Report - wordpressexample.com/?author=1.

Report Overview

Submitted URL
wordpressexample.com/?author=1.
IP
160.202.106.19
ASN
#46261 QUICKPACKET
Submitted
2022-11-25 11:47:43
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
dimg04.c-ctrip.com	139731	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	828 B	566 kB	104.110.17.24
339282bdb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	810 B	666 kB	103.170.15.91
taiwtp1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	134 kB	220.128.218.220
img.9712x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	91.199.87.220
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.1 kB	10 kB	93.184.220.29
200.benbenys.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	303 B	58 kB	23.224.61.222
si1.go2yd.com	325918	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	141 kB	163.171.140.79
628536nyv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	670 kB	103.170.15.72
5593qq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	748 kB	103.170.15.88
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
i.ibb.co	13485	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	1.2 kB	162.19.58.160
3p8801.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	330 kB	142.0.131.26
img.8961x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	367 kB	91.199.87.220
api.79zxcv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	6.4 kB	18.141.190.97
p.qlogo.cn	48578	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	917 B	890 B	43.154.254.32
tt.1468tu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	271 B	373 B	43.153.174.204
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	7.3 kB	104.18.32.68
kvhkkk.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	752 kB	104.21.234.156
sz88.oss-cn-shenzhen.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	813 B	1.0 kB	120.77.166.72
img.2559u.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	91.199.87.220
6937555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	264 B	426 kB	104.149.138.102
kvemm.com	222018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	45.154.214.219
nvhbbb.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	1.6 MB	104.21.55.74
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	712 B	142.250.74.3
585227ybn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	283 B	103.170.15.88
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.252.32
kveff.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	422 B	64.32.13.142
acoosso.top	631702	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	166 B	91.195.240.12
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.1 kB	19 kB	23.36.77.32
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	3.8 kB	104.18.21.226
ob699.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	262 B	20 kB	45.153.131.58
lbfm.lbpictupian.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	174 kB	172.67.28.138
sszhan.oss-cn-shenzhen.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	523 B	120.77.166.119
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	5.8 kB	104.18.20.226
kvevv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	64.32.13.142
p3.douyinpic.com	23536	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.6 MB	47.246.44.227
zhibo128x.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	768 B	738 kB	154.83.25.141
fmlb.netlbtu.com	187701	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	56 kB	45.89.208.114
pic.picnewsss.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	27 kB	23.225.139.251
img.1129555.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	182 B	91.199.87.220
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ak-d.tripcdn.com	71581	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	808 B	2.1 MB	96.6.16.143
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	14 kB	172.64.155.188
kzecc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	422 B	64.32.13.142
acoozzh.top	439448	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	159 kB	104.21.33.100
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	555 B	47.56.33.17
1088hg01.oss-cn-hongkong.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	462 B	47.75.19.69
api.share.baidu.com	44629	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	114 B	39.156.68.163
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	37 kB	103.235.46.191
kvhaaa.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	865 kB	104.21.94.20
www.jxys88.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	359 kB	173.231.12.68
www.wordpressexample.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.0 kB	160.202.106.19
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	696 B	3.7 kB	23.36.79.10
829355rff.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	62 kB	45.61.212.120
kvtnnn.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	768 B	104.21.234.86
img.9717x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	220 B	91.199.87.220
kvmaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	170.178.176.170
ocsp.digicert.cn	37572	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	2.2 kB	47.246.44.205
wordpressexample.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	215 B	160.202.106.19
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	294 B	750 B	180.101.212.103
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	5.1 kB	23.36.77.32
img.u1158.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	645 kB	91.199.87.220
kvezz.com	237784	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	422 B	45.154.215.92
362728tdg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	423 kB	45.61.212.126
sysupload.csiteadmin.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	2.4 MB	20.189.126.154
kvkggg.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	740 kB	104.21.5.141
static.qwahk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	477 B	154.39.104.61
8499225.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	255 B	23.224.101.36
imagedelivery.net	255311	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	878 B	334 kB	104.18.2.36
www.jxys12.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	3.8 MB	173.231.38.5
img.u1779.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	421 kB	91.199.87.220
223969ufy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	359 kB	103.170.15.72
ocsp.buypass.com	157566	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	4.3 kB	23.36.76.129
592773xgg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	581 kB	45.61.212.121

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	339282bdb.com	Sinkholed
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	223969ufy.com	Sinkholed
2022-11-25	medium	339282bdb.com	Sinkholed
2022-11-25	medium	362728tdg.com	Sinkholed
2022-11-25	medium	628536nyv.com	Sinkholed
2022-11-25	medium	5593qq.com	Sinkholed
2022-11-25	medium	79zxcv.com	Sinkholed
2022-11-25	medium	79zxcv.com	Sinkholed
2022-11-25	medium	829355rff.com	Sinkholed
2022-11-25	medium	79zxcv.com	Sinkholed
2022-11-25	medium	kvkggg.top	Sinkholed
2022-11-25	medium	585227ybn.com	Sinkholed
2022-11-25	medium	jxys12.xyz	Sinkholed
2022-11-25	medium	8499225.com	Sinkholed

JavaScript (18)

	URL	Size	First Seen	Last Seen
	hm.baidu.com/hm.js?f7d4e84c906d7aa1319b3083e404a089	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?f7d4e84c906d7aa1319b3083e404a089 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:04:06 Last Seen2023-03-11 20:04:06 Times Seen1 Hash 18ba703debe43c0c50c672e8eb723468 5c5879e3d7b34fd03e0011ab7ba894eeb808d01f de55f1ce2f8bc9015dcbe4a99935c4d5995781e65872b9f1402c01179c6960f7 Loading...

	hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:04:06 Last Seen2023-03-11 20:04:06 Times Seen1 Hash ae581fd4141d30ce7f1a3b5b1783652a 872275a87030ebbb98661ac2670a837d8c5a1d38 bc9d03bc60cd552c6e7dd8ca0fb97a93bb6d77957fca2e88b09ef30709a61b3a Loading...

	www.jxys88.net/news/data.php	469 B	2023-03-08	2023-03-11
Pretty URL www.jxys88.net/news/data.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 7f56be0ca5a97f81ac641229e5c24b4c 692a4379baa5daf6b4e173fb012a87641bde14d1 032baef139f9557423b7d7536a112f7bfb6b12b1a17210dec23ed069d5f2d005 Loading...

	www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js	1.3 kB	2023-03-11	2023-03-11
Pretty URL www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js IP 173.231.38.5 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:54:55 Last Seen2023-03-11 20:35:36 Times Seen1 Hash 724c4e0c5f8dfbed475ade35b6c6e791 d765514a1e6793a1199e94185e43241dec159274 57dda942ace4e199d49a3a07e74a3057451a21748d27e63a503f5a15eede9355 Loading...

	api.79zxcv.com/js/dom.js	16 kB	2023-03-07	2023-03-11
Pretty URL api.79zxcv.com/js/dom.js IP 18.141.190.97 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:52:35 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 69252e17604aab4c6fd770c3f70113e9 69f8291f946243a4f9f5164256d017927db85d13 73931ac37c9a8ff96a448e363e9d838809e47794beae1a9992754f1678638dcd Loading...

	www.wordpressexample.com/index.php?author=1.	404 B	2023-03-07	2024-04-26
Pretty URL www.wordpressexample.com/index.php?author=1. IP 160.202.106.19 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 13:23:16 Times Seen2980 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.wordpressexample.com/tj.js	520 B	2023-03-10	2023-03-11
Pretty URL www.wordpressexample.com/tj.js IP 160.202.106.19 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:30:06 Last Seen2023-03-11 20:04:06 Times Seen1 Hash 96db358bd0e6ee275c7430e1618924e9 493253a7cfaca54dc836978e12a84b8427ce888b d302db832b3b48b63de68161cbcc8119f7f389d29d55607409aa810444215883 Loading...

	www.wordpressexample.com/common.js	1.5 kB	2023-03-07	2023-03-17
Pretty URL www.wordpressexample.com/common.js IP 160.202.106.19 ASN #46261 QUICKPACKET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:14 Last Seen2023-03-17 10:41:04 Times Seen1 Hash 2d67599d1e21388fb35a4f6ae7c75a34 d659e4906bd306b2056c78675375c10c520f0435 4f619b09ee009853db7003ec09d8562208b4fd9a643d4706084159df5804b84d Loading...

	hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:04:06 Last Seen2023-03-11 20:04:06 Times Seen1 Hash 175c1c9282b7aa4185a26ae42e1e5dbe 71fae0d4b0746f92eeb241a9d4a21d203deacba9 676b953974892bd5d52545d0ede9c50f6b388421155c85045601dcbb8b494bd2 Loading...

	api.79zxcv.com/sh/328.js	463 B	2023-03-08	2023-03-11
Pretty URL api.79zxcv.com/sh/328.js IP 18.141.190.97 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:05 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 4ada6e293a75c07ce69d0e9aa7cabe73 a17400b9941f0fa71105caac6ce7e18eea16b7c9 28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-26
Pretty URL push.zhanzhang.baidu.com/push.js IP 180.101.212.103 ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 16:09:47 Times Seen19027 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	www.jxys88.net/news/index.php	166 B	2023-03-07	2023-04-05
Pretty URL www.jxys88.net/news/index.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-04-05 02:05:15 Times Seen271 Hash 148c395b30fc62c19c4e96a387ce5080 aaad892b0553b427438079c39c45c04a4bd26683 3abae3dd940fa31948ccf4348d0b3dd0528808c33a99915e9ea06c6c9faf097c Loading...

	www.jxys12.xyz/	254 B	2023-03-07	2023-07-10
Pretty URL www.jxys12.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-07-10 02:29:30 Times Seen148 Hash 2b060c01c124335c89db809e88d801f5 4226dea14013c0d2b6a391cebcfafc02e00d9305 46b48e8582d3035db685d90fd6ef29a676ae4f59721521c4025568c81fc43621 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ccba77f0bf2b9188ae555ea7433f6521	476 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 20:04:06 Last Seen2023-03-11 20:04:06 Times Seen1 Hash ccba77f0bf2b9188ae555ea7433f6521 e9c324894f38b0888c39744b4080afce7cf571d8 4b2f925a8863d3ed609dacab226319422584371324b902c4f0a84690306d82c1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9a1f0061473ebaf5ea6a0cd9b719e6f2	457 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 20:04:06 Last Seen2023-03-11 20:04:06 Times Seen1 Hash 9a1f0061473ebaf5ea6a0cd9b719e6f2 eb468986ba29815378bd36b2e6e0621de87c837a 879951a6d253e136164b14e6449b188a0a185c3162826e6545df0f906067e78a Loading...

	#2 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-25 20:37:27 Times Seen3762 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#3 Write - 6e092a85eb174ee4a271024278cfb658	325 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 13:54:55 Last Seen2023-03-11 20:35:36 Times Seen1 Hash 6e092a85eb174ee4a271024278cfb658 65891f1f4ad6a54618fa4fbeb4c0539435896667 e967b17ccec9ca604894134066a952a06cb54f663cedb925c3d8575a80a7b0c8 Loading...

	#4 Write - c11358efdc00df229107889ddf732785	351 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 10:06:29 Last Seen2023-03-11 22:51:19 Times Seen1 Hash c11358efdc00df229107889ddf732785 ccabccf8ce36e492ade01bdf53571773c24a82dc bc6eefa90005a569493948d8ae97575bf163beae520323be99102d7d8fb217a1 Loading...

HTTP Transactions (224)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2992
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 11:47:30 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:30 GMT
Last-Modified: Fri, 25 Nov 2022 10:24:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

wordpressexample.com/?author=1.

160.202.106.19

301 Moved Permanently

0 B

URL HTTP/1.1
wordpressexample.com/?author=1.
IP
160.202.106.19:0
ASN
#46261 QUICKPACKET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?author=1. HTTP/1.1
Host: wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 11:47:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.wordpressexample.com/index.php?author=1.

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 11:19:06 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1704
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13654
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 11:47:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: FkcDNhjmGBvklbBVO2Y2ud2rcEpDZ6jTBPh8pXYwtRQqiU/W/L+h3mtXATVSW+TmS/QF89hhpRQ=
x-amz-request-id: BYA5KP3P05QNJWQ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 11:40:47 GMT
age: 403
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 11:08:53 GMT
cache-control: public,max-age=3600
age: 2317
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5145
Cache-Control: max-age=168306
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:30 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:32:36 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.41.252.32

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.252.32:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JUkW8+hRrKfEWPaGjRFjyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WrlPmcvrQ+6Vun/8v0xJeVRv7Rc=

www.wordpressexample.com/index.php?author=1.

160.202.106.19

200 OK

785 B

URL HTTP/1.1
www.wordpressexample.com/index.php?author=1.
IP
160.202.106.19:0
ASN
#46261 QUICKPACKET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
785 B (785 bytes)
Hash
06638f44888ad101206f6b89a7304b8b
f5f18fe1be538aa78d06e8097d4f30e99f1b7d4d
a89cde81ac1afd1ee61aea30d30645f51283a8bc33fd356b8256776cf73c1b40

HTTP Headers

GET /index.php?author=1. HTTP/1.1
Host: www.wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:31 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive

www.wordpressexample.com/tj.js

160.202.106.19

200 OK

520 B

URL HTTP/1.1
www.wordpressexample.com/tj.js
IP
160.202.106.19:0
ASN
#46261 QUICKPACKET

File type
ASCII text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
96db358bd0e6ee275c7430e1618924e9
493253a7cfaca54dc836978e12a84b8427ce888b
d302db832b3b48b63de68161cbcc8119f7f389d29d55607409aa810444215883

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/index.php?author=1.

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:31 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive

www.wordpressexample.com/common.js

160.202.106.19

200 OK

738 B

URL HTTP/1.1
www.wordpressexample.com/common.js
IP
160.202.106.19:0
ASN
#46261 QUICKPACKET

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
738 B (738 bytes)
Hash
70670d0986c3d241b2799f9b5ae5e100
e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6

HTTP Headers

GET /common.js HTTP/1.1
Host: www.wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/index.php?author=1.

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11068
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11068
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11068
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11068
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11401 bytes)
Hash
eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K4A6bdVv0gauO3YWTEPWMS6fhuB9CZ6o5dUL-O6G5-NzqOGQRzQLUw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:30:31 GMT
age: 47821
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6385 bytes)
Hash
f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:22:46 GMT
age: 15886
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8006 bytes)
Hash
8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 51144
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7993 bytes)
Hash
92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 50424
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11249 bytes)
Hash
481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:37:15 GMT
age: 11417
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3955 bytes)
Hash
4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 34804
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

push.zhanzhang.baidu.com/push.js

180.101.212.103

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
180.101.212.103:0
ASN
#134770 CHINANET Jiangsu province Suzhou taihu IDC network

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 25 Nov 2022 11:47:32 GMT
Etag: "4078521116"
Expires: Sat, 25 Nov 2023 11:47:32 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=33CC2C70DB883102CAE3B24A250AB6AA:FG=1; max-age=31536000; expires=Sat, 25-Nov-23 11:47:32 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
a69d3acc10aa0821cd46bf82c1e87188
b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f
bb50a1777adf4b17040bf6163185440258a58bc4120aa810dbd3e2224606a2a1

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 08:29:14 GMT
ETag: "b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f"
Last-Modified: Fri, 25 Nov 2022 08:29:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1559
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa266f3e380b59-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
a69d3acc10aa0821cd46bf82c1e87188
b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f
bb50a1777adf4b17040bf6163185440258a58bc4120aa810dbd3e2224606a2a1

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 08:29:14 GMT
ETag: "b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f"
Last-Modified: Fri, 25 Nov 2022 08:29:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1559
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa266f3c9bb523-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b5ed665c986f3bf3ec9dad76cac54a48
fc2d572f74202406218df3a55f2bd78fdab4ee57
a1b84584d4150c52d2fc0175f72368a12ec3fb9d5221101e084a09007d0c3dbf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1B84584D4150C52D2FC0175F72368A12EC3FB9D5221101E084A09007D0C3DBF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15649
Expires: Fri, 25 Nov 2022 16:08:21 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive

www.wordpressexample.com/favicon.ico

160.202.106.19

200 OK

1.2 kB

URL HTTP/1.1
www.wordpressexample.com/favicon.ico
IP
160.202.106.19:0
ASN
#46261 QUICKPACKET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/index.php?author=1.

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:32 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 30 Nov 2022 11:47:32 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

api.share.baidu.com/s.gif?l=http://www.wordpressexample.com/index.php?author=1.

39.156.68.163

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.wordpressexample.com/index.php?author=1.
IP
39.156.68.163:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.wordpressexample.com/index.php?author=1. HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 25 Nov 2022 11:47:32 GMT

hm.baidu.com/hm.js?f7d4e84c906d7aa1319b3083e404a089

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?f7d4e84c906d7aa1319b3083e404a089
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11255 bytes)
Hash
65ee9bf266abc7bb6329c2a5524baace
3213b2c2ad13cf2b9641c4ff793a29971ee87a48
0114dfe4fedc0b5bbb5b90e257c4c5cd1c5fa4ba5cd397f38377f1aede0541f9

HTTP Headers

GET /hm.js?f7d4e84c906d7aa1319b3083e404a089 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 11:47:32 GMT
Etag: cd4e9a03bdf72d8e7c9bd115ace294d3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A66FC57849CD7300; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
5103c34b15678d9067375d68334daef4
21dc113dc53cdb85653d79d275ab8ffca1069148
480e641d8804d98c5dc3cc9cf2abc4d944dfe8254689b2a108bfaf113f9a08be

HTTP Headers

GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 11:47:32 GMT
Etag: b6fd16750a9a260c580fc536ba5e74ce
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8496959170B03B19; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1809410154&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1809410154&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1809410154&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 11:47:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=968C1FE1A8CB6554; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ed36185151545beb9fadea2f88b9b9f9
9b750de4c4d04942efa6a8d05482971d21c5583c
0bdbe3fdeae67f467ef8e2dc088327ef96d21ab18a9037a1014a426094cbce9d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BDBE3FDEAE67F467EF8E2DC088327EF96D21AB18A9037A1014A426094CBCE9D"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Fri, 25 Nov 2022 17:47:33 GMT
Date: Fri, 25 Nov 2022 11:47:34 GMT
Connection: keep-alive

www.jxys12.xyz/template/m1938pc/html9/ads/1.gif

173.231.38.5

200 OK

254 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Sun, 25 Dec 2022 11:47:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif

173.231.38.5

200 OK

193 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 960 x 90\012- data
Size
193 kB (193193 bytes)
Hash
a0f25aca4ee2af38f3d3f5cbfde1bdf8
252b04cdfaa6918b897fc8ef8ae759469ca831eb
89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: image/gif
content-length: 193193
last-modified: Fri, 11 Nov 2022 06:41:02 GMT
etag: "636dee7e-2f2a9"
expires: Sun, 25 Dec 2022 11:47:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/images/pic.png

173.231.38.5

200 OK

90 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/images/pic.png
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
HTML document, ASCII text
Size
90 B (90 bytes)
Hash
5341dd3aa19c0eb3bc809f9150e3e833
7beaba24a698410e4ffc93357d82c6f683cbaba1
f4ea9875d59d8391034d2c230808d5812fd183e2c83751288cea542747f5ef53

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/images/pic.png HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: image/png
content-length: 90
last-modified: Fri, 14 Jan 2022 04:46:48 GMT
etag: "61e10038-5a"
expires: Sun, 25 Dec 2022 11:47:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff

173.231.38.5

200 OK

13 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size
13 kB (13408 bytes)
Hash
99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient

104.110.17.24

200 OK

151 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 120\012- data
Size
151 kB (151061 bytes)
Hash
89c820a186cb325d9979cdae663875eb
e9dbc77e9d46e03ebec28aaca2bf5e302767064f
9116f460b6f4c7d03cf9be95d414ba83d6bcba145a4f1eddd9decec6127e0ade

HTTP Headers

GET /images/0102y120009tf26vrA1E9.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 151061
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=8477138
expires: Fri, 03 Mar 2023 14:33:13 GMT
date: Fri, 25 Nov 2022 11:47:35 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif

104.110.17.24

200 OK

415 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
415 kB (414559 bytes)
Hash
1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84

HTTP Headers

GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 7
x-edgeconnect-origin-mex-latency: 99
cache-control: max-age=7774735
expires: Thu, 23 Feb 2023 11:26:30 GMT
date: Fri, 25 Nov 2022 11:47:35 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/bootstrap.min.css

173.231.38.5

200 OK

2.7 MB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/bootstrap.min.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
2.7 MB (2670958 bytes)
Hash
73582bf7e2a1339ce7931d9277a23279
7876fdfa49681184a08cbdbbe3eec8ae61949c35
33c34a20593576e50dff488878b636424cef3cc0405660ae47853a18b54d5a2b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/white.css

173.231.38.5

200 OK

124 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/white.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
124 kB (123615 bytes)
Hash
e4101e376ae8050c3b0e4410386de330
9123ef79fb2855c46a2555b9ff72002115e3484d
46ca1048254ab4715634e27875c24e1774e3ff7e7ebf5743fa3243fbe321abac

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-29d9"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/swiper.min.css

173.231.38.5

200 OK

461 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/swiper.min.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
461 kB (460636 bytes)
Hash
b214c81b53a1c5e3055f1c00fa00f8ea
8d9a553086ff8184a3e21dd359790c7e0cd5cda8
171e0bbef38897f732e6b5c17a7184c279c2ceed767b91774e3671166fb9ca1e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif

96.6.16.143

200 OK

1.2 MB

URL HTTP/2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP
96.6.16.143:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
1.2 MB (1197751 bytes)
Hash
6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6

HTTP Headers

GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6548638
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Fri, 25 Nov 2022 11:47:35 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif

96.6.16.143

200 OK

917 kB

URL HTTP/2
ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
IP
96.6.16.143:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
917 kB (917226 bytes)
Hash
28998a87f539b948e98fdc9c82fc6a69
c0085b4e65a2679d63c10ccf8bcffd7b6014b211
1bcb305b12f83cc84760b87cc0d7088e774e0d67e19657f131fdc6a0fadbec0a

HTTP Headers

GET /images/0Z05r2224t6z9bba9EA9A.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 917226
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7614642
expires: Tue, 21 Feb 2023 14:58:17 GMT
date: Fri, 25 Nov 2022 11:47:35 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
51d90fb80a3d096732301c28a0278db6
eb1e49f2563ea9740c665b3dd2633ec0d6fb5355
1a9e4f4c28cc50ad08840f8a2a6c053319639a20923ffa5c19221608e2b22f6f

HTTP Headers

GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 11:47:35 GMT
Etag: f53de3a9ee9aa41553fcb8233c708ef7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7B82CEB35551DBF7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1563794465&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=3801&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1563794465&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=3801&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1563794465&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=3801&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 11:47:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=06BABE054A65F09D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
dce8ee1fa8d1015fb532092abacc9359
169b07506a34587443ded2cb51fe798c9b3c9f97
62b436793a7f4f0171c15eac68dc2bf3c612349ef273d4c1d6d2d86a088d083f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:05:45 GMT
Expires: Tue, 29 Nov 2022 22:05:44 GMT
Etag: "169b07506a34587443ded2cb51fe798c9b3c9f97"
Cache-Control: max-age=382087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689ae280b41-OSL

tt.1468tu.com/58tu/405x204.gif

43.153.174.204

301 Moved Permanently

166 B

URL HTTP/1.1
tt.1468tu.com/58tu/405x204.gif
IP
43.153.174.204:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /58tu/405x204.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://tt.1468tu.com:1382/58tu/405x204.gif
Server: X-Y

ob699.cc/xxx12345.gif

45.153.131.58

200 OK

20 kB

URL HTTP/1.1
ob699.cc/xxx12345.gif
IP
45.153.131.58:0
ASN
#55933 Cloudie Limited

File type
GIF image data, version 89a, 225 x 135\012- data
Size
20 kB (19781 bytes)
Hash
74f156899d26c1a1ef9108ee4023052d
3d2f15dc81ee27a7832947bbb59a7836ccc7f027
b9d31d39b1bcf37b577c5b74c1b8742819a003052d35cdc72e829143e96f29f0

HTTP Headers

GET /xxx12345.gif HTTP/1.1
Host: ob699.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: image/gif
Content-Length: 19781
Last-Modified: Sat, 01 Oct 2022 06:45:45 GMT
Connection: keep-alive
ETag: "6337e219-4d45"
Expires: Sun, 25 Dec 2022 11:47:36 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
66d4aa039dadf48328acbaa40aff2009
242dea3a5347e0ce3493e61468c58fd74cfda635
85ee627c065662eb96ee9a71b8344f9deae61fd62782dd831913461fb4128a1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 04:16:55 GMT
Expires: Thu, 01 Dec 2022 04:16:54 GMT
Etag: "242dea3a5347e0ce3493e61468c58fd74cfda635"
Cache-Control: max-age=490757,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689a9471c16-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
dce8ee1fa8d1015fb532092abacc9359
169b07506a34587443ded2cb51fe798c9b3c9f97
62b436793a7f4f0171c15eac68dc2bf3c612349ef273d4c1d6d2d86a088d083f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:05:45 GMT
Expires: Tue, 29 Nov 2022 22:05:44 GMT
Etag: "169b07506a34587443ded2cb51fe798c9b3c9f97"
Cache-Control: max-age=382087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689ae331c0a-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
a8ccf5b571c6c3ad33c7a00dc73cee15
d5099be07a28dc4ace29ed48f4a542900e25f153
4e067cf255c6b3d102931f21894775dafb9e8c425e1fe13fe6602f4b3c7d2207

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:19:40 GMT
Expires: Wed, 30 Nov 2022 03:19:39 GMT
Etag: "d5099be07a28dc4ace29ed48f4a542900e25f153"
Cache-Control: max-age=400922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689aaa5b50c-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
c43cd7eff889c7574c754fcecd2118fe
7c8118b4e27d144f96f375ae985e1676223229a6
7eda225f9eff08db9385d8193069dee4799d31a987040c215fe130b8ddadce20

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 03:31:13 GMT
Expires: Thu, 01 Dec 2022 03:31:12 GMT
Etag: "7c8118b4e27d144f96f375ae985e1676223229a6"
Cache-Control: max-age=488015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa268afa6f1c16-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3bd62144364e8a26fc6f6f93ca1e97cd
277b931bbedd1937e0666778dfd3f037c70ff1fe
5b583d3275549f0781d6b139ae0bbc19622a0e5bbca2f0702fbf0990b43a753e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6431
Cache-Control: max-age=137948
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:36 GMT
Etag: "63800a15-118"
Expires: Sun, 27 Nov 2022 02:06:44 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
62e1241d2f892dd0358d10bc58897543
c429bc925e26bdc1cfbf8f061c092437c2f980da
d31cf74ba322eae9cf783734a4716069a07df3d8afa6f644925ade3cb7200750

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 08:52:33 GMT
Expires: Tue, 29 Nov 2022 08:52:32 GMT
Etag: "c429bc925e26bdc1cfbf8f061c092437c2f980da"
Cache-Control: max-age=334495,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689a8f50b4d-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3bd62144364e8a26fc6f6f93ca1e97cd
277b931bbedd1937e0666778dfd3f037c70ff1fe
5b583d3275549f0781d6b139ae0bbc19622a0e5bbca2f0702fbf0990b43a753e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6431
Cache-Control: max-age=137948
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:36 GMT
Etag: "63800a15-118"
Expires: Sun, 27 Nov 2022 02:06:44 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdb957248ee69ab7d924620a3e4712af
b72d955c710a36c92789cfe3fb9d03bcd011bc13
c9e0e166fcfaaf0b95b0608e39efc77ebb5acf3173457615fcbf690674603296

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9E0E166FCFAAF0B95B0608E39EFC77EBB5ACF3173457615FCBF690674603296"
Last-Modified: Fri, 25 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11392
Expires: Fri, 25 Nov 2022 14:57:28 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1705208833&si=f7d4e84c906d7aa1319b3083e404a089&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1705208833&si=f7d4e84c906d7aa1319b3083e404a089&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1705208833&si=f7d4e84c906d7aa1319b3083e404a089&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 11:47:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E15E4771031A99D7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public

104.18.2.36

200 OK

24 kB

URL HTTP/2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
IP
104.18.2.36:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
24 kB (24176 bytes)
Hash
2ca0538b0b77324a38cf2b74f16cb6fe
0ef6374accaaedf856fe2532b8001519894e7fbf
2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4

HTTP Headers

GET /ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:36 GMT
content-type: image/webp
content-length: 24176
cf-ray: 76fa268b8eeab51e-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfECSi5uQ1bVzCSelFGwcyrA"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=855 c=1+45 v=2022.10.4 l=24176
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public

104.18.2.36

200 OK

309 kB

URL HTTP/2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
IP
104.18.2.36:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
309 kB (308789 bytes)
Hash
799d622d8489838225bdf632d1ae4095
4f6c51fcc2b138919eaffddb4e0552eccd639540
ef6eca5519381348b80b5a594d9463237e5df4c5d94f91690ec0caebb61931c8

HTTP Headers

GET /ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:36 GMT
content-type: image/gif
content-length: 308789
cf-ray: 76fa268bbf25b51e-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cf7jj0DExcr4Eulp_4fW43VFQZ8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
cf-images: internal=ok/- q=0 n=515 c=29+582 v=2022.11.4 l=308789
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
warning: cf-images 299 "original is 182253B smaller"
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f8e8ead073e427c1bbe82d750fb5ad4d
f78d61e482ca3694f02e5b09974acf5dec4ac5ef
57964cddbd17a258fc0cb60ffa508f82e9f5160ef1a4848bfeb834e007576f5a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57964CDDBD17A258FC0CB60FFA508F82E9F5160EF1A4848BFEB834E007576F5A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=890
Expires: Fri, 25 Nov 2022 12:02:26 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
04aaff5e66d8b66fffa155d352b7673c
95746ed5e962b2880e63e31154869efcc3317581
3e37c0490f85e3391d9513599ae2df2cd25acdb994de1ffa1eb76fb2635de2b5

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3E37C0490F85E3391D9513599AE2DF2CD25ACDB994DE1FFA1EB76FB2635DE2B5"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15700
Expires: Fri, 25 Nov 2022 16:09:16 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be0348371bc6a916b7f40ec39bde9853
5dc3bfed8a23520b9402aec1d8d52271d5d81d22
ce741063521a98582bab21caac2262f66fee79331ca69fecdf211c958acbf0a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE741063521A98582BAB21CAAC2262F66FEE79331CA69FECDF211C958ACBF0A9"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17287
Expires: Fri, 25 Nov 2022 16:35:43 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b999ac9e1fb33bb58afca6c67d7fe5b
f85f13b2e6382937e2fdc3e50ec720ca7da8b7f6
8b0bf7b415e81c1941c072dc7155e69c244e1420799f2b7755ba68d516072cba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B0BF7B415E81C1941C072DC7155E69C244E1420799F2B7755BA68D516072CBA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7483
Expires: Fri, 25 Nov 2022 13:52:19 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive

www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js

173.231.38.5

200 OK

48 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
48 kB (48089 bytes)
Hash
4aef439bee46c34a4d943ca4a54a7807
854e48652686a362f3cfebe92000d1b3c4a5765c
cf7a25c33da65de9a6970153d89ed6b2c0f61ba3d7c3b0fbdf29cc6de24c65e2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 15:57:59 GMT
vary: Accept-Encoding
etag: W/"63765a07-520"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9416
Expires: Fri, 25 Nov 2022 14:24:33 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:36 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
05f5b7b5e017e038a4a30b685d869cf0
d0bd2cc39d852d86a444a81b4933713bb33aade0
119c0de44c498bd3b9f87d9c7210f447e88abe562142ec87d8c056af28ef4c7d

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 09:26:07 GMT
ETag: "d0bd2cc39d852d86a444a81b4933713bb33aade0"
Last-Modified: Fri, 25 Nov 2022 09:26:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1257
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa268c89250b61-OSL

kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:36 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
bd05065a53ad0b467e08bebaf080c1ef
f2bf98c511ebe6ffb73c751082a8cc984cd04d30
b6816ab715ba62a2b29ed985297a1d33b27a4c3653a5a9c575fb2097c80f76df

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 04:32:08 GMT
Expires: Tue, 29 Nov 2022 04:32:07 GMT
Etag: "f2bf98c511ebe6ffb73c751082a8cc984cd04d30"
Cache-Control: max-age=318870,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa268a2e920b41-OSL

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/zuha4gbiiyb1356zuha4gbiiyb015212.jpg

172.67.28.138

200 OK

4.0 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/zuha4gbiiyb1356zuha4gbiiyb015212.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.0 kB (3992 bytes)
Hash
c32d6711e95babf7cdabd2618f4cdbef
97918517d83573eacda8e86a020ef373f5b3231f
5693e3c9d54b536060ea790c49a1ed484c7863c1d563e22bbe937bb11d419658

HTTP Headers

GET /upload/vod/2022/11-25/13/zuha4gbiiyb1356zuha4gbiiyb015212.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 3992
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6328
content-disposition: inline; filename="zuha4gbiiyb1356zuha4gbiiyb015212.webp"
etag: "638058f1-18b8"
last-modified: Fri, 25 Nov 2022 05:56:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda780af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg

172.67.28.138

200 OK

4.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4468 bytes)
Hash
174c271fbd41b05e66270e9f781e8dc1
6f7b0f3b4e5527db1c55921da243ce6318be9e85
20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf

HTTP Headers

GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 4468
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6775
content-disposition: inline; filename="gfovojapyyj0913gfovojapyyj2322533.webp"
etag: "5dc4c133-1a77"
last-modified: Fri, 08 Nov 2019 01:13:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda7b0af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg

172.67.28.138

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
11 kB (11122 bytes)
Hash
b022836144761d53fd172695cd436216
71dd9ccacd6072c9aeab040b290e151ff01e8d02
6e559b55fe38655bb5668daa0fd7125e23e6924d3562f7144e7fc7600bb41918

HTTP Headers

GET /upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/jpeg
content-length: 11122
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11646, status=webp_bigger
etag: "5dc4d015-2d7e"
last-modified: Fri, 08 Nov 2019 02:16:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa268cda7e0af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/flvtdlipkzo1356flvtdlipkzo065222.jpg

172.67.28.138

200 OK

5.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/flvtdlipkzo1356flvtdlipkzo065222.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.2 kB (5236 bytes)
Hash
91f36a4d8e8f31da957a80484700665f
08f11c6d7f13bbaad178ce2a4301a921f086e6ac
30541e98d358e976678ad35d1e286e9c74af2a3e8971192168189239acfe1ef3

HTTP Headers

GET /upload/vod/2022/11-25/13/flvtdlipkzo1356flvtdlipkzo065222.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5236
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7514
content-disposition: inline; filename="flvtdlipkzo1356flvtdlipkzo065222.webp"
etag: "638058f6-1d5a"
last-modified: Fri, 25 Nov 2022 05:56:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda7f0af6-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
070adce81a19d67670b68786d54b23d0
80638373c4e6f5888f72e66e68aa7a0838087ea2
38368231281f2c45700735de8e2349ead573925d7474122994a354c9dc0eab6d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38368231281F2C45700735DE8E2349EAD573925D7474122994A354C9DC0EAB6D"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9878
Expires: Fri, 25 Nov 2022 14:32:15 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg

172.67.28.138

200 OK

8.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.2 kB (8224 bytes)
Hash
81267f0dd2a21a97169d2dff3bb67578
ec4b5545c42d0a756a2c5304979385195727d80f
d2ccc3a3f54595284db2b42186999635433f6d4beab91a1ca15d54a8bbc51de2

HTTP Headers

GET /upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 8224
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9431
content-disposition: inline; filename="5uhe5rvsnvm10155uhe5rvsnvm1724067.webp"
etag: "5dc4cfb5-24d7"
last-modified: Fri, 08 Nov 2019 02:15:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda750af6-OSL
X-Firefox-Spdy: h2

kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvhkkk.top/7546c860e55fa3bf22e5cd95994dd097.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ljkil2ax1mm1356ljkil2ax1mm075226.jpg

172.67.28.138

200 OK

10 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ljkil2ax1mm1356ljkil2ax1mm075226.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
10 kB (10317 bytes)
Hash
3a80c4daf67aed258e3532710555d26b
a247cb3f4189848cfe4f1054aa640b7939bc084b
026ed47200fe59a2685daa7ad6e63a0f2c11b2e3f1f72772b210302b243d3fba

HTTP Headers

GET /upload/vod/2022/11-25/13/ljkil2ax1mm1356ljkil2ax1mm075226.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/jpeg
content-length: 10317
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10742, status=webp_bigger
etag: "638058f8-29f6"
last-modified: Fri, 25 Nov 2022 05:56:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa268cda880af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/vyzzlmq42hb1356vyzzlmq42hb025214.jpg

172.67.28.138

200 OK

5.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/vyzzlmq42hb1356vyzzlmq42hb025214.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.2 kB (5244 bytes)
Hash
3c22d1ff3bafd5c323827bdafdc918cc
d10dd261c0b6fa17a0d6400ea0316fc01439a1c4
c2110723ccd89a21cd1376c8fa3da40697b1dc06d091e20834fab65ebdc25297

HTTP Headers

GET /upload/vod/2022/11-25/13/vyzzlmq42hb1356vyzzlmq42hb025214.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5244
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7402
content-disposition: inline; filename="vyzzlmq42hb1356vyzzlmq42hb025214.webp"
etag: "638058f2-1cea"
last-modified: Fri, 25 Nov 2022 05:56:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda840af6-OSL
X-Firefox-Spdy: h2

kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvhkkk.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q3je3gx1uhj1356q3je3gx1uhj055220.jpg

172.67.28.138

200 OK

7.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q3je3gx1uhj1356q3je3gx1uhj055220.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.5 kB (7470 bytes)
Hash
c034ed261bc1e5168cf2d8c0fd4f706f
530065a905f58ad684c94d55846c7358a75087e0
ceb33fbb4bfa2d6ef992f28d25e5537d8a2c1acb95dd297acd8c5a3617ce8301

HTTP Headers

GET /upload/vod/2022/11-25/13/q3je3gx1uhj1356q3je3gx1uhj055220.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 7470
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8694
content-disposition: inline; filename="q3je3gx1uhj1356q3je3gx1uhj055220.webp"
etag: "638058f5-21f6"
last-modified: Fri, 25 Nov 2022 05:56:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda890af6-OSL
X-Firefox-Spdy: h2

kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/qnmpazoreer1356qnmpazoreer045218.jpg

172.67.28.138

200 OK

6.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/qnmpazoreer1356qnmpazoreer045218.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.9 kB (6870 bytes)
Hash
41b27eefaf8e3bae4144ddcf1ffd72fd
7289c6083a81b41245c503323d68459de9535dc9
88969b8192cfac4f99c53132142409935cda7d20550765b4fc9e8c3dc8070120

HTTP Headers

GET /upload/vod/2022/11-25/13/qnmpazoreer1356qnmpazoreer045218.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6870
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9082
content-disposition: inline; filename="qnmpazoreer1356qnmpazoreer045218.webp"
etag: "638058f4-237a"
last-modified: Fri, 25 Nov 2022 05:56:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8a0af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg

172.67.28.138

200 OK

5.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.6 kB (5568 bytes)
Hash
187a056e67fd5cb46bc7c783f9a9fdac
4ee4e1bf29186fa2c4d5373fe121a6a6031a8737
a02fab7d850232b8f4fb9bc943a441566f738d0d56012f677f5f32d847bdc171

HTTP Headers

GET /upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5568
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6690
content-disposition: inline; filename="2omtifvgwvo16482omtifvgwvo282149.webp"
etag: "6349225c-1a22"
last-modified: Fri, 14 Oct 2022 08:48:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda860af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/siwkm0nzqjn1356siwkm0nzqjn125236.jpg

172.67.28.138

200 OK

6.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/siwkm0nzqjn1356siwkm0nzqjn125236.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.7 kB (6672 bytes)
Hash
6f3d8fe5a3f14b8fee3d30beca60c5fc
c6b2378caf81769dbd6094bf41f8dca6ba0bed74
6454f66dd530ddb45b942ff5fc960f992181f3810887b79f49662ddf8c8cd09d

HTTP Headers

GET /upload/vod/2022/11-25/13/siwkm0nzqjn1356siwkm0nzqjn125236.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6672
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7870
content-disposition: inline; filename="siwkm0nzqjn1356siwkm0nzqjn125236.webp"
etag: "638058fc-1ebe"
last-modified: Fri, 25 Nov 2022 05:56:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8b0af6-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3256c7d72f0a4494f2605104cae6ad6c
ceaff749b7a335a8505ae74153570578fc6941e2
bbfb61d0016d8f163810c6edf369362ed7b0683124d4fd4e0f7361ecaea356ce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=142647
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:37 GMT
Etag: "63803590-1d7"
Expires: Sun, 27 Nov 2022 03:25:04 GMT
Last-Modified: Fri, 25 Nov 2022 03:25:04 GMT
Server: nginx
Content-Length: 471

200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg

23.224.61.222

200 OK

57 kB

URL HTTP/1.1
200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
IP
23.224.61.222:0
ASN
#40065 CNSERVERS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[*0*], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data
Size
57 kB (57375 bytes)
Hash
61b977b3527d7c0e27e2af877b5a5c59
4a1f0beee6c8215da2bfda76b5f1c87d62925bfc
945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff

HTTP Headers

GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1
Host: 200.benbenys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Server: Apache
Expires: Sun, 25 Dec 2022 11:47:36 GMT
Pragma: cache
Cache-Control: max-age=2592000
Upgrade: h2
Connection: Upgrade, close
Content-Length: 57375
Content-Type: image/jpeg

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ayblf4jkvjm1356ayblf4jkvjm105232.jpg

172.67.28.138

200 OK

7.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ayblf4jkvjm1356ayblf4jkvjm105232.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.7 kB (7688 bytes)
Hash
8f6bba11d01650b6be831dbbbd9049be
4e1ee5afdd2be49e29cf2073b92bc1b5cf859102
d6179215b68cc350bf8965ab2986ac2882697ee711f33764b04ec553e126ac48

HTTP Headers

GET /upload/vod/2022/11-25/13/ayblf4jkvjm1356ayblf4jkvjm105232.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 7688
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8984
content-disposition: inline; filename="ayblf4jkvjm1356ayblf4jkvjm105232.webp"
etag: "638058fa-2318"
last-modified: Fri, 25 Nov 2022 05:56:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda870af6-OSL
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
2a3ca36ae67fadb9bb104a0bdff33f40
0026246dd49b411842f772d4eccbecce5fa44128
58bcfde5dd7f452ce106dd714c5b239bebdf8bdda928b7d3a3adf6883a8cc31f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 11:47:37 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:04 GMT
ETag: "638009f8-1d7"
Expires: Sun, 27 Nov 2022 00:19:04 GMT
Cache-Control: max-age=131487
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669376857
Via: cache8.l2de2[189,189,200-0,M], cache8.l2de2[190,0], cache3.se1[212,212,200-0,M], cache3.se1[214,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 11:47:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716693768569628288e

i.ibb.co/tL26d3m/240x140.gif

162.19.58.160

404 Not Found

1.0 kB

URL HTTP/2
i.ibb.co/tL26d3m/240x140.gif
IP
162.19.58.160:0
ASN
#16276 OVH SAS

File type
PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Size
1.0 kB (1031 bytes)
Hash
7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69

HTTP Headers

GET /tL26d3m/240x140.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
07570daf9d11b9b8b8357b089ad60a5a
1e0c563991e0918f538182a887165bf2fd225b80
8f7ff4d51ecb7edcdefc1d6d0aa80e6774d0bd665b2d0f6bcbeaa4b40acbef60

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:37 GMT
Etag: "6380018c-117"
Server: ECS (amb/6BAB)
Content-Length: 279

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/j5igkkrtdfc1356j5igkkrtdfc035216.jpg

172.67.28.138

200 OK

4.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/j5igkkrtdfc1356j5igkkrtdfc035216.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4486 bytes)
Hash
5745e616dd38808c0425a269e61b05ae
d58d51a8f7baca857224f3686f6c9e810534e5ed
75f3285518d70b028b15f5424e165f53bdfe717c963054017c89df0632497b2e

HTTP Headers

GET /upload/vod/2022/11-25/13/j5igkkrtdfc1356j5igkkrtdfc035216.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 4486
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6359
content-disposition: inline; filename="j5igkkrtdfc1356j5igkkrtdfc035216.webp"
etag: "638058f3-18d7"
last-modified: Fri, 25 Nov 2022 05:56:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8e0af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/o3n100jgfy41356o3n100jgfy4085228.jpg

172.67.28.138

200 OK

6.0 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/o3n100jgfy41356o3n100jgfy4085228.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.0 kB (6006 bytes)
Hash
bf69a6d78ee1e30a8c97df7cd674d99e
9ecbf0fc89db78954428b4907456ff7e5a7cd244
0c6dd97843c01c2e4cfebff9c34e98575dc7919822f486694e33459194568903

HTTP Headers

GET /upload/vod/2022/11-25/13/o3n100jgfy41356o3n100jgfy4085228.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6006
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8669
content-disposition: inline; filename="o3n100jgfy41356o3n100jgfy4085228.webp"
etag: "638058f8-21dd"
last-modified: Fri, 25 Nov 2022 05:56:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8c0af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/oaweu1apnap1356oaweu1apnap075224.jpg

172.67.28.138

200 OK

6.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/oaweu1apnap1356oaweu1apnap075224.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.1 kB (6134 bytes)
Hash
e88ed40a8c5658e34c4b24468eb90090
2b225f93e3bb9826b65574d1582d420b9bee2590
6bfd5b117f2d507b861d0c18fdbb1112379e451417d3ee51746f7ef8dcd91787

HTTP Headers

GET /upload/vod/2022/11-25/13/oaweu1apnap1356oaweu1apnap075224.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6134
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8540
content-disposition: inline; filename="oaweu1apnap1356oaweu1apnap075224.webp"
etag: "638058f7-215c"
last-modified: Fri, 25 Nov 2022 05:56:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda820af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/jxltqszym4w1356jxltqszym4w115234.jpg

172.67.28.138

200 OK

5.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/jxltqszym4w1356jxltqszym4w115234.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.6 kB (5580 bytes)
Hash
f35875af5e31dbb593e014fcd061bcec
459d4a85dfdbfdf49db8cdb4c99caf12664d39a9
f5268c4c28142eb2d9175c15a75ecb3b7a5a9608f9434a06731bc2e7516ff9b3

HTTP Headers

GET /upload/vod/2022/11-25/13/jxltqszym4w1356jxltqszym4w115234.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5580
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6754
content-disposition: inline; filename="jxltqszym4w1356jxltqszym4w115234.webp"
etag: "638058fb-1a62"
last-modified: Fri, 25 Nov 2022 05:56:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8f0af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg

172.67.28.138

200 OK

5.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.7 kB (5660 bytes)
Hash
faf004bc3a9c3aeedccee94f15c2c8f1
024c98c2cc5fd5abbe46d5376bdf741e0171c231
eeb5f28ef9f96e895253e6ef6dc0fa08e0972cf85cf301af709b943f1af8868d

HTTP Headers

GET /upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5660
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6650
content-disposition: inline; filename="v5mpxydlmyj1112v5mpxydlmyj341679.webp"
etag: "6371b223-19fa"
last-modified: Mon, 14 Nov 2022 03:12:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda850af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/anitywmvnmi1356anitywmvnmi135238.jpg

172.67.28.138

200 OK

6.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/anitywmvnmi1356anitywmvnmi135238.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.3 kB (6290 bytes)
Hash
2f0ec0c3bf644e72dcbfcb8d14e02ea1
4553d5489822e369a291e9c952a3b3c1ffa9f152
01ad7825992981c3a01023249462883e24fa6a97382e66232060240b6c8d143a

HTTP Headers

GET /upload/vod/2022/11-25/13/anitywmvnmi1356anitywmvnmi135238.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6290
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8693
content-disposition: inline; filename="anitywmvnmi1356anitywmvnmi135238.webp"
etag: "638058fd-21f5"
last-modified: Fri, 25 Nov 2022 05:56:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8d0af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg

172.67.28.138

200 OK

14 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
14 kB (14387 bytes)
Hash
c814bbc877c9b41935908734d76b7778
7ba4a76ea6941ff9b06fff0ecadfd0abb64d719d
df93a1cb47f111b26f72ee2597416438f133ced23a03a767216497c5b258b7d5

HTTP Headers

GET /upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/jpeg
content-length: 14387
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15124, status=webp_bigger
etag: "5e11cf7d-3b14"
last-modified: Sun, 05 Jan 2020 11:58:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa268e1bfe0af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg

172.67.28.138

200 OK

8.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.5 kB (8502 bytes)
Hash
470fbc0b663330b5a2fd1c629f26c7a1
8e259d89553d796f1c8fe0d0592a390242787384
b7169cb05b7a76be7d7151047de2f729af659bb75e5bd953edc027b18eebd78d

HTTP Headers

GET /upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 8502
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9636
content-disposition: inline; filename="bv24ubfd0w11334bv24ubfd0w1463373.webp"
etag: "6379bc76-25a4"
last-modified: Sun, 20 Nov 2022 05:34:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268e2c010af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg

172.67.28.138

200 OK

9.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.5 kB (9504 bytes)
Hash
8fe9c506b4edb32a653396705f3120a6
d2eff7b1c1bfac9c1cd04ffece89fde07b0dd470
4d9d1369feeb7d7d6e3739aaf443da227b4ac00931eba3fa2fc46aba24960ae0

HTTP Headers

GET /upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 9504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10345
content-disposition: inline; filename="voxkidqmc5v1447voxkidqmc5v04679.webp"
etag: "6350eee8-2869"
last-modified: Thu, 20 Oct 2022 06:47:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268e2bff0af6-OSL
X-Firefox-Spdy: h2

acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif

104.21.33.100

200 OK

158 kB

URL HTTP/2
acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif
IP
104.21.33.100:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 500 x 300\012- data
Size
158 kB (158376 bytes)
Hash
55574ea2b72e2fbe45871f66165442a8
7fd461a708c87486335dde3e12740c188af0facd
005f42b2004591c7bdb51b40cab0711f489c32bb10ddc2061c5c48469fd769a0

HTTP Headers

GET /30e6eb2de3e8d7da7879e39548fdfe92.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 158376
last-modified: Mon, 02 May 2022 19:18:16 GMT
etag: "62702e78-26aa8"
expires: Mon, 12 Dec 2022 14:19:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1114097
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyAio3hJpMtSHF%2FkaIl1t1D4yOttCyqAugOzgtLCNFamCe6pW72cC9PLZOKUNRsCXbh63NG7ZNHrHoaY39Zg63oTgd2J3PpywIL5uRElM4KyNf1xB0MH3cTJcoHWvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa268e382db503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg

172.67.28.138

200 OK

7.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.2 kB (7200 bytes)
Hash
4858cbdc894b0a591319a947ff5d5db3
e01e4efdccc57ae3baf8f24a10dd9a726904f766
da1e76bdee447c2fc67b2da81b4067947f4cee2798ecf0903f16d9fb10b64c81

HTTP Headers

GET /upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 7200
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8578
content-disposition: inline; filename="q2aftvnkn2q1356q2aftvnkn2q145240.webp"
etag: "638058fe-2182"
last-modified: Fri, 25 Nov 2022 05:56:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268e2c020af6-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/13/rjt440xdpw11356rjt440xdpw1095230.jpg

172.67.28.138

200 OK

6.8 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/rjt440xdpw11356rjt440xdpw1095230.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.8 kB (6776 bytes)
Hash
a74bf9aeb21338e364e6e407b908591a
9e85c72d1bc49a27ab5b4db7720293b4fb5b62a8
4dd6f4c4f741d4240c7ace849216eefa2299fde27416f2b6a47b7f79e81614b2

HTTP Headers

GET /upload/vod/2022/11-25/13/rjt440xdpw11356rjt440xdpw1095230.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6776
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8884
content-disposition: inline; filename="rjt440xdpw11356rjt440xdpw1095230.webp"
etag: "638058f9-22b4"
last-modified: Fri, 25 Nov 2022 05:56:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268e2c040af6-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f24ee62a555427afbc961016ab487183
00472f915f2517e283ca3530c3f40e6165e8131a
04dd84da6733073975eb479a58e829244499898496957f1a4d0fe464a9c6cfc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04DD84DA6733073975EB479A58E829244499898496957F1A4D0FE464A9C6CFC1"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Fri, 25 Nov 2022 17:47:21 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif

103.170.15.91

200 OK

113 kB

URL HTTP/1.1
339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif
IP
103.170.15.91:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
113 kB (113076 bytes)
Hash
293a0887f1ab0b9517c19b77d51626dd
74adbd76d248f6cfc5cffdfaaaaaf942b69b080b
e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /47a7724b974a47a0a7ff9b1c9af7a26c.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b942d-1b9b4"
Date: Mon, 21 Nov 2022 10:24:19 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:34:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 113076

www.jxys12.xyz/template/m1938pc/static/css/mm-content.css

173.231.38.5

200 OK

281 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/mm-content.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
data
Size
281 kB (281085 bytes)
Hash
ab75de15661f8a2d3026f8f79441edeb
0eed11a2bb08fd88bdcdfcad7907f12baa54101c
bbde0be338344290b22086178e2e34af5444daa96dd29ebb4407cb49bac629a9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=587537,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa268e589bb4e8-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
87e87b075c2fc5ef989ca520aee4e62d
459c1518d42924e67954f633622ee1581b4fb5d2
b9c3d040d7dd66d2a01c2db68ee2f137d6ec60ec8a408c94f00d062cacfeb47d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9C3D040D7DD66D2A01C2DB68EE2F137D6EC60EC8A408C94F00D062CACFEB47D"
Last-Modified: Wed, 23 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5257
Expires: Fri, 25 Nov 2022 13:15:14 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3143
Cache-Control: max-age=125989
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:37 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 22:47:26 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3295
Cache-Control: max-age=126141
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:37 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 22:49:58 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 727

img.u1779.com/images/63523e155fe50f0585d3ef82.gif

91.199.87.220

302 Found

420 kB

URL HTTP/2
img.u1779.com/images/63523e155fe50f0585d3ef82.gif
IP
91.199.87.220:0
ASN
#0

File type
GIF image data, version 89a, 960 x 60\012- data
Size
420 kB (420442 bytes)
Hash
7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb

HTTP Headers

GET /images/63523e155fe50f0585d3ef82.gif HTTP/1.1
Host: img.u1779.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
cache-control: max-age=3600
X-Firefox-Spdy: h2

img.u1158.com/images/637f0b6b8d97bc67605fd8a2.gif

91.199.87.220

302 Found

644 kB

URL HTTP/2
img.u1158.com/images/637f0b6b8d97bc67605fd8a2.gif
IP
91.199.87.220:0
ASN
#0

File type
GIF image data, version 89a, 960 x 60\012- data
Size
644 kB (644516 bytes)
Hash
6f4d0e5c73acef4297be21786b04ec66
b585f8035533ae8f2e026816a8541f41c1531a61
bc7cc9d3368c6dad22e3ab42ed2ace33d4f111f651cb7e8460377d5c62cb00b7

HTTP Headers

GET /images/637f0b6b8d97bc67605fd8a2.gif HTTP/1.1
Host: img.u1158.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9f72c309b4cd48799e412b9020cada94
cache-control: max-age=3600
X-Firefox-Spdy: h2

3p8801.co/yy-960x60.gif

142.0.131.26

200 OK

37 kB

URL HTTP/2
3p8801.co/yy-960x60.gif
IP
142.0.131.26:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
37 kB (37300 bytes)
Hash
95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644

HTTP Headers

GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Sun, 25 Dec 2022 11:47:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
2a3ca36ae67fadb9bb104a0bdff33f40
0026246dd49b411842f772d4eccbecce5fa44128
58bcfde5dd7f452ce106dd714c5b239bebdf8bdda928b7d3a3adf6883a8cc31f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 11:47:37 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:04 GMT
ETag: "638009f8-1d7"
Expires: Sun, 27 Nov 2022 00:19:04 GMT
Cache-Control: max-age=131487
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669376857
Via: cache26.l2de2[491,490,200-0,M], cache26.l2de2[492,0], cache2.se1[514,514,200-0,M], cache2.se1[515,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 11:47:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616693768569625329e

img.8961x.com/images/636ce2e7c474e9c06ec29f97.gif

91.199.87.220

302 Found

366 kB

URL HTTP/2
img.8961x.com/images/636ce2e7c474e9c06ec29f97.gif
IP
91.199.87.220:0
ASN
#0

File type
GIF image data, version 89a, 960 x 80\012- data
Size
366 kB (366541 bytes)
Hash
c9e86d7a56b581cc32a6a4380112c0ce
0d35256c35a6f9a4716ae254265428d2f4240c87
5870de497beb45d424d67b39a4aaa841f675d3162780e738bcc26e8ca3e81fc2

HTTP Headers

GET /images/636ce2e7c474e9c06ec29f97.gif HTTP/1.1
Host: img.8961x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a
cache-control: max-age=3600
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae

47.246.44.227

200 OK

562 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
IP
47.246.44.227:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 80\012- data
Size
562 kB (561802 bytes)
Hash
6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05

HTTP Headers

GET /obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Wed, 23 Nov 2022 18:17:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 23 Nov 2022 09:43:01 GMT
nw-session-id: 20221123174301010131136052464A87C3qsdgc03dy
nw-session-trace: 2022-11-23T17:43:01.694902751+08:00 92
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Wed, 23 Nov 2022 17:43:01 GMT
x-tt-logid: 20221123174301010131136052464A87C3
via: n150-053-221, cache9.l2de2[0,0,206-0,H], cache16.l2de2[0,0], cache16.l2de2[3,0], cache8.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc02:20:306::101
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01de7516b2be8a6c589dcb05e98f0ccb4f6b92a652c9eae433a3fd2c1a5c90af0b97726c0fe129406d127bf5700a608187a0c670a5c5ad3aa2fe89dda228ae09e1dd713c780a0352432c3386c21829dd51023f17bf2655687c66b54dc3cddef6d5
x-response-lb: image
ali-swift-global-savetime: 1669227478
age: 149379
x-cache: HIT TCP_MEM_HIT dirn:11:339660254 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 06:46:42 GMT
x-swift-cachetime: 31491076
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693768575357990e
X-Firefox-Spdy: h2

6937555.com/111/x11.gif

104.149.138.102

200 OK

426 kB

URL HTTP/1.1
6937555.com/111/x11.gif
IP
104.149.138.102:0
ASN
#40676 AS40676

File type
GIF image data, version 89a, 393 x 262\012- data
Size
426 kB (425627 bytes)
Hash
8bae222affa48844776828e91737c9ea
3c24ae989fed8a463e723b513634d6c96416a8ca
203d9927c0f470cc1b9e2116f2ffc23d3ede6acbdd657fe66aa7874526f2b5a3

HTTP Headers

GET /111/x11.gif HTTP/1.1
Host: 6937555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: image/gif
Content-Length: 425627
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 11:21:10 GMT
ETag: "6332dca6-67e9b"
Cache-Control: max-age=2592000
Accept-Ranges: bytes

si1.go2yd.com/get-image/0yFVWR9AM6k

163.171.140.79

200 OK

140 kB

URL HTTP/2
si1.go2yd.com/get-image/0yFVWR9AM6k
IP
163.171.140.79:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 750 x 376\012- data
Size
140 kB (140259 bytes)
Hash
4125d9bf66b1a755f42abaea805ee9af
17232f64827beb19e2a717d1bdbf384b3e938249
d3c1b29a4d2c0fa6fc41d308d6c110eeb868276c2a74697766283838ebe1f732

HTTP Headers

GET /get-image/0yFVWR9AM6k HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 140259
x-application-context: application
x-kss-request-id: 42be03856f37421d8d1834ac0d22900d
etag: "4125d9bf66b1a755f42abaea805ee9af"
content-md5: QSXZv2axp1X0KrrqgF7prw==
last-modified: Mon, 28 Feb 2022 07:48:08 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:9 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:10 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:17 (Cdn Cache Server V2.0)
x-ws-request-id: 6380ab59_PShlamstdAMS1vj92_6927-7707
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2

223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif

103.170.15.72

200 OK

359 kB

URL HTTP/1.1
223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif
IP
103.170.15.72:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
359 kB (358672 bytes)
Hash
668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ddc7ee998e5442059a05a76f45a279b8.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63665362-57910"
Date: Sun, 20 Nov 2022 09:14:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 05 Nov 2022 12:13:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 358672

ocsp.buypass.com/

23.36.76.129

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
4f89fd1d467d19d5df2df23175974248
6be7ff6c5782109397a0cb49ed23425b1504ab7d
cc0725bc405237da0897a468975dba8af186f0c30c8ec5f1fd441bd3873dd01c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 879e1610-5425-47bf-bfdb-97b5548ef03e
Content-Length: 1700
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

ocsp.buypass.com/

23.36.76.129

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.36.76.129:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1700 bytes)
Hash
0681a9671b36d6c3b4529516d4fa2b98
7ad1abf3652b2c902f09d44657964a168beee52f
7746903161ac48daa79ba52bbf0fc90ea57f6fc78dd0387fe2d646302180b07c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: e0394ba8-c079-492b-baff-2124c8fa70ed
Content-Length: 1700
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

339282bdb.com/e20f57018fba490b9af887342222147f.gif

103.170.15.91

200 OK

553 kB

URL HTTP/1.1
339282bdb.com/e20f57018fba490b9af887342222147f.gif
IP
103.170.15.91:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
553 kB (552818 bytes)
Hash
097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e20f57018fba490b9af887342222147f.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b939b-86f72"
Date: Tue, 22 Nov 2022 21:20:58 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:32:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 552818

362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif

45.61.212.126

200 OK

423 kB

URL HTTP/1.1
362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
IP
45.61.212.126:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
423 kB (422791 bytes)
Hash
bdeb53a7d3c2f219a7ae903a7346cd91
e5349fa31f22ce3605b9256c0a6e37def92b13b6
316319f597bb6dd3d686c46a51e67693243868108b798fa8174f8a124b6422b4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /33f557d8ed124da9b6a2642dac638bcd..gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9147-67387"
Date: Sat, 19 Nov 2022 08:31:16 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:22:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-26
Content-Length: 422791

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ede9d7df49a7e00d51c415d5022c7936
bf85e6580bf13510d145273c27b0ed7f35fd76a4
924dbbab8cfc5f6878c78e36b562723253fdcf06826fdab6bb4b2af6f5242e4b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "924DBBAB8CFC5F6878C78E36B562723253FDCF06826FDAB6BB4B2AF6F5242E4B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16109
Expires: Fri, 25 Nov 2022 16:16:06 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

3p8801.co/a-960x60.gif

142.0.131.26

200 OK

49 kB

URL HTTP/2
3p8801.co/a-960x60.gif
IP
142.0.131.26:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
49 kB (49174 bytes)
Hash
bc918df261620170b7115cc2c1627bb9
59b4f2c3b1ae6fcc19becc440d212fa40cf3c15b
08f4f93ccef77488dbea402164b42335212bb9ecc09250f2d40d26f9dfe427db

HTTP Headers

GET /a-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 49174
last-modified: Sat, 12 Nov 2022 07:32:42 GMT
etag: "636f4c1a-c016"
expires: Sun, 25 Dec 2022 11:47:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif

103.170.15.72

200 OK

670 kB

URL HTTP/1.1
628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif
IP
103.170.15.72:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 750 x 150\012- data
Size
670 kB (669569 bytes)
Hash
fb77824f7c4e9baba62da5b690a5c7b3
ab57e7f711d25f95c55d7d29aa282af565b4c428
e465f0dc2491c84d9be51ac6638bfcb16d43fd3c1b257bc64e0553f2fefe7528

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fef6570cf2754141af2117d4ae96f801.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6379dc97-a3781"
Date: Wed, 23 Nov 2022 02:17:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 20 Nov 2022 07:51:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 669569

5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif

103.170.15.88

200 OK

748 kB

URL HTTP/1.1
5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
IP
103.170.15.88:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 750 x 120\012- data
Size
748 kB (748166 bytes)
Hash
dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4aa44d1866a149878b6b79cadb7ab527.gif HTTP/1.1
Host: 5593qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63032a8a-b6a86"
Date: Fri, 25 Nov 2022 07:56:28 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 22 Aug 2022 07:04:42 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 748166

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
3a0d7727a38e14e81b456868b27c1f20
fa9b8861ce580fe29d01d9b7a860baab03231422
71e4de287267104c26294102a65cfed8b6d89491d4ef1383462976ece37a5417

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 09:49:52 GMT
ETag: "fa9b8861ce580fe29d01d9b7a860baab03231422"
Last-Modified: Fri, 25 Nov 2022 09:49:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2778
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa26912eca0b61-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
1bf6d92bc7a467a0de270afc58a19916
abedb693f7ad748c93df236f0adbe83ac9a3f847
3a05afdbd30da40825a64e7383804646549e751a96d46e32495a0485e8ddb2bf

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 16:05:52 GMT
Expires: Wed, 30 Nov 2022 16:05:51 GMT
Etag: "abedb693f7ad748c93df236f0adbe83ac9a3f847"
Cache-Control: max-age=446893,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26900df0fac0-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=587537,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa268e4ff50afe-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de84d1f0137fc671cea29600bc2eb1f1
57e0e910838a086a5ecceb27c929be65a04a785a
62cc5e66ef3ee45f97e6d81791ffdb7b12e19d7edaca1fc476eedaed26a007b5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62CC5E66EF3EE45F97E6D81791FFDB7B12E19D7EDACA1FC476EEDAED26A007B5"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11375
Expires: Fri, 25 Nov 2022 14:57:12 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

zhibo128x.xyz/128/318X216.gif

154.83.25.141

200 OK

90 kB

URL HTTP/1.1
zhibo128x.xyz/128/318X216.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 318 x 216\012- data
Size
90 kB (89870 bytes)
Hash
fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d

HTTP Headers

GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 11:47:07 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Wed, 30 Nov 2022 00:43:29 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
42278ef7e6589af98c2423b75e7c46bd
caf43419f16b0946e0ff0c590096dd2b945e7b92
16aff9cc0c99e7ab1ce8918e332416be4e5daeda76ea2265849088dcba0caad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16AFF9CC0C99E7AB1CE8918E332416BE4E5DAEDA76EA2265849088DCBA0CAAD7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Fri, 25 Nov 2022 15:28:18 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
42278ef7e6589af98c2423b75e7c46bd
caf43419f16b0946e0ff0c590096dd2b945e7b92
16aff9cc0c99e7ab1ce8918e332416be4e5daeda76ea2265849088dcba0caad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16AFF9CC0C99E7AB1CE8918E332416BE4E5DAEDA76EA2265849088DCBA0CAAD7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Fri, 25 Nov 2022 15:28:18 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
969353902efb669fc05f2851f3b8eff6
5c02eb4c0b109f7946ae56edf12024ee0027ed00
135921e84af3643a7f0925c945aa75f79cfa9a4b42dc7b9c9ba3f3fc0579bf4c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 06:12:19 GMT
Expires: Thu, 01 Dec 2022 06:12:18 GMT
Etag: "5c02eb4c0b109f7946ae56edf12024ee0027ed00"
Cache-Control: max-age=497680,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2691df071c0a-OSL

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
917466831ca39bde3a9da509d2e4126a
a987d2aad0bf7ccb0a65653516a4eb3565b6bc91
c118cc90f9b2e115c7a6ec0417ac406c10f5f0a17880ecfe646612f8486a5741

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=318
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
X-N: S

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
4aed606ae977bb967faf4d089261d531
fd1d9064d9d60e37ef561243b3e11e02a63d5f9d
7e668f34f4c59999eed2d193f13df7d51ce1617d5507ab65b6bb95d89d5ee35e

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 08:58:53 GMT
ETag: "fd1d9064d9d60e37ef561243b3e11e02a63d5f9d"
Last-Modified: Fri, 25 Nov 2022 08:58:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1313
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa2692385d0b61-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
57660d3bd5387ee6665ec15d709ea7fe
ac9b888400c9eaff9c3bb57fb2b8f07156e20854
f5d882027ce4a50f472caf1dbf1dadda9816a23fdea0dba9cdae92f4bb30ac23

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5D882027CE4A50F472CAF1DBF1DADDA9816A23FDEA0DBA9CDAE92F4BB30AC23"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10877
Expires: Fri, 25 Nov 2022 14:48:54 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive

dvcasha2.ocsp-certum.com/

23.36.79.10

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
1115b0ae2aebbe7352f7ef7e8aaa6a0c
2f5436899ed4ffd81d19c90aae2b502ee6626b9b
91a5be6b81cdbd467018450ca9834ff443a673f356b25cef50111f5591ef8faf

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive
X-N: S

3p8801.co/11-960x60.gif

142.0.131.26

200 OK

242 kB

URL HTTP/2
3p8801.co/11-960x60.gif
IP
142.0.131.26:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
242 kB (242091 bytes)
Hash
b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2

HTTP Headers

GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Sun, 25 Dec 2022 11:47:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e188ce51b38e9805227d1a92d4c5225
0731d96f487b8d08cef458b9946fa01df18e7556
cf0ee8eda7572e2a907c4aaefb22cf8511ed845a313db050ac2518df07440964

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF0EE8EDA7572E2A907C4AAEFB22CF8511ED845A313DB050AC2518DF07440964"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15747
Expires: Fri, 25 Nov 2022 16:10:05 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2d4a90a58c676eaaf42e173ea529c226
c8a97ae20b3ecbb6d2109349f084eeaf17cb54ca
fb96426dc5e0afff3ca640a01875fe32c28e6d9f228c1813be002d86b05aee0f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 13:45:20 GMT
Expires: Wed, 30 Nov 2022 13:45:19 GMT
Etag: "c8a97ae20b3ecbb6d2109349f084eeaf17cb54ca"
Cache-Control: max-age=438460,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26926a151c16-OSL

kveff.com/68a7807de3933bf7079116fa9df99e6f.gif

64.32.13.142

301 Moved Permanently

162 B

URL HTTP/2
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP
64.32.13.142:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3bd62144364e8a26fc6f6f93ca1e97cd
277b931bbedd1937e0666778dfd3f037c70ff1fe
5b583d3275549f0781d6b139ae0bbc19622a0e5bbca2f0702fbf0990b43a753e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6433
Cache-Control: max-age=137948
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Etag: "63800a15-118"
Expires: Sun, 27 Nov 2022 02:06:46 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif

45.154.214.219

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
45.154.214.219:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif

45.154.214.219

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
IP
45.154.214.219:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/0eddc09b941df608c7dbb65fd7344c05.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
04aaff5e66d8b66fffa155d352b7673c
95746ed5e962b2880e63e31154869efcc3317581
3e37c0490f85e3391d9513599ae2df2cd25acdb994de1ffa1eb76fb2635de2b5

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3E37C0490F85E3391D9513599AE2DF2CD25ACDB994DE1FFA1EB76FB2635DE2B5"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15698
Expires: Fri, 25 Nov 2022 16:09:16 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive

api.79zxcv.com/sh/328.js

18.141.190.97

200 OK

463 B

URL HTTP/1.1
api.79zxcv.com/sh/328.js
IP
18.141.190.97:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (463), with no line terminators
Size
463 B (463 bytes)
Hash
4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sh/328.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS

api.79zxcv.com/sh/317.js

18.141.190.97

200 OK

463 B

URL HTTP/1.1
api.79zxcv.com/sh/317.js
IP
18.141.190.97:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (463), with no line terminators
Size
463 B (463 bytes)
Hash
4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sh/317.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS

fmlb.netlbtu.com/upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg

45.89.208.114

200 OK

9.6 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.6 kB (9613 bytes)
Hash
f6d5cdf2907fb31c463cc373838d12d3
bbe5419ff8861df45fd2af60c585f9cbcc814a38
bb3f04b6f333f07ea6a77fb23d0e1d2bb6501708e8302004cd194f9cf2b917bd

HTTP Headers

GET /upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9613
Last-Modified: Wed, 09 Nov 2022 11:41:27 GMT
Connection: keep-alive
ETag: "636b91e7-258d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg

45.89.208.114

200 OK

7.8 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
7.8 kB (7756 bytes)
Hash
0f1c4007154f75c35d75f408e001bc6a
64724f653ce003586c12680c0ede2638533b9404
ebe54255a4390cb473cf6c734a3dba31e94a9ade9d5b9443eb2e2c5ed46c4f3e

HTTP Headers

GET /upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 7756
Last-Modified: Wed, 09 Nov 2022 11:40:43 GMT
Connection: keep-alive
ETag: "636b91bb-1e4c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg

45.89.208.114

200 OK

8.0 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.0 kB (8028 bytes)
Hash
94cce198be510e7dad60f740fbecec8c
8314c91f10f5ec38742b3780681e6cec16190d2e
59267bae18e01a3c0744581e1376c17fd507651854a3122056d887b4d9e66f0a

HTTP Headers

GET /upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 8028
Last-Modified: Wed, 09 Nov 2022 11:40:36 GMT
Connection: keep-alive
ETag: "636b91b4-1f5c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg

45.89.208.114

200 OK

14 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
14 kB (14304 bytes)
Hash
8943af77fc234d1e4a935f8ff3007471
5316de2c0e183897735ae3f64ddc21172c9427bf
0bd345fe3484025bd9e72a45f52e661e91f606531c48f60f97a39f598187acad

HTTP Headers

GET /upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 14304
Last-Modified: Wed, 09 Nov 2022 11:42:19 GMT
Connection: keep-alive
ETag: "636b921b-37e0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg

45.89.208.114

200 OK

8.8 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.8 kB (8829 bytes)
Hash
75a7a64965e27d7748ea85d184361d04
972f4b7ca8c0f8a58fddb4b87231dc475f01c13e
d6840d9c333a0f4780180bb8c686f50a01f687a2610684e9d396d49e6715b908

HTTP Headers

GET /upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 8829
Last-Modified: Wed, 09 Nov 2022 11:42:19 GMT
Connection: keep-alive
ETag: "636b921b-227d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg

45.89.208.114

200 OK

5.1 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.1 kB (5133 bytes)
Hash
b4fe691a1e1838c9f1478958a1755ecc
342f266ceede5184e9cc944325d5644aad9373cd
e16caff401e9c45407df43293ca846a805d8a8fa2893df39b000d5e76bdb4969

HTTP Headers

GET /upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 5133
Last-Modified: Wed, 09 Nov 2022 11:40:16 GMT
Connection: keep-alive
ETag: "636b91a0-140d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2aee78ed2e3d7de1b2a7a2b23d097360
782463d3db74bbe0439feaf7c1fe18aa6f20aef7
72337b48ac80604e2338c6889fc2ffd9560062931e228fe1abc422e3312d9be9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96900
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Etag: "637f82de-117"
Expires: Sat, 26 Nov 2022 14:42:38 GMT
Last-Modified: Thu, 24 Nov 2022 14:42:38 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2aee78ed2e3d7de1b2a7a2b23d097360
782463d3db74bbe0439feaf7c1fe18aa6f20aef7
72337b48ac80604e2338c6889fc2ffd9560062931e228fe1abc422e3312d9be9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96900
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Etag: "637f82de-117"
Expires: Sat, 26 Nov 2022 14:42:38 GMT
Last-Modified: Thu, 24 Nov 2022 14:42:38 GMT
Server: nginx
Content-Length: 279

592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif

45.61.212.121

200 OK

580 kB

URL HTTP/1.1
592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
IP
45.61.212.121:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
580 kB (580315 bytes)
Hash
1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7

HTTP Headers

GET /ec0e8c2b5d2a4082a1acaceabcfca983.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba261-8dadb"
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:35:29 GMT
Accept-Ranges: bytes
X-Cache: MISS from cloud-us2-cdnb-21
Content-Length: 580315

nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif

104.21.55.74

200 OK

524 kB

URL HTTP/2
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 325 x 143\012- data
Size
524 kB (523775 bytes)
Hash
2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc

HTTP Headers

GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Fri, 16 Dec 2022 18:59:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 751704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAofqgGP3KLkqbiGBzNFKc9sJhIaUJB4zoCa94gB1G2xx1bJqBvzHLBL%2FKlS0ZqxL9MuoaOSRmAF%2FMLeuoRRqqIDyeLZOb7M62ND1uLASxj9n%2ByNt6qdaPi9SYcS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa26940a36b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
f74db977ea7b6777a59ba4ebf080dd24
6037c8cce6f4eaf1969a664b82136c4b9f08c32e
4348fbd1f14d03e010dab6b8dd703626fff6d6110062fb1254898d7c2e9ef822

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 05:36:52 GMT
Expires: Tue, 29 Nov 2022 05:36:51 GMT
Etag: "6037c8cce6f4eaf1969a664b82136c4b9f08c32e"
Cache-Control: max-age=322752,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26944908fac0-OSL

pic.picnewsss.com/tu-2022290039/se-1.jpg

23.225.139.251

200 OK

27 kB

URL HTTP/2
pic.picnewsss.com/tu-2022290039/se-1.jpg
IP
23.225.139.251:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Size
27 kB (26754 bytes)
Hash
d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e

HTTP Headers

GET /tu-2022290039/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Fri, 25 Nov 2022 11:15:57 GMT
etag: "1669375857"
expires: Sun, 25 Dec 2022 11:15:57 GMT
last-modified: Fri, 25 Nov 2022 11:30:57 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 26754
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
cbcc471840270b19536a7385c435e090
6dc931336032d76c21f6b2136408f184b8005ffd
354b0163e71484d2bb42400be51f32f7cf3e4723e4f86ec9a3bdb4b104ac25da

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "354B0163E71484D2BB42400BE51F32F7CF3E4723E4F86EC9A3BDB4B104AC25DA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8597
Expires: Fri, 25 Nov 2022 14:10:55 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
00830cd9c198594ab9584700a3fa8b33
26672ecd71a9a3b8e762df907a7cb850ff9da8b6
348dd89bbfd495bad00ede7de45346d9c772db0dbc972a135ded670829097b60

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 16:39:34 GMT
Expires: Tue, 29 Nov 2022 16:39:33 GMT
Etag: "26672ecd71a9a3b8e762df907a7cb850ff9da8b6"
Cache-Control: max-age=362514,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26911e0db524-OSL

nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif

104.21.55.74

200 OK

1.1 MB

URL HTTP/2
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
1.1 MB (1082384 bytes)
Hash
a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 936824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAj7xPiR4uWwTJZoHnwqa5kcsqepaxJI5J3fRpAM%2Ffeaw0TGavEhe4ldHh2rxDmh9byYeKSyothertvLoWUQnNUaDDL3DBnzXOrJ6fD2WIKMGF8snUbIdCB4OyMD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa2694ab46b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif

45.61.212.120

200 OK

62 kB

URL HTTP/1.1
829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif
IP
45.61.212.120:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 320 x 185\012- data
Size
62 kB (61957 bytes)
Hash
a39609b18140975f8099754386591e3c
5758379628e0102c65a87bd04cbe5158e43a94b0
fcd1a2d3584bb5dd209871dca8cef09495c9b1a3651ee204f87319e9b4a670de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /f22c9bb27e174bb0b6dd1b2034189f8f.gif HTTP/1.1
Host: 829355rff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba2a2-f205"
Date: Mon, 21 Nov 2022 00:05:45 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:36:34 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-20
Content-Length: 61957

sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif

20.189.126.154

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (211695 bytes)
Hash
0b39ec7c3e074e11a5629819f3aa4700
df59dbbb9d99b72d01f518d9c8484cd188440f0f
f89a04cd56e853388cad8b34084879771c6f49885033bb0a5c51402e60d468c8

HTTP Headers

GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 11:38:16 GMT
ETag: "1668166696"
Expires: Sun, 11 Dec 2022 11:38:16 GMT
Last-Modified: Fri, 11 Nov 2022 11:38:16 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif

20.189.126.154

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (212163 bytes)
Hash
14c76e87c5da9f7226cf412026035c9d
a6cbebd6fd70a1975c7900dbacea379c7722bf94
b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif

20.189.126.154

200 OK

258 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
258 kB (257993 bytes)
Hash
038ba2e11d90524678f7762f4628513f
a41054637ff263d13570f7eec83a3286957edc80
51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif

20.189.126.154

200 OK

245 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
245 kB (245365 bytes)
Hash
15b01b59267acae7726f30675e79d8bf
7449390411869cdc7b1b4ae6bee7e4fb7e893675
3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
7a8daad4ab6e765df1af9dd1c0eb2da5
0a17bb68661cccb2714b7b98d0f7b8df1b700cb4
cfa1ebd1b22eeb6cb79139c1d465de12da2f0e1a3f050ecce2fd0a90656c7fae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 01:44:18 GMT
Expires: Fri, 02 Dec 2022 01:44:17 GMT
Etag: "0a17bb68661cccb2714b7b98d0f7b8df1b700cb4"
Cache-Control: max-age=567998,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2693d8410b41-OSL

p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0

47.246.44.227

200 OK

358 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
IP
47.246.44.227:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 440 x 240\012- data
Size
358 kB (358276 bytes)
Hash
40b26808b7743791705f32cf49aa84d0
4ad6b4a4aea098d64566cb7d1efe401821890591
091c7316fb23f6614d103255be50c63bcb15e04c3dc5c3574456acedf9977d43

HTTP Headers

GET /obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 358276
date: Fri, 21 Oct 2022 06:41:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:37:28 GMT
nw-session-id: 20221021143728010175136074453D5CBFz8wd402dy
nw-session-trace: 2022-10-21T14:37:28.551011358+08:00 71
x-bdcdn-cache-status: TCP_HIT
x-length: 358276
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:37:28 GMT
x-tt-logid: 20221021143728010175136074453D5CBF
via: n204-098-037, cache6.l2de2[0,0,206-0,H], cache14.l2de2[4,0], cache14.l2de2[5,0], cache1.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc01:25:80::214
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 0117853d8cc79e5d77738cab4f594f364156c824771e29f615804f746fdb99e074612b530aaff0431fb3c2f771771ecafad581836a17d7ab7f11b242956cf29bfa52e7a0c525a19a5811d03d87a864a9c15e73d6d056b582e53a7965d856d36e13
x-response-lb: image
ali-swift-global-savetime: 1666334511
age: 3042347
x-cache: HIT TCP_MEM_HIT dirn:4:277650373
x-swift-savetime: Fri, 21 Oct 2022 08:23:11 GMT
x-swift-cachetime: 31529920
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693768585338669e
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
395dabe9158ad8d8dbc8ab618ab4e781
1882f9f43cdbd6f83344e56f9fcfdaefcdd76a5e
2f067d76c74d9cd7a1b4687c0e83e4806f6d3b3ecadf0949a4f80c53f03e7973

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F067D76C74D9CD7A1B4687C0E83E4806F6D3B3ECADF0949A4F80C53F03E7973"
Last-Modified: Thu, 24 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7052
Expires: Fri, 25 Nov 2022 13:45:10 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive

api.79zxcv.com/js/dom.js

18.141.190.97

200 OK

4.8 kB

URL HTTP/1.1
api.79zxcv.com/js/dom.js
IP
18.141.190.97:0
ASN
#16509 AMAZON-02

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1791)
Size
4.8 kB (4779 bytes)
Hash
271c3e5f6f883bf1187eb95946d8246e
4b32995d1e5dce4ba696e0aaf57794db6884d2b6
a5451841cb1edffb1130d0e4c564cfeb352d7f2283665a4d01221f84dc72c1fd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/dom.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1d8c96ac8343425"
Last-Modified: Fri, 16 Sep 2022 01:22:27 GMT
Server: Tengine
X-Cache-Status: MISS
Content-Encoding: gzip

zhibo128x.xyz/128/960x120.gif

154.83.25.141

200 OK

647 kB

URL HTTP/1.1
zhibo128x.xyz/128/960x120.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type
GIF image data, version 89a, 960 x 120\012- data
Size
647 kB (647290 bytes)
Hash
4fd1179d632274467f2d161456d79264
7e14d27cde6b11c437d17d7abf8ea273a5e63798
4a24512ccf73527d8996dc5a02acc63fe7fcb7c9f9ae22cac178345c6d46361c

HTTP Headers

GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 11:47:07 GMT
Content-Type: image/gif
Content-Length: 647290
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 06:08:16 GMT
ETag: "634113d0-9e07a"
Expires: Wed, 30 Nov 2022 00:43:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

kvhkkk.top/4bf88adf466b90cef3686374a27fc0e2.gif

104.21.234.156

200 OK

65 kB

URL HTTP/2
kvhkkk.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP
104.21.234.156:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
65 kB (65414 bytes)
Hash
514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52

HTTP Headers

GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvhkkk.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 65414
last-modified: Tue, 22 Nov 2022 05:45:31 GMT
etag: "637c61fb-ff86"
expires: Sun, 25 Dec 2022 11:29:58 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1060
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSNTfN9Bvrdq9%2BOSliDseamHavMTAvJQmmnlDyQoA2CQGVwmzUWCr3ajs4%2FjQvVRno6Ko%2BjoMYXizgwe7kZ5s1MWEFRtRsyjk4sisX8Tf0PvE5iCKmB9Krja%2BDvx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa2695fa8506b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
07570daf9d11b9b8b8357b089ad60a5a
1e0c563991e0918f538182a887165bf2fd225b80
8f7ff4d51ecb7edcdefc1d6d0aa80e6774d0bd665b2d0f6bcbeaa4b40acbef60

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Last-Modified: Fri, 25 Nov 2022 11:47:37 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279

taiwtp1.com/xin/200200.gif

220.128.218.220

200 OK

66 kB

URL HTTP/2
taiwtp1.com/xin/200200.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 200 x 200\012- data
Size
66 kB (65592 bytes)
Hash
f0ba60ad272f48fb7a6c94d0fff78f8c
5aa704f7f21da3ebcda26cc67adfb21a218e7c97
22ca789fd1bcfce63c63a1b380a9666fbb44d3c6003c110d1956995a27a3d108

HTTP Headers

GET /xin/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:45:14 GMT
content-type: image/gif
content-length: 65592
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10038"
expires: Sun, 25 Dec 2022 11:45:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b

47.246.44.227

200 OK

671 kB

URL HTTP/2
p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
IP
47.246.44.227:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 640 x 480\012- data
Size
671 kB (670683 bytes)
Hash
61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732

HTTP Headers

GET /obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 670683
date: Wed, 23 Nov 2022 17:12:04 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 23 Nov 2022 09:06:10 GMT
nw-session-id: 202211231706100101351600141541FD52kxb2701dy
nw-session-trace: 2022-11-23T17:06:10.11502157+08:00 75
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Wed, 23 Nov 2022 17:06:10 GMT
x-tt-logid: 202211231706100101351600141541FD52
via: n129-069-085, cache19.l2de2[0,0,206-0,H], cache8.l2de2[1,0], cache8.l2de2[1,0], cache5.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:4:481::52
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015a3b9199adf986dc1a7283b0173494440838bdeaf0719540461d0fe2682c55bccf66501ae48e46ef19c5eb083f25712622be75eab5d9b90c22f18fbfaca83d7cc2040c9ed209cfba18ab316c995f6ca66467b59e239c4a976422122007d1df50
x-response-lb: image
ali-swift-global-savetime: 1669223524
age: 153334
x-cache: HIT TCP_MEM_HIT dirn:1:279621702 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 10:04:25 GMT
x-swift-cachetime: 31475259
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693768586548781e
X-Firefox-Spdy: h2

kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif

104.21.94.20

200 OK

864 kB

URL HTTP/2
kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
104.21.94.20:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
864 kB (864004 bytes)
Hash
d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Sat, 24 Dec 2022 07:55:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 100327
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzqoTCmbfeewyUzfP%2BI6GNw5vt3VXp%2Fwmin8%2BzuAq4p%2BbWidzwWz1zu1ytL6lxqXfOoicBurWdY0UrY9sf%2B7qkWD2olX8c9TidfiNuJQSxVnsRhfh713X2DEDxFu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa2696d88bb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvhkkk.top/7546c860e55fa3bf22e5cd95994dd097.gif

104.21.234.156

200 OK

685 kB

URL HTTP/2
kvhkkk.top/7546c860e55fa3bf22e5cd95994dd097.gif
IP
104.21.234.156:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 384 x 216\012- data
Size
685 kB (684992 bytes)
Hash
6f531c957ea61da41ab38ccc064ac606
e2c1ccf65b2c8e2dadee1bd61ecf5539a2100825
e1094802df1cac8e84815e0d8807bbb5e73e161994c773d3a58d201f918d64b3

HTTP Headers

GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvhkkk.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 684992
last-modified: Tue, 22 Nov 2022 11:00:48 GMT
etag: "637cabe0-a73c0"
expires: Sat, 24 Dec 2022 12:40:23 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 83235
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5kIjBqvygOU3DhM8GHbrLYBwN98%2Ba42YUxL%2Bw1XkZnF%2BdpysXwwKWgG4OFDKVI6cbUZRwsy1kAxEJY6%2B%2FyH8I5LFpsK836xYjX8o5VqryowEHCHRYgXPnYHTSKp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa26961ab706b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif

20.189.126.154

200 OK

133 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
133 kB (133073 bytes)
Hash
f44f18314d520e89498d1f67557c2697
bbdd1041f6be7316f0a565d525761a902959b6e6
303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:37:28 GMT
ETag: "1667486248"
Expires: Sat, 03 Dec 2022 14:37:28 GMT
Last-Modified: Thu, 03 Nov 2022 14:37:28 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif

20.189.126.154

200 OK

132 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
132 kB (131724 bytes)
Hash
6815a174b1da262bb85e17910991d3ed
cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:38:11 GMT
ETag: "1667486291"
Expires: Sat, 03 Dec 2022 14:38:11 GMT
Last-Modified: Thu, 03 Nov 2022 14:38:11 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

www.jxys88.net/news/list.php

173.231.12.68

200 OK

192 kB

URL HTTP/2
www.jxys88.net/news/list.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
192 kB (191851 bytes)
Hash
409e27b00c735b0a38bdd934baab7f06
c76f452e52516c7cb5eca91ececd3ddf1a9d8690
99931aa5962fa98e8135c365e696fea34baf7f21af0ffee94c521f3c585f88e1

HTTP Headers

GET /news/list.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ad72f8c21844009758f7df30b4681e23
1299f1e573e0f60163d324bc8bc5909df6dd9e34
ca8600f2170bae7330a374bbe8727b55ae123a29ce620ccfbd4dc5f5fa997d7c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:43:07 GMT
Expires: Thu, 01 Dec 2022 00:43:06 GMT
Etag: "1299f1e573e0f60163d324bc8bc5909df6dd9e34"
Cache-Control: max-age=477927,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26962c191c0a-OSL

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
df561d12f805d1625d638f09a553df1d
d30b629e1c35e991be92eb3cbe59f34aa6d6d678
a3911a57c1747f4ab2fbcba4dde8b8761285e43bec3a314507721a73eb959d8e

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif

20.189.126.154

200 OK

261 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
261 kB (261015 bytes)
Hash
68ca80e6c19384277e66f07f304b6ed7
680dea475bf73401cd981b5d64f81a23c5536fed
cdbf4e9a6e9fd6b14415c2039f70aef83ec4067c4d82510246096432cd8b93a8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894189710457.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:36:31 GMT
ETag: "1667486191"
Expires: Sat, 03 Dec 2022 14:36:31 GMT
Last-Modified: Thu, 03 Nov 2022 14:36:31 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
737cd378417f24ff8e303905e80180fb
e03e769db8b118823e8658f4eb3e6c6547fe3455
7ae737f92d72789db034845133363edd36688c9bec0fe62b9f37027704372f8c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:28:29 GMT
Expires: Wed, 30 Nov 2022 01:28:28 GMT
Etag: "e03e769db8b118823e8658f4eb3e6c6547fe3455"
Cache-Control: max-age=394249,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26964e1f1c16-OSL

taiwtp1.com/xin/225135.gif

220.128.218.220

200 OK

67 kB

URL HTTP/2
taiwtp1.com/xin/225135.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type
GIF image data, version 89a, 225 x 135\012- data
Size
67 kB (67441 bytes)
Hash
81996a5d1fe46f845ff020017edba5cb
68dc488bcaf576c3c63394123998bb55ea79d121
6ee94aa6b2f278f4d4bff35da13d01e8ecc332464a23050f5a816fe18943b7aa

HTTP Headers

GET /xin/225135.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:45:14 GMT
content-type: image/gif
content-length: 67441
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10771"
expires: Sun, 25 Dec 2022 11:45:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ad72f8c21844009758f7df30b4681e23
1299f1e573e0f60163d324bc8bc5909df6dd9e34
ca8600f2170bae7330a374bbe8727b55ae123a29ce620ccfbd4dc5f5fa997d7c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:43:07 GMT
Expires: Thu, 01 Dec 2022 00:43:06 GMT
Etag: "1299f1e573e0f60163d324bc8bc5909df6dd9e34"
Cache-Control: max-age=477927,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2696dab00b41-OSL

kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif

104.21.5.141

200 OK

740 kB

URL HTTP/2
kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
104.21.5.141:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
740 kB (739561 bytes)
Hash
5318e42d25e6b9b53726d8166248cc33
762b03c16562865a9a58a02dba471f78608376db
b632e7a04d032c4853a8460e9d636ac032f697db8f50cfee6a6016587ed8f62c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 739561
last-modified: Mon, 02 May 2022 19:20:49 GMT
etag: "62702f11-b48e9"
expires: Fri, 23 Dec 2022 04:58:19 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 197359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dkl9lCWWhtTtjq5xtujQQgjHi8xbWXQUjCSW6H%2FJ0BLaa8Q1CNzFdEs3tnEnj6xDF1BGtvtUmTLSF3xsuuRqrzuLh7ry5fIc0bV4hRbrE84moVJvy0nuuUeGdbGC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa26980fa70b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
737cd378417f24ff8e303905e80180fb
e03e769db8b118823e8658f4eb3e6c6547fe3455
7ae737f92d72789db034845133363edd36688c9bec0fe62b9f37027704372f8c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:28:29 GMT
Expires: Wed, 30 Nov 2022 01:28:28 GMT
Etag: "e03e769db8b118823e8658f4eb3e6c6547fe3455"
Cache-Control: max-age=394249,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26972e25b50c-OSL

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif

20.189.126.154

200 OK

259 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
259 kB (258804 bytes)
Hash
70649fd49138ca6897fe0c9365470117
f0cbcec39497ab084adb72c03a6225c2144c6866
48f51d425b1ad9363336bc2edf9009cbfd17d0c24f817fe60fec9e6ed258e5b0

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894256451036.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:37 GMT
ETag: "1667486439"
Expires: Sat, 03 Dec 2022 14:40:37 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:39 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a0ad3bc43446328e39bbcae6cc0b8fe2
e3ffb2181b4f1c9c3ef689b13035e764640176c8
a791304a7c2626d0511146bb8814f01e7d17042bab362621bc29cef9eb7eb74c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A791304A7C2626D0511146BB8814F01E7D17042BAB362621BC29CEF9EB7EB74C"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12035
Expires: Fri, 25 Nov 2022 15:08:13 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif

20.189.126.154

200 OK

279 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
279 kB (278909 bytes)
Hash
cbbb3d8ff70b59b11fd1182f7e5d77e9
06af5df2b2aeaa07b578979ee331b52e1f298323
f62a633b62c1dea5bca396206d4956bf14db30141e6e524bf3a00e3588c1c893

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894518194257.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:42:08 GMT
ETag: "1667486534"
Expires: Sat, 03 Dec 2022 14:42:08 GMT
Last-Modified: Thu, 03 Nov 2022 14:42:14 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2aee78ed2e3d7de1b2a7a2b23d097360
782463d3db74bbe0439feaf7c1fe18aa6f20aef7
72337b48ac80604e2338c6889fc2ffd9560062931e228fe1abc422e3312d9be9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=96900
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:39 GMT
Etag: "637f82de-117"
Expires: Sat, 26 Nov 2022 14:42:39 GMT
Last-Modified: Thu, 24 Nov 2022 14:42:38 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif

20.189.126.154

200 OK

138 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
138 kB (137556 bytes)
Hash
bd3f6c291cab93e830a11147c254ba40
84e34f4b6d924250b792926a4000b057496a171c
f83c49320f5c7ebedeeb3c449113fc15dd505bcc55a074c6c4cbebc3fb3a209f

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958002923244.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:23:18 GMT
ETag: "1667550198"
Expires: Sun, 04 Dec 2022 08:23:18 GMT
Last-Modified: Fri, 04 Nov 2022 08:23:18 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif

20.189.126.154

200 OK

143 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
143 kB (142810 bytes)
Hash
e7fa5fab9c6f638bf6e867ab976713a1
0e04672bf56def9eb8eef15e9aedc4b6ead6dd05
1145d5d9f499e6f3e2818a598b72cf02ff750ba41752bc94ff06513a522ee23e

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958053685368.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

www.jxys88.net/news/index.php

173.231.12.68

200 OK

166 kB

URL HTTP/2
www.jxys88.net/news/index.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
166 kB (166457 bytes)
Hash
cc3186f99b0cf6affa92723977477028
e9bd465a0770f8a959459b43527732e06f62c116
356b45f89625026b58a8b8571d5b33c7de7329d1a7c13007a1049cba66706a64

HTTP Headers

GET /news/index.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif

20.189.126.154

200 OK

157 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 225 x 136\012- data
Size
157 kB (157109 bytes)
Hash
b2ab67245d12303f5bbafd7d9b5f0114
44e3a620562fb6e6542b21d4ff534057d7dbe116
44748a35ac18f29a7fb6aa261701604648c5a5c2edf8b6a4d7789ef52b992afe

HTTP Headers

GET /static/uploads/image/x22/20221005/1664958086287321.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:23:25 GMT
ETag: "1667550206"
Expires: Sun, 04 Dec 2022 08:23:25 GMT
Last-Modified: Fri, 04 Nov 2022 08:23:26 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
637d307f35a65f0d652c7e9b46157717
b15b3c7cdfb8368b908cd208b2edc9b98ff72532
401dd7484bcd581ebf07c1bb1bcfdfb46eebbc0fd786d4ed28c98cced16a0c1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:39 GMT
Server: ECS (amb/6BAB)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
637d307f35a65f0d652c7e9b46157717
b15b3c7cdfb8368b908cd208b2edc9b98ff72532
401dd7484bcd581ebf07c1bb1bcfdfb46eebbc0fd786d4ed28c98cced16a0c1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=117104
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:39 GMT
Etag: "637fd1cb-117"
Expires: Sat, 26 Nov 2022 20:19:23 GMT
Last-Modified: Thu, 24 Nov 2022 20:19:23 GMT
Server: nginx
Content-Length: 279

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
cbcc471840270b19536a7385c435e090
6dc931336032d76c21f6b2136408f184b8005ffd
354b0163e71484d2bb42400be51f32f7cf3e4723e4f86ec9a3bdb4b104ac25da

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "354B0163E71484D2BB42400BE51F32F7CF3E4723E4F86EC9A3BDB4B104AC25DA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8596
Expires: Fri, 25 Nov 2022 14:10:55 GMT
Date: Fri, 25 Nov 2022 11:47:39 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
1a846355d732b691514041b1b4874b12
52a28192382c4273a80a3525df0266bc758272b0
7702003437b9fa2c49671de578d0d1795f407f4655954c73e9da56c587c6f982

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:06:56 GMT
Expires: Tue, 29 Nov 2022 23:06:55 GMT
Etag: "52a28192382c4273a80a3525df0266bc758272b0"
Cache-Control: max-age=385755,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2698889cb524-OSL

aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif

47.56.33.17

200 OK

0 B

URL HTTP/1.1
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
IP
47.56.33.17:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif HTTP/1.1
Host: aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/gif
Content-Length: 294418
Connection: keep-alive
x-oss-request-id: 6380AB5AE46B163830BA77B5
Vary: Origin
Accept-Ranges: bytes
ETag: "B5F554E2887180883376A154C0D49550"
Last-Modified: Tue, 25 Jan 2022 08:46:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7927258656666560621
x-oss-storage-class: Standard
Content-Disposition: inline;filename=899E8306-3565-4974-AD46-916F3A0C3E17.gif
Content-MD5: tfVU4ohxgIgzdqFUwNSVUA==
x-oss-server-time: 2

static.qwahk.com/960x60.gif

154.39.104.61

200 OK

0 B

URL HTTP/1.1
static.qwahk.com/960x60.gif
IP
154.39.104.61:0
ASN
#174 COGENT-174

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /960x60.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 477289
Content-Type: image/gif;charset=UTF-8
Date: Sun, 20 Nov 2022 00:49:41 GMT
ETag: "1668905382"
Last-Modified: Sun, 20 Nov 2022 00:49:42 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 anxun31:15 (W)
X-Cache: HIT, server, disk
X-Px: ms anxun31000(origin)
X-Reqid: 2019214167228180202211200849416LvsX43Qsampled
X-Ws-Request-Id: 637979a5_anxun31_27787-61124

sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif

120.77.166.119

200 OK

0 B

URL HTTP/1.1
sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
IP
120.77.166.119:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tycsz.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/gif
Content-Length: 614471
Connection: keep-alive
x-oss-request-id: 6380AB5AD17D343031081D9F
Accept-Ranges: bytes
ETag: "B5D129EDAAAEC2DB9B9FBDBB13E162FF"
Last-Modified: Sun, 20 Nov 2022 08:15:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1485979328286445117
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: tdEp7aquwtubn727E+Fi/w==
x-oss-server-time: 1

p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0

43.154.254.32

200 OK

0 B

URL HTTP/2
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:56:24 GMT
cache-control: max-age=2592000
x-delay: 107 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: a1c40dc3-77db-42cd-8251-6c53277f58fc
X-Firefox-Spdy: h2

sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif

120.77.166.72

200 OK

0 B

URL HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
IP
120.77.166.72:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /af/q960x120-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/gif
Content-Length: 478685
Connection: keep-alive
x-oss-request-id: 6380AB5A703D5E36368969EF
Accept-Ranges: bytes
ETag: "5BF732E915BAF1D960C69A7DFEB3EF7C"
Last-Modified: Tue, 27 Sep 2022 07:43:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8402549840524505905
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: W/cy6RW68dlgxpp9/rPvfA==
x-oss-server-time: 1

585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif

103.170.15.88

200 OK

0 B

URL HTTP/1.1
585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
IP
103.170.15.88:0
ASN
#7483 Skycloud Computing co., Ltd.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /41b638d808b64a4db1c3e57fb5622e78.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9085-27357"
Date: Tue, 22 Nov 2022 12:51:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:19:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 160599

www.jxys88.net/news/data.php

173.231.12.68

200 OK

0 B

URL HTTP/2
www.jxys88.net/news/data.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /news/data.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.9712x.com/images/63523e235fe50f0585d3ef83.gif

91.199.87.220

302 Found

0 B

URL HTTP/2
img.9712x.com/images/63523e235fe50f0585d3ef83.gif
IP
91.199.87.220:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/63523e235fe50f0585d3ef83.gif HTTP/1.1
Host: img.9712x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
cache-control: max-age=3600
X-Firefox-Spdy: h2

sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif

120.77.166.72

200 OK

0 B

URL HTTP/1.1
sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
IP
120.77.166.72:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1212/af640x350.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/gif
Content-Length: 112297
Connection: keep-alive
x-oss-request-id: 6380AB5A1911E93132AD485B
Accept-Ranges: bytes
ETag: "8BB96C4387FDAE545693EC79E18C0278"
Last-Modified: Tue, 11 Oct 2022 10:34:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9438539724646848523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i7lsQ4f9rlRWk+x54YwCeA==
x-oss-server-time: 4

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif

20.189.126.154

200 OK

0 B

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP
20.189.126.154:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:43:27 GMT
ETag: "1667486607"
Expires: Sat, 03 Dec 2022 14:43:27 GMT
Last-Modified: Thu, 03 Nov 2022 14:43:27 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

taiwtp1.com/img/960240.gif

220.128.218.220

200 OK

0 B

URL HTTP/2
taiwtp1.com/img/960240.gif
IP
220.128.218.220:0
ASN
#3462 Data Communication Business Group

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:45:14 GMT
content-type: image/gif
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Sun, 25 Dec 2022 11:45:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif

47.75.19.69

200 OK

0 B

URL HTTP/1.1
1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif
IP
47.75.19.69:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /se/lq.gif HTTP/1.1
Host: 1088hg01.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: image/gif
Content-Length: 944089
Connection: keep-alive
x-oss-request-id: 6380AB59DD75B73839BC0F20
Accept-Ranges: bytes
ETag: "AA2183D37F4BB3E32799AA7559D6828B"
Last-Modified: Sat, 05 Nov 2022 08:29:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9189525011022840236
x-oss-storage-class: Standard
Content-MD5: qiGD039Ls+Mnmap1WdaCiw==
x-oss-server-time: 2

kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif

104.21.234.86

200 OK

0 B

URL HTTP/2
kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
IP
104.21.234.86:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kvtnnn.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:39 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Tue, 13 Dec 2022 05:57:57 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1057782
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFTNKX3hQruDxdtILFjnE5hVD04C7Vg6p%2BRBADLHVzz0j%2FG5%2BbgqXO2tKDnfYd8TcxtVg3V38rx9U%2F5eY0AAEN0O0wL%2BoiMAbxRd2TwkSRAIXnJR7UBZDYdI9No8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa26991d298862-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img.9717x.com/images/637f0bb78d97bc67605fd8a5.gif

91.199.87.220

302 Found

0 B

URL HTTP/2
img.9717x.com/images/637f0bb78d97bc67605fd8a5.gif
IP
91.199.87.220:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/637f0bb78d97bc67605fd8a5.gif HTTP/1.1
Host: img.9717x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ydschool-online.nosdn.127.net/tiku/72955337d3a97fb538f5ce9ebd7fe97d8689130eafab95cbef229731703681f8.gif
cache-control: max-age=3600
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/style.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/style.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif

91.195.240.12

403 Forbidden

0 B

URL HTTP/2
acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif
IP
91.195.240.12:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /3c1bcbe1527d69a7efc3687b42d7ea1f.gif HTTP/1.1
Host: acoosso.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Fri, 25 Nov 2022 11:47:37 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2

img.1129555.com/images/6375e9e9e718d3da5a918058.gif

91.199.87.220

302 Found

0 B

URL HTTP/2
img.1129555.com/images/6375e9e9e718d3da5a918058.gif
IP
91.199.87.220:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6375e9e9e718d3da5a918058.gif HTTP/1.1
Host: img.1129555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
cache-control: max-age=3600
X-Firefox-Spdy: h2

8499225.com/8499/s/960x60.gif

23.224.101.36

200 OK

0 B

URL HTTP/2
8499225.com/8499/s/960x60.gif
IP
23.224.101.36:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /8499/s/960x60.gif HTTP/1.1
Host: 8499225.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "50d23-5ed03b0c9c3d8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

img.2559u.com/images/636ce31fc474e9c06ec29f98.gif

91.199.87.220

302 Found

0 B

URL HTTP/2
img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
IP
91.199.87.220:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/636ce31fc474e9c06ec29f98.gif HTTP/1.1
Host: img.2559u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
cache-control: max-age=3600
X-Firefox-Spdy: h2

p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0

43.154.254.32

200 OK

0 B

URL HTTP/2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 208040
vary: Accept,Origin
last-modified: Fri, 25 Nov 2022 04:38:13 GMT
cache-control: max-age=2592000
x-delay: 40639 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 208040
chid: 0
fid: 0
x-nws-log-uuid: e9c6425f-d1a1-4056-bf4f-d580f4c5168b
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations