r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2992
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 11:47:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:30 GMT
Last-Modified: Fri, 25 Nov 2022 10:24:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
wordpressexample.com/?author=1.
160.202.106.19301 Moved Permanently 0 B URL HTTP/1.1 wordpressexample.com/?author=1.
IP 160.202.106.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?author=1. HTTP/1.1
Host: wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 11:47:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.wordpressexample.com/index.php?author=1.
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 11:19:06 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1704
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13654
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 11:47:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FkcDNhjmGBvklbBVO2Y2ud2rcEpDZ6jTBPh8pXYwtRQqiU/W/L+h3mtXATVSW+TmS/QF89hhpRQ=
x-amz-request-id: BYA5KP3P05QNJWQ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 11:40:47 GMT
age: 403
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 11:08:53 GMT
cache-control: public,max-age=3600
age: 2317
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5145
Cache-Control: max-age=168306
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:30 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:32:36 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JUkW8+hRrKfEWPaGjRFjyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WrlPmcvrQ+6Vun/8v0xJeVRv7Rc=
www.wordpressexample.com/index.php?author=1.
160.202.106.19200 OK 785 B URL HTTP/1.1 www.wordpressexample.com/index.php?author=1.
IP 160.202.106.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 06638f44888ad101206f6b89a7304b8b
f5f18fe1be538aa78d06e8097d4f30e99f1b7d4d
a89cde81ac1afd1ee61aea30d30645f51283a8bc33fd356b8256776cf73c1b40
GET /index.php?author=1. HTTP/1.1
Host: www.wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:31 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
www.wordpressexample.com/tj.js
160.202.106.19200 OK 520 B URL HTTP/1.1 www.wordpressexample.com/tj.js
IP 160.202.106.19:0
File type ASCII text, with CRLF line terminators
Hash 96db358bd0e6ee275c7430e1618924e9
493253a7cfaca54dc836978e12a84b8427ce888b
d302db832b3b48b63de68161cbcc8119f7f389d29d55607409aa810444215883
GET /tj.js HTTP/1.1
Host: www.wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/index.php?author=1.
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:31 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive
www.wordpressexample.com/common.js
160.202.106.19200 OK 738 B URL HTTP/1.1 www.wordpressexample.com/common.js
IP 160.202.106.19:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash 70670d0986c3d241b2799f9b5ae5e100
e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6
GET /common.js HTTP/1.1
Host: www.wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/index.php?author=1.
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:31 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11068
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11068
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11068
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11068
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K4A6bdVv0gauO3YWTEPWMS6fhuB9CZ6o5dUL-O6G5-NzqOGQRzQLUw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:30:31 GMT
age: 47821
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:22:46 GMT
age: 15886
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 51144
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 50424
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:37:15 GMT
age: 11417
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 34804
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
180.101.212.103200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 25 Nov 2022 11:47:32 GMT
Etag: "4078521116"
Expires: Sat, 25 Nov 2023 11:47:32 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=33CC2C70DB883102CAE3B24A250AB6AA:FG=1; max-age=31536000; expires=Sat, 25-Nov-23 11:47:32 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash a69d3acc10aa0821cd46bf82c1e87188
b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f
bb50a1777adf4b17040bf6163185440258a58bc4120aa810dbd3e2224606a2a1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 08:29:14 GMT
ETag: "b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f"
Last-Modified: Fri, 25 Nov 2022 08:29:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1559
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa266f3e380b59-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash a69d3acc10aa0821cd46bf82c1e87188
b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f
bb50a1777adf4b17040bf6163185440258a58bc4120aa810dbd3e2224606a2a1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 08:29:14 GMT
ETag: "b1a195f07bd3fac85d574bba8a5fd738d1d1bf4f"
Last-Modified: Fri, 25 Nov 2022 08:29:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1559
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa266f3c9bb523-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5ed665c986f3bf3ec9dad76cac54a48
fc2d572f74202406218df3a55f2bd78fdab4ee57
a1b84584d4150c52d2fc0175f72368a12ec3fb9d5221101e084a09007d0c3dbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1B84584D4150C52D2FC0175F72368A12EC3FB9D5221101E084A09007D0C3DBF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15649
Expires: Fri, 25 Nov 2022 16:08:21 GMT
Date: Fri, 25 Nov 2022 11:47:32 GMT
Connection: keep-alive
www.wordpressexample.com/favicon.ico
160.202.106.19200 OK 1.2 kB URL HTTP/1.1 www.wordpressexample.com/favicon.ico
IP 160.202.106.19:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.wordpressexample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/index.php?author=1.
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:32 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Wed, 30 Nov 2022 11:47:32 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.wordpressexample.com/index.php?author=1.
39.156.68.163200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.wordpressexample.com/index.php?author=1.
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.wordpressexample.com/index.php?author=1. HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.wordpressexample.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 25 Nov 2022 11:47:32 GMT
hm.baidu.com/hm.js?f7d4e84c906d7aa1319b3083e404a089
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f7d4e84c906d7aa1319b3083e404a089
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash 65ee9bf266abc7bb6329c2a5524baace
3213b2c2ad13cf2b9641c4ff793a29971ee87a48
0114dfe4fedc0b5bbb5b90e257c4c5cd1c5fa4ba5cd397f38377f1aede0541f9
GET /hm.js?f7d4e84c906d7aa1319b3083e404a089 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 11:47:32 GMT
Etag: cd4e9a03bdf72d8e7c9bd115ace294d3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A66FC57849CD7300; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 5103c34b15678d9067375d68334daef4
21dc113dc53cdb85653d79d275ab8ffca1069148
480e641d8804d98c5dc3cc9cf2abc4d944dfe8254689b2a108bfaf113f9a08be
GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 11:47:32 GMT
Etag: b6fd16750a9a260c580fc536ba5e74ce
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8496959170B03B19; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1809410154&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1809410154&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1809410154&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 11:47:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=968C1FE1A8CB6554; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ed36185151545beb9fadea2f88b9b9f9
9b750de4c4d04942efa6a8d05482971d21c5583c
0bdbe3fdeae67f467ef8e2dc088327ef96d21ab18a9037a1014a426094cbce9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BDBE3FDEAE67F467EF8E2DC088327EF96D21AB18A9037A1014A426094CBCE9D"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Fri, 25 Nov 2022 17:47:33 GMT
Date: Fri, 25 Nov 2022 11:47:34 GMT
Connection: keep-alive
www.jxys12.xyz/template/m1938pc/html9/ads/1.gif
173.231.38.5200 OK 254 B URL HTTP/2 www.jxys12.xyz/template/m1938pc/html9/ads/1.gif
IP 173.231.38.5:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Sun, 25 Dec 2022 11:47:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif
173.231.38.5200 OK 193 kB URL HTTP/2 www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif
IP 173.231.38.5:0
File type GIF image data, version 89a, 960 x 90\012- data
Size 193 kB (193193 bytes)
Hash a0f25aca4ee2af38f3d3f5cbfde1bdf8
252b04cdfaa6918b897fc8ef8ae759469ca831eb
89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: image/gif
content-length: 193193
last-modified: Fri, 11 Nov 2022 06:41:02 GMT
etag: "636dee7e-2f2a9"
expires: Sun, 25 Dec 2022 11:47:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys12.xyz/template/m1938pc/static/images/pic.png
173.231.38.5200 OK 90 B URL HTTP/2 www.jxys12.xyz/template/m1938pc/static/images/pic.png
IP 173.231.38.5:0
File type HTML document, ASCII text
Hash 5341dd3aa19c0eb3bc809f9150e3e833
7beaba24a698410e4ffc93357d82c6f683cbaba1
f4ea9875d59d8391034d2c230808d5812fd183e2c83751288cea542747f5ef53
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/images/pic.png HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: image/png
content-length: 90
last-modified: Fri, 14 Jan 2022 04:46:48 GMT
etag: "61e10038-5a"
expires: Sun, 25 Dec 2022 11:47:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
173.231.38.5200 OK 13 kB URL HTTP/2 www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP 173.231.38.5:0
File type Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Hash 99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient
104.110.17.24200 OK 151 kB URL HTTP/2 dimg04.c-ctrip.com/images/0102y120009tf26vrA1E9.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 151 kB (151061 bytes)
Hash 89c820a186cb325d9979cdae663875eb
e9dbc77e9d46e03ebec28aaca2bf5e302767064f
9116f460b6f4c7d03cf9be95d414ba83d6bcba145a4f1eddd9decec6127e0ade
GET /images/0102y120009tf26vrA1E9.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 151061
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=8477138
expires: Fri, 03 Mar 2023 14:33:13 GMT
date: Fri, 25 Nov 2022 11:47:35 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 7
x-edgeconnect-origin-mex-latency: 99
cache-control: max-age=7774735
expires: Thu, 23 Feb 2023 11:26:30 GMT
date: Fri, 25 Nov 2022 11:47:35 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
www.jxys12.xyz/template/m1938pc/static/css/bootstrap.min.css
173.231.38.5200 OK 2.7 MB URL HTTP/2 www.jxys12.xyz/template/m1938pc/static/css/bootstrap.min.css
IP 173.231.38.5:0
Size 2.7 MB (2670958 bytes)
Hash 73582bf7e2a1339ce7931d9277a23279
7876fdfa49681184a08cbdbbe3eec8ae61949c35
33c34a20593576e50dff488878b636424cef3cc0405660ae47853a18b54d5a2b
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxys12.xyz/template/m1938pc/static/css/white.css
173.231.38.5200 OK 124 kB URL HTTP/2 www.jxys12.xyz/template/m1938pc/static/css/white.css
IP 173.231.38.5:0
Size 124 kB (123615 bytes)
Hash e4101e376ae8050c3b0e4410386de330
9123ef79fb2855c46a2555b9ff72002115e3484d
46ca1048254ab4715634e27875c24e1774e3ff7e7ebf5743fa3243fbe321abac
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-29d9"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxys12.xyz/template/m1938pc/static/css/swiper.min.css
173.231.38.5200 OK 461 kB URL HTTP/2 www.jxys12.xyz/template/m1938pc/static/css/swiper.min.css
IP 173.231.38.5:0
Size 461 kB (460636 bytes)
Hash b214c81b53a1c5e3055f1c00fa00f8ea
8d9a553086ff8184a3e21dd359790c7e0cd5cda8
171e0bbef38897f732e6b5c17a7184c279c2ceed767b91774e3671166fb9ca1e
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6548638
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Fri, 25 Nov 2022 11:47:35 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
96.6.16.143200 OK 917 kB URL HTTP/2 ak-d.tripcdn.com/images/0Z05r2224t6z9bba9EA9A.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 917 kB (917226 bytes)
Hash 28998a87f539b948e98fdc9c82fc6a69
c0085b4e65a2679d63c10ccf8bcffd7b6014b211
1bcb305b12f83cc84760b87cc0d7088e774e0d67e19657f131fdc6a0fadbec0a
GET /images/0Z05r2224t6z9bba9EA9A.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 917226
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7614642
expires: Tue, 21 Feb 2023 14:58:17 GMT
date: Fri, 25 Nov 2022 11:47:35 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 51d90fb80a3d096732301c28a0278db6
eb1e49f2563ea9740c665b3dd2633ec0d6fb5355
1a9e4f4c28cc50ad08840f8a2a6c053319639a20923ffa5c19221608e2b22f6f
GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 11:47:35 GMT
Etag: f53de3a9ee9aa41553fcb8233c708ef7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7B82CEB35551DBF7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1563794465&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=3801&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1563794465&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=3801&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1563794465&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=3801&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 11:47:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=06BABE054A65F09D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dce8ee1fa8d1015fb532092abacc9359
169b07506a34587443ded2cb51fe798c9b3c9f97
62b436793a7f4f0171c15eac68dc2bf3c612349ef273d4c1d6d2d86a088d083f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:05:45 GMT
Expires: Tue, 29 Nov 2022 22:05:44 GMT
Etag: "169b07506a34587443ded2cb51fe798c9b3c9f97"
Cache-Control: max-age=382087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689ae280b41-OSL
tt.1468tu.com/58tu/405x204.gif
43.153.174.204301 Moved Permanently 166 B URL HTTP/1.1 tt.1468tu.com/58tu/405x204.gif
IP 43.153.174.204:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /58tu/405x204.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://tt.1468tu.com:1382/58tu/405x204.gif
Server: X-Y
ob699.cc/xxx12345.gif
45.153.131.58200 OK 20 kB IP 45.153.131.58:0
ASN #55933 Cloudie Limited
File type GIF image data, version 89a, 225 x 135\012- data
Hash 74f156899d26c1a1ef9108ee4023052d
3d2f15dc81ee27a7832947bbb59a7836ccc7f027
b9d31d39b1bcf37b577c5b74c1b8742819a003052d35cdc72e829143e96f29f0
GET /xxx12345.gif HTTP/1.1
Host: ob699.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: image/gif
Content-Length: 19781
Last-Modified: Sat, 01 Oct 2022 06:45:45 GMT
Connection: keep-alive
ETag: "6337e219-4d45"
Expires: Sun, 25 Dec 2022 11:47:36 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 66d4aa039dadf48328acbaa40aff2009
242dea3a5347e0ce3493e61468c58fd74cfda635
85ee627c065662eb96ee9a71b8344f9deae61fd62782dd831913461fb4128a1c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 04:16:55 GMT
Expires: Thu, 01 Dec 2022 04:16:54 GMT
Etag: "242dea3a5347e0ce3493e61468c58fd74cfda635"
Cache-Control: max-age=490757,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689a9471c16-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dce8ee1fa8d1015fb532092abacc9359
169b07506a34587443ded2cb51fe798c9b3c9f97
62b436793a7f4f0171c15eac68dc2bf3c612349ef273d4c1d6d2d86a088d083f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 22:05:45 GMT
Expires: Tue, 29 Nov 2022 22:05:44 GMT
Etag: "169b07506a34587443ded2cb51fe798c9b3c9f97"
Cache-Control: max-age=382087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689ae331c0a-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a8ccf5b571c6c3ad33c7a00dc73cee15
d5099be07a28dc4ace29ed48f4a542900e25f153
4e067cf255c6b3d102931f21894775dafb9e8c425e1fe13fe6602f4b3c7d2207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:19:40 GMT
Expires: Wed, 30 Nov 2022 03:19:39 GMT
Etag: "d5099be07a28dc4ace29ed48f4a542900e25f153"
Cache-Control: max-age=400922,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689aaa5b50c-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c43cd7eff889c7574c754fcecd2118fe
7c8118b4e27d144f96f375ae985e1676223229a6
7eda225f9eff08db9385d8193069dee4799d31a987040c215fe130b8ddadce20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 03:31:13 GMT
Expires: Thu, 01 Dec 2022 03:31:12 GMT
Etag: "7c8118b4e27d144f96f375ae985e1676223229a6"
Cache-Control: max-age=488015,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa268afa6f1c16-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3bd62144364e8a26fc6f6f93ca1e97cd
277b931bbedd1937e0666778dfd3f037c70ff1fe
5b583d3275549f0781d6b139ae0bbc19622a0e5bbca2f0702fbf0990b43a753e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6431
Cache-Control: max-age=137948
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:36 GMT
Etag: "63800a15-118"
Expires: Sun, 27 Nov 2022 02:06:44 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 62e1241d2f892dd0358d10bc58897543
c429bc925e26bdc1cfbf8f061c092437c2f980da
d31cf74ba322eae9cf783734a4716069a07df3d8afa6f644925ade3cb7200750
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 08:52:33 GMT
Expires: Tue, 29 Nov 2022 08:52:32 GMT
Etag: "c429bc925e26bdc1cfbf8f061c092437c2f980da"
Cache-Control: max-age=334495,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2689a8f50b4d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3bd62144364e8a26fc6f6f93ca1e97cd
277b931bbedd1937e0666778dfd3f037c70ff1fe
5b583d3275549f0781d6b139ae0bbc19622a0e5bbca2f0702fbf0990b43a753e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6431
Cache-Control: max-age=137948
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:36 GMT
Etag: "63800a15-118"
Expires: Sun, 27 Nov 2022 02:06:44 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdb957248ee69ab7d924620a3e4712af
b72d955c710a36c92789cfe3fb9d03bcd011bc13
c9e0e166fcfaaf0b95b0608e39efc77ebb5acf3173457615fcbf690674603296
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9E0E166FCFAAF0B95B0608E39EFC77EBB5ACF3173457615FCBF690674603296"
Last-Modified: Fri, 25 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11392
Expires: Fri, 25 Nov 2022 14:57:28 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1705208833&si=f7d4e84c906d7aa1319b3083e404a089&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1705208833&si=f7d4e84c906d7aa1319b3083e404a089&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1705208833&si=f7d4e84c906d7aa1319b3083e404a089&v=1.3.0&lv=1&sn=3798&r=0&ww=1280&u=http%3A%2F%2Fwww.wordpressexample.com%2Findex.php%3Fauthor%3D1.&tt=%E9%82%A3%E6%9B%B2%E5%B4%AD%E8%8F%8F%E7%94%B5%E5%AD%90%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 25 Nov 2022 11:47:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=E15E4771031A99D7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
104.18.2.36200 OK 24 kB URL HTTP/2 imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
IP 104.18.2.36:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2ca0538b0b77324a38cf2b74f16cb6fe
0ef6374accaaedf856fe2532b8001519894e7fbf
2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4
GET /ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:36 GMT
content-type: image/webp
content-length: 24176
cf-ray: 76fa268b8eeab51e-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfECSi5uQ1bVzCSelFGwcyrA"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=855 c=1+45 v=2022.10.4 l=24176
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
104.18.2.36200 OK 309 kB URL HTTP/2 imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
IP 104.18.2.36:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 309 kB (308789 bytes)
Hash 799d622d8489838225bdf632d1ae4095
4f6c51fcc2b138919eaffddb4e0552eccd639540
ef6eca5519381348b80b5a594d9463237e5df4c5d94f91690ec0caebb61931c8
GET /ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:36 GMT
content-type: image/gif
content-length: 308789
cf-ray: 76fa268bbf25b51e-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cf7jj0DExcr4Eulp_4fW43VFQZ8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
cf-images: internal=ok/- q=0 n=515 c=29+582 v=2022.11.4 l=308789
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
warning: cf-images 299 "original is 182253B smaller"
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f8e8ead073e427c1bbe82d750fb5ad4d
f78d61e482ca3694f02e5b09974acf5dec4ac5ef
57964cddbd17a258fc0cb60ffa508f82e9f5160ef1a4848bfeb834e007576f5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57964CDDBD17A258FC0CB60FFA508F82E9F5160EF1A4848BFEB834E007576F5A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=890
Expires: Fri, 25 Nov 2022 12:02:26 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04aaff5e66d8b66fffa155d352b7673c
95746ed5e962b2880e63e31154869efcc3317581
3e37c0490f85e3391d9513599ae2df2cd25acdb994de1ffa1eb76fb2635de2b5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3E37C0490F85E3391D9513599AE2DF2CD25ACDB994DE1FFA1EB76FB2635DE2B5"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15700
Expires: Fri, 25 Nov 2022 16:09:16 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be0348371bc6a916b7f40ec39bde9853
5dc3bfed8a23520b9402aec1d8d52271d5d81d22
ce741063521a98582bab21caac2262f66fee79331ca69fecdf211c958acbf0a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE741063521A98582BAB21CAAC2262F66FEE79331CA69FECDF211C958ACBF0A9"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17287
Expires: Fri, 25 Nov 2022 16:35:43 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b999ac9e1fb33bb58afca6c67d7fe5b
f85f13b2e6382937e2fdc3e50ec720ca7da8b7f6
8b0bf7b415e81c1941c072dc7155e69c244e1420799f2b7755ba68d516072cba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B0BF7B415E81C1941C072DC7155E69C244E1420799F2B7755BA68D516072CBA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7483
Expires: Fri, 25 Nov 2022 13:52:19 GMT
Date: Fri, 25 Nov 2022 11:47:36 GMT
Connection: keep-alive
www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js
173.231.38.5200 OK 48 kB URL HTTP/2 www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js
IP 173.231.38.5:0
Hash 4aef439bee46c34a4d943ca4a54a7807
854e48652686a362f3cfebe92000d1b3c4a5765c
cf7a25c33da65de9a6970153d89ed6b2c0f61ba3d7c3b0fbdf29cc6de24c65e2
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 15:57:59 GMT
vary: Accept-Encoding
etag: W/"63765a07-520"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d8efdd41b8040a8ac3fb7ae891d1d54
3eb9674f12bbfe098808b7011f6867a25e4f5885
85b45ec330e2f9aad9e5d67855495625c60bcc71cd94ff5759453e06fb1104ea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85B45EC330E2F9AAD9E5D67855495625C60BCC71CD94FF5759453E06FB1104EA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9416
Expires: Fri, 25 Nov 2022 14:24:33 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:36 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 05f5b7b5e017e038a4a30b685d869cf0
d0bd2cc39d852d86a444a81b4933713bb33aade0
119c0de44c498bd3b9f87d9c7210f447e88abe562142ec87d8c056af28ef4c7d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 09:26:07 GMT
ETag: "d0bd2cc39d852d86a444a81b4933713bb33aade0"
Last-Modified: Fri, 25 Nov 2022 09:26:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1257
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa268c89250b61-OSL
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:36 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bd05065a53ad0b467e08bebaf080c1ef
f2bf98c511ebe6ffb73c751082a8cc984cd04d30
b6816ab715ba62a2b29ed985297a1d33b27a4c3653a5a9c575fb2097c80f76df
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 04:32:08 GMT
Expires: Tue, 29 Nov 2022 04:32:07 GMT
Etag: "f2bf98c511ebe6ffb73c751082a8cc984cd04d30"
Cache-Control: max-age=318870,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa268a2e920b41-OSL
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/zuha4gbiiyb1356zuha4gbiiyb015212.jpg
172.67.28.138200 OK 4.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/zuha4gbiiyb1356zuha4gbiiyb015212.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c32d6711e95babf7cdabd2618f4cdbef
97918517d83573eacda8e86a020ef373f5b3231f
5693e3c9d54b536060ea790c49a1ed484c7863c1d563e22bbe937bb11d419658
GET /upload/vod/2022/11-25/13/zuha4gbiiyb1356zuha4gbiiyb015212.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 3992
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6328
content-disposition: inline; filename="zuha4gbiiyb1356zuha4gbiiyb015212.webp"
etag: "638058f1-18b8"
last-modified: Fri, 25 Nov 2022 05:56:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda780af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
172.67.28.138200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 174c271fbd41b05e66270e9f781e8dc1
6f7b0f3b4e5527db1c55921da243ce6318be9e85
20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf
GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 4468
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6775
content-disposition: inline; filename="gfovojapyyj0913gfovojapyyj2322533.webp"
etag: "5dc4c133-1a77"
last-modified: Fri, 08 Nov 2019 01:13:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda7b0af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash b022836144761d53fd172695cd436216
71dd9ccacd6072c9aeab040b290e151ff01e8d02
6e559b55fe38655bb5668daa0fd7125e23e6924d3562f7144e7fc7600bb41918
GET /upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/jpeg
content-length: 11122
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11646, status=webp_bigger
etag: "5dc4d015-2d7e"
last-modified: Fri, 08 Nov 2019 02:16:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa268cda7e0af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/flvtdlipkzo1356flvtdlipkzo065222.jpg
172.67.28.138200 OK 5.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/flvtdlipkzo1356flvtdlipkzo065222.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 91f36a4d8e8f31da957a80484700665f
08f11c6d7f13bbaad178ce2a4301a921f086e6ac
30541e98d358e976678ad35d1e286e9c74af2a3e8971192168189239acfe1ef3
GET /upload/vod/2022/11-25/13/flvtdlipkzo1356flvtdlipkzo065222.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5236
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7514
content-disposition: inline; filename="flvtdlipkzo1356flvtdlipkzo065222.webp"
etag: "638058f6-1d5a"
last-modified: Fri, 25 Nov 2022 05:56:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda7f0af6-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 070adce81a19d67670b68786d54b23d0
80638373c4e6f5888f72e66e68aa7a0838087ea2
38368231281f2c45700735de8e2349ead573925d7474122994a354c9dc0eab6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38368231281F2C45700735DE8E2349EAD573925D7474122994A354C9DC0EAB6D"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9878
Expires: Fri, 25 Nov 2022 14:32:15 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
172.67.28.138200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81267f0dd2a21a97169d2dff3bb67578
ec4b5545c42d0a756a2c5304979385195727d80f
d2ccc3a3f54595284db2b42186999635433f6d4beab91a1ca15d54a8bbc51de2
GET /upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 8224
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9431
content-disposition: inline; filename="5uhe5rvsnvm10155uhe5rvsnvm1724067.webp"
etag: "5dc4cfb5-24d7"
last-modified: Fri, 08 Nov 2019 02:15:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda750af6-OSL
X-Firefox-Spdy: h2
kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvhkkk.top/7546c860e55fa3bf22e5cd95994dd097.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ljkil2ax1mm1356ljkil2ax1mm075226.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ljkil2ax1mm1356ljkil2ax1mm075226.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 3a80c4daf67aed258e3532710555d26b
a247cb3f4189848cfe4f1054aa640b7939bc084b
026ed47200fe59a2685daa7ad6e63a0f2c11b2e3f1f72772b210302b243d3fba
GET /upload/vod/2022/11-25/13/ljkil2ax1mm1356ljkil2ax1mm075226.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/jpeg
content-length: 10317
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10742, status=webp_bigger
etag: "638058f8-29f6"
last-modified: Fri, 25 Nov 2022 05:56:08 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa268cda880af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/vyzzlmq42hb1356vyzzlmq42hb025214.jpg
172.67.28.138200 OK 5.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/vyzzlmq42hb1356vyzzlmq42hb025214.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3c22d1ff3bafd5c323827bdafdc918cc
d10dd261c0b6fa17a0d6400ea0316fc01439a1c4
c2110723ccd89a21cd1376c8fa3da40697b1dc06d091e20834fab65ebdc25297
GET /upload/vod/2022/11-25/13/vyzzlmq42hb1356vyzzlmq42hb025214.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5244
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7402
content-disposition: inline; filename="vyzzlmq42hb1356vyzzlmq42hb025214.webp"
etag: "638058f2-1cea"
last-modified: Fri, 25 Nov 2022 05:56:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda840af6-OSL
X-Firefox-Spdy: h2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvhkkk.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q3je3gx1uhj1356q3je3gx1uhj055220.jpg
172.67.28.138200 OK 7.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q3je3gx1uhj1356q3je3gx1uhj055220.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c034ed261bc1e5168cf2d8c0fd4f706f
530065a905f58ad684c94d55846c7358a75087e0
ceb33fbb4bfa2d6ef992f28d25e5537d8a2c1acb95dd297acd8c5a3617ce8301
GET /upload/vod/2022/11-25/13/q3je3gx1uhj1356q3je3gx1uhj055220.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 7470
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8694
content-disposition: inline; filename="q3je3gx1uhj1356q3je3gx1uhj055220.webp"
etag: "638058f5-21f6"
last-modified: Fri, 25 Nov 2022 05:56:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda890af6-OSL
X-Firefox-Spdy: h2
kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/qnmpazoreer1356qnmpazoreer045218.jpg
172.67.28.138200 OK 6.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/qnmpazoreer1356qnmpazoreer045218.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 41b27eefaf8e3bae4144ddcf1ffd72fd
7289c6083a81b41245c503323d68459de9535dc9
88969b8192cfac4f99c53132142409935cda7d20550765b4fc9e8c3dc8070120
GET /upload/vod/2022/11-25/13/qnmpazoreer1356qnmpazoreer045218.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6870
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9082
content-disposition: inline; filename="qnmpazoreer1356qnmpazoreer045218.webp"
etag: "638058f4-237a"
last-modified: Fri, 25 Nov 2022 05:56:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8a0af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
172.67.28.138200 OK 5.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 187a056e67fd5cb46bc7c783f9a9fdac
4ee4e1bf29186fa2c4d5373fe121a6a6031a8737
a02fab7d850232b8f4fb9bc943a441566f738d0d56012f677f5f32d847bdc171
GET /upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5568
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6690
content-disposition: inline; filename="2omtifvgwvo16482omtifvgwvo282149.webp"
etag: "6349225c-1a22"
last-modified: Fri, 14 Oct 2022 08:48:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda860af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/siwkm0nzqjn1356siwkm0nzqjn125236.jpg
172.67.28.138200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/siwkm0nzqjn1356siwkm0nzqjn125236.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6f3d8fe5a3f14b8fee3d30beca60c5fc
c6b2378caf81769dbd6094bf41f8dca6ba0bed74
6454f66dd530ddb45b942ff5fc960f992181f3810887b79f49662ddf8c8cd09d
GET /upload/vod/2022/11-25/13/siwkm0nzqjn1356siwkm0nzqjn125236.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6672
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7870
content-disposition: inline; filename="siwkm0nzqjn1356siwkm0nzqjn125236.webp"
etag: "638058fc-1ebe"
last-modified: Fri, 25 Nov 2022 05:56:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8b0af6-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3256c7d72f0a4494f2605104cae6ad6c
ceaff749b7a335a8505ae74153570578fc6941e2
bbfb61d0016d8f163810c6edf369362ed7b0683124d4fd4e0f7361ecaea356ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=142647
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:37 GMT
Etag: "63803590-1d7"
Expires: Sun, 27 Nov 2022 03:25:04 GMT
Last-Modified: Fri, 25 Nov 2022 03:25:04 GMT
Server: nginx
Content-Length: 471
200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
23.224.61.222200 OK 57 kB URL HTTP/1.1 200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
IP 23.224.61.222:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[*0*], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data
Hash 61b977b3527d7c0e27e2af877b5a5c59
4a1f0beee6c8215da2bfda76b5f1c87d62925bfc
945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff
GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1
Host: 200.benbenys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:36 GMT
Server: Apache
Expires: Sun, 25 Dec 2022 11:47:36 GMT
Pragma: cache
Cache-Control: max-age=2592000
Upgrade: h2
Connection: Upgrade, close
Content-Length: 57375
Content-Type: image/jpeg
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ayblf4jkvjm1356ayblf4jkvjm105232.jpg
172.67.28.138200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/ayblf4jkvjm1356ayblf4jkvjm105232.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8f6bba11d01650b6be831dbbbd9049be
4e1ee5afdd2be49e29cf2073b92bc1b5cf859102
d6179215b68cc350bf8965ab2986ac2882697ee711f33764b04ec553e126ac48
GET /upload/vod/2022/11-25/13/ayblf4jkvjm1356ayblf4jkvjm105232.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 7688
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8984
content-disposition: inline; filename="ayblf4jkvjm1356ayblf4jkvjm105232.webp"
etag: "638058fa-2318"
last-modified: Fri, 25 Nov 2022 05:56:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda870af6-OSL
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2a3ca36ae67fadb9bb104a0bdff33f40
0026246dd49b411842f772d4eccbecce5fa44128
58bcfde5dd7f452ce106dd714c5b239bebdf8bdda928b7d3a3adf6883a8cc31f
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 11:47:37 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:04 GMT
ETag: "638009f8-1d7"
Expires: Sun, 27 Nov 2022 00:19:04 GMT
Cache-Control: max-age=131487
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669376857
Via: cache8.l2de2[189,189,200-0,M], cache8.l2de2[190,0], cache3.se1[212,212,200-0,M], cache3.se1[214,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 11:47:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716693768569628288e
i.ibb.co/tL26d3m/240x140.gif
162.19.58.160404 Not Found 1.0 kB URL HTTP/2 i.ibb.co/tL26d3m/240x140.gif
IP 162.19.58.160:0
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /tL26d3m/240x140.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 07570daf9d11b9b8b8357b089ad60a5a
1e0c563991e0918f538182a887165bf2fd225b80
8f7ff4d51ecb7edcdefc1d6d0aa80e6774d0bd665b2d0f6bcbeaa4b40acbef60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:37 GMT
Etag: "6380018c-117"
Server: ECS (amb/6BAB)
Content-Length: 279
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/j5igkkrtdfc1356j5igkkrtdfc035216.jpg
172.67.28.138200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/j5igkkrtdfc1356j5igkkrtdfc035216.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5745e616dd38808c0425a269e61b05ae
d58d51a8f7baca857224f3686f6c9e810534e5ed
75f3285518d70b028b15f5424e165f53bdfe717c963054017c89df0632497b2e
GET /upload/vod/2022/11-25/13/j5igkkrtdfc1356j5igkkrtdfc035216.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 4486
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6359
content-disposition: inline; filename="j5igkkrtdfc1356j5igkkrtdfc035216.webp"
etag: "638058f3-18d7"
last-modified: Fri, 25 Nov 2022 05:56:03 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8e0af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/o3n100jgfy41356o3n100jgfy4085228.jpg
172.67.28.138200 OK 6.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/o3n100jgfy41356o3n100jgfy4085228.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf69a6d78ee1e30a8c97df7cd674d99e
9ecbf0fc89db78954428b4907456ff7e5a7cd244
0c6dd97843c01c2e4cfebff9c34e98575dc7919822f486694e33459194568903
GET /upload/vod/2022/11-25/13/o3n100jgfy41356o3n100jgfy4085228.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6006
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8669
content-disposition: inline; filename="o3n100jgfy41356o3n100jgfy4085228.webp"
etag: "638058f8-21dd"
last-modified: Fri, 25 Nov 2022 05:56:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8c0af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/oaweu1apnap1356oaweu1apnap075224.jpg
172.67.28.138200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/oaweu1apnap1356oaweu1apnap075224.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e88ed40a8c5658e34c4b24468eb90090
2b225f93e3bb9826b65574d1582d420b9bee2590
6bfd5b117f2d507b861d0c18fdbb1112379e451417d3ee51746f7ef8dcd91787
GET /upload/vod/2022/11-25/13/oaweu1apnap1356oaweu1apnap075224.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6134
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8540
content-disposition: inline; filename="oaweu1apnap1356oaweu1apnap075224.webp"
etag: "638058f7-215c"
last-modified: Fri, 25 Nov 2022 05:56:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1221
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda820af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/jxltqszym4w1356jxltqszym4w115234.jpg
172.67.28.138200 OK 5.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/jxltqszym4w1356jxltqszym4w115234.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f35875af5e31dbb593e014fcd061bcec
459d4a85dfdbfdf49db8cdb4c99caf12664d39a9
f5268c4c28142eb2d9175c15a75ecb3b7a5a9608f9434a06731bc2e7516ff9b3
GET /upload/vod/2022/11-25/13/jxltqszym4w1356jxltqszym4w115234.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5580
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6754
content-disposition: inline; filename="jxltqszym4w1356jxltqszym4w115234.webp"
etag: "638058fb-1a62"
last-modified: Fri, 25 Nov 2022 05:56:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8f0af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
172.67.28.138200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash faf004bc3a9c3aeedccee94f15c2c8f1
024c98c2cc5fd5abbe46d5376bdf741e0171c231
eeb5f28ef9f96e895253e6ef6dc0fa08e0972cf85cf301af709b943f1af8868d
GET /upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 5660
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6650
content-disposition: inline; filename="v5mpxydlmyj1112v5mpxydlmyj341679.webp"
etag: "6371b223-19fa"
last-modified: Mon, 14 Nov 2022 03:12:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda850af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/anitywmvnmi1356anitywmvnmi135238.jpg
172.67.28.138200 OK 6.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/anitywmvnmi1356anitywmvnmi135238.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2f0ec0c3bf644e72dcbfcb8d14e02ea1
4553d5489822e369a291e9c952a3b3c1ffa9f152
01ad7825992981c3a01023249462883e24fa6a97382e66232060240b6c8d143a
GET /upload/vod/2022/11-25/13/anitywmvnmi1356anitywmvnmi135238.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6290
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8693
content-disposition: inline; filename="anitywmvnmi1356anitywmvnmi135238.webp"
etag: "638058fd-21f5"
last-modified: Fri, 25 Nov 2022 05:56:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268cda8d0af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
172.67.28.138200 OK 14 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c814bbc877c9b41935908734d76b7778
7ba4a76ea6941ff9b06fff0ecadfd0abb64d719d
df93a1cb47f111b26f72ee2597416438f133ced23a03a767216497c5b258b7d5
GET /upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/jpeg
content-length: 14387
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15124, status=webp_bigger
etag: "5e11cf7d-3b14"
last-modified: Sun, 05 Jan 2020 11:58:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa268e1bfe0af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg
172.67.28.138200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 470fbc0b663330b5a2fd1c629f26c7a1
8e259d89553d796f1c8fe0d0592a390242787384
b7169cb05b7a76be7d7151047de2f729af659bb75e5bd953edc027b18eebd78d
GET /upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 8502
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9636
content-disposition: inline; filename="bv24ubfd0w11334bv24ubfd0w1463373.webp"
etag: "6379bc76-25a4"
last-modified: Sun, 20 Nov 2022 05:34:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268e2c010af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
172.67.28.138200 OK 9.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8fe9c506b4edb32a653396705f3120a6
d2eff7b1c1bfac9c1cd04ffece89fde07b0dd470
4d9d1369feeb7d7d6e3739aaf443da227b4ac00931eba3fa2fc46aba24960ae0
GET /upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 9504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10345
content-disposition: inline; filename="voxkidqmc5v1447voxkidqmc5v04679.webp"
etag: "6350eee8-2869"
last-modified: Thu, 20 Oct 2022 06:47:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268e2bff0af6-OSL
X-Firefox-Spdy: h2
acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif
104.21.33.100200 OK 158 kB URL HTTP/2 acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif
IP 104.21.33.100:0
File type GIF image data, version 89a, 500 x 300\012- data
Size 158 kB (158376 bytes)
Hash 55574ea2b72e2fbe45871f66165442a8
7fd461a708c87486335dde3e12740c188af0facd
005f42b2004591c7bdb51b40cab0711f489c32bb10ddc2061c5c48469fd769a0
GET /30e6eb2de3e8d7da7879e39548fdfe92.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 158376
last-modified: Mon, 02 May 2022 19:18:16 GMT
etag: "62702e78-26aa8"
expires: Mon, 12 Dec 2022 14:19:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1114097
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyAio3hJpMtSHF%2FkaIl1t1D4yOttCyqAugOzgtLCNFamCe6pW72cC9PLZOKUNRsCXbh63NG7ZNHrHoaY39Zg63oTgd2J3PpywIL5uRElM4KyNf1xB0MH3cTJcoHWvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa268e382db503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg
172.67.28.138200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4858cbdc894b0a591319a947ff5d5db3
e01e4efdccc57ae3baf8f24a10dd9a726904f766
da1e76bdee447c2fc67b2da81b4067947f4cee2798ecf0903f16d9fb10b64c81
GET /upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 7200
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8578
content-disposition: inline; filename="q2aftvnkn2q1356q2aftvnkn2q145240.webp"
etag: "638058fe-2182"
last-modified: Fri, 25 Nov 2022 05:56:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268e2c020af6-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/rjt440xdpw11356rjt440xdpw1095230.jpg
172.67.28.138200 OK 6.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/rjt440xdpw11356rjt440xdpw1095230.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a74bf9aeb21338e364e6e407b908591a
9e85c72d1bc49a27ab5b4db7720293b4fb5b62a8
4dd6f4c4f741d4240c7ace849216eefa2299fde27416f2b6a47b7f79e81614b2
GET /upload/vod/2022/11-25/13/rjt440xdpw11356rjt440xdpw1095230.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/webp
content-length: 6776
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8884
content-disposition: inline; filename="rjt440xdpw11356rjt440xdpw1095230.webp"
etag: "638058f9-22b4"
last-modified: Fri, 25 Nov 2022 05:56:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5900
accept-ranges: bytes
server: cloudflare
cf-ray: 76fa268e2c040af6-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f24ee62a555427afbc961016ab487183
00472f915f2517e283ca3530c3f40e6165e8131a
04dd84da6733073975eb479a58e829244499898496957f1a4d0fe464a9c6cfc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04DD84DA6733073975EB479A58E829244499898496957F1A4D0FE464A9C6CFC1"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Fri, 25 Nov 2022 17:47:21 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif
103.170.15.91200 OK 113 kB URL HTTP/1.1 339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif
IP 103.170.15.91:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Size 113 kB (113076 bytes)
Hash 293a0887f1ab0b9517c19b77d51626dd
74adbd76d248f6cfc5cffdfaaaaaf942b69b080b
e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb
Analyzer Verdict Alert quad9 Sinkholed
GET /47a7724b974a47a0a7ff9b1c9af7a26c.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b942d-1b9b4"
Date: Mon, 21 Nov 2022 10:24:19 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:34:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 113076
www.jxys12.xyz/template/m1938pc/static/css/mm-content.css
173.231.38.5200 OK 281 kB URL HTTP/2 www.jxys12.xyz/template/m1938pc/static/css/mm-content.css
IP 173.231.38.5:0
Size 281 kB (281085 bytes)
Hash ab75de15661f8a2d3026f8f79441edeb
0eed11a2bb08fd88bdcdfcad7907f12baa54101c
bbde0be338344290b22086178e2e34af5444daa96dd29ebb4407cb49bac629a9
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=587537,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa268e589bb4e8-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 87e87b075c2fc5ef989ca520aee4e62d
459c1518d42924e67954f633622ee1581b4fb5d2
b9c3d040d7dd66d2a01c2db68ee2f137d6ec60ec8a408c94f00d062cacfeb47d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9C3D040D7DD66D2A01C2DB68EE2F137D6EC60EC8A408C94F00D062CACFEB47D"
Last-Modified: Wed, 23 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5257
Expires: Fri, 25 Nov 2022 13:15:14 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3143
Cache-Control: max-age=125989
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:37 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 22:47:26 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 3c802933cbcc9e541e2f677ea7d32465
189b12dcbf7a957d0808bed1b7738abe5fdcf31a
b48a53359186928285167549c54fbcf2033d0971441aa57de3f59561626dae95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3295
Cache-Control: max-age=126141
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:37 GMT
Etag: "637fe837-2d7"
Expires: Sat, 26 Nov 2022 22:49:58 GMT
Last-Modified: Thu, 24 Nov 2022 21:55:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 727
img.u1779.com/images/63523e155fe50f0585d3ef82.gif
91.199.87.220302 Found 420 kB URL HTTP/2 img.u1779.com/images/63523e155fe50f0585d3ef82.gif
IP 91.199.87.220:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 420 kB (420442 bytes)
Hash 7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
GET /images/63523e155fe50f0585d3ef82.gif HTTP/1.1
Host: img.u1779.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
cache-control: max-age=3600
X-Firefox-Spdy: h2
img.u1158.com/images/637f0b6b8d97bc67605fd8a2.gif
91.199.87.220302 Found 644 kB URL HTTP/2 img.u1158.com/images/637f0b6b8d97bc67605fd8a2.gif
IP 91.199.87.220:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 644 kB (644516 bytes)
Hash 6f4d0e5c73acef4297be21786b04ec66
b585f8035533ae8f2e026816a8541f41c1531a61
bc7cc9d3368c6dad22e3ab42ed2ace33d4f111f651cb7e8460377d5c62cb00b7
GET /images/637f0b6b8d97bc67605fd8a2.gif HTTP/1.1
Host: img.u1158.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9f72c309b4cd48799e412b9020cada94
cache-control: max-age=3600
X-Firefox-Spdy: h2
3p8801.co/yy-960x60.gif
142.0.131.26200 OK 37 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644
GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Sun, 25 Dec 2022 11:47:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 2a3ca36ae67fadb9bb104a0bdff33f40
0026246dd49b411842f772d4eccbecce5fa44128
58bcfde5dd7f452ce106dd714c5b239bebdf8bdda928b7d3a3adf6883a8cc31f
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 25 Nov 2022 11:47:37 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:04 GMT
ETag: "638009f8-1d7"
Expires: Sun, 27 Nov 2022 00:19:04 GMT
Cache-Control: max-age=131487
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669376857
Via: cache26.l2de2[491,490,200-0,M], cache26.l2de2[492,0], cache2.se1[514,514,200-0,M], cache2.se1[515,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 25 Nov 2022 11:47:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616693768569625329e
img.8961x.com/images/636ce2e7c474e9c06ec29f97.gif
91.199.87.220302 Found 366 kB URL HTTP/2 img.8961x.com/images/636ce2e7c474e9c06ec29f97.gif
IP 91.199.87.220:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 366 kB (366541 bytes)
Hash c9e86d7a56b581cc32a6a4380112c0ce
0d35256c35a6f9a4716ae254265428d2f4240c87
5870de497beb45d424d67b39a4aaa841f675d3162780e738bcc26e8ca3e81fc2
GET /images/636ce2e7c474e9c06ec29f97.gif HTTP/1.1
Host: img.8961x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/1b727001ad56443ca4304cac0d25f37a
cache-control: max-age=3600
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
47.246.44.227200 OK 562 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 562 kB (561802 bytes)
Hash 6992b4cd488bb4437ec954ab09a3fa00
e41fc5970be04ab5801e80ce785ff0832b305793
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
GET /obj/tos-cn-i-dy/bbaa49fcf77e479f9ee04ad8a1da75ae HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 561802
date: Wed, 23 Nov 2022 18:17:58 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 23 Nov 2022 09:43:01 GMT
nw-session-id: 20221123174301010131136052464A87C3qsdgc03dy
nw-session-trace: 2022-11-23T17:43:01.694902751+08:00 92
x-bdcdn-cache-status: TCP_HIT
x-length: 561802
x-powered-by: ImageX
x-response-date: Wed, 23 Nov 2022 17:43:01 GMT
x-tt-logid: 20221123174301010131136052464A87C3
via: n150-053-221, cache9.l2de2[0,0,206-0,H], cache16.l2de2[0,0], cache16.l2de2[3,0], cache8.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc02:20:306::101
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01de7516b2be8a6c589dcb05e98f0ccb4f6b92a652c9eae433a3fd2c1a5c90af0b97726c0fe129406d127bf5700a608187a0c670a5c5ad3aa2fe89dda228ae09e1dd713c780a0352432c3386c21829dd51023f17bf2655687c66b54dc3cddef6d5
x-response-lb: image
ali-swift-global-savetime: 1669227478
age: 149379
x-cache: HIT TCP_MEM_HIT dirn:11:339660254 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 06:46:42 GMT
x-swift-cachetime: 31491076
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693768575357990e
X-Firefox-Spdy: h2
6937555.com/111/x11.gif
104.149.138.102200 OK 426 kB IP 104.149.138.102:0
File type GIF image data, version 89a, 393 x 262\012- data
Size 426 kB (425627 bytes)
Hash 8bae222affa48844776828e91737c9ea
3c24ae989fed8a463e723b513634d6c96416a8ca
203d9927c0f470cc1b9e2116f2ffc23d3ede6acbdd657fe66aa7874526f2b5a3
GET /111/x11.gif HTTP/1.1
Host: 6937555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 11:47:36 GMT
Content-Type: image/gif
Content-Length: 425627
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 11:21:10 GMT
ETag: "6332dca6-67e9b"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
si1.go2yd.com/get-image/0yFVWR9AM6k
163.171.140.79200 OK 140 kB URL HTTP/2 si1.go2yd.com/get-image/0yFVWR9AM6k
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 750 x 376\012- data
Size 140 kB (140259 bytes)
Hash 4125d9bf66b1a755f42abaea805ee9af
17232f64827beb19e2a717d1bdbf384b3e938249
d3c1b29a4d2c0fa6fc41d308d6c110eeb868276c2a74697766283838ebe1f732
GET /get-image/0yFVWR9AM6k HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 140259
x-application-context: application
x-kss-request-id: 42be03856f37421d8d1834ac0d22900d
etag: "4125d9bf66b1a755f42abaea805ee9af"
content-md5: QSXZv2axp1X0KrrqgF7prw==
last-modified: Mon, 28 Feb 2022 07:48:08 GMT
accept-ranges: bytes
server: KS3
age: 1
x-via: 1.1 PSbjwjBGP2vu136:9 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:10 (Cdn Cache Server V2.0), 1.1 PS-KHH-015lO119:3 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1se91:17 (Cdn Cache Server V2.0)
x-ws-request-id: 6380ab59_PShlamstdAMS1vj92_6927-7707
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif
103.170.15.72200 OK 359 kB URL HTTP/1.1 223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif
IP 103.170.15.72:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 359 kB (358672 bytes)
Hash 668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859
Analyzer Verdict Alert quad9 Sinkholed
GET /ddc7ee998e5442059a05a76f45a279b8.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63665362-57910"
Date: Sun, 20 Nov 2022 09:14:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 05 Nov 2022 12:13:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 358672
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 4f89fd1d467d19d5df2df23175974248
6be7ff6c5782109397a0cb49ed23425b1504ab7d
cc0725bc405237da0897a468975dba8af186f0c30c8ec5f1fd441bd3873dd01c
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 879e1610-5425-47bf-bfdb-97b5548ef03e
Content-Length: 1700
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 0681a9671b36d6c3b4529516d4fa2b98
7ad1abf3652b2c902f09d44657964a168beee52f
7746903161ac48daa79ba52bbf0fc90ea57f6fc78dd0387fe2d646302180b07c
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: e0394ba8-c079-492b-baff-2124c8fa70ed
Content-Length: 1700
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
339282bdb.com/e20f57018fba490b9af887342222147f.gif
103.170.15.91200 OK 553 kB URL HTTP/1.1 339282bdb.com/e20f57018fba490b9af887342222147f.gif
IP 103.170.15.91:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /e20f57018fba490b9af887342222147f.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b939b-86f72"
Date: Tue, 22 Nov 2022 21:20:58 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:32:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-21
Content-Length: 552818
362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
45.61.212.126200 OK 423 kB URL HTTP/1.1 362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
IP 45.61.212.126:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 423 kB (422791 bytes)
Hash bdeb53a7d3c2f219a7ae903a7346cd91
e5349fa31f22ce3605b9256c0a6e37def92b13b6
316319f597bb6dd3d686c46a51e67693243868108b798fa8174f8a124b6422b4
Analyzer Verdict Alert quad9 Sinkholed
GET /33f557d8ed124da9b6a2642dac638bcd..gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9147-67387"
Date: Sat, 19 Nov 2022 08:31:16 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:22:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-26
Content-Length: 422791
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede9d7df49a7e00d51c415d5022c7936
bf85e6580bf13510d145273c27b0ed7f35fd76a4
924dbbab8cfc5f6878c78e36b562723253fdcf06826fdab6bb4b2af6f5242e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "924DBBAB8CFC5F6878C78E36B562723253FDCF06826FDAB6BB4B2AF6F5242E4B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16109
Expires: Fri, 25 Nov 2022 16:16:06 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
3p8801.co/a-960x60.gif
142.0.131.26200 OK 49 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash bc918df261620170b7115cc2c1627bb9
59b4f2c3b1ae6fcc19becc440d212fa40cf3c15b
08f4f93ccef77488dbea402164b42335212bb9ecc09250f2d40d26f9dfe427db
GET /a-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 49174
last-modified: Sat, 12 Nov 2022 07:32:42 GMT
etag: "636f4c1a-c016"
expires: Sun, 25 Dec 2022 11:47:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif
103.170.15.72200 OK 670 kB URL HTTP/1.1 628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif
IP 103.170.15.72:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 150\012- data
Size 670 kB (669569 bytes)
Hash fb77824f7c4e9baba62da5b690a5c7b3
ab57e7f711d25f95c55d7d29aa282af565b4c428
e465f0dc2491c84d9be51ac6638bfcb16d43fd3c1b257bc64e0553f2fefe7528
Analyzer Verdict Alert quad9 Sinkholed
GET /fef6570cf2754141af2117d4ae96f801.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6379dc97-a3781"
Date: Wed, 23 Nov 2022 02:17:55 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 20 Nov 2022 07:51:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Length: 669569
5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
103.170.15.88200 OK 748 kB URL HTTP/1.1 5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
IP 103.170.15.88:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 120\012- data
Size 748 kB (748166 bytes)
Hash dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608
Analyzer Verdict Alert quad9 Sinkholed
GET /4aa44d1866a149878b6b79cadb7ab527.gif HTTP/1.1
Host: 5593qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63032a8a-b6a86"
Date: Fri, 25 Nov 2022 07:56:28 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 22 Aug 2022 07:04:42 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 748166
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 3a0d7727a38e14e81b456868b27c1f20
fa9b8861ce580fe29d01d9b7a860baab03231422
71e4de287267104c26294102a65cfed8b6d89491d4ef1383462976ece37a5417
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 09:49:52 GMT
ETag: "fa9b8861ce580fe29d01d9b7a860baab03231422"
Last-Modified: Fri, 25 Nov 2022 09:49:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2778
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa26912eca0b61-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 1bf6d92bc7a467a0de270afc58a19916
abedb693f7ad748c93df236f0adbe83ac9a3f847
3a05afdbd30da40825a64e7383804646549e751a96d46e32495a0485e8ddb2bf
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 16:05:52 GMT
Expires: Wed, 30 Nov 2022 16:05:51 GMT
Etag: "abedb693f7ad748c93df236f0adbe83ac9a3f847"
Cache-Control: max-age=446893,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26900df0fac0-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 4d1ec21768fc688c5c6e6cb06da48823
d93bd6d524182b73306ac976181735f35446104d
18a167d8d8c8286b50b86a0ea1611cadac3113c63aea47ab81520a645d95127e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:09:56 GMT
Expires: Fri, 02 Dec 2022 07:09:55 GMT
Etag: "d93bd6d524182b73306ac976181735f35446104d"
Cache-Control: max-age=587537,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa268e4ff50afe-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de84d1f0137fc671cea29600bc2eb1f1
57e0e910838a086a5ecceb27c929be65a04a785a
62cc5e66ef3ee45f97e6d81791ffdb7b12e19d7edaca1fc476eedaed26a007b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62CC5E66EF3EE45F97E6D81791FFDB7B12E19D7EDACA1FC476EEDAED26A007B5"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11375
Expires: Fri, 25 Nov 2022 14:57:12 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
zhibo128x.xyz/128/318X216.gif
154.83.25.141200 OK 90 kB URL HTTP/1.1 zhibo128x.xyz/128/318X216.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 318 x 216\012- data
Hash fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d
GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 11:47:07 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Wed, 30 Nov 2022 00:43:29 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42278ef7e6589af98c2423b75e7c46bd
caf43419f16b0946e0ff0c590096dd2b945e7b92
16aff9cc0c99e7ab1ce8918e332416be4e5daeda76ea2265849088dcba0caad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16AFF9CC0C99E7AB1CE8918E332416BE4E5DAEDA76EA2265849088DCBA0CAAD7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Fri, 25 Nov 2022 15:28:18 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42278ef7e6589af98c2423b75e7c46bd
caf43419f16b0946e0ff0c590096dd2b945e7b92
16aff9cc0c99e7ab1ce8918e332416be4e5daeda76ea2265849088dcba0caad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16AFF9CC0C99E7AB1CE8918E332416BE4E5DAEDA76EA2265849088DCBA0CAAD7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13241
Expires: Fri, 25 Nov 2022 15:28:18 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 969353902efb669fc05f2851f3b8eff6
5c02eb4c0b109f7946ae56edf12024ee0027ed00
135921e84af3643a7f0925c945aa75f79cfa9a4b42dc7b9c9ba3f3fc0579bf4c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 06:12:19 GMT
Expires: Thu, 01 Dec 2022 06:12:18 GMT
Etag: "5c02eb4c0b109f7946ae56edf12024ee0027ed00"
Cache-Control: max-age=497680,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2691df071c0a-OSL
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 917466831ca39bde3a9da509d2e4126a
a987d2aad0bf7ccb0a65653516a4eb3565b6bc91
c118cc90f9b2e115c7a6ec0417ac406c10f5f0a17880ecfe646612f8486a5741
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=318
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
X-N: S
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 4aed606ae977bb967faf4d089261d531
fd1d9064d9d60e37ef561243b3e11e02a63d5f9d
7e668f34f4c59999eed2d193f13df7d51ce1617d5507ab65b6bb95d89d5ee35e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 08:58:53 GMT
ETag: "fd1d9064d9d60e37ef561243b3e11e02a63d5f9d"
Last-Modified: Fri, 25 Nov 2022 08:58:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1313
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa2692385d0b61-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 57660d3bd5387ee6665ec15d709ea7fe
ac9b888400c9eaff9c3bb57fb2b8f07156e20854
f5d882027ce4a50f472caf1dbf1dadda9816a23fdea0dba9cdae92f4bb30ac23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5D882027CE4A50F472CAF1DBF1DADDA9816A23FDEA0DBA9CDAE92F4BB30AC23"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10877
Expires: Fri, 25 Nov 2022 14:48:54 GMT
Date: Fri, 25 Nov 2022 11:47:37 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 1115b0ae2aebbe7352f7ef7e8aaa6a0c
2f5436899ed4ffd81d19c90aae2b502ee6626b9b
91a5be6b81cdbd467018450ca9834ff443a673f356b25cef50111f5591ef8faf
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive
X-N: S
3p8801.co/11-960x60.gif
142.0.131.26200 OK 242 kB IP 142.0.131.26:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 242 kB (242091 bytes)
Hash b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Sun, 25 Dec 2022 11:47:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e188ce51b38e9805227d1a92d4c5225
0731d96f487b8d08cef458b9946fa01df18e7556
cf0ee8eda7572e2a907c4aaefb22cf8511ed845a313db050ac2518df07440964
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF0EE8EDA7572E2A907C4AAEFB22CF8511ED845A313DB050AC2518DF07440964"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15747
Expires: Fri, 25 Nov 2022 16:10:05 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2d4a90a58c676eaaf42e173ea529c226
c8a97ae20b3ecbb6d2109349f084eeaf17cb54ca
fb96426dc5e0afff3ca640a01875fe32c28e6d9f228c1813be002d86b05aee0f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 13:45:20 GMT
Expires: Wed, 30 Nov 2022 13:45:19 GMT
Etag: "c8a97ae20b3ecbb6d2109349f084eeaf17cb54ca"
Cache-Control: max-age=438460,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26926a151c16-OSL
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3bd62144364e8a26fc6f6f93ca1e97cd
277b931bbedd1937e0666778dfd3f037c70ff1fe
5b583d3275549f0781d6b139ae0bbc19622a0e5bbca2f0702fbf0990b43a753e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6433
Cache-Control: max-age=137948
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Etag: "63800a15-118"
Expires: Sun, 27 Nov 2022 02:06:46 GMT
Last-Modified: Fri, 25 Nov 2022 00:19:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:37 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
45.154.214.219301 Moved Permanently 162 B URL HTTP/2 kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
IP 45.154.214.219:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/0eddc09b941df608c7dbb65fd7344c05.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04aaff5e66d8b66fffa155d352b7673c
95746ed5e962b2880e63e31154869efcc3317581
3e37c0490f85e3391d9513599ae2df2cd25acdb994de1ffa1eb76fb2635de2b5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3E37C0490F85E3391D9513599AE2DF2CD25ACDB994DE1FFA1EB76FB2635DE2B5"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15698
Expires: Fri, 25 Nov 2022 16:09:16 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive
api.79zxcv.com/sh/328.js
18.141.190.97200 OK 463 B IP 18.141.190.97:0
File type ASCII text, with very long lines (463), with no line terminators
Hash 4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493
Analyzer Verdict Alert quad9 Sinkholed
GET /sh/328.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS
api.79zxcv.com/sh/317.js
18.141.190.97200 OK 463 B IP 18.141.190.97:0
File type ASCII text, with very long lines (463), with no line terminators
Hash 4ada6e293a75c07ce69d0e9aa7cabe73
a17400b9941f0fa71105caac6ce7e18eea16b7c9
28713f042f2f12e794b78e37bb403cfa5ac34f9ebff8e2da457f2eb16db5f493
Analyzer Verdict Alert quad9 Sinkholed
GET /sh/317.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 463
Connection: keep-alive
Server: Tengine
X-Cache-Status: MISS
fmlb.netlbtu.com/upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg
45.89.208.114200 OK 9.6 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f6d5cdf2907fb31c463cc373838d12d3
bbe5419ff8861df45fd2af60c585f9cbcc814a38
bb3f04b6f333f07ea6a77fb23d0e1d2bb6501708e8302004cd194f9cf2b917bd
GET /upload/vod/2019/11-08/07/v3e2zae5rwp0717v3e2zae5rwp3619110.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 9613
Last-Modified: Wed, 09 Nov 2022 11:41:27 GMT
Connection: keep-alive
ETag: "636b91e7-258d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg
45.89.208.114200 OK 7.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg
IP 45.89.208.114:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 0f1c4007154f75c35d75f408e001bc6a
64724f653ce003586c12680c0ede2638533b9404
ebe54255a4390cb473cf6c734a3dba31e94a9ade9d5b9443eb2e2c5ed46c4f3e
GET /upload/vod/2022/09-26/15/mus5q5uummd1516mus5q5uummd121842.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 7756
Last-Modified: Wed, 09 Nov 2022 11:40:43 GMT
Connection: keep-alive
ETag: "636b91bb-1e4c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg
45.89.208.114200 OK 8.0 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 94cce198be510e7dad60f740fbecec8c
8314c91f10f5ec38742b3780681e6cec16190d2e
59267bae18e01a3c0744581e1376c17fd507651854a3122056d887b4d9e66f0a
GET /upload/vod/2019/11-08/04/st05uwgco2v0407st05uwgco2v258917.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 8028
Last-Modified: Wed, 09 Nov 2022 11:40:36 GMT
Connection: keep-alive
ETag: "636b91b4-1f5c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg
45.89.208.114200 OK 14 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 8943af77fc234d1e4a935f8ff3007471
5316de2c0e183897735ae3f64ddc21172c9427bf
0bd345fe3484025bd9e72a45f52e661e91f606531c48f60f97a39f598187acad
GET /upload/vod/2022/09-30/13/f0lpycsk5tx1314f0lpycsk5tx502941.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 14304
Last-Modified: Wed, 09 Nov 2022 11:42:19 GMT
Connection: keep-alive
ETag: "636b921b-37e0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg
45.89.208.114200 OK 8.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 75a7a64965e27d7748ea85d184361d04
972f4b7ca8c0f8a58fddb4b87231dc475f01c13e
d6840d9c333a0f4780180bb8c686f50a01f687a2610684e9d396d49e6715b908
GET /upload/vod/2022/09-28/03/n2ty52knjb20337n2ty52knjb2332177.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 8829
Last-Modified: Wed, 09 Nov 2022 11:42:19 GMT
Connection: keep-alive
ETag: "636b921b-227d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg
45.89.208.114200 OK 5.1 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg
IP 45.89.208.114:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash b4fe691a1e1838c9f1478958a1755ecc
342f266ceede5184e9cc944325d5644aad9373cd
e16caff401e9c45407df43293ca846a805d8a8fa2893df39b000d5e76bdb4969
GET /upload/vod/2022/10-09/15/leriejuir1c1539leriejuir1c22519.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/jpeg
Content-Length: 5133
Last-Modified: Wed, 09 Nov 2022 11:40:16 GMT
Connection: keep-alive
ETag: "636b91a0-140d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2aee78ed2e3d7de1b2a7a2b23d097360
782463d3db74bbe0439feaf7c1fe18aa6f20aef7
72337b48ac80604e2338c6889fc2ffd9560062931e228fe1abc422e3312d9be9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96900
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Etag: "637f82de-117"
Expires: Sat, 26 Nov 2022 14:42:38 GMT
Last-Modified: Thu, 24 Nov 2022 14:42:38 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2aee78ed2e3d7de1b2a7a2b23d097360
782463d3db74bbe0439feaf7c1fe18aa6f20aef7
72337b48ac80604e2338c6889fc2ffd9560062931e228fe1abc422e3312d9be9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96900
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Etag: "637f82de-117"
Expires: Sat, 26 Nov 2022 14:42:38 GMT
Last-Modified: Thu, 24 Nov 2022 14:42:38 GMT
Server: nginx
Content-Length: 279
592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
45.61.212.121200 OK 580 kB URL HTTP/1.1 592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
IP 45.61.212.121:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 580 kB (580315 bytes)
Hash 1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
GET /ec0e8c2b5d2a4082a1acaceabcfca983.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba261-8dadb"
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:35:29 GMT
Accept-Ranges: bytes
X-Cache: MISS from cloud-us2-cdnb-21
Content-Length: 580315
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
104.21.55.74200 OK 524 kB URL HTTP/2 nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 325 x 143\012- data
Size 524 kB (523775 bytes)
Hash 2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Fri, 16 Dec 2022 18:59:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 751704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAofqgGP3KLkqbiGBzNFKc9sJhIaUJB4zoCa94gB1G2xx1bJqBvzHLBL%2FKlS0ZqxL9MuoaOSRmAF%2FMLeuoRRqqIDyeLZOb7M62ND1uLASxj9n%2ByNt6qdaPi9SYcS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa26940a36b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash f74db977ea7b6777a59ba4ebf080dd24
6037c8cce6f4eaf1969a664b82136c4b9f08c32e
4348fbd1f14d03e010dab6b8dd703626fff6d6110062fb1254898d7c2e9ef822
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 05:36:52 GMT
Expires: Tue, 29 Nov 2022 05:36:51 GMT
Etag: "6037c8cce6f4eaf1969a664b82136c4b9f08c32e"
Cache-Control: max-age=322752,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26944908fac0-OSL
pic.picnewsss.com/tu-2022290039/se-1.jpg
23.225.139.251200 OK 27 kB URL HTTP/2 pic.picnewsss.com/tu-2022290039/se-1.jpg
IP 23.225.139.251:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.98.100", baseline, precision 8, 638x378, components 3\012- data
Hash d7603dc1b229c08999abed67adb502ac
54c441cd973289db604c2ee8a9b7121616c1a871
b284bcf5f87ce6f498d8e3bc39b3fbd1300597553be3a0bd0414c78a6e2d835e
GET /tu-2022290039/se-1.jpg HTTP/1.1
Host: pic.picnewsss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/jpeg
date: Fri, 25 Nov 2022 11:15:57 GMT
etag: "1669375857"
expires: Sun, 25 Dec 2022 11:15:57 GMT
last-modified: Fri, 25 Nov 2022 11:30:57 GMT
server: nginx
x-cache: HIT, policy, memory
content-length: 26754
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cbcc471840270b19536a7385c435e090
6dc931336032d76c21f6b2136408f184b8005ffd
354b0163e71484d2bb42400be51f32f7cf3e4723e4f86ec9a3bdb4b104ac25da
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "354B0163E71484D2BB42400BE51F32F7CF3E4723E4F86EC9A3BDB4B104AC25DA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8597
Expires: Fri, 25 Nov 2022 14:10:55 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 00830cd9c198594ab9584700a3fa8b33
26672ecd71a9a3b8e762df907a7cb850ff9da8b6
348dd89bbfd495bad00ede7de45346d9c772db0dbc972a135ded670829097b60
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 16:39:34 GMT
Expires: Tue, 29 Nov 2022 16:39:33 GMT
Etag: "26672ecd71a9a3b8e762df907a7cb850ff9da8b6"
Cache-Control: max-age=362514,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26911e0db524-OSL
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
104.21.55.74200 OK 1.1 MB URL HTTP/2 nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP 104.21.55.74:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 936824
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAj7xPiR4uWwTJZoHnwqa5kcsqepaxJI5J3fRpAM%2Ffeaw0TGavEhe4ldHh2rxDmh9byYeKSyothertvLoWUQnNUaDDL3DBnzXOrJ6fD2WIKMGF8snUbIdCB4OyMD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa2694ab46b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif
45.61.212.120200 OK 62 kB URL HTTP/1.1 829355rff.com/f22c9bb27e174bb0b6dd1b2034189f8f.gif
IP 45.61.212.120:0
File type GIF image data, version 89a, 320 x 185\012- data
Hash a39609b18140975f8099754386591e3c
5758379628e0102c65a87bd04cbe5158e43a94b0
fcd1a2d3584bb5dd209871dca8cef09495c9b1a3651ee204f87319e9b4a670de
Analyzer Verdict Alert quad9 Sinkholed
GET /f22c9bb27e174bb0b6dd1b2034189f8f.gif HTTP/1.1
Host: 829355rff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba2a2-f205"
Date: Mon, 21 Nov 2022 00:05:45 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:36:34 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-20
Content-Length: 61957
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
20.189.126.154200 OK 212 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (211695 bytes)
Hash 0b39ec7c3e074e11a5629819f3aa4700
df59dbbb9d99b72d01f518d9c8484cd188440f0f
f89a04cd56e853388cad8b34084879771c6f49885033bb0a5c51402e60d468c8
GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 11:38:16 GMT
ETag: "1668166696"
Expires: Sun, 11 Dec 2022 11:38:16 GMT
Last-Modified: Fri, 11 Nov 2022 11:38:16 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
20.189.126.154200 OK 212 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (212163 bytes)
Hash 14c76e87c5da9f7226cf412026035c9d
a6cbebd6fd70a1975c7900dbacea379c7722bf94
b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4
GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
20.189.126.154200 OK 258 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 258 kB (257993 bytes)
Hash 038ba2e11d90524678f7762f4628513f
a41054637ff263d13570f7eec83a3286957edc80
51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71
GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
20.189.126.154200 OK 245 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (245365 bytes)
Hash 15b01b59267acae7726f30675e79d8bf
7449390411869cdc7b1b4ae6bee7e4fb7e893675
3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d
GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:19 GMT
ETag: "1667494399"
Expires: Sat, 03 Dec 2022 16:53:19 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:19 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7a8daad4ab6e765df1af9dd1c0eb2da5
0a17bb68661cccb2714b7b98d0f7b8df1b700cb4
cfa1ebd1b22eeb6cb79139c1d465de12da2f0e1a3f050ecce2fd0a90656c7fae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 01:44:18 GMT
Expires: Fri, 02 Dec 2022 01:44:17 GMT
Etag: "0a17bb68661cccb2714b7b98d0f7b8df1b700cb4"
Cache-Control: max-age=567998,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2693d8410b41-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
47.246.44.227200 OK 358 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 440 x 240\012- data
Size 358 kB (358276 bytes)
Hash 40b26808b7743791705f32cf49aa84d0
4ad6b4a4aea098d64566cb7d1efe401821890591
091c7316fb23f6614d103255be50c63bcb15e04c3dc5c3574456acedf9977d43
GET /obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 358276
date: Fri, 21 Oct 2022 06:41:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:37:28 GMT
nw-session-id: 20221021143728010175136074453D5CBFz8wd402dy
nw-session-trace: 2022-10-21T14:37:28.551011358+08:00 71
x-bdcdn-cache-status: TCP_HIT
x-length: 358276
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:37:28 GMT
x-tt-logid: 20221021143728010175136074453D5CBF
via: n204-098-037, cache6.l2de2[0,0,206-0,H], cache14.l2de2[4,0], cache14.l2de2[5,0], cache1.se1[0,0,200-0,H], cache4.se1[2,0]
x-request-ip: fdbd:dc01:25:80::214
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 0117853d8cc79e5d77738cab4f594f364156c824771e29f615804f746fdb99e074612b530aaff0431fb3c2f771771ecafad581836a17d7ab7f11b242956cf29bfa52e7a0c525a19a5811d03d87a864a9c15e73d6d056b582e53a7965d856d36e13
x-response-lb: image
ali-swift-global-savetime: 1666334511
age: 3042347
x-cache: HIT TCP_MEM_HIT dirn:4:277650373
x-swift-savetime: Fri, 21 Oct 2022 08:23:11 GMT
x-swift-cachetime: 31529920
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693768585338669e
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 395dabe9158ad8d8dbc8ab618ab4e781
1882f9f43cdbd6f83344e56f9fcfdaefcdd76a5e
2f067d76c74d9cd7a1b4687c0e83e4806f6d3b3ecadf0949a4f80c53f03e7973
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F067D76C74D9CD7A1B4687C0E83E4806F6D3B3ECADF0949A4F80C53F03E7973"
Last-Modified: Thu, 24 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7052
Expires: Fri, 25 Nov 2022 13:45:10 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive
api.79zxcv.com/js/dom.js
18.141.190.97200 OK 4.8 kB IP 18.141.190.97:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1791)
Hash 271c3e5f6f883bf1187eb95946d8246e
4b32995d1e5dce4ba696e0aaf57794db6884d2b6
a5451841cb1edffb1130d0e4c564cfeb352d7f2283665a4d01221f84dc72c1fd
Analyzer Verdict Alert quad9 Sinkholed
GET /js/dom.js HTTP/1.1
Host: api.79zxcv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1d8c96ac8343425"
Last-Modified: Fri, 16 Sep 2022 01:22:27 GMT
Server: Tengine
X-Cache-Status: MISS
Content-Encoding: gzip
zhibo128x.xyz/128/960x120.gif
154.83.25.141200 OK 647 kB URL HTTP/1.1 zhibo128x.xyz/128/960x120.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 647 kB (647290 bytes)
Hash 4fd1179d632274467f2d161456d79264
7e14d27cde6b11c437d17d7abf8ea273a5e63798
4a24512ccf73527d8996dc5a02acc63fe7fcb7c9f9ae22cac178345c6d46361c
GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 11:47:07 GMT
Content-Type: image/gif
Content-Length: 647290
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 06:08:16 GMT
ETag: "634113d0-9e07a"
Expires: Wed, 30 Nov 2022 00:43:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
kvhkkk.top/4bf88adf466b90cef3686374a27fc0e2.gif
104.21.234.156200 OK 65 kB URL HTTP/2 kvhkkk.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP 104.21.234.156:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvhkkk.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 65414
last-modified: Tue, 22 Nov 2022 05:45:31 GMT
etag: "637c61fb-ff86"
expires: Sun, 25 Dec 2022 11:29:58 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1060
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSNTfN9Bvrdq9%2BOSliDseamHavMTAvJQmmnlDyQoA2CQGVwmzUWCr3ajs4%2FjQvVRno6Ko%2BjoMYXizgwe7kZ5s1MWEFRtRsyjk4sisX8Tf0PvE5iCKmB9Krja%2BDvx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa2695fa8506b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 07570daf9d11b9b8b8357b089ad60a5a
1e0c563991e0918f538182a887165bf2fd225b80
8f7ff4d51ecb7edcdefc1d6d0aa80e6774d0bd665b2d0f6bcbeaa4b40acbef60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Last-Modified: Fri, 25 Nov 2022 11:47:37 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
taiwtp1.com/xin/200200.gif
220.128.218.220200 OK 66 kB URL HTTP/2 taiwtp1.com/xin/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash f0ba60ad272f48fb7a6c94d0fff78f8c
5aa704f7f21da3ebcda26cc67adfb21a218e7c97
22ca789fd1bcfce63c63a1b380a9666fbb44d3c6003c110d1956995a27a3d108
GET /xin/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:45:14 GMT
content-type: image/gif
content-length: 65592
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10038"
expires: Sun, 25 Dec 2022 11:45:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
47.246.44.227200 OK 671 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
IP 47.246.44.227:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 480\012- data
Size 671 kB (670683 bytes)
Hash 61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732
GET /obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 670683
date: Wed, 23 Nov 2022 17:12:04 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 23 Nov 2022 09:06:10 GMT
nw-session-id: 202211231706100101351600141541FD52kxb2701dy
nw-session-trace: 2022-11-23T17:06:10.11502157+08:00 75
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Wed, 23 Nov 2022 17:06:10 GMT
x-tt-logid: 202211231706100101351600141541FD52
via: n129-069-085, cache19.l2de2[0,0,206-0,H], cache8.l2de2[1,0], cache8.l2de2[1,0], cache5.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc03:4:481::52
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015a3b9199adf986dc1a7283b0173494440838bdeaf0719540461d0fe2682c55bccf66501ae48e46ef19c5eb083f25712622be75eab5d9b90c22f18fbfaca83d7cc2040c9ed209cfba18ab316c995f6ca66467b59e239c4a976422122007d1df50
x-response-lb: image
ali-swift-global-savetime: 1669223524
age: 153334
x-cache: HIT TCP_MEM_HIT dirn:1:279621702 mlen:0
x-swift-savetime: Thu, 24 Nov 2022 10:04:25 GMT
x-swift-cachetime: 31475259
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816693768586548781e
X-Firefox-Spdy: h2
kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
104.21.94.20200 OK 864 kB URL HTTP/2 kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 104.21.94.20:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Sat, 24 Dec 2022 07:55:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 100327
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzqoTCmbfeewyUzfP%2BI6GNw5vt3VXp%2Fwmin8%2BzuAq4p%2BbWidzwWz1zu1ytL6lxqXfOoicBurWdY0UrY9sf%2B7qkWD2olX8c9TidfiNuJQSxVnsRhfh713X2DEDxFu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa2696d88bb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhkkk.top/7546c860e55fa3bf22e5cd95994dd097.gif
104.21.234.156200 OK 685 kB URL HTTP/2 kvhkkk.top/7546c860e55fa3bf22e5cd95994dd097.gif
IP 104.21.234.156:0
File type GIF image data, version 89a, 384 x 216\012- data
Size 685 kB (684992 bytes)
Hash 6f531c957ea61da41ab38ccc064ac606
e2c1ccf65b2c8e2dadee1bd61ecf5539a2100825
e1094802df1cac8e84815e0d8807bbb5e73e161994c773d3a58d201f918d64b3
GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvhkkk.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 684992
last-modified: Tue, 22 Nov 2022 11:00:48 GMT
etag: "637cabe0-a73c0"
expires: Sat, 24 Dec 2022 12:40:23 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 83235
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5kIjBqvygOU3DhM8GHbrLYBwN98%2Ba42YUxL%2Bw1XkZnF%2BdpysXwwKWgG4OFDKVI6cbUZRwsy1kAxEJY6%2B%2FyH8I5LFpsK836xYjX8o5VqryowEHCHRYgXPnYHTSKp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa26961ab706b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
20.189.126.154200 OK 133 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 133 kB (133073 bytes)
Hash f44f18314d520e89498d1f67557c2697
bbdd1041f6be7316f0a565d525761a902959b6e6
303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8
GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:37:28 GMT
ETag: "1667486248"
Expires: Sat, 03 Dec 2022 14:37:28 GMT
Last-Modified: Thu, 03 Nov 2022 14:37:28 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
20.189.126.154200 OK 132 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 132 kB (131724 bytes)
Hash 6815a174b1da262bb85e17910991d3ed
cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01
GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:38:11 GMT
ETag: "1667486291"
Expires: Sat, 03 Dec 2022 14:38:11 GMT
Last-Modified: Thu, 03 Nov 2022 14:38:11 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
www.jxys88.net/news/list.php
173.231.12.68200 OK 192 kB URL HTTP/2 www.jxys88.net/news/list.php
IP 173.231.12.68:0
Size 192 kB (191851 bytes)
Hash 409e27b00c735b0a38bdd934baab7f06
c76f452e52516c7cb5eca91ececd3ddf1a9d8690
99931aa5962fa98e8135c365e696fea34baf7f21af0ffee94c521f3c585f88e1
GET /news/list.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ad72f8c21844009758f7df30b4681e23
1299f1e573e0f60163d324bc8bc5909df6dd9e34
ca8600f2170bae7330a374bbe8727b55ae123a29ce620ccfbd4dc5f5fa997d7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:43:07 GMT
Expires: Thu, 01 Dec 2022 00:43:06 GMT
Etag: "1299f1e573e0f60163d324bc8bc5909df6dd9e34"
Cache-Control: max-age=477927,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26962c191c0a-OSL
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP 142.250.74.3:0
Hash df561d12f805d1625d638f09a553df1d
d30b629e1c35e991be92eb3cbe59f34aa6d6d678
a3911a57c1747f4ab2fbcba4dde8b8761285e43bec3a314507721a73eb959d8e
POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
20.189.126.154200 OK 261 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 261 kB (261015 bytes)
Hash 68ca80e6c19384277e66f07f304b6ed7
680dea475bf73401cd981b5d64f81a23c5536fed
cdbf4e9a6e9fd6b14415c2039f70aef83ec4067c4d82510246096432cd8b93a8
GET /static/uploads/image/x26/20221004/1664894189710457.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:36:31 GMT
ETag: "1667486191"
Expires: Sat, 03 Dec 2022 14:36:31 GMT
Last-Modified: Thu, 03 Nov 2022 14:36:31 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 737cd378417f24ff8e303905e80180fb
e03e769db8b118823e8658f4eb3e6c6547fe3455
7ae737f92d72789db034845133363edd36688c9bec0fe62b9f37027704372f8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:28:29 GMT
Expires: Wed, 30 Nov 2022 01:28:28 GMT
Etag: "e03e769db8b118823e8658f4eb3e6c6547fe3455"
Cache-Control: max-age=394249,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26964e1f1c16-OSL
taiwtp1.com/xin/225135.gif
220.128.218.220200 OK 67 kB URL HTTP/2 taiwtp1.com/xin/225135.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 225 x 135\012- data
Hash 81996a5d1fe46f845ff020017edba5cb
68dc488bcaf576c3c63394123998bb55ea79d121
6ee94aa6b2f278f4d4bff35da13d01e8ecc332464a23050f5a816fe18943b7aa
GET /xin/225135.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:45:14 GMT
content-type: image/gif
content-length: 67441
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10771"
expires: Sun, 25 Dec 2022 11:45:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ad72f8c21844009758f7df30b4681e23
1299f1e573e0f60163d324bc8bc5909df6dd9e34
ca8600f2170bae7330a374bbe8727b55ae123a29ce620ccfbd4dc5f5fa997d7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 00:43:07 GMT
Expires: Thu, 01 Dec 2022 00:43:06 GMT
Etag: "1299f1e573e0f60163d324bc8bc5909df6dd9e34"
Cache-Control: max-age=477927,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2696dab00b41-OSL
kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
104.21.5.141200 OK 740 kB URL HTTP/2 kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
IP 104.21.5.141:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 740 kB (739561 bytes)
Hash 5318e42d25e6b9b53726d8166248cc33
762b03c16562865a9a58a02dba471f78608376db
b632e7a04d032c4853a8460e9d636ac032f697db8f50cfee6a6016587ed8f62c
Analyzer Verdict Alert quad9 Sinkholed
GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 739561
last-modified: Mon, 02 May 2022 19:20:49 GMT
etag: "62702f11-b48e9"
expires: Fri, 23 Dec 2022 04:58:19 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 197359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dkl9lCWWhtTtjq5xtujQQgjHi8xbWXQUjCSW6H%2FJ0BLaa8Q1CNzFdEs3tnEnj6xDF1BGtvtUmTLSF3xsuuRqrzuLh7ry5fIc0bV4hRbrE84moVJvy0nuuUeGdbGC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa26980fa70b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 737cd378417f24ff8e303905e80180fb
e03e769db8b118823e8658f4eb3e6c6547fe3455
7ae737f92d72789db034845133363edd36688c9bec0fe62b9f37027704372f8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:28:29 GMT
Expires: Wed, 30 Nov 2022 01:28:28 GMT
Etag: "e03e769db8b118823e8658f4eb3e6c6547fe3455"
Cache-Control: max-age=394249,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa26972e25b50c-OSL
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
20.189.126.154200 OK 259 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894256451036.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 259 kB (258804 bytes)
Hash 70649fd49138ca6897fe0c9365470117
f0cbcec39497ab084adb72c03a6225c2144c6866
48f51d425b1ad9363336bc2edf9009cbfd17d0c24f817fe60fec9e6ed258e5b0
GET /static/uploads/image/x22/20221004/1664894256451036.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:37 GMT
ETag: "1667486439"
Expires: Sat, 03 Dec 2022 14:40:37 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:39 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0ad3bc43446328e39bbcae6cc0b8fe2
e3ffb2181b4f1c9c3ef689b13035e764640176c8
a791304a7c2626d0511146bb8814f01e7d17042bab362621bc29cef9eb7eb74c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A791304A7C2626D0511146BB8814F01E7D17042BAB362621BC29CEF9EB7EB74C"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12035
Expires: Fri, 25 Nov 2022 15:08:13 GMT
Date: Fri, 25 Nov 2022 11:47:38 GMT
Connection: keep-alive
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
20.189.126.154200 OK 279 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894518194257.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 279 kB (278909 bytes)
Hash cbbb3d8ff70b59b11fd1182f7e5d77e9
06af5df2b2aeaa07b578979ee331b52e1f298323
f62a633b62c1dea5bca396206d4956bf14db30141e6e524bf3a00e3588c1c893
GET /static/uploads/image/x22/20221004/1664894518194257.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:42:08 GMT
ETag: "1667486534"
Expires: Sat, 03 Dec 2022 14:42:08 GMT
Last-Modified: Thu, 03 Nov 2022 14:42:14 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2aee78ed2e3d7de1b2a7a2b23d097360
782463d3db74bbe0439feaf7c1fe18aa6f20aef7
72337b48ac80604e2338c6889fc2ffd9560062931e228fe1abc422e3312d9be9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=96900
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:39 GMT
Etag: "637f82de-117"
Expires: Sat, 26 Nov 2022 14:42:39 GMT
Last-Modified: Thu, 24 Nov 2022 14:42:38 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif
20.189.126.154200 OK 138 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958002923244.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 138 kB (137556 bytes)
Hash bd3f6c291cab93e830a11147c254ba40
84e34f4b6d924250b792926a4000b057496a171c
f83c49320f5c7ebedeeb3c449113fc15dd505bcc55a074c6c4cbebc3fb3a209f
GET /static/uploads/image/x22/20221005/1664958002923244.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:23:18 GMT
ETag: "1667550198"
Expires: Sun, 04 Dec 2022 08:23:18 GMT
Last-Modified: Fri, 04 Nov 2022 08:23:18 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif
20.189.126.154200 OK 143 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958053685368.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 143 kB (142810 bytes)
Hash e7fa5fab9c6f638bf6e867ab976713a1
0e04672bf56def9eb8eef15e9aedc4b6ead6dd05
1145d5d9f499e6f3e2818a598b72cf02ff750ba41752bc94ff06513a522ee23e
GET /static/uploads/image/x22/20221005/1664958053685368.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:39:53 GMT
ETag: "1667551193"
Expires: Sun, 04 Dec 2022 08:39:53 GMT
Last-Modified: Fri, 04 Nov 2022 08:39:53 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
www.jxys88.net/news/index.php
173.231.12.68200 OK 166 kB URL HTTP/2 www.jxys88.net/news/index.php
IP 173.231.12.68:0
Size 166 kB (166457 bytes)
Hash cc3186f99b0cf6affa92723977477028
e9bd465a0770f8a959459b43527732e06f62c116
356b45f89625026b58a8b8571d5b33c7de7329d1a7c13007a1049cba66706a64
GET /news/index.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.wordpressexample.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif
20.189.126.154200 OK 157 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221005/1664958086287321.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 225 x 136\012- data
Size 157 kB (157109 bytes)
Hash b2ab67245d12303f5bbafd7d9b5f0114
44e3a620562fb6e6542b21d4ff534057d7dbe116
44748a35ac18f29a7fb6aa261701604648c5a5c2edf8b6a4d7789ef52b992afe
GET /static/uploads/image/x22/20221005/1664958086287321.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 04 Nov 2022 08:23:25 GMT
ETag: "1667550206"
Expires: Sun, 04 Dec 2022 08:23:25 GMT
Last-Modified: Fri, 04 Nov 2022 08:23:26 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 637d307f35a65f0d652c7e9b46157717
b15b3c7cdfb8368b908cd208b2edc9b98ff72532
401dd7484bcd581ebf07c1bb1bcfdfb46eebbc0fd786d4ed28c98cced16a0c1d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:39 GMT
Server: ECS (amb/6BAB)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 637d307f35a65f0d652c7e9b46157717
b15b3c7cdfb8368b908cd208b2edc9b98ff72532
401dd7484bcd581ebf07c1bb1bcfdfb46eebbc0fd786d4ed28c98cced16a0c1d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=117104
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:47:39 GMT
Etag: "637fd1cb-117"
Expires: Sat, 26 Nov 2022 20:19:23 GMT
Last-Modified: Thu, 24 Nov 2022 20:19:23 GMT
Server: nginx
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cbcc471840270b19536a7385c435e090
6dc931336032d76c21f6b2136408f184b8005ffd
354b0163e71484d2bb42400be51f32f7cf3e4723e4f86ec9a3bdb4b104ac25da
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "354B0163E71484D2BB42400BE51F32F7CF3E4723E4F86EC9A3BDB4B104AC25DA"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8596
Expires: Fri, 25 Nov 2022 14:10:55 GMT
Date: Fri, 25 Nov 2022 11:47:39 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 1a846355d732b691514041b1b4874b12
52a28192382c4273a80a3525df0266bc758272b0
7702003437b9fa2c49671de578d0d1795f407f4655954c73e9da56c587c6f982
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:47:39 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:06:56 GMT
Expires: Tue, 29 Nov 2022 23:06:55 GMT
Etag: "52a28192382c4273a80a3525df0266bc758272b0"
Cache-Control: max-age=385755,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa2698889cb524-OSL
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
47.56.33.17200 OK 0 B URL HTTP/1.1 aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
IP 47.56.33.17:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif HTTP/1.1
Host: aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/gif
Content-Length: 294418
Connection: keep-alive
x-oss-request-id: 6380AB5AE46B163830BA77B5
Vary: Origin
Accept-Ranges: bytes
ETag: "B5F554E2887180883376A154C0D49550"
Last-Modified: Tue, 25 Jan 2022 08:46:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7927258656666560621
x-oss-storage-class: Standard
Content-Disposition: inline;filename=899E8306-3565-4974-AD46-916F3A0C3E17.gif
Content-MD5: tfVU4ohxgIgzdqFUwNSVUA==
x-oss-server-time: 2
static.qwahk.com/960x60.gif
154.39.104.61200 OK 0 B URL HTTP/1.1 static.qwahk.com/960x60.gif
IP 154.39.104.61:0
GET /960x60.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 477289
Content-Type: image/gif;charset=UTF-8
Date: Sun, 20 Nov 2022 00:49:41 GMT
ETag: "1668905382"
Last-Modified: Sun, 20 Nov 2022 00:49:42 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 anxun31:15 (W)
X-Cache: HIT, server, disk
X-Px: ms anxun31000(origin)
X-Reqid: 2019214167228180202211200849416LvsX43Qsampled
X-Ws-Request-Id: 637979a5_anxun31_27787-61124
sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
120.77.166.119200 OK 0 B URL HTTP/1.1 sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
IP 120.77.166.119:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /tycsz.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/gif
Content-Length: 614471
Connection: keep-alive
x-oss-request-id: 6380AB5AD17D343031081D9F
Accept-Ranges: bytes
ETag: "B5D129EDAAAEC2DB9B9FBDBB13E162FF"
Last-Modified: Sun, 20 Nov 2022 08:15:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1485979328286445117
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: tdEp7aquwtubn727E+Fi/w==
x-oss-server-time: 1
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:56:24 GMT
cache-control: max-age=2592000
x-delay: 107 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: a1c40dc3-77db-42cd-8251-6c53277f58fc
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
120.77.166.72200 OK 0 B URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /af/q960x120-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/gif
Content-Length: 478685
Connection: keep-alive
x-oss-request-id: 6380AB5A703D5E36368969EF
Accept-Ranges: bytes
ETag: "5BF732E915BAF1D960C69A7DFEB3EF7C"
Last-Modified: Tue, 27 Sep 2022 07:43:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8402549840524505905
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: W/cy6RW68dlgxpp9/rPvfA==
x-oss-server-time: 1
585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
103.170.15.88200 OK 0 B URL HTTP/1.1 585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
IP 103.170.15.88:0
ASN #7483 Skycloud Computing co., Ltd.
Analyzer Verdict Alert quad9 Sinkholed
GET /41b638d808b64a4db1c3e57fb5622e78.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9085-27357"
Date: Tue, 22 Nov 2022 12:51:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:19:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Length: 160599
www.jxys88.net/news/data.php
173.231.12.68200 OK 0 B URL HTTP/2 www.jxys88.net/news/data.php
IP 173.231.12.68:0
GET /news/data.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.9712x.com/images/63523e235fe50f0585d3ef83.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.9712x.com/images/63523e235fe50f0585d3ef83.gif
IP 91.199.87.220:0
GET /images/63523e235fe50f0585d3ef83.gif HTTP/1.1
Host: img.9712x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
cache-control: max-age=3600
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
120.77.166.72200 OK 0 B URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
IP 120.77.166.72:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /1212/af640x350.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:38 GMT
Content-Type: image/gif
Content-Length: 112297
Connection: keep-alive
x-oss-request-id: 6380AB5A1911E93132AD485B
Accept-Ranges: bytes
ETag: "8BB96C4387FDAE545693EC79E18C0278"
Last-Modified: Tue, 11 Oct 2022 10:34:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9438539724646848523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i7lsQ4f9rlRWk+x54YwCeA==
x-oss-server-time: 4
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
20.189.126.154200 OK 0 B URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP 20.189.126.154:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:43:27 GMT
ETag: "1667486607"
Expires: Sat, 03 Dec 2022 14:43:27 GMT
Last-Modified: Thu, 03 Nov 2022 14:43:27 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
taiwtp1.com/img/960240.gif
220.128.218.220200 OK 0 B URL HTTP/2 taiwtp1.com/img/960240.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
GET /img/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:45:14 GMT
content-type: image/gif
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Sun, 25 Dec 2022 11:45:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif
47.75.19.69200 OK 0 B URL HTTP/1.1 1088hg01.oss-cn-hongkong.aliyuncs.com/se/lq.gif
IP 47.75.19.69:0
ASN #45102 Alibaba US Technology Co., Ltd.
GET /se/lq.gif HTTP/1.1
Host: 1088hg01.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Fri, 25 Nov 2022 11:47:37 GMT
Content-Type: image/gif
Content-Length: 944089
Connection: keep-alive
x-oss-request-id: 6380AB59DD75B73839BC0F20
Accept-Ranges: bytes
ETag: "AA2183D37F4BB3E32799AA7559D6828B"
Last-Modified: Sat, 05 Nov 2022 08:29:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9189525011022840236
x-oss-storage-class: Standard
Content-MD5: qiGD039Ls+Mnmap1WdaCiw==
x-oss-server-time: 2
kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
104.21.234.86200 OK 0 B URL HTTP/2 kvtnnn.top/68a7807de3933bf7079116fa9df99e6f.gif
IP 104.21.234.86:0
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kvtnnn.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys12.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:39 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Tue, 13 Dec 2022 05:57:57 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1057782
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFTNKX3hQruDxdtILFjnE5hVD04C7Vg6p%2BRBADLHVzz0j%2FG5%2BbgqXO2tKDnfYd8TcxtVg3V38rx9U%2F5eY0AAEN0O0wL%2BoiMAbxRd2TwkSRAIXnJR7UBZDYdI9No8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa26991d298862-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.9717x.com/images/637f0bb78d97bc67605fd8a5.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.9717x.com/images/637f0bb78d97bc67605fd8a5.gif
IP 91.199.87.220:0
GET /images/637f0bb78d97bc67605fd8a5.gif HTTP/1.1
Host: img.9717x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ydschool-online.nosdn.127.net/tiku/72955337d3a97fb538f5ce9ebd7fe97d8689130eafab95cbef229731703681f8.gif
cache-control: max-age=3600
X-Firefox-Spdy: h2
www.jxys12.xyz/template/m1938pc/static/css/style.css
173.231.38.5200 OK 0 B URL HTTP/2 www.jxys12.xyz/template/m1938pc/static/css/style.css
IP 173.231.38.5:0
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:47:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Fri, 25 Nov 2022 23:47:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif
91.195.240.12403 Forbidden 0 B URL HTTP/2 acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif
IP 91.195.240.12:0
GET /3c1bcbe1527d69a7efc3687b42d7ea1f.gif HTTP/1.1
Host: acoosso.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Fri, 25 Nov 2022 11:47:37 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.1129555.com/images/6375e9e9e718d3da5a918058.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.1129555.com/images/6375e9e9e718d3da5a918058.gif
IP 91.199.87.220:0
GET /images/6375e9e9e718d3da5a918058.gif HTTP/1.1
Host: img.1129555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/50eb3499d51b44e38606d19d74344b42
cache-control: max-age=3600
X-Firefox-Spdy: h2
8499225.com/8499/s/960x60.gif
23.224.101.36200 OK 0 B URL HTTP/2 8499225.com/8499/s/960x60.gif
IP 23.224.101.36:0
Analyzer Verdict Alert quad9 Sinkholed
GET /8499/s/960x60.gif HTTP/1.1
Host: 8499225.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "50d23-5ed03b0c9c3d8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
91.199.87.220302 Found 0 B URL HTTP/2 img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
IP 91.199.87.220:0
GET /images/636ce31fc474e9c06ec29f98.gif HTTP/1.1
Host: img.2559u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
cache-control: max-age=3600
X-Firefox-Spdy: h2
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0
43.154.254.32200 OK 0 B URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Fri, 25 Nov 2022 11:47:38 GMT
content-type: image/gif
content-length: 208040
vary: Accept,Origin
last-modified: Fri, 25 Nov 2022 04:38:13 GMT
cache-control: max-age=2592000
x-delay: 40639 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 208040
chid: 0
fid: 0
x-nws-log-uuid: e9c6425f-d1a1-4056-bf4f-d580f4c5168b
X-Firefox-Spdy: h2