
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:58:09 GMT
x-tt-logid: 202210211458090102080352141D4BD2FD
via: n150-056-037, cache10.l2de2[0,0,206-0,H], cache21.l2de2[0,0], cache21.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[3,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 01cbee9379081dede4563ed816372eaed9e22e817cb6a172f5515b36a1d0b0b16b0992519978341c8c47dea2460ef9488fea2a1af46ef3a756f47ed19c1f3caa455c050d0adbbab5c58656198a7c70892c0a0b1880236b0a5587be96287d217bf8
x-response-lb: image
ali-swift-global-savetime: 1666349051
age: 2823364
x-cache: HIT TCP_MEM_HIT dirn:6:255639887
x-swift-savetime: Fri, 21 Oct 2022 10:50:02 GMT
x-swift-cachetime: 31535649
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616691724159426261e
X-Firefox-Spdy: h2
hnn.tsms4.top/template/m1938pc/ads/6.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/6.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/6.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 6a7859e908d36c1b40edd8dd1a4ca989
de6ad51051c1cf00d6c6dfa119007a266fb01cc0
c81667ab2a5f1ec3f19842d74b6fdf961d73d345f8fbc629d763f29b28e4de65
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 26 Nov 2022 23:06:07 GMT
ETag: "de6ad51051c1cf00d6c6dfa119007a266fb01cc0"
Last-Modified: Tue, 22 Nov 2022 23:06:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1748
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e6a750ede41c0a-OSL
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2a20b7cbfd7ebe7f56dd1051cc972480
d0e6b1a484368e36da709c8a1fee901062496f91
b3b9d4c85b30fcc32051085dfeedef37893eac7b27eac1bd3ca964b390573eaf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 23 Nov 2022 03:00:16 GMT
Last-Modified: Wed, 23 Nov 2022 00:18:54 GMT
ETag: "637d66ee-1d7"
Expires: Fri, 25 Nov 2022 00:18:54 GMT
Cache-Control: max-age=163118
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669172416
Via: cache20.l2de2[478,477,200-0,M], cache20.l2de2[479,0], cache4.se1[500,499,200-0,M], cache4.se1[501,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 23 Nov 2022 03:00:16 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816691724156254175e
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/5jka0guj2fc04285jka0guj2fc3810789.jpg
172.67.28.138200 OK 8.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/5jka0guj2fc04285jka0guj2fc3810789.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8d1ec66ea31c2e4595537e67ccb426f6
dff61e862cf8ecc8ee925d107ebf374505cda0d2
e27ca83a5ec23e9f1dcef6575d33823e08715904e043eb11ed8bb42dd0c031c1
GET /upload/vod/2019/11-08/04/5jka0guj2fc04285jka0guj2fc3810789.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:16 GMT
content-type: image/webp
content-length: 8294
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9346
content-disposition: inline; filename="5jka0guj2fc04285jka0guj2fc3810789.webp"
etag: "5dc47e76-2482"
last-modified: Thu, 07 Nov 2019 20:28:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6471
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a750fa95b506-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b02886bffe192ee5259a2c3a1e1b5ba7
00fa6e56af4f69a831affc97cc6a83ca8afed8af
d612a6e3dfc5804e274d999dbb5dd1eaea58b0a4820b3b1ab90be7fe8a792b80
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 00:53:48 GMT
Expires: Tue, 29 Nov 2022 00:53:47 GMT
Etag: "00fa6e56af4f69a831affc97cc6a83ca8afed8af"
Cache-Control: max-age=510210,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6a74fdbb90af6-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cfebc800203a9ba0b5ec6f9a44424797
1fc05438395204e8a4e63fd5b80dde2f9b8536d4
1c22da4de23c91244285cb3229ef625ab916fb8d9b38cc8c49ee59434bd5d5ad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 04:52:23 GMT
Expires: Mon, 28 Nov 2022 04:52:22 GMT
Etag: "1fc05438395204e8a4e63fd5b80dde2f9b8536d4"
Cache-Control: max-age=438125,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6a74fdb94b518-OSL
si1.go2yd.com/get-image/0yFUidjGHhQ
163.171.140.79200 OK 121 kB URL HTTP/2 si1.go2yd.com/get-image/0yFUidjGHhQ
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 500 x 280\012- data
Size 121 kB (121040 bytes)
Hash 72f445e66343e28d92a588cd7858f2dc
0138a721a5a93bdac4700c65cc6f6490009d3c19
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0
GET /get-image/0yFUidjGHhQ HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:16 GMT
content-type: image/gif
content-length: 121040
x-application-context: application
x-kss-request-id: 926b8f9ca982487692c4e63ce22e4a6e
etag: "72f445e66343e28d92a588cd7858f2dc"
content-md5: cvRF5mND4o2SpYjNeFjy3A==
last-modified: Mon, 28 Feb 2022 07:36:54 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:5 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:12 (Cdn Cache Server V2.0), 1.1 tb118:4 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1vj92:3 (Cdn Cache Server V2.0)
x-ws-request-id: 637d8cc0_PShlamstdAMS1wt94_16564-28690
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 96a785c5ccc6a7d90162d7a3dedf00f8
d6887eeeb2de983c7a1ac3d5ad028f147bf1f50d
5a106342bd4e13d9476ca671bd1c06670d4308f45b0fe36bdc4c1d0ae7252129
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 03:39:05 GMT
Expires: Sun, 27 Nov 2022 03:39:04 GMT
Etag: "d6887eeeb2de983c7a1ac3d5ad028f147bf1f50d"
Cache-Control: max-age=347327,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6a7516c3a0af6-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash fd93ca1fec2169813b6a96ff53c237ed
a8aa92bebf49d8c0144c060afc9348bd2c33f105
22eea0f23d1facefc6f569e52d2dd2561f360eb2d79c67a5996e01ee246f262b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 15:19:40 GMT
Expires: Sat, 26 Nov 2022 15:19:39 GMT
Etag: "a8aa92bebf49d8c0144c060afc9348bd2c33f105"
Cache-Control: max-age=302962,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6a7519f3eb51d-OSL
hnn.tsms4.top/template/m1938pc/ads/7.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/7.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/7.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/trctzhzndil0428trctzhzndil2210767.jpg
172.67.28.138200 OK 9.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/trctzhzndil0428trctzhzndil2210767.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash ffad16f3d3876f4b789e963730fead23
61e531c14e6c1b917cb7cfecddbd1816dee8fbe4
187d12aa8656d5000c35e67d9697f5a6182eda3e322209333900f8f243f5bf69
GET /upload/vod/2019/11-08/04/trctzhzndil0428trctzhzndil2210767.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:16 GMT
content-type: image/jpeg
content-length: 9432
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9876, status=webp_bigger
etag: "5dc47e66-2694"
last-modified: Thu, 07 Nov 2019 20:28:22 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e6a750fa94b506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/1j5o0sbtnbc04281j5o0sbtnbc5410809.jpg
172.67.28.138200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/1j5o0sbtnbc04281j5o0sbtnbc5410809.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b0d8813f7e283958dcf94a9ea9c0d969
f6fc64b1f2fa5e50891407cadc82df4af590c084
0e16fb6b133b99498486a06f57055b87fa144f1c4e91bad00c79b928b8b9239b
GET /upload/vod/2019/11-08/04/1j5o0sbtnbc04281j5o0sbtnbc5410809.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:16 GMT
content-type: image/webp
content-length: 6932
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9722
content-disposition: inline; filename="1j5o0sbtnbc04281j5o0sbtnbc5410809.webp"
etag: "5dc47e86-25fa"
last-modified: Thu, 07 Nov 2019 20:28:54 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 76e6a750fa96b506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/rzo3ia3nmcr0428rzo3ia3nmcr0610744.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/rzo3ia3nmcr0428rzo3ia3nmcr0610744.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 7cb8270210b5cfabc25ff536868e7379
78a13f4aed71471f12473c58d8ecb7b3e72bd356
055326993a733a1cb0d8e6d4098e987d4fcc3dda69839069291ed14ae9c70af1
GET /upload/vod/2019/11-08/04/rzo3ia3nmcr0428rzo3ia3nmcr0610744.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:16 GMT
content-type: image/jpeg
content-length: 12261
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12839, status=webp_bigger
etag: "5dc47e56-3227"
last-modified: Thu, 07 Nov 2019 20:28:06 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e6a750fa92b506-OSL
X-Firefox-Spdy: h2
hnn.tsms4.top/template/m1938pc/ads/8.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/8.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/8.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/h0o23mjeak20427h0o23mjeak25010722.jpg
172.67.28.138200 OK 8.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/h0o23mjeak20427h0o23mjeak25010722.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 6dbbc0859708d8e02f82774e65162c4f
012262bdeec7306a563dad179520241b5ef0ce04
5e1201c8d1b257e485997c41aaa579edab968595d5643716354f3b5b3ea6e28f
GET /upload/vod/2019/11-08/04/h0o23mjeak20427h0o23mjeak25010722.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:16 GMT
content-type: image/jpeg
content-length: 8868
last-modified: Thu, 07 Nov 2019 20:27:51 GMT
etag: "5dc47e47-22a4"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e6a750ea8db506-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/fu0t3gjlbrz0429fu0t3gjlbrz1010832.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/fu0t3gjlbrz0429fu0t3gjlbrz1010832.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash e9e79088e44685a86e1f3fd2226df871
35741ad26832ca3d7cb06985a4b24e1bd1bbcf67
f69c4aee921421f7c2f056a2ce74af8e9af16e5b1de36a4cf6ab31648f96bfcd
GET /upload/vod/2019/11-08/04/fu0t3gjlbrz0429fu0t3gjlbrz1010832.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:16 GMT
content-type: image/jpeg
content-length: 10626
last-modified: Thu, 07 Nov 2019 20:29:10 GMT
etag: "5dc47e96-2982"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e6a750fa9bb506-OSL
X-Firefox-Spdy: h2
u1010.com/4b3c4c0b91ab44a293f636576b61f61d.gif
103.170.15.57200 OK 269 kB URL HTTP/2 u1010.com/4b3c4c0b91ab44a293f636576b61f61d.gif
IP 103.170.15.57:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 269 kB (268903 bytes)
Hash d60a666b8a2b332244f82df2f7c985b7
ef8e353e1202ec391da338e5dbdea6796e579de3
f06bf9345b4c684ab9b191073da5134b2b76cd0c5196427aa69c509e675e4bd6
GET /4b3c4c0b91ab44a293f636576b61f61d.gif HTTP/1.1
Host: u1010.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6378c9eb-41a67"
server: nginx
date: Sun, 20 Nov 2022 13:58:29 GMT
content-type: image/gif
last-modified: Sat, 19 Nov 2022 12:19:55 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-47
content-length: 268903
X-Firefox-Spdy: h2
hnn.tsms4.top/template/m1938pc/ads/9.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/9.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/9.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
u1077.com/6ba61e82d9854d649a1c65d94346189b.gif
103.170.15.42200 OK 297 kB URL HTTP/2 u1077.com/6ba61e82d9854d649a1c65d94346189b.gif
IP 103.170.15.42:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 297 kB (297356 bytes)
Hash e63728bfd7747ecc0a25bfdb2b851365
9e5716e96d0685245024cb501a8897e87717ce6e
3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6
GET /6ba61e82d9854d649a1c65d94346189b.gif HTTP/1.1
Host: u1077.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff89-4898c"
server: nginx
date: Tue, 22 Nov 2022 07:38:30 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:03:21 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-32
content-length: 297356
X-Firefox-Spdy: h2
n0544.com/cadfaad6bf3a48caadd756dfd170308c.gif
20.243.255.199200 OK 106 kB URL HTTP/1.1 n0544.com/cadfaad6bf3a48caadd756dfd170308c.gif
IP 20.243.255.199:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 80\012- data
Size 106 kB (106506 bytes)
Hash 6d54569d13361f2790967b7e4121586e
9536ee76ac74f72529df2def312ff0ec014bcf29
9423946c26a250564157b32a00e6716649ef7e761e2f5cf826dbb83c532f3194
GET /cadfaad6bf3a48caadd756dfd170308c.gif HTTP/1.1
Host: n0544.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 04 Nov 2022 10:01:44 GMT
ETag: W/"6364e308-71fb4"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u1102.com/214791aa005b4c46b6a9f04058cfb808.gif
103.170.15.42200 OK 322 kB URL HTTP/2 u1102.com/214791aa005b4c46b6a9f04058cfb808.gif
IP 103.170.15.42:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 322 kB (322130 bytes)
Hash 6e9a6af4964e174da5597e2be162e59c
a75f9890ad7e1334f11b4dbe0da134266d78e329
b43e284062fe514e5108a9c8601616ea2771a2d64a3b32644ae7adea063599d3
GET /214791aa005b4c46b6a9f04058cfb808.gif HTTP/1.1
Host: u1102.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364e2f0-4ea52"
server: nginx
date: Tue, 22 Nov 2022 16:26:13 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 10:01:20 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-32
content-length: 322130
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f3b127a9327f8b94c3c745f73d553201
3dab4934bff49588a3bea898076143510bbeff7c
e00c6d0e987b1379ca8fd87fd8abfc2ee2969acfe42121234d1bdf8dad6dba87
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E00C6D0E987B1379CA8FD87FD8ABFC2EE2969ACFE42121234D1BDF8DAD6DBA87"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14077
Expires: Wed, 23 Nov 2022 06:54:54 GMT
Date: Wed, 23 Nov 2022 03:00:17 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ded49783fdcdc054fa5165dac98c634d
7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632
6996870c2af49b4b59cbf0fe6d9f95efbc4fa3d0cae1ec2961aeae20c4db4e68
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:18:44 GMT
Expires: Mon, 28 Nov 2022 23:18:43 GMT
Etag: "7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632"
Cache-Control: max-age=504506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6a7519c48b518-OSL
u1022.com/8e5c0e404b9b4ccfbf1a21cc4b180b59.gif
103.189.109.75200 OK 66 kB URL HTTP/2 u1022.com/8e5c0e404b9b4ccfbf1a21cc4b180b59.gif
IP 103.189.109.75:0
File type GIF image data, version 89a, 300 x 220\012- data
Hash 45c27704a7e5bf04a6ee9ca43a4a5710
30c46b532a8fad2580b72262df8233f9f3d92eac
784d9eae2229b2cb0aaf6ec5c3db20652d4046d2db82611b9ae293b61de4affb
GET /8e5c0e404b9b4ccfbf1a21cc4b180b59.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff68-10124"
server: nginx
date: Sat, 19 Nov 2022 07:54:37 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:02:48 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-065
content-length: 65828
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/19/dmm7485.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/19/dmm7485.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/19/dmm7485.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hnn.tsms4.top/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/19/dmm7485.jpg
fmlb.netlbtu.com/images/2021/7/22/dmm7501.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/22/dmm7501.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/22/dmm7501.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hnn.tsms4.top/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/22/dmm7501.jpg
fmlb.netlbtu.com/images/2021/7/19/dmm7492.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/19/dmm7492.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/19/dmm7492.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hnn.tsms4.top/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/19/dmm7492.jpg
fmlb.netlbtu.com/images/2021/7/19/dmm7491.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/19/dmm7491.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/19/dmm7491.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hnn.tsms4.top/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/19/dmm7491.jpg
fmlb.netlbtu.com/images/2021/7/19/dmm7483.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/19/dmm7483.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/19/dmm7483.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hnn.tsms4.top/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/19/dmm7483.jpg
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ded49783fdcdc054fa5165dac98c634d
7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632
6996870c2af49b4b59cbf0fe6d9f95efbc4fa3d0cae1ec2961aeae20c4db4e68
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 23:18:44 GMT
Expires: Mon, 28 Nov 2022 23:18:43 GMT
Etag: "7ed1da0772b7fa0727b5ae0ca64ac5d09ada2632"
Cache-Control: max-age=504505,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6a7533c880af6-OSL
statuse.digitalcertvalidation.com/
93.184.220.29200 OK 471 B URL HTTP/1.1 statuse.digitalcertvalidation.com/
IP 93.184.220.29:0
Hash 2b2bb62ce431baa6f8bbf9af397eb814
b34b5f7aac84d8e2ec6509efb3a5e76c64fe921d
05a184fcbcab3538aff1343b7579f4eccb7d11d58069be051cbc22c87ca382e9
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 200
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 03:00:17 GMT
Last-Modified: Wed, 23 Nov 2022 02:56:57 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
hnn.tsms4.top/template/m1938pc/ads/10.js
122.10.27.117404 Not Found 146 B URL HTTP/1.1 hnn.tsms4.top/template/m1938pc/ads/10.js
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/m1938pc/ads/10.js HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/04/j2ivcpwlwr30429j2ivcpwlwr32610854.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/04/j2ivcpwlwr30429j2ivcpwlwr32610854.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash da4ecd7aefe1fc5ab7483fc9edb80122
076f32afcd58891abe33d5c2ade5af4cc99ca9f4
948adbb9487cd3dbe672aafaca7ea74fd940141c87749529002f3f12a0414e83
GET /upload/vod/2019/11-08/04/j2ivcpwlwr30429j2ivcpwlwr32610854.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:17 GMT
content-type: image/jpeg
content-length: 11544
last-modified: Thu, 07 Nov 2019 20:29:26 GMT
etag: "5dc47ea6-2d18"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e6a7541c3eb506-OSL
X-Firefox-Spdy: h2
223969ufy.com/2fd1ff8304ce4683ad375e9c692230a2.gif
45.61.212.223200 OK 636 kB URL HTTP/1.1 223969ufy.com/2fd1ff8304ce4683ad375e9c692230a2.gif
IP 45.61.212.223:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 636 kB (635680 bytes)
Hash 1cb325d5859a93c29e41953b1089d4ef
ba867d7f6fd51ccf98e3e62b3786b109198ed236
903053e8dc64064819c2c30f1672015877d8cf7f5f2e7ca70ba8060ddda4b8fb
Analyzer Verdict Alert quad9 Sinkholed
GET /2fd1ff8304ce4683ad375e9c692230a2.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637727c3-9b320"
Date: Fri, 18 Nov 2022 11:10:07 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 18 Nov 2022 06:35:47 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-23
Content-Length: 635680
pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
185.10.104.115200 OK 159 kB URL HTTP/2 pic.rmb.bdstatic.com/bjh/0fe2b657af16774b05246565ba38f750.gif
IP 185.10.104.115:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 500 x 280\012- data
Size 159 kB (158841 bytes)
Hash 0fe2b657af16774b05246565ba38f750
f462d3e76599f914aa520aee1f9b022b2cf4c20d
09bf9bfc931fb7f7148485fdd621fb2894388da405c46230d6584f3e213f878d
GET /bjh/0fe2b657af16774b05246565ba38f750.gif HTTP/1.1
Host: pic.rmb.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 23 Nov 2022 03:00:17 GMT
content-type: image/gif
content-length: 158841
expires: Sun, 06 Nov 2022 14:31:54 GMT
last-modified: Fri, 06 May 2022 07:12:41 GMT
etag: "0fe2b657af16774b05246565ba38f750"
age: 733404
accept-ranges: bytes
content-md5: D+K2V68Wd0sFJGVlujj3UA==
x-bce-content-crc32: 1847957523
x-bce-debug-id: LkDe7ELpS/HFvbW7rsucaCF0I6lETOythvYbJ4tPO3z/Ol3FG0dfLOEbH2JfEEROliO4yOGwGb/QtdL2Bye0zw==
x-bce-request-id: ea667217-d061-40f8-b1c5-0acc4524f7d2
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 03 Nov 2022 14:31:54 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [3], czix243 [1]
ohc-file-size: 158841
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a81b7e5917b0a9fceb9d0ebe8dcda874
7de91e796d8fa1b7e13833bfd533ff262b781e08
379389deadc80b824d233137afde10363a53f8347657a966f0c3aedab78271cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 03:45:41 GMT
Expires: Tue, 29 Nov 2022 03:45:40 GMT
Etag: "7de91e796d8fa1b7e13833bfd533ff262b781e08"
Cache-Control: max-age=520522,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e6a756cdfeb518-OSL
fmlb.netlbtu.com/images/2021/7/22/dmm7499.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/22/dmm7499.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/22/dmm7499.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hnn.tsms4.top/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/22/dmm7499.jpg
fmlb.netlbtu.com/images/2021/7/22/dmm7498.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/22/dmm7498.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/22/dmm7498.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hnn.tsms4.top/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/22/dmm7498.jpg
fmlb.netlbtu.com/images/2021/7/23/dmm7504.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7504.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7504.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hnn.tsms4.top/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7504.jpg
fmlb.netlbtu.com/images/2021/7/23/dmm7507.jpg
45.89.208.114301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7507.jpg
IP 45.89.208.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/23/dmm7507.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hnn.tsms4.top/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/23/dmm7507.jpg
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 586d0107dd2df9b98e95fa39c2038c6e
c03ddfafb4743ebd04599b6a6c89066a0557b049
86ebeb1db9290009f790de90f7aa9437681ae83cefafa4a11543d19c133a9aa1
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=863
Date: Wed, 23 Nov 2022 03:00:17 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 586d0107dd2df9b98e95fa39c2038c6e
c03ddfafb4743ebd04599b6a6c89066a0557b049
86ebeb1db9290009f790de90f7aa9437681ae83cefafa4a11543d19c133a9aa1
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=844
Date: Wed, 23 Nov 2022 03:00:17 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 94823b8e7bd944cf82b5bf73109f8775
b31e9b4e3e3df129abaee0a2bcab25d5470bd5e6
7c9f48a416d446fb5b8d6c5b48ac1a026a0cf9235030ef22fec80a2b602e5669
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=875
Date: Wed, 23 Nov 2022 03:00:17 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 586d0107dd2df9b98e95fa39c2038c6e
c03ddfafb4743ebd04599b6a6c89066a0557b049
86ebeb1db9290009f790de90f7aa9437681ae83cefafa4a11543d19c133a9aa1
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=862
Date: Wed, 23 Nov 2022 03:00:17 GMT
Connection: keep-alive
X-N: S
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 94823b8e7bd944cf82b5bf73109f8775
b31e9b4e3e3df129abaee0a2bcab25d5470bd5e6
7c9f48a416d446fb5b8d6c5b48ac1a026a0cf9235030ef22fec80a2b602e5669
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=845
Date: Wed, 23 Nov 2022 03:00:17 GMT
Connection: keep-alive
X-N: S
hnn.tsms4.top/api.php/timming/index?t=0.019950744654398278
122.10.27.117200 OK 114 B URL HTTP/1.1 hnn.tsms4.top/api.php/timming/index?t=0.019950744654398278
IP 122.10.27.117:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with no line terminators
Hash 88c2c3b7020632d02d5a4cd2b4744913
1c6310246b7df2189ae850d1e19d27f18e2fdb6a
3e2c07c4a4b5218545cc97bfe5b42934ab9f214fdb8d20ee7e102b1b70cf0153
GET /api.php/timming/index?t=0.019950744654398278 HTTP/1.1
Host: hnn.tsms4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hnn.tsms4.top/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=i1ct0v6l1ajmlfk3mbv225f4ca; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a1328122b0123b079b5d7fc20e0e495a
cfe1e4885a7991cdec87f5d52e15b6bc2dd11ed9
4fc227053b3d3c54a9fbffe8fe570b429277a8f0e07928917f98bfcc99dbeeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FC227053B3D3C54A9FBFFE8FE570B429277A8F0E07928917F98BFCC99DBEEAA"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7722
Expires: Wed, 23 Nov 2022 05:08:59 GMT
Date: Wed, 23 Nov 2022 03:00:17 GMT
Connection: keep-alive
hm.baidu.com/hm.js?adcca6f1017c682dc84c135157a96e7a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?adcca6f1017c682dc84c135157a96e7a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash b16b6c28c8ca6c1e07f918db39367d2d
cf53b3d376d30de1877f3ffab9d96adb19dd2add
14808eb9d8d8820de932baf53e2afaaed4e773e9e1408f4d2bf38a438b9ac76c
GET /hm.js?adcca6f1017c682dc84c135157a96e7a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 03:00:17 GMT
Etag: 5f705d745f5d4fc53f0e2ada20a396a2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=205AB7BBC8558BF1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
120.77.166.19200 OK 264 kB URL HTTP/1.1 768tupian.oss-cn-shenzhen.aliyuncs.com/xpj80%20.gif
IP 120.77.166.19:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 264 kB (264494 bytes)
Hash 672b95e7b6ab24b5606b8287db85dbb4
98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
GET /xpj80%20.gif HTTP/1.1
Host: 768tupian.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: image/gif
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 637D8CC0FFFE3D39320B2AC7
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Sun, 23 Oct 2022 07:05:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3
mt66g.com/image/c960X160.gif
23.224.145.201200 OK 226 kB URL HTTP/2 mt66g.com/image/c960X160.gif
IP 23.224.145.201:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 226 kB (226350 bytes)
Hash dc050a09c8f91b6a1cd31f0e14a26f82
cd2aeab9db3c276e676bf0c7f32bf18059c6b522
335eab09ae4eccb826c619213a55977bf822b21117d2b4c7d6ffe5831c327163
GET /image/c960X160.gif HTTP/1.1
Host: mt66g.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:17 GMT
content-type: image/gif
content-length: 226350
last-modified: Mon, 24 Oct 2022 09:26:09 GMT
etag: "63565a31-3742e"
expires: Thu, 08 Dec 2022 09:27:18 GMT
cache-control: max-age=2592000
server: dns
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
vgvjkw.com/e56118d487df470a95ed3ab64d8647ff.gif
103.170.15.57200 OK 286 kB URL HTTP/2 vgvjkw.com/e56118d487df470a95ed3ab64d8647ff.gif
IP 103.170.15.57:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 286 kB (285785 bytes)
Hash 92285e93786dd0e69700a7b81ee67d1e
a9026bec9dc218806e865b3643d5fbe9a94f4edb
9f02528d2edc78634ebfd71d3c682cd679682715dc20afb446b9c8b5c26e1ae1
GET /e56118d487df470a95ed3ab64d8647ff.gif HTTP/1.1
Host: vgvjkw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "635b961a-45c59"
server: nginx
date: Mon, 21 Nov 2022 11:28:15 GMT
content-type: image/gif
last-modified: Fri, 28 Oct 2022 08:43:06 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-47
content-length: 285785
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/02.gif
120.77.166.72200 OK 672 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/02.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 960 x 100\012- data
Size 672 kB (672530 bytes)
Hash 6f6a6e13329668405fef1523540dee76
066acc7fc837eb673108ea5ff7aba0ff0efd8282
08fa32ed67b0ddc30e4dd772b797c649962fa6c04840bc75d48965217f3cdc49
GET /02.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: image/gif
Content-Length: 672530
Connection: keep-alive
x-oss-request-id: 637D8CC06309463235CB0C9B
Accept-Ranges: bytes
ETag: "6F6A6E13329668405FEF1523540DEE76"
Last-Modified: Sun, 15 May 2022 13:34:03 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12368396201495379341
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: b2puEzKWaEBf7xUjVA3udg==
x-oss-server-time: 3
fmlb.netlbtu.com/images/2021/7/22/dmm7501.jpg
45.89.208.114200 OK 131 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/22/dmm7501.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 131 kB (131400 bytes)
Hash 9e5308e2f95e04a6aed7f431a8f53cc1
0fdece38a9a76125a8f5b58e507507f665049f7e
c0a4e09ac1822399bdb67dea9a7152e870b961e4a3bac9093e37eb582dc672bd
GET /images/2021/7/22/dmm7501.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hnn.tsms4.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: image/jpeg
Content-Length: 131400
Last-Modified: Wed, 09 Nov 2022 11:57:26 GMT
Connection: keep-alive
ETag: "636b95a6-20148"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=525805785&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=61502&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fhnn.tsms4.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=525805785&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=61502&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fhnn.tsms4.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=8900&et=0&ja=0&ln=en-us&lo=0&rnd=525805785&si=adcca6f1017c682dc84c135157a96e7a&su=http%3A%2F%2Fukt.tsfi4.top%2F&v=1.2.97&lv=1&sn=61502&r=0&ww=1252&ct=!!&u=http%3A%2F%2Fhnn.tsms4.top%2F&tt=%E6%A1%83%E8%89%B2%E8%A7%86%E9%A2%91%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 23 Nov 2022 03:00:17 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=94D298770019FAC5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
fmlb.netlbtu.com/images/2021/7/19/dmm7483.jpg
45.89.208.114200 OK 132 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/19/dmm7483.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x535, components 3\012- data
Size 132 kB (132180 bytes)
Hash 28067bf60eb1ca0aabf3ce1ba5b68fef
ac2008bb59c79d1440ef91849ec5d656f8cd620d
c28a42d986e5ee7d388aa42363bae36decaf25fc9408cfd11b2d83c771667032
GET /images/2021/7/19/dmm7483.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hnn.tsms4.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: image/jpeg
Content-Length: 132180
Last-Modified: Wed, 09 Nov 2022 11:44:13 GMT
Connection: keep-alive
ETag: "636b928d-20454"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/19/dmm7485.jpg
45.89.208.114200 OK 170 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/19/dmm7485.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x537, components 3\012- data
Size 170 kB (170384 bytes)
Hash dc0e384ef28f081ddca9afb6aedab4b5
d499cee5fa0cbc21348a3c396891e807830e6dbb
5287bf25d013af616174d0d9058a3d541da20a2e1d5c8e6ba362cdb44a782399
GET /images/2021/7/19/dmm7485.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hnn.tsms4.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: image/jpeg
Content-Length: 170384
Last-Modified: Wed, 09 Nov 2022 12:03:42 GMT
Connection: keep-alive
ETag: "636b971e-29990"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/19/dmm7491.jpg
45.89.208.114200 OK 156 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/19/dmm7491.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 156 kB (155529 bytes)
Hash 1bca57762af58cd9c9f7ec1608604550
9556cbd9a97c38dfa30712f5fba1d29ce3988f56
9231e8cba709214c24542a28ebe488b958a30982376c8da65aa383ccb4e0abc9
GET /images/2021/7/19/dmm7491.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hnn.tsms4.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: image/jpeg
Content-Length: 155529
Last-Modified: Wed, 09 Nov 2022 11:58:45 GMT
Connection: keep-alive
ETag: "636b95f5-25f89"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/19/dmm7492.jpg
45.89.208.114200 OK 221 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/19/dmm7492.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x535, components 3\012- data
Size 221 kB (220871 bytes)
Hash 8c96b0e6fa15628ce23c61aa5f6a5290
d01e618f7ec6761390dd023c21aef1f973674a11
cfa4185bfd42b27f65a045f420b28ada019553599dc91c0b471a97d99825f323
GET /images/2021/7/19/dmm7492.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hnn.tsms4.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: image/jpeg
Content-Length: 220871
Last-Modified: Wed, 09 Nov 2022 11:43:08 GMT
Connection: keep-alive
ETag: "636b924c-35ec7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
u1044.com/c0ea67357fab443e9f882a89c29f0f29.gif
103.189.109.75200 OK 376 kB URL HTTP/2 u1044.com/c0ea67357fab443e9f882a89c29f0f29.gif
IP 103.189.109.75:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 376 kB (375501 bytes)
Hash 3cc130e8c73445ee88904b1d2945a002
ea12d90d3525af1eef53258ce9681b0093cf717e
29c94fe20be25178fb7896728930c7857d8f7db1e223295be8acf0fd4de68936
GET /c0ea67357fab443e9f882a89c29f0f29.gif HTTP/1.1
Host: u1044.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6364ff5a-5bacd"
server: nginx
date: Tue, 22 Nov 2022 12:46:53 GMT
content-type: image/gif
last-modified: Fri, 04 Nov 2022 12:02:34 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn109-065
content-length: 375501
X-Firefox-Spdy: h2
taiwtp1.com/img/96060.gif
220.128.218.220200 OK 47 kB URL HTTP/2 taiwtp1.com/img/96060.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 60\012- data
Hash 2b9c30b086d03d90a45a9174aef7b408
e87dbe76669e2f402826dd598bb047d793b1e20c
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
GET /img/96060.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 02:57:55 GMT
content-type: image/gif
content-length: 46855
last-modified: Wed, 09 Mar 2022 07:10:56 GMT
etag: "62285300-b707"
expires: Fri, 23 Dec 2022 02:57:55 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/23/dmm7507.jpg
45.89.208.114200 OK 138 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7507.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 138 kB (138285 bytes)
Hash e8a0a54e2552468e297b9ae49473f5ad
fca182c23a9c5ac38c8c352bc9cc610495e689ff
b4d6177c3cc9d92edf7dabf485bc29866582df2219c8a104aa5ddce3a77fb0d0
GET /images/2021/7/23/dmm7507.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hnn.tsms4.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:18 GMT
Content-Type: image/jpeg
Content-Length: 138285
Last-Modified: Wed, 09 Nov 2022 11:40:36 GMT
Connection: keep-alive
ETag: "636b91b4-21c2d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 924762f7082b3b8f86ea9ad10a2e8462
76c2008b1e7ffa1ed162f698cf3d5ff6a198a1d4
b933eb90dd244b88a8b4cc5f2ba18099ebd2f5bb566aceef3300c70fd55757b0
GET /hm.js?a42a9f9e7ce3dc4e0fe7d731ff179318 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11333
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 03:00:17 GMT
Etag: fcda441d92965fce7acd71a14b598c90
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C38D0DFA8E7E5AC8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?09b570ae57a8bdd90710ea1938df4e59
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 325cf761dc10e126eca5860c59401ae3
03e0aca20aca522e8972227e138479af69197cab
7e7dc00b4494e0a462b2446c086adc35bc5c6a031a3c65a2e7eb7ef8b1a61cd4
GET /hm.js?09b570ae57a8bdd90710ea1938df4e59 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11332
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 03:00:17 GMT
Etag: 97c491837bdd87dd612cf94fcf29d4b7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=74D4DC75192896A6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
fmlb.netlbtu.com/images/2021/7/22/dmm7499.jpg
45.89.208.114200 OK 161 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/22/dmm7499.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 161 kB (161233 bytes)
Hash fb1f59a29b710f75f4d21a30f7f863db
08548bacaef13ea3bc24ec219878fcc1d0a40be2
40e8b8fe18857556df34a4b80987207a56659eaf7682699875e006a1cb3a4394
GET /images/2021/7/22/dmm7499.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hnn.tsms4.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:17 GMT
Content-Type: image/jpeg
Content-Length: 161233
Last-Modified: Wed, 09 Nov 2022 12:03:43 GMT
Connection: keep-alive
ETag: "636b971f-275d1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/22/dmm7498.jpg
45.89.208.114200 OK 180 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/22/dmm7498.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x539, components 3\012- data
Size 180 kB (180381 bytes)
Hash bcd64c01063a8ca424bfd3cccd3b9317
1717eb1db6519430a148d4f3d4c4ad790b4d18a2
ddedcf2e4c7cf3b744148dd2ca5c527e149ce47e9a41d0b5460a9826a049ff64
GET /images/2021/7/22/dmm7498.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hnn.tsms4.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:18 GMT
Content-Type: image/jpeg
Content-Length: 180381
Last-Modified: Wed, 09 Nov 2022 11:44:05 GMT
Connection: keep-alive
ETag: "636b9285-2c09d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/23/dmm7504.jpg
45.89.208.114200 OK 164 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/23/dmm7504.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 164 kB (164455 bytes)
Hash 9b284f00fd906894248a8dbf9bebb36f
e3e104d76f8e6dfba9c513a215228298e4e06c2b
b6156961d94f59de273318125db954ee83c53709d26b0fae9e74be68d0eaeb39
GET /images/2021/7/23/dmm7504.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hnn.tsms4.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 23 Nov 2022 03:00:18 GMT
Content-Type: image/jpeg
Content-Length: 164455
Last-Modified: Wed, 09 Nov 2022 12:03:43 GMT
Connection: keep-alive
ETag: "636b971f-28267"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
hm.baidu.com/hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f
103.235.46.191200 OK 0 B URL HTTP/1.1 hm.baidu.com/hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /hm.js?81e2eb0ac88243d0b2761c1bc0fcee7f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11332
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 03:00:17 GMT
Etag: 9e67707efdee68bdba272bf26ef272ad
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=136D54961B6A4943; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
211.152.148.72200 OK 0 B URL HTTP/2 p1.meituan.net/dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif
IP 211.152.148.72:0
GET /dpplatform/fe1357abf524bc560d11e4af8beddaf91086086.gif HTTP/1.1
Host: p1.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 03:00:18 GMT
content-type: image/gif
content-length: 1086086
server: NWS_Oversea_AP
cache-control: max-age=5184000
expires: Sun, 22 Jan 2023 03:00:17 GMT
last-modified: Fri, 06 Jan 2023 02:12:34 GMT
x-nws-log-uuid: ee1ae441-6a41-411e-96bf-c365683f50e0
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-nws-uuid-verify: fdca9d98d36e20909ea7b491c06a38f9
m-traceid: 9vdrgg3fvl9uw4gwn4ip
age: 710810
timing-allow-origin: *
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
X-Firefox-Spdy: h2
img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.u1555.com/images/635242fd5fe50f0585d3ef8f.gif
IP 91.199.87.220:0
GET /images/635242fd5fe50f0585d3ef8f.gif HTTP/1.1
Host: img.u1555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/b49713b7a12e4e40a8736a2d9a3677d4
cache-control: max-age=3600
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?118d8c4b51d138a967fb082395b27809
103.235.46.191200 OK 0 B URL HTTP/1.1 hm.baidu.com/hm.js?118d8c4b51d138a967fb082395b27809
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /hm.js?118d8c4b51d138a967fb082395b27809 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11332
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 03:00:17 GMT
Etag: f4b66eb217ae24a87680e1ecfda15e4b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BE17691A78CBD780; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
47.75.19.163200 OK 0 B URL HTTP/1.1 vns86.oss-cn-hongkong.aliyuncs.com/sstu/st.gif
IP 47.75.19.163:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /sstu/st.gif HTTP/1.1
Host: vns86.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 23 Nov 2022 03:00:16 GMT
Content-Type: image/gif
Content-Length: 531945
Connection: keep-alive
x-oss-request-id: 637D8CC022C82A3439C57CD5
Accept-Ranges: bytes
ETag: "904C4F51A02C9F03F27AC2593D4C061E"
Last-Modified: Sun, 20 Nov 2022 05:06:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9035815038154931791
x-oss-storage-class: Standard
x-oss-version-id: CAEQPxiBgIC4ltzNpBgiIDdlODc5YmI4ZDVjNjQ3ZDk5OTI1NWRlZmIwMjk2Zjc5
Content-MD5: kExPUaAsnwPyesJZPUwGHg==
x-oss-server-time: 3
hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
106.227.30.48200 OK 0 B URL HTTP/2 hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
IP 106.227.30.48:0
GET /static/tongji/plugins/UrlChangeTracker.js HTTP/1.1
Host: hmcdn.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 23 Nov 2022 03:00:17 GMT
content-type: application/x-javascript
last-modified: Tue, 20 Oct 2020 09:42:15 GMT
etag: "5f8eb0f7-4b3c"
content-encoding: gzip
age: 160460
accept-ranges: bytes
tracecode: 00557334490254889226093005
vary: Accept-Encoding
timing-allow-origin: *
ohc-global-saved-time: Sun, 20 Nov 2022 02:12:58 GMT
ohc-cache-hit: nc5ct69 [2], tjctcache59 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?5f6f6952a111398e4db76c6944ccaba1
103.235.46.191200 OK 0 B URL HTTP/1.1 hm.baidu.com/hm.js?5f6f6952a111398e4db76c6944ccaba1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /hm.js?5f6f6952a111398e4db76c6944ccaba1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hnn.tsms4.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11333
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 03:00:17 GMT
Etag: 66aa69c72d3f19ba98db40b6a3c89144
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4CDF323242B552E2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800