digitalmediadubai.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: digitalmediadubai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Dec 2022 22:53:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.digitalmediadubai.com/index.php
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3509
Expires: Tue, 06 Dec 2022 23:51:55 GMT
Date: Tue, 06 Dec 2022 22:53:26 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:26 GMT
Last-Modified: Tue, 06 Dec 2022 21:41:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6298
Expires: Wed, 07 Dec 2022 00:38:24 GMT
Date: Tue, 06 Dec 2022 22:53:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 22:18:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2085
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wvHIf4k4pa+15jN9NpSg5MlbGsSqRyBbjurAGhAuSQD5VTVuhzTGIN3TxYot6zUFvCqpVWhg6Sk=
x-amz-request-id: AVTQJG04AFV50CR1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 22:47:16 GMT
age: 370
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 2669
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4271
Cache-Control: max-age=127474
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:27 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:18:01 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.digitalmediadubai.com/index.php
200 OK 785 B URL HTTP/1.1 www.digitalmediadubai.com/index.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 1b14743e8fdfc36b1a03cddee663a467
94dea3d497eb67df04944bedc7cc5743a094c8f2
cf3946429a7128ad3b6b94e2fbe23ca2e18048b87c4d2ae58fc11552382e239e
GET /index.php HTTP/1.1
Host: www.digitalmediadubai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 22:53:27 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bCPJazDZsYjZbw9EevEzHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4+/kpgRJM/6K3CS12LVlR3PgBmw=
www.digitalmediadubai.com/tj.js
200 OK 518 B URL HTTP/1.1 www.digitalmediadubai.com/tj.js
IP
File type ASCII text, with CRLF line terminators
Hash 29d68cbfdcfb5518b0be3202394cc071
e651a5709bdc86c3609a4057ff1226e89d968e53
836a9dda783dd72b9fedc59e69ea150fee6e549fc8145565a5362fd367eb9e26
GET /tj.js HTTP/1.1
Host: www.digitalmediadubai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 22:53:28 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive
www.digitalmediadubai.com/common.js
200 OK 738 B URL HTTP/1.1 www.digitalmediadubai.com/common.js
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash 70670d0986c3d241b2799f9b5ae5e100
e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6
GET /common.js HTTP/1.1
Host: www.digitalmediadubai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 22:53:28 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 06 Dec 2022 22:53:28 GMT
Etag: "4078521116"
Expires: Wed, 06 Dec 2023 22:53:28 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=7A3259A3830ACA714B3B22646564B6C9:FG=1; max-age=31536000; expires=Wed, 06-Dec-23 22:53:28 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 4d8979b580f9a6c9b4660e41f0bef4c5
97acb985f7e150bc5077979a18d1c443d7df22f0
08a2342e767e94a269b479e389d8415f55e8a1722ed74549e675297516951ae6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 21:36:42 GMT
ETag: "97acb985f7e150bc5077979a18d1c443d7df22f0"
Last-Modified: Tue, 06 Dec 2022 21:36:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1368
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7758990cffddb4ed-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76c327c2b94af9b2f5ba0266ac4dd2ef
c2932278411597f79d0224adb5774eeb48b05924
46aa44e41d976d1cc4871946dd0e8914bc55aa025660b1f64c9c2b2724c91178
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46AA44E41D976D1CC4871946DD0E8914BC55AA025660B1F64C9C2B2724C91178"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15897
Expires: Wed, 07 Dec 2022 03:18:25 GMT
Date: Tue, 06 Dec 2022 22:53:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6074
Expires: Wed, 07 Dec 2022 00:34:42 GMT
Date: Tue, 06 Dec 2022 22:53:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6074
Expires: Wed, 07 Dec 2022 00:34:42 GMT
Date: Tue, 06 Dec 2022 22:53:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6074
Expires: Wed, 07 Dec 2022 00:34:42 GMT
Date: Tue, 06 Dec 2022 22:53:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6074
Expires: Wed, 07 Dec 2022 00:34:42 GMT
Date: Tue, 06 Dec 2022 22:53:28 GMT
Connection: keep-alive
www.digitalmediadubai.com/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 www.digitalmediadubai.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.digitalmediadubai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 22:53:29 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 11 Dec 2022 22:53:29 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f38ce0fb35ef0fc66b61cafd2b09eeb6
aded2fe97a129dc820ba9d6d7605aeadfe17c15c
39bcb5e0c3a9cd39c0fcefbffd9e6f949bb9d85f0bee2b0b7c5cb999b508b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 24355473-a83a-42b6-bdf3-ae2c39f7f3eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ccq48GfKoAMFjmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63882505-2f58dd012665cb131ceff8f2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 03:52:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N6GEu_CKPRnnSK5YiXyc2wNMYIfd1jOZuylB26w8FmVavlWruMSZhw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 05:59:19 GMT
age: 60849
etag: "aded2fe97a129dc820ba9d6d7605aeadfe17c15c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.jxys88.net/news/index.php
200 OK 11 kB URL HTTP/2 www.jxys88.net/news/index.php
IP
Hash 77e596699283e070421bd3daada36d5e
b9ed66be7f8ecc93ec1db99b4c02e123a5bc34a7
5b4ddf87c69c9e1e42dda3cd7edf5109b37010cc5c8fc3e0807f365d86083340
GET /news/index.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0f0782df385287698881f1c19e79b96
5a25f245b594f6cbf2fdaeed2463ac5fbc08068a
4f795cd2286e194cd96751e6a4e3bd0da09c6db5344182e51986b65149e75cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: 0efa303a-364e-488d-beac-24836c7c1e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirE2KoAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5564a0c0264ed36f0497e17e;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xpzGji_JAWkUjhXLouXWlin6rV-44shz6Z_STqo7uK7ZUV2PWs7Zpg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:54:15 GMT
age: 3553
etag: "5a25f245b594f6cbf2fdaeed2463ac5fbc08068a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2ae931d0f14a81013f782d43b8c7b85
9ec84996b63362ad370ff67b0fd8136a343c1bbf
9b4a2b3e5e2d2b4fac094135fed10a3040598f1208f6b2ec52d95d10aca66ed5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9891
x-amzn-requestid: f15dc6ba-901b-4ef6-8589-d8918fe84173
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csU8lF3MoAMF47g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6850-496d269b228065a365a67eea;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:53:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3SFFPJye5LvexbHVfPukXIdJ-BSkP5MCpesIJhqxtSNKamcRNr1lFA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 18:21:44 GMT
age: 16304
etag: "9ec84996b63362ad370ff67b0fd8136a343c1bbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZBA188WoJDCpA8JrEly22avBEZN_Kk8yjRmOhwvDCEiVm2g0Phwvg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 06:07:35 GMT
age: 60353
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98d2cf29c710d25bd2f03ff216fdd369
b8eb2e11f9655f19334befc036f21489a6473827
614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
content-type: image/jpeg
age: 3468
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://www.digitalmediadubai.com/index.php
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.digitalmediadubai.com/index.php
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.digitalmediadubai.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 06 Dec 2022 22:53:28 GMT
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 9acffdc35f7b525d0138c4a3e8dd64f6
92560c9547dc41eb6b25629700b28522485007c0
75fd7391c482f2b60a33ceff4c8f16b4313446c55a9034de05767967c793d7fc
GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 22:53:28 GMT
Etag: b89186a3f91b27af7450235eec1e840f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0A50186E97946DEE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?c6d2cc57ca68d0bbc899ee7118b68eb1
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?c6d2cc57ca68d0bbc899ee7118b68eb1
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash aad651a0da332cf03655c2a44b139823
cd3532c103da2d7ff3a5864c8043921fa7b394e1
7bd43ebd38242ba8abd8ba259f21a423bdfacb0c030ddb8c4384b77a2a57b17b
GET /hm.js?c6d2cc57ca68d0bbc899ee7118b68eb1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 22:53:28 GMT
Etag: 98d68aec0705bc7a282a6ac50041682e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=38C316288CD50768; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1109791346&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=11129&r=0&ww=1280&u=http%3A%2F%2Fwww.digitalmediadubai.com%2Findex.php&tt=%E5%92%B8%E5%AE%81%E6%AC%A2%E7%A7%BB%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1109791346&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=11129&r=0&ww=1280&u=http%3A%2F%2Fwww.digitalmediadubai.com%2Findex.php&tt=%E5%92%B8%E5%AE%81%E6%AC%A2%E7%A7%BB%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1109791346&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=11129&r=0&ww=1280&u=http%3A%2F%2Fwww.digitalmediadubai.com%2Findex.php&tt=%E5%92%B8%E5%AE%81%E6%AC%A2%E7%A7%BB%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 22:53:29 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4DBCA9831FA46A2F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=443902771&si=c6d2cc57ca68d0bbc899ee7118b68eb1&v=1.3.0&lv=1&sn=11129&r=0&ww=1280&u=http%3A%2F%2Fwww.digitalmediadubai.com%2Findex.php&tt=%E5%92%B8%E5%AE%81%E6%AC%A2%E7%A7%BB%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=443902771&si=c6d2cc57ca68d0bbc899ee7118b68eb1&v=1.3.0&lv=1&sn=11129&r=0&ww=1280&u=http%3A%2F%2Fwww.digitalmediadubai.com%2Findex.php&tt=%E5%92%B8%E5%AE%81%E6%AC%A2%E7%A7%BB%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=443902771&si=c6d2cc57ca68d0bbc899ee7118b68eb1&v=1.3.0&lv=1&sn=11129&r=0&ww=1280&u=http%3A%2F%2Fwww.digitalmediadubai.com%2Findex.php&tt=%E5%92%B8%E5%AE%81%E6%AC%A2%E7%A7%BB%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.digitalmediadubai.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 22:53:29 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=70628857FB086F4C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 69e2d1c00420387d217fc425b68da15c
269eafe2e60b33b442ecfe42b6c9ca6d1caa5e67
067601cf6738b63a03772fcf961654f7ecc48f97bca271b3c27c76e89d0bf920
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "067601CF6738B63A03772FCF961654F7ECC48F97BCA271B3C27C76E89D0BF920"
Last-Modified: Tue, 06 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Wed, 07 Dec 2022 04:53:01 GMT
Date: Tue, 06 Dec 2022 22:53:30 GMT
Connection: keep-alive
www.jxys11.xyz/template/m1938pc/html9/ads/1.gif
200 OK 254 B URL HTTP/2 www.jxys11.xyz/template/m1938pc/html9/ads/1.gif
IP
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:31 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Thu, 05 Jan 2023 22:53:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys11.xyz/template/m1938pc/html9/ads/ob1.gif
200 OK 193 kB URL HTTP/2 www.jxys11.xyz/template/m1938pc/html9/ads/ob1.gif
IP
File type GIF image data, version 89a, 960 x 90\012- data
Size 193 kB (193193 bytes)
Hash a0f25aca4ee2af38f3d3f5cbfde1bdf8
252b04cdfaa6918b897fc8ef8ae759469ca831eb
89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1
Host: www.jxys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:31 GMT
content-type: image/gif
content-length: 193193
last-modified: Fri, 11 Nov 2022 06:41:02 GMT
etag: "636dee7e-2f2a9"
expires: Thu, 05 Jan 2023 22:53:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys11.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
200 OK 13 kB URL HTTP/2 www.jxys11.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP
File type Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Hash 99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys11.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:31 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 8afd691bb1ceae53bfcbf3f9200abe5c
c3f2293c5837e9603f525e0d55a03efc00f7ba4d
b7a0ded65abf8b8168fd736481a7bc4386e257e276162f86de1ee517581d63a0
GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Tue, 06 Dec 2022 22:53:31 GMT
Etag: 0c01760b1573d627f03d3da17aa4f10b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=81BA257104E944BF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1886250729&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=11132&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys11.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1886250729&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=11132&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys11.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1886250729&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=11132&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys11.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 06 Dec 2022 22:53:32 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BD2D93C17E852EC0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b1d1023adf27e0ee99002b48728cbcab
0b0775af1dbf156faf17a96711c2230f2fc8998f
c7f9cfe59996a74386a2c97216916fdd537155d292790ce167ff99e75cf58fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7F9CFE59996A74386A2C97216916FDD537155D292790CE167FF99E75CF58FA0"
Last-Modified: Mon, 05 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7917
Expires: Wed, 07 Dec 2022 01:05:29 GMT
Date: Tue, 06 Dec 2022 22:53:32 GMT
Connection: keep-alive
kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
301 Moved Permanently 162 B URL HTTP/2 kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 22:53:32 GMT
content-type: text/html
content-length: 162
location: https://kvhiii.top/0eddc09b941df608c7dbb65fd7344c05.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
301 Moved Permanently 162 B URL HTTP/2 kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 22:53:32 GMT
content-type: text/html
content-length: 162
location: https://kvhiii.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 95c99d9315f42646d902fdb762011db3
60ee48f76b40fac032a60be54471f8ac0a4eea55
065370073a44ce709693772cabe0210c94d2ff33f4f055f0c3544a6a92eeeda2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91554
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:33 GMT
Etag: "638e8a8f-118"
Expires: Thu, 08 Dec 2022 00:19:27 GMT
Last-Modified: Tue, 06 Dec 2022 00:19:27 GMT
Server: nginx
Content-Length: 280
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
200 OK 309 kB URL HTTP/2 imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 309 kB (308789 bytes)
Hash 799d622d8489838225bdf632d1ae4095
4f6c51fcc2b138919eaffddb4e0552eccd639540
ef6eca5519381348b80b5a594d9463237e5df4c5d94f91690ec0caebb61931c8
GET /ggIqxE6kP-B_dxnQquyUhg/2502307b-323b-4596-cdd7-ff8f19793f00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:33 GMT
content-type: image/gif
content-length: 308789
cf-ray: 7758992a89ecb4f7-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cf7jj0DExcr4Eulp_4fW43VFQZ8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:0,h2pri
cf-images: internal=ok/- q=0 n=515 c=29+582 v=2022.11.4 l=308789
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
warning: cf-images 299 "original is 182253B smaller"
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif
200 OK 359 kB URL HTTP/1.1 223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 359 kB (358672 bytes)
Hash 668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859
Analyzer Verdict Alert quad9 Sinkholed
GET /ddc7ee998e5442059a05a76f45a279b8.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63665362-57910"
Date: Sun, 04 Dec 2022 13:14:02 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 05 Nov 2022 12:13:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 358672
imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
200 OK 24 kB URL HTTP/2 imagedelivery.net/ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2ca0538b0b77324a38cf2b74f16cb6fe
0ef6374accaaedf856fe2532b8001519894e7fbf
2deb9e322a8b6fab37972c3d02c9da5ee672a9dbbe5b6f7282ba584ed025d9c4
GET /ggIqxE6kP-B_dxnQquyUhg/477bc118-1084-4a76-3589-ef7a0dbdee00/public HTTP/1.1
Host: imagedelivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:33 GMT
content-type: image/webp
content-length: 24176
cf-ray: 7758992a8a09b4f7-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=172800
etag: "cfICoqasDYJU_WN31sIUtRvKgK8dO5Wny_BInlx8NnBQ"
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=399 c=1+47 v=2022.11.7 l=24176
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
200 OK 423 kB URL HTTP/1.1 362728tdg.com/33f557d8ed124da9b6a2642dac638bcd..gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 423 kB (422791 bytes)
Hash bdeb53a7d3c2f219a7ae903a7346cd91
e5349fa31f22ce3605b9256c0a6e37def92b13b6
316319f597bb6dd3d686c46a51e67693243868108b798fa8174f8a124b6422b4
Analyzer Verdict Alert quad9 Sinkholed
GET /33f557d8ed124da9b6a2642dac638bcd..gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9147-67387"
Date: Mon, 28 Nov 2022 15:11:28 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:22:31 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-14
Content-Length: 422791
u1022.com/da5dfac32ac34ba592b6f45c5de4a88c.gif
200 OK 383 kB URL HTTP/2 u1022.com/da5dfac32ac34ba592b6f45c5de4a88c.gif
IP
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 100\012- data
Size 383 kB (382842 bytes)
Hash 3ee8c68d9bcee9dba9e18883f7a79dd7
ca6173103323ab2685f5c50c81c2e80d50583ab9
150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9
GET /da5dfac32ac34ba592b6f45c5de4a88c.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "63849d60-5d77a"
server: nginx
date: Mon, 05 Dec 2022 07:04:15 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 11:37:04 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-34
content-length: 382842
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8163c2a0d2b7b032295fdc97a7c1a6fb
17bc02a19f2dcbc04d941b76c1567a08b04f63df
9a7b6e298af4e2e3cdf503fe4f81cb8f7594d2210ec07a8820804f13b6774c34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A7B6E298AF4E2E3CDF503FE4F81CB8F7594D2210EC07A8820804F13B6774C34"
Last-Modified: Mon, 05 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2825
Expires: Tue, 06 Dec 2022 23:40:38 GMT
Date: Tue, 06 Dec 2022 22:53:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a02b0d457bfedc42f9f93ee95e8a582c
f6002834b06abc040e7d7c5911d4eb0586ab1408
e4789beb3da5f0fab76299a7a5f355e1effa62607a5f24e643484ce8c27e4214
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4789BEB3DA5F0FAB76299A7A5F355E1EFFA62607A5F24E643484CE8C27E4214"
Last-Modified: Sun, 04 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9024
Expires: Wed, 07 Dec 2022 01:23:57 GMT
Date: Tue, 06 Dec 2022 22:53:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 836b15c44f1e4a45874bed476603b85b
843ccd6b658ba051ae049c2db4a36edaa240aa04
996dd51f65f950077759cad65c36d30f716e27ab9d2ac72a4a5e6f52d20f5c81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "996DD51F65F950077759CAD65C36D30F716E27AB9D2AC72A4A5E6F52D20F5C81"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4850
Expires: Wed, 07 Dec 2022 00:14:23 GMT
Date: Tue, 06 Dec 2022 22:53:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 27afd4417aa4296a9d460aa54cd0c753
d2cdbf2a1ff6382129b42c2531cc9b0860af9248
adf5f9db4c1593fdd48e34ee651fdc25a0ebc12affeab7b2c8f1d7beb04ea9b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADF5F9DB4C1593FDD48E34EE651FDC25A0EBC12AFFEAB7B2C8F1D7BEB04EA9B9"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4063
Expires: Wed, 07 Dec 2022 00:01:16 GMT
Date: Tue, 06 Dec 2022 22:53:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 27afd4417aa4296a9d460aa54cd0c753
d2cdbf2a1ff6382129b42c2531cc9b0860af9248
adf5f9db4c1593fdd48e34ee651fdc25a0ebc12affeab7b2c8f1d7beb04ea9b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADF5F9DB4C1593FDD48E34EE651FDC25A0EBC12AFFEAB7B2C8F1D7BEB04EA9B9"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4063
Expires: Wed, 07 Dec 2022 00:01:16 GMT
Date: Tue, 06 Dec 2022 22:53:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b86b0789d91ae5978755d889cfaf0374
905e12b2c24f20ad72a054c20738c546a6a2f19b
f621391b79c5c9498a1931b2f970d47934aef19b27d52f93b59a10b2af794822
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F621391B79C5C9498A1931B2F970D47934AEF19B27D52F93B59A10B2AF794822"
Last-Modified: Mon, 05 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6673
Expires: Wed, 07 Dec 2022 00:44:46 GMT
Date: Tue, 06 Dec 2022 22:53:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fbeef7a673620b4b8adfb5c032233744
313e4c0c823b5275e58177cd37eacdc17e774210
2db4b09670826affd6534457286ced5a3b9a94308987d4e1728caadd0d4c067f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DB4B09670826AFFD6534457286CED5A3B9A94308987D4E1728CAADD0D4C067F"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3402
Expires: Tue, 06 Dec 2022 23:50:15 GMT
Date: Tue, 06 Dec 2022 22:53:33 GMT
Connection: keep-alive
ob699.cc/xxx12345.gif
200 OK 20 kB IP
ASN #55933 Cloudie Limited
File type GIF image data, version 89a, 225 x 135\012- data
Hash 74f156899d26c1a1ef9108ee4023052d
3d2f15dc81ee27a7832947bbb59a7836ccc7f027
b9d31d39b1bcf37b577c5b74c1b8742819a003052d35cdc72e829143e96f29f0
GET /xxx12345.gif HTTP/1.1
Host: ob699.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 22:53:33 GMT
Content-Type: image/gif
Content-Length: 19781
Last-Modified: Sat, 01 Oct 2022 06:45:45 GMT
Connection: keep-alive
ETag: "6337e219-4d45"
Expires: Thu, 05 Jan 2023 22:53:33 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.sectigo.com/
200 OK 472 B IP
Hash b501cdbec9f892dac1525c6180856544
44bad2ee0255ac9d045925f31608ffbc9eafed23
c5504851b797163de4bbd621bde9cac8a18583d804773def0088fde8ee5958a5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 22:05:43 GMT
Expires: Tue, 13 Dec 2022 22:05:42 GMT
Etag: "44bad2ee0255ac9d045925f31608ffbc9eafed23"
Cache-Control: max-age=601328,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758992c8df1b505-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 870297c53111e48331371df0ee3a1e7d
062832114a906e78cbb218ed329de7e99ee28e22
94677a4305d0ae6090eb32d3f9e3df202975e215328c5132df63a992090c9a41
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 08:52:34 GMT
Expires: Tue, 13 Dec 2022 08:52:33 GMT
Etag: "062832114a906e78cbb218ed329de7e99ee28e22"
Cache-Control: max-age=553739,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758992c89270b31-OSL
kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
301 Moved Permanently 162 B URL HTTP/2 kvezz.com/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 22:53:33 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 0eda2cdadf68e8a77510be4ea0e2b219
136fa40e4ae6e099e37293361864f3284806053c
5186d2e7462d0bad0d763115784d96ef631483ee7d465f8a5f12df37d8778731
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 15:31:14 GMT
Expires: Sun, 11 Dec 2022 15:31:13 GMT
Etag: "136fa40e4ae6e099e37293361864f3284806053c"
Cache-Control: max-age=404859,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758992cce42b505-OSL
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 22:53:39 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
301 Moved Permanently 162 B URL HTTP/2 kvmaa.com/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 22:53:39 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 48be7135b0eea80a2fbb2ee74b40b234
a91857a78ee15bba7cf5b244f0cf129a875186f3
516e018af7814df03ae58af915015944c8526c6dd563d7d5af4338cf2316a594
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 15:19:38 GMT
Expires: Sat, 10 Dec 2022 15:19:37 GMT
Etag: "a91857a78ee15bba7cf5b244f0cf129a875186f3"
Cache-Control: max-age=317763,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758992c8c15b50b-OSL
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
301 Moved Permanently 162 B URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 22:53:33 GMT
content-type: text/html
content-length: 162
location: https://max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
301 Moved Permanently 162 B URL HTTP/2 kveff.com/68a7807de3933bf7079116fa9df99e6f.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kveff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Dec 2022 22:53:33 GMT
content-type: text/html
content-length: 162
location: https://max002.top/68a7807de3933bf7079116fa9df99e6f.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash dd86948a3eae6df74a4cbf1965532228
3823bc7aa6b842598a24132368f3c4313a8b636c
e26a9ff28e1bebbedd9e89d42f219e41bda073f5985110cb7adb5c242f7ad6d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 16:16:58 GMT
Expires: Sun, 11 Dec 2022 16:16:57 GMT
Etag: "3823bc7aa6b842598a24132368f3c4313a8b636c"
Cache-Control: max-age=407603,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758992c8f8ab4ff-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash f74cf420191ae2b8e1e5acc1d63595ac
c5861317af60f6404b35a6f9c8f0990f5c2f27a4
b2d27de92d5691d7bbb4a45f4587b83fe5be195f7343231f4dee54dbf1dd8acb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 03:39:02 GMT
Expires: Sun, 11 Dec 2022 03:39:01 GMT
Etag: "c5861317af60f6404b35a6f9c8f0990f5c2f27a4"
Cache-Control: max-age=362127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758992c88f9b503-OSL
3p8801.co/yy-960x60.gif
200 OK 37 kB IP
File type GIF image data, version 89a, 960 x 60\012- data
Hash 95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644
GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:33 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Thu, 05 Jan 2023 22:53:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash b501cdbec9f892dac1525c6180856544
44bad2ee0255ac9d045925f31608ffbc9eafed23
c5504851b797163de4bbd621bde9cac8a18583d804773def0088fde8ee5958a5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 22:05:43 GMT
Expires: Tue, 13 Dec 2022 22:05:42 GMT
Etag: "44bad2ee0255ac9d045925f31608ffbc9eafed23"
Cache-Control: max-age=601328,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758992c8af80b39-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 3960daffa64cbbe8f5b79572fd5afa5d
cc7971d8c6fd8e0d32020ed78ad353e49506ff53
cdce9c3d81ecf904467bd08e2e19ea6b7e4e82582a497a3a5e1797c2ca69fb52
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 00:59:23 GMT
Expires: Mon, 12 Dec 2022 00:59:22 GMT
Etag: "cc7971d8c6fd8e0d32020ed78ad353e49506ff53"
Cache-Control: max-age=438948,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758992d3ec3b505-OSL
3p8801.co/a-960x60.gif
200 OK 49 kB IP
File type GIF image data, version 89a, 960 x 60\012- data
Hash bc918df261620170b7115cc2c1627bb9
59b4f2c3b1ae6fcc19becc440d212fa40cf3c15b
08f4f93ccef77488dbea402164b42335212bb9ecc09250f2d40d26f9dfe427db
GET /a-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:33 GMT
content-type: image/gif
content-length: 49174
last-modified: Sat, 12 Nov 2022 07:32:42 GMT
etag: "636f4c1a-c016"
expires: Thu, 05 Jan 2023 22:53:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif
200 OK 113 kB URL HTTP/1.1 339282bdb.com/47a7724b974a47a0a7ff9b1c9af7a26c.gif
IP
File type GIF image data, version 89a, 320 x 185\012- data
Size 113 kB (113076 bytes)
Hash 293a0887f1ab0b9517c19b77d51626dd
74adbd76d248f6cfc5cffdfaaaaaf942b69b080b
e14931a1bebe13bda41f170c97f7c45f725c13854e3a907c1648a403818326eb
Analyzer Verdict Alert quad9 Sinkholed
GET /47a7724b974a47a0a7ff9b1c9af7a26c.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b942d-1b9b4"
Date: Fri, 28 Oct 2022 14:58:16 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:34:53 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-23
Content-Length: 113076
zhibo128x.xyz/128/318X216.gif
200 OK 90 kB URL HTTP/1.1 zhibo128x.xyz/128/318X216.gif
IP
File type GIF image data, version 89a, 318 x 216\012- data
Hash fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d
GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 06 Dec 2022 22:52:40 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Sat, 31 Dec 2022 05:06:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash fb3a27c1a3250ae93197528d984e4311
88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a
a923962049c629f21875c9f3172bb7177f0622fd185988779636448e631475d1
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 20:37:54 GMT
ETag: "88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a"
Last-Modified: Tue, 06 Dec 2022 20:37:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 421
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77589930ba46b505-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash fb3a27c1a3250ae93197528d984e4311
88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a
a923962049c629f21875c9f3172bb7177f0622fd185988779636448e631475d1
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 20:37:54 GMT
ETag: "88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a"
Last-Modified: Tue, 06 Dec 2022 20:37:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 421
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77589930bb20b4f1-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash fb3a27c1a3250ae93197528d984e4311
88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a
a923962049c629f21875c9f3172bb7177f0622fd185988779636448e631475d1
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 20:37:54 GMT
ETag: "88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a"
Last-Modified: Tue, 06 Dec 2022 20:37:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 421
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77589930ba2ab4fd-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash d1614bce2cbcff323f215ff72260aeb3
e727496c24dbbad45dc1e69849644d430f5aca3f
edefe0300a46fe5b68162146034e1495c9afbd7291c1063ff00013a839e439fc
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 19:26:44 GMT
ETag: "e727496c24dbbad45dc1e69849644d430f5aca3f"
Last-Modified: Tue, 06 Dec 2022 19:26:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 14
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77589930beff1bfe-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash d1614bce2cbcff323f215ff72260aeb3
e727496c24dbbad45dc1e69849644d430f5aca3f
edefe0300a46fe5b68162146034e1495c9afbd7291c1063ff00013a839e439fc
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 19:26:44 GMT
ETag: "e727496c24dbbad45dc1e69849644d430f5aca3f"
Last-Modified: Tue, 06 Dec 2022 19:26:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 14
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77589930bbfbfab4-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash d1614bce2cbcff323f215ff72260aeb3
e727496c24dbbad45dc1e69849644d430f5aca3f
edefe0300a46fe5b68162146034e1495c9afbd7291c1063ff00013a839e439fc
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 19:26:44 GMT
ETag: "e727496c24dbbad45dc1e69849644d430f5aca3f"
Last-Modified: Tue, 06 Dec 2022 19:26:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 14
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77589930ba53b505-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash fb3a27c1a3250ae93197528d984e4311
88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a
a923962049c629f21875c9f3172bb7177f0622fd185988779636448e631475d1
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 20:37:54 GMT
ETag: "88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a"
Last-Modified: Tue, 06 Dec 2022 20:37:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 421
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77589930bf4ab512-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc4947265eb0418d58c516275efa486c
ebc19b237f4554f46d348e2232c21440b35bda70
dc64bf4b5d01cc44d13d8a8d90dc08cda22e27f245e5b7f023fe0120d9388d6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC64BF4B5D01CC44D13D8A8D90DC08CDA22E27F245E5B7F023FE0120D9388D6C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3330
Expires: Tue, 06 Dec 2022 23:49:04 GMT
Date: Tue, 06 Dec 2022 22:53:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc4947265eb0418d58c516275efa486c
ebc19b237f4554f46d348e2232c21440b35bda70
dc64bf4b5d01cc44d13d8a8d90dc08cda22e27f245e5b7f023fe0120d9388d6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC64BF4B5D01CC44D13D8A8D90DC08CDA22E27F245E5B7F023FE0120D9388D6C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3330
Expires: Tue, 06 Dec 2022 23:49:04 GMT
Date: Tue, 06 Dec 2022 22:53:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc4947265eb0418d58c516275efa486c
ebc19b237f4554f46d348e2232c21440b35bda70
dc64bf4b5d01cc44d13d8a8d90dc08cda22e27f245e5b7f023fe0120d9388d6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC64BF4B5D01CC44D13D8A8D90DC08CDA22E27F245E5B7F023FE0120D9388D6C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3330
Expires: Tue, 06 Dec 2022 23:49:04 GMT
Date: Tue, 06 Dec 2022 22:53:34 GMT
Connection: keep-alive
66663aaa.com/d366a9eea354409086b665663a9c34b6.gif
200 OK 13 kB URL HTTP/1.1 66663aaa.com/d366a9eea354409086b665663a9c34b6.gif
IP
File type GIF image data, version 89a, 180 x 180\012- data
Hash 852407ed092fa686e2cfb1414826b66c
5238df63f754ba5d2f4abda96e2b5793b50ffab1
dc5162092ed9c58899e9c79a86cc1b64a2f3714252a3d6bed0fb4562a234451f
Analyzer Verdict Alert quad9 Sinkholed
GET /d366a9eea354409086b665663a9c34b6.gif HTTP/1.1
Host: 66663aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "638250df-33ac"
Date: Mon, 28 Nov 2022 09:39:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 26 Nov 2022 17:46:07 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-20
Content-Length: 13228
3p8801.co/11-960x60.gif
200 OK 242 kB IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 242 kB (242091 bytes)
Hash b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:33 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Thu, 05 Jan 2023 22:53:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img4.211sun.com/hg1111/ad/60.gif
200 OK 563 kB URL HTTP/2 img4.211sun.com/hg1111/ad/60.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 563 kB (562779 bytes)
Hash cf6443f95df375f4aa4f7967c1167348
592a195ee9aee54409654e26ea00deb540ea08f1
0b5567e3b133fc29e155fd8924b17d82711c4523c70af5e382d89dbe7bf91ed9
GET /hg1111/ad/60.gif HTTP/1.1
Host: img4.211sun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/gif
content-length: 562779
last-modified: Tue, 29 Nov 2022 08:53:21 GMT
etag: "6385c881-8965b"
expires: Thu, 29 Dec 2022 19:58:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 615296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJbkuJqeyaGhuRP0aABAo5Jlg5Ml%2F5BjOIMNftUeM5Z50ZjyLZqL2I2PXi2BJ7f2oY51RFVeHGzRkmDeSzxXiWdnrc9CvLhD6k0%2B8njoJsOdyH6uP2MJu9r80wJp4upz1YI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775899311aaab4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
339282bdb.com/e20f57018fba490b9af887342222147f.gif
200 OK 553 kB URL HTTP/1.1 339282bdb.com/e20f57018fba490b9af887342222147f.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /e20f57018fba490b9af887342222147f.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b939b-86f72"
Date: Tue, 06 Dec 2022 08:03:07 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:32:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-23
Content-Length: 552818
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash e01f39e37f5ba49729fbe9abcc54c9d2
1ee4ab8580b8537b3250f65250902ba00bd44e46
7a7b229f58dbec5e264f32e3be1352880cb273be0dc7a37d28f4eaf8c4035a61
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Dec 2022 14:07:17 GMT
Expires: Wed, 07 Dec 2022 14:07:17 GMT
ETag: "1ee4ab8580b8537b3250f65250902ba00bd44e46"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
zhibo128x.xyz/128/960x120.gif
200 OK 383 kB URL HTTP/1.1 zhibo128x.xyz/128/960x120.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 383 kB (382861 bytes)
Hash 1d308356da4f24b7599d3a956cd25b42
a80c7b5e3680ba611b86269b78eedaff05b45611
46e8edbf6de8b498100e7e4e9e744a72f607adbc5ae0c5c1f3d6c8d6d2bb5f43
GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 06 Dec 2022 22:52:40 GMT
Content-Type: image/gif
Content-Length: 382861
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 05:05:52 GMT
ETag: "63883630-5d78d"
Expires: Sat, 31 Dec 2022 05:06:10 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
200 OK 331 kB URL HTTP/2 p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5CGc6ptegViafU79IgNq0p4kCsWibwXnc5g/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 06 Dec 2022 22:53:32 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:56:24 GMT
cache-control: max-age=2592000
x-delay: 55143 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 66a1208c-b507-4708-a548-0c0f39886741
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 382798b646621fc7b951be255d6b68bb
3a7ca95e6ced6e4ab066bc821da7a300ed56d1af
712ccebe09a1ab7f9a8aacaea54b794e779ed8fdf243dcf4018e7c450d180867
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Dec 2022 22:45:33 GMT
ETag: "3a7ca95e6ced6e4ab066bc821da7a300ed56d1af"
Last-Modified: Tue, 06 Dec 2022 22:45:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775899313babb4ed-OSL
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash e01f39e37f5ba49729fbe9abcc54c9d2
1ee4ab8580b8537b3250f65250902ba00bd44e46
7a7b229f58dbec5e264f32e3be1352880cb273be0dc7a37d28f4eaf8c4035a61
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Dec 2022 14:07:17 GMT
Expires: Wed, 07 Dec 2022 14:07:17 GMT
ETag: "1ee4ab8580b8537b3250f65250902ba00bd44e46"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dcc13a5268556271d67276baa9a0dbe9
3ada5e013d5214a4d91a3888ab596ba8ff5b7edc
fe9df2166e36ed4fd880b37d7c3ddc11e4961e4f981b5221b5eec2f4b1c8af0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE9DF2166E36ED4FD880B37D7C3DDC11E4961E4F981B5221B5EEC2F4B1C8AF0F"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=914
Expires: Tue, 06 Dec 2022 23:08:48 GMT
Date: Tue, 06 Dec 2022 22:53:34 GMT
Connection: keep-alive
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0
200 OK 208 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 208 kB (208040 bytes)
Hash 192c74d36701b586f3201dfd6d080d9b
e5b46de78b75c72974ba4a73638a581e7114d55b
b02c98fd0349520c864b26c96f998aa1814c1342db3e694568a437d90a523df0
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7uRgyIUdZINS0JSjjQiaf7cXpx4Ywr8dQPsLrgLGYF1KE/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 06 Dec 2022 22:53:32 GMT
content-type: image/gif
content-length: 208040
vary: Accept,Origin
last-modified: Fri, 25 Nov 2022 04:38:13 GMT
cache-control: max-age=2592000
x-delay: 44405 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 208040
chid: 0
fid: 0
x-nws-log-uuid: 74a3499f-8756-4d82-9e8e-69b33425dd86
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 62389e38b97d35902bf0836efec58a77
d3e781a85fb6462cb4e28b8ec20973738c4d94ce
2e67ba58e0d8830086e9cbf9dff02322da813850afca7d378184f078e9d725f7
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 20:06:53 GMT
ETag: "d3e781a85fb6462cb4e28b8ec20973738c4d94ce"
Last-Modified: Tue, 06 Dec 2022 20:06:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 421
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77589932dd37b4f1-OSL
628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif
200 OK 670 kB URL HTTP/1.1 628536nyv.com/fef6570cf2754141af2117d4ae96f801.gif
IP
File type GIF image data, version 89a, 750 x 150\012- data
Size 670 kB (669569 bytes)
Hash fb77824f7c4e9baba62da5b690a5c7b3
ab57e7f711d25f95c55d7d29aa282af565b4c428
e465f0dc2491c84d9be51ac6638bfcb16d43fd3c1b257bc64e0553f2fefe7528
Analyzer Verdict Alert quad9 Sinkholed
GET /fef6570cf2754141af2117d4ae96f801.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6379dc97-a3781"
Date: Sun, 20 Nov 2022 15:11:05 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 20 Nov 2022 07:51:51 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-30
Content-Length: 669569
ocsp.sectigo.com/
200 OK 471 B IP
Hash bf95b81b835ad5523a3e05e2746e8d60
629a57aa3b9723ed02208f6afba34e7cb6476567
5bc7d3dc86f32bd4570bba473c7f93c9827d8336a1a5ca2d34183c1e50c350e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 04:32:09 GMT
Expires: Tue, 13 Dec 2022 04:32:08 GMT
Etag: "629a57aa3b9723ed02208f6afba34e7cb6476567"
Cache-Control: max-age=538113,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77589931bce8b4ff-OSL
img30.360buyimg.com/popXue/jfs/t1/97168/2/33851/598159/6385e744E98da34cb/51679324922facce.gif
200 OK 598 kB URL HTTP/2 img30.360buyimg.com/popXue/jfs/t1/97168/2/33851/598159/6385e744E98da34cb/51679324922facce.gif
IP
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 960 x 120\012- data
Size 598 kB (598159 bytes)
Hash 30f1219d691eabcfa85af518c45d939f
8552b8fa6ee0f00c58042b6f595a6c066364d85b
69549e5c2fbddf90e23424781fb5d729785986702d73e1cf53a79e8ed05fc1fa
GET /popXue/jfs/t1/97168/2/33851/598159/6385e744E98da34cb/51679324922facce.gif HTTP/1.1
Host: img30.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/gif
content-length: 598159
expires: Thu, 02 Dec 2032 03:52:57 GMT
server: nginx
cache-control: max-age=315360000
last-modified: Tue, 29 Nov 2022 11:04:36 GMT
via: http/1.1 ORI-CLOUD-HB3-MIX-19 (jcs [cMsSfW]), http/1.1 HB-CT-6-MIX-31 (jcs [cMsSfW])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1669719893375-0-0-1-26-26;200;200-1669719893371-0-0-0-39-39;200-1669719893324-0-0-0-46-46
age: 154837
x-via: 1.1 PS-000-01erM87:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:7 (Cdn Cache Server V2.0), 1.1 PSrdsdgemSTO1sw92:15 (Cdn Cache Server V2.0)
x-ws-request-id: 638fc7ee_PS-ARN-01C8L93_10136-61407
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash a0c90e452647f7933952002f1da800cc
b8e941dac013b3a088439ee7b708c4d6eac657f0
4e565b3e8294bac10ac0a673fdafa76381ba93d67fd570335cf9c43a31627e72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89372
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:34 GMT
Etag: "638e820a-117"
Expires: Wed, 07 Dec 2022 23:43:06 GMT
Last-Modified: Mon, 05 Dec 2022 23:43:06 GMT
Server: nginx
Content-Length: 279
200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
200 OK 57 kB URL HTTP/1.1 200.benbenys.com/view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=805, orientation=[*0*], datetime=MM, width=1080], progressive, precision 8, 1080x805, components 3\012- data
Hash 61b977b3527d7c0e27e2af877b5a5c59
4a1f0beee6c8215da2bfda76b5f1c87d62925bfc
945a7b57589fc601eb17079a589c721417a1307db96c103791138bce8b5a7fff
GET /view.php/61b977b3527d7c0e27e2af877b5a5c59.jpg HTTP/1.1
Host: 200.benbenys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Server: Apache
Expires: Thu, 05 Jan 2023 22:53:34 GMT
Pragma: cache
Cache-Control: max-age=2592000
Upgrade: h2
Connection: Upgrade, close
Content-Length: 57375
Content-Type: image/jpeg
acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif
200 OK 158 kB URL HTTP/2 acoozzh.top/30e6eb2de3e8d7da7879e39548fdfe92.gif
IP
File type GIF image data, version 89a, 500 x 300\012- data
Size 158 kB (158376 bytes)
Hash 55574ea2b72e2fbe45871f66165442a8
7fd461a708c87486335dde3e12740c188af0facd
005f42b2004591c7bdb51b40cab0711f489c32bb10ddc2061c5c48469fd769a0
GET /30e6eb2de3e8d7da7879e39548fdfe92.gif HTTP/1.1
Host: acoozzh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/gif
content-length: 158376
last-modified: Mon, 02 May 2022 19:18:16 GMT
etag: "62702e78-26aa8"
expires: Sun, 01 Jan 2023 16:52:36 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 367258
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SjswaByudt7I8xgqxZFarTIZiFyloPVq3afsUGVRRf3k8jI%2FIIt5efbNLNebgVttR1WjhKFfsZj%2BdlKzTEydlEhEDq5VLyhDxikdjf7j3dzxx%2FDs4R%2F%2F8Ciyo%2BLgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775899335d5c0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 24e196b30b78e5d4814c4c0d09ba6d11
8459b99574556acb370193650380b4e55625c75a
811773b9d444df12beb5944e5715eb90f06fd0c12ebcd951615445c1d3709214
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "811773B9D444DF12BEB5944E5715EB90F06FD0C12EBCD951615445C1D3709214"
Last-Modified: Tue, 06 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Wed, 07 Dec 2022 04:52:59 GMT
Date: Tue, 06 Dec 2022 22:53:34 GMT
Connection: keep-alive
i.ibb.co/tL26d3m/240x140.gif
404 Not Found 1.0 kB URL HTTP/2 i.ibb.co/tL26d3m/240x140.gif
IP
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /tL26d3m/240x140.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 40775c54333db78b7a42225e2003d11a
d68300664366584d0359e86c998de3cc5bad50e2
23582031d8a75f84d9ca1dc61ba38a41c09ba22c7ec1a5f2524435be5bb8c25f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "23582031D8A75F84D9CA1DC61BA38A41C09BA22C7EC1A5F2524435BE5BB8C25F"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12324
Expires: Wed, 07 Dec 2022 02:18:58 GMT
Date: Tue, 06 Dec 2022 22:53:34 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 47629c40bd434b6ba39ceb257a1e13cd
ecea7fa54d3c9dbf57d8d2602b3de9471b86117b
f3edf65f96d23c3d8cebe801659e1798459f8f1dd9e681eba86535881b21df20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 13:44:21 GMT
Expires: Mon, 12 Dec 2022 13:44:20 GMT
Etag: "ecea7fa54d3c9dbf57d8d2602b3de9471b86117b"
Cache-Control: max-age=484845,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899335c7eb505-OSL
lbfm.lbpictupian.com/upload/vod/2022/12/5ir1baqofaw.jpg
200 OK 7.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/5ir1baqofaw.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eee8200eb1fc35e2587f70034669b160
d1767962d8c794ccb4754133b24b613d767a81f4
7a68d11aadeb058aff30055fc87acacafe4aa3c5a66c683797e2025a5d89fbc0
GET /upload/vod/2022/12/5ir1baqofaw.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 7876
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8974
content-disposition: inline; filename="5ir1baqofaw.webp"
etag: "638e3f37-230e"
last-modified: Mon, 05 Dec 2022 18:57:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1655
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be231c02-OSL
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 2673ce934a31e750d64e8daed35ab58e
f98f3ed2589b537db12647d6d49899688b674968
157c6fc2fa9295643d5b8bef2af8ad7e7a6ab0f01ef3d85333fdfe071802b17c
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 16:39:33 GMT
Expires: Tue, 13 Dec 2022 16:39:32 GMT
Etag: "f98f3ed2589b537db12647d6d49899688b674968"
Cache-Control: max-age=581757,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77589933589cb503-OSL
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg
200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6a2aff2dcfb0664ccc2282c5719dca38
b71513f6cf6d3021faaaed9e42c3a61fa416a835
c473cf8ebaaecfc9cbd017fde1f7bf5db01a56615f5b0ee4b90f130855091492
GET /upload/vod/2022/11-27/14/l1ptmarpcmz1453l1ptmarpcmz476122.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 7212
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9321
content-disposition: inline; filename="l1ptmarpcmz1453l1ptmarpcmz476122.webp"
etag: "6383097b-2469"
last-modified: Sun, 27 Nov 2022 06:53:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be161c02-OSL
X-Firefox-Spdy: h2
5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
200 OK 748 kB URL HTTP/1.1 5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
IP
File type GIF image data, version 89a, 750 x 120\012- data
Size 748 kB (748166 bytes)
Hash dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608
GET /4aa44d1866a149878b6b79cadb7ab527.gif HTTP/1.1
Host: 5593qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63032a8a-b6a86"
Date: Mon, 28 Nov 2022 12:21:21 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 22 Aug 2022 07:04:42 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-23
Content-Length: 748166
lbfm.lbpictupian.com/upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg
200 OK 8.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7bfbd10c68b3b32f40128c92669b07cb
43b9f512dcf14d6e601fe2957013878d3776bc90
415c375b82e01d275b8f617318c7251c31d5fb14bd92366e0ca3ec9d711492dd
GET /upload/vod/2022/11-27/14/2akielas4ot14532akielas4ot386104.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 8736
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10968
content-disposition: inline; filename="2akielas4ot14532akielas4ot386104.webp"
etag: "63830972-2ad8"
last-modified: Sun, 27 Nov 2022 06:53:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be171c02-OSL
X-Firefox-Spdy: h2
tt.1468tu.com/58tu/405x204.gif
301 Moved Permanently 166 B URL HTTP/1.1 tt.1468tu.com/58tu/405x204.gif
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /58tu/405x204.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://tt.1468tu.com:1382/58tu/405x204.gif
Server: X-Y
lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash faf004bc3a9c3aeedccee94f15c2c8f1
024c98c2cc5fd5abbe46d5376bdf741e0171c231
eeb5f28ef9f96e895253e6ef6dc0fa08e0972cf85cf301af709b943f1af8868d
GET /upload/vod/2022/11-14/11/v5mpxydlmyj1112v5mpxydlmyj341679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 5660
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6650
content-disposition: inline; filename="v5mpxydlmyj1112v5mpxydlmyj341679.webp"
etag: "6371b223-19fa"
last-modified: Mon, 14 Nov 2022 03:12:35 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be1a1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/prymw4egz3l.jpg
200 OK 7.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/prymw4egz3l.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4973320f0de549e195c1a8885c41ffd5
3157a75d33aeb8d6e2e33fbf38ac0b62401a9fc5
7aa71da08bdc085e0ccfff878c6cb7cee0a34fac28469638f3672fc487df0e9e
GET /upload/vod/2022/12/prymw4egz3l.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 7910
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9447
content-disposition: inline; filename="prymw4egz3l.webp"
etag: "638e3f48-24e7"
last-modified: Mon, 05 Dec 2022 18:58:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1655
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be271c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/ma5yr1fqd0g.jpg
200 OK 7.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ma5yr1fqd0g.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4d50def71853c22d07df5450679142d4
b9d101d1d7d4c86074b7b0188208bfe694149dbb
32a0451b3c0202ad011f74307369fb3ded4d30e3e52d101dc3f79cdaaf470176
GET /upload/vod/2022/12/ma5yr1fqd0g.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 6976
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9660
content-disposition: inline; filename="ma5yr1fqd0g.webp"
etag: "638aabcb-25bc"
last-modified: Sat, 03 Dec 2022 01:52:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933ae151c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
200 OK 9.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8fe9c506b4edb32a653396705f3120a6
d2eff7b1c1bfac9c1cd04ffece89fde07b0dd470
4d9d1369feeb7d7d6e3739aaf443da227b4ac00931eba3fa2fc46aba24960ae0
GET /upload/vod/2022/10-20/14/voxkidqmc5v1447voxkidqmc5v04679.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 9504
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10345
content-disposition: inline; filename="voxkidqmc5v1447voxkidqmc5v04679.webp"
etag: "6350eee8-2869"
last-modified: Thu, 20 Oct 2022 06:47:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be201c02-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 1be9d6054657191f8f6a3472d37ee177
afd5f0a6407307b3fc5cedc475b8ad893f1013bb
50538335a6e69b7df5d9e3de5560a52d6a9548f8cada1285b428b0c76159b478
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 18:12:19 GMT
Expires: Sun, 11 Dec 2022 18:12:18 GMT
Etag: "afd5f0a6407307b3fc5cedc475b8ad893f1013bb"
Cache-Control: max-age=414523,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77589932efb70b39-OSL
lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 174c271fbd41b05e66270e9f781e8dc1
6f7b0f3b4e5527db1c55921da243ce6318be9e85
20caa1288d72db1f2e06c6bc40ce0315bea3e87d48ce21f3d7e98f7b4a3adcaf
GET /upload/vod/2019/11-08/09/gfovojapyyj0913gfovojapyyj2322533.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 4468
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6775
content-disposition: inline; filename="gfovojapyyj0913gfovojapyyj2322533.webp"
etag: "5dc4c133-1a77"
last-modified: Fri, 08 Nov 2019 01:13:23 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be1f1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
200 OK 5.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 187a056e67fd5cb46bc7c783f9a9fdac
4ee4e1bf29186fa2c4d5373fe121a6a6031a8737
a02fab7d850232b8f4fb9bc943a441566f738d0d56012f677f5f32d847bdc171
GET /upload/vod/2022/10-14/16/2omtifvgwvo16482omtifvgwvo282149.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 5568
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6690
content-disposition: inline; filename="2omtifvgwvo16482omtifvgwvo282149.webp"
etag: "6349225c-1a22"
last-modified: Fri, 14 Oct 2022 08:48:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be211c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81267f0dd2a21a97169d2dff3bb67578
ec4b5545c42d0a756a2c5304979385195727d80f
d2ccc3a3f54595284db2b42186999635433f6d4beab91a1ca15d54a8bbc51de2
GET /upload/vod/2019/11-08/10/5uhe5rvsnvm10155uhe5rvsnvm1724067.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 8224
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9431
content-disposition: inline; filename="5uhe5rvsnvm10155uhe5rvsnvm1724067.webp"
etag: "5dc4cfb5-24d7"
last-modified: Fri, 08 Nov 2019 02:15:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be1c1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
200 OK 14 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c814bbc877c9b41935908734d76b7778
7ba4a76ea6941ff9b06fff0ecadfd0abb64d719d
df93a1cb47f111b26f72ee2597416438f133ced23a03a767216497c5b258b7d5
GET /upload/vod/2020/01-05/19/dtszjm23bak1958dtszjm23bak534851.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/jpeg
content-length: 14387
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15124, status=webp_bigger
etag: "5e11cf7d-3b14"
last-modified: Sun, 05 Jan 2020 11:58:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77589933be191c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/tcdpg13snza.jpg
200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/tcdpg13snza.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fcd1dbc072389aa4bffa0cae9551384e
b62f99a8c47c17ab012d5fb0d4d340ef2b4cd507
9e121a2f3ac8c194d299c7e73931ca6379b29bacc547b2e8f141e523b427a841
GET /upload/vod/2022/12/tcdpg13snza.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 5670
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7362
content-disposition: inline; filename="tcdpg13snza.webp"
etag: "638e3f52-1cc2"
last-modified: Mon, 05 Dec 2022 18:58:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be291c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/btlcyiokzkb.jpg
200 OK 7.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/btlcyiokzkb.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6950230127238524df217a9b0105fc98
fdfccf60598ef747b92f300269c3402c7c0cb3f3
e52d2ca43419f2fd164688c7356496e1aa9bc43d47ae0eccebf2b2eccd7db72f
GET /upload/vod/2022/12/btlcyiokzkb.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 7072
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8448
content-disposition: inline; filename="btlcyiokzkb.webp"
etag: "638e3f41-2100"
last-modified: Mon, 05 Dec 2022 18:58:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1655
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be251c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/njb13lao3bg.jpg
200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/njb13lao3bg.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fd2bd95b811fb4b98053dafdfdd286fb
b55a45ef3d87668d474ec27fff241914d960a23b
1d1016d909bfecbd9dc6510ac5b2d5f1057fe44911cc242a5228e2ba143da5f1
GET /upload/vod/2022/12/njb13lao3bg.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 9880
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10419
content-disposition: inline; filename="njb13lao3bg.webp"
etag: "638e3f44-28b3"
last-modified: Mon, 05 Dec 2022 18:58:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1655
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be261c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/r5amnxh2skf.jpg
200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/r5amnxh2skf.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2277d437eee953748e830c45f59fa99c
ec8522d67a19eb871762b5ddd4e7d353dbfc3977
56c9f417e0c7905de77b7ff73939b1b156fad8ccc98dad13ae1f84a7690ea197
GET /upload/vod/2022/12/r5amnxh2skf.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 6430
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7368
content-disposition: inline; filename="r5amnxh2skf.webp"
etag: "638e3f2e-1cc8"
last-modified: Mon, 05 Dec 2022 18:57:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1655
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be221c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/hsnj1ubsthi.jpg
200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/hsnj1ubsthi.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6e41c86488363ea138fd5b1fe621acc7
6620a306d4e3071087771a873f5b544964a977c3
07ad53a7cdaba57fb2cf5837fb2680cf01899431bc8420d8da0bcedf236c61fb
GET /upload/vod/2022/12/hsnj1ubsthi.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 7746
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9225
content-disposition: inline; filename="hsnj1ubsthi.webp"
etag: "638e3f4e-2409"
last-modified: Mon, 05 Dec 2022 18:58:22 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1655
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be281c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/lzepldo2fqv.jpg
200 OK 6.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/lzepldo2fqv.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f0416e370ecdab96a7e9c0f86df431e
c35b8874dde1d9d35c556957cc7b4bb3242cdc37
796d8ba6e00f5f853ddd5626982dd2cadc10b6d0d551848a06f00e77d4699fae
GET /upload/vod/2022/12/lzepldo2fqv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 6436
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7826
content-disposition: inline; filename="lzepldo2fqv.webp"
etag: "638e3f59-1e92"
last-modified: Mon, 05 Dec 2022 18:58:33 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be2b1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/xmdo2xs0dqi.jpg
200 OK 7.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/xmdo2xs0dqi.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8b466d89298b3f726907ab208ad933a6
fefe8487454546b1038120df95a5b3fa693ce4fc
d08dc8c108c3a1c3227d4573a8e0d11108b81ddb18900550a6c61a82987c3022
GET /upload/vod/2022/12/xmdo2xs0dqi.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 7762
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9014
content-disposition: inline; filename="xmdo2xs0dqi.webp"
etag: "638e3f5e-2336"
last-modified: Mon, 05 Dec 2022 18:58:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be2c1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/sobbzxvocgq.jpg
200 OK 5.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/sobbzxvocgq.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75b54d2ce5e02822fe58b84e505ad518
913fd98e8fec0ab53539bd0a94948f825d5cf069
b689e4da07e8a04693947acc31bdbbf1cf07ddf1c8955841bfb45ac686c45bd5
GET /upload/vod/2022/12/sobbzxvocgq.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 5734
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7926
content-disposition: inline; filename="sobbzxvocgq.webp"
etag: "638e3f69-1ef6"
last-modified: Mon, 05 Dec 2022 18:58:49 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be2f1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg
200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 470fbc0b663330b5a2fd1c629f26c7a1
8e259d89553d796f1c8fe0d0592a390242787384
b7169cb05b7a76be7d7151047de2f729af659bb75e5bd953edc027b18eebd78d
GET /upload/vod/2022/11-20/13/bv24ubfd0w11334bv24ubfd0w1463373.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 8502
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9636
content-disposition: inline; filename="bv24ubfd0w11334bv24ubfd0w1463373.webp"
etag: "6379bc76-25a4"
last-modified: Sun, 20 Nov 2022 05:34:46 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be181c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/dakefq0avsn.jpg
200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/dakefq0avsn.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a7a79a27e8e7cfe7d1dfb79570ca172e
bcb7682065c0821acec32b57260d03ccc3d1d447
5ce22cc1dd3df0ef87d45179a2610b18bbe635b508be63ecfee97674cf1cceff
GET /upload/vod/2022/12/dakefq0avsn.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 8482
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9333
content-disposition: inline; filename="dakefq0avsn.webp"
etag: "638e3f3c-2475"
last-modified: Mon, 05 Dec 2022 18:58:04 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1655
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be241c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/2w2xybpqr5a.jpg
200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/2w2xybpqr5a.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec9140b1c62125ba6cb161043fe342c2
d6f40c30da55124fd11b206fbc3f1d22612ec6b1
d092965023685dd578df1282b035544760903fee9235d9b0f2c9cc8dfd92d55d
GET /upload/vod/2022/12/2w2xybpqr5a.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 8218
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9397
content-disposition: inline; filename="2w2xybpqr5a.webp"
etag: "638e3f55-24b5"
last-modified: Mon, 05 Dec 2022 18:58:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 77589933be2a1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash b022836144761d53fd172695cd436216
71dd9ccacd6072c9aeab040b290e151ff01e8d02
6e559b55fe38655bb5668daa0fd7125e23e6924d3562f7144e7fc7600bb41918
GET /upload/vod/2019/11-08/10/hmdrg44c14i1016hmdrg44c14i5324103.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/jpeg
content-length: 11122
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11646, status=webp_bigger
etag: "5dc4d015-2d7e"
last-modified: Fri, 08 Nov 2019 02:16:53 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77589933be1e1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/xn2yac2lgrf.jpg
200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/xn2yac2lgrf.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 5a0f7c602b2696c8cbf7ba92eb25c717
314bc26714ebe03758530ab9a867726f8d80d130
ed06a7a18e1d69e781006628625c19484c6a670d498b731545b7eaa8f92f73b4
GET /upload/vod/2022/12/xn2yac2lgrf.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/jpeg
content-length: 10825
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11443, status=webp_bigger
etag: "638e3f62-2cb3"
last-modified: Mon, 05 Dec 2022 18:58:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77589933be2d1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/pu2fy5egw41.jpg
200 OK 9.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/pu2fy5egw41.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 0cc1cc80d0096511e6f4464f7bbabe52
e3778918305d501b42174d157c237458ea19817b
b0e3f7ae40e6a29d864737e2efc1adf6809604ce4e059343105d850ee9fccf02
GET /upload/vod/2022/12/pu2fy5egw41.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/jpeg
content-length: 9418
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9925, status=webp_bigger
etag: "638e3f65-26c5"
last-modified: Mon, 05 Dec 2022 18:58:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77589933be2e1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg
200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 64e5d30e2c9ff8d2beacad9f64a97e7a
7fa9fc846cd7c6695ca6bdb2bd46e21a76f9f1ae
fef9d085f8ed814c53c48d162379bf86971f29ec4a7b7e3d2a962a006fca5de7
GET /upload/vod/2022/11-28/13/wswrngh00et1340wswrngh00et276556.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/jpeg
content-length: 12826
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13483, status=webp_bigger
etag: "638449cb-34ab"
last-modified: Mon, 28 Nov 2022 05:40:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775899348eb91c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg
200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4858cbdc894b0a591319a947ff5d5db3
e01e4efdccc57ae3baf8f24a10dd9a726904f766
da1e76bdee447c2fc67b2da81b4067947f4cee2798ecf0903f16d9fb10b64c81
GET /upload/vod/2022/11-25/13/q2aftvnkn2q1356q2aftvnkn2q145240.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 7200
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8578
content-disposition: inline; filename="q2aftvnkn2q1356q2aftvnkn2q145240.webp"
etag: "638058fe-2182"
last-modified: Fri, 25 Nov 2022 05:56:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 775899348ebd1c02-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 118704628b41fb6f186946551238f9d5
8b3bf0f37d48833e4c82e298420a55c328f433af
00b2dae0194b1af60105a6c5cd7bb0f59f44097f28d2fe48ba79c1bcfb9a39cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:34 GMT
Server: ECS (amb/6B76)
Content-Length: 471
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash dae750546bb982e1fe2a8a43def15b5e
2a338dc30d4fcc62c667756d2a95fb1f6b60d46c
11e9b7c279a9cb92e8cf51161be2dcfb5cab92350b7d0dbe05c97aaa325b0543
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 14:12:35 GMT
Expires: Mon, 12 Dec 2022 14:12:34 GMT
Etag: "2a338dc30d4fcc62c667756d2a95fb1f6b60d46c"
Cache-Control: max-age=486539,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899345a03b4ee-OSL
lbfm.lbpictupian.com/upload/vod/2022/12/ybey0szcirk.jpg
200 OK 4.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ybey0szcirk.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fd5b706e10618b4a032531bfc738fdde
020d78d03928da64bc8caef98dc70d746c86e57d
39d3e31400c76ee854bb8795dedd7189d7c8df7d014e6b66ef41435779b743f1
GET /upload/vod/2022/12/ybey0szcirk.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 4420
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6267
content-disposition: inline; filename="ybey0szcirk.webp"
etag: "638e3f33-187b"
last-modified: Mon, 05 Dec 2022 18:57:55 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1655
accept-ranges: bytes
server: cloudflare
cf-ray: 775899348ec01c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/pr2wodxhts3.jpg
200 OK 13 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/pr2wodxhts3.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d94307031ceaff53706bc5519e4e197c
6bb971083c4e22c9b5a53245847fc2918159e25e
5035a72e94fd0467dd403c1f716f4da17e5382d90713cffb53a7fb92105ec995
GET /upload/vod/2022/12/pr2wodxhts3.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 13044
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13331
content-disposition: inline; filename="pr2wodxhts3.webp"
etag: "638aaacf-3413"
last-modified: Sat, 03 Dec 2022 01:47:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 775899348ebf1c02-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/oaieww1xseg.jpg
200 OK 3.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/oaieww1xseg.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c087e7b08ad01408c2eed28dcfc5ff14
5de93e540897bccfbabb6b3c1bc6b3d1e65ba1f4
50c08e8aafb5a7d7466c9d8b0d09c5a12c9acfe24368aac4af2747ebd632fa44
GET /upload/vod/2022/12/oaieww1xseg.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/webp
content-length: 3446
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5456
content-disposition: inline; filename="oaieww1xseg.webp"
etag: "638da65c-1550"
last-modified: Mon, 05 Dec 2022 08:05:48 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6643
accept-ranges: bytes
server: cloudflare
cf-ray: 775899348ebe1c02-OSL
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash dae750546bb982e1fe2a8a43def15b5e
2a338dc30d4fcc62c667756d2a95fb1f6b60d46c
11e9b7c279a9cb92e8cf51161be2dcfb5cab92350b7d0dbe05c97aaa325b0543
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 14:12:35 GMT
Expires: Mon, 12 Dec 2022 14:12:34 GMT
Etag: "2a338dc30d4fcc62c667756d2a95fb1f6b60d46c"
Cache-Control: max-age=486539,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899345a2fb51d-OSL
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
200 OK 507 kB URL HTTP/1.1 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 507 kB (506851 bytes)
Hash 720e80d2a7ff4cf1bbf0b1608c2f35de
bf0a987ac8d4c7728171fe41e5c45b61b45a2f73
e177aeb64efe8103f8af0afc0a768394d970bbe60edcf103a083d56b915c18b1
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 506851
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:08:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 06 Dec 2022 10:42:50 GMT
ETag: "720e80d2a7ff4cf1bbf0b1608c2f35de"
X-Cache: Hit from cloudfront
Via: 1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: KSVYEjZFksHjjrZRTtGTGriArSdUicRWUmiBuCgnw--Jl-b3tK8eXg==
Age: 43844
www.jxys11.xyz/template/m1938pc/static/css/bootstrap.min.css
200 OK 54 kB URL HTTP/2 www.jxys11.xyz/template/m1938pc/static/css/bootstrap.min.css
IP
Hash 3b6954e2bd138356496703155074a0a0
3559570f366712afaa1222e8d83d9b27d165105a
03ff1beecf6d2309a4b66cb2708751ab19f5112679b676d863076ca9fb504613
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:30 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Wed, 07 Dec 2022 10:53:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash dae750546bb982e1fe2a8a43def15b5e
2a338dc30d4fcc62c667756d2a95fb1f6b60d46c
11e9b7c279a9cb92e8cf51161be2dcfb5cab92350b7d0dbe05c97aaa325b0543
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 14:12:35 GMT
Expires: Mon, 12 Dec 2022 14:12:34 GMT
Etag: "2a338dc30d4fcc62c667756d2a95fb1f6b60d46c"
Cache-Control: max-age=486539,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77589934ba5fb4ee-OSL
ocsp.digicert.com/
200 OK 727 B IP
Hash 0a2d079aba514cb1f2e4fa7350095835
42a0f36117103b4b51269a081d653ddec662ffac
a8ace68f7887c0d201c14260cd2530d141ce277ca8497546bde48e3bd6c25350
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5798
Cache-Control: max-age=88688
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:34 GMT
Etag: "638e68b8-2d7"
Expires: Wed, 07 Dec 2022 23:31:42 GMT
Last-Modified: Mon, 05 Dec 2022 21:55:04 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
200 OK 727 B IP
Hash 0a2d079aba514cb1f2e4fa7350095835
42a0f36117103b4b51269a081d653ddec662ffac
a8ace68f7887c0d201c14260cd2530d141ce277ca8497546bde48e3bd6c25350
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3445
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:34 GMT
Etag: "638e68b8-2d7"
Last-Modified: Tue, 06 Dec 2022 21:56:09 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
200 OK 280 B IP
Hash c7e8e15bec4337e96ff2670a943e6771
65416a3f63ba24851cbfd798dcf6669d0c8c01e6
fc4cc54f2f49b89b2a102b4c855c4a21e5ed92ba81ea2c1a6578a8839fe57c18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1361
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:34 GMT
Etag: "638e035d-117"
Last-Modified: Tue, 06 Dec 2022 22:30:53 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 280
p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
200 OK 638 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 80\012- data
Size 638 kB (637830 bytes)
Hash 038cc3c0d0309ae7edac2468660d6ace
7c625c7e99f6cc090985f06c31d835852c407b83
029afc7f86b07276e77f5a1f657b2347204ab18863ed2c40d3a5122f23d12c82
GET /obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 637830
date: Mon, 05 Dec 2022 07:19:41 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 07:06:39 GMT
nw-session-id: 2022120515063901020817416040A88D6D5gd7m01dy
nw-session-trace: 2022-12-05T15:06:39.255333075+08:00 40
x-bdcdn-cache-status: TCP_HIT
x-length: 637830
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 15:06:39 GMT
x-tt-logid: 2022120515063901020817416040A88D6D
via: n132-080-035, cache17.l2de2[277,276,206-0,M], cache2.l2de2[278,0], cache2.l2de2[278,0], cache1.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc03:8:568::226
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015ee642df66cd746d16887c71efd404179b406acb3f4f6c19ada7b06b9501d3aabb81d46a68162f0279f3f53cbf9e15a6cff21f060722d408026a0be3aa794f232d50469357075367d59bf8fb59328eee5d0a8af58951d10f6f364e4fa2b44ed3
x-response-lb: image
ali-swift-global-savetime: 1670224781
age: 142433
x-cache: HIT TCP_MEM_HIT dirn:4:447636702 mlen:0
x-swift-savetime: Mon, 05 Dec 2022 07:19:41 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916703672148795114e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
200 OK 460 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 460 kB (459882 bytes)
Hash 9755d798f1df0ff90ff281daf889c27e
6684c546dc5b1e65c84786cf929562e4bf5a4854
86943358042194179070f2e3fa41e8296cd53999c5d025fdcaf6ddff98714f87
GET /obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 459882
date: Mon, 05 Dec 2022 11:57:37 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:29:24 GMT
nw-session-id: 202212051929240102090950660FC6D0DCgkhk903dy
nw-session-trace: 2022-12-05T19:29:24.652328753+08:00 35
x-bdcdn-cache-status: TCP_HIT
x-length: 459882
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:29:24 GMT
x-tt-logid: 202212051929240102090950660FC6D0DC
via: n132-078-099, cache9.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc03:4:481::12
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e53d331f021ee346a4a71cd251f620c397b4785e133000e4fcc6a1414827e76105afaf9318ee148ff06afa2468c0c77cf2a1905b0e38acce52cf9db0363cd74a65d3a109f76bc5c653c18372cd8b87f98cdbbed705c989cbdb2708cf3e5eac60
x-response-lb: image
ali-swift-global-savetime: 1670241457
age: 125757
x-cache: HIT TCP_MEM_HIT dirn:2:442320201
x-swift-savetime: Mon, 05 Dec 2022 12:00:14 GMT
x-swift-cachetime: 31535843
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916703672148845120e
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c7e8e15bec4337e96ff2670a943e6771
65416a3f63ba24851cbfd798dcf6669d0c8c01e6
fc4cc54f2f49b89b2a102b4c855c4a21e5ed92ba81ea2c1a6578a8839fe57c18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1348
Cache-Control: max-age=144693
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:34 GMT
Etag: "638f54df-118"
Expires: Thu, 08 Dec 2022 15:05:07 GMT
Last-Modified: Tue, 06 Dec 2022 14:42:39 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash dae750546bb982e1fe2a8a43def15b5e
2a338dc30d4fcc62c667756d2a95fb1f6b60d46c
11e9b7c279a9cb92e8cf51161be2dcfb5cab92350b7d0dbe05c97aaa325b0543
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 14:12:35 GMT
Expires: Mon, 12 Dec 2022 14:12:34 GMT
Etag: "2a338dc30d4fcc62c667756d2a95fb1f6b60d46c"
Cache-Control: max-age=486539,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899341944b503-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246
200 OK 312 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 312 kB (311995 bytes)
Hash a78b1d3c4c374bd5a68ee79cd6a32092
78846daf14c2d75e5a82906ac98bdc199928344f
851a82f9cd3832f933509975a4f7a414a5ce9333af9865f8b383bd1851d7b816
GET /obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 311995
date: Sat, 26 Nov 2022 13:16:33 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 26 Nov 2022 11:30:39 GMT
nw-session-id: 2022112619303901020908713822A266142qftk03dy
nw-session-trace: 2022-11-26T19:30:39.707647645+08:00 48
x-bdcdn-cache-status: TCP_HIT
x-length: 311995
x-powered-by: ImageX
x-response-date: Sat, 26 Nov 2022 19:30:39 GMT
x-tt-logid: 2022112619303901020908713822A26614
via: n131-120-073, cache1.l2de2[0,0,206-0,H], cache17.l2de2[0,0], cache17.l2de2[1,0], cache3.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc03:4:481::52
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017a400951cb8b1f6f99182a8c8a87682ff0a3cf0eab6da2f3c1f2d4643076e0781d8448ce5629cbfc4f7ae85a35f0343fa4bbbf262be9039644130e292f8ff5ba13be69171c546bd0c61898a92f6ce9b807474e824c6b6f56a295f19bf9a95b59
x-response-lb: image
ali-swift-global-savetime: 1669468593
age: 898621
x-cache: HIT TCP_MEM_HIT dirn:1:194112777
x-swift-savetime: Sat, 26 Nov 2022 13:38:50 GMT
x-swift-cachetime: 31534663
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916703672149255160e
X-Firefox-Spdy: h2
nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
200 OK 524 kB URL HTTP/2 nvhbbb.top/99d9b625f2ad0e82d1c36c0d0f18e725.gif
IP
File type GIF image data, version 89a, 325 x 143\012- data
Size 524 kB (523775 bytes)
Hash 2e77865c5e60159691251f889fbcbde5
538cd55848422448bbfe390a20c3dff6d78998fe
fda43c5dafab5df63cca29ea0c9c36e80930634c9d07a788adadf45f7833d1cc
GET /99d9b625f2ad0e82d1c36c0d0f18e725.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys11.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:35 GMT
content-type: image/gif
content-length: 523775
last-modified: Sun, 28 Aug 2022 11:22:29 GMT
etag: "630b4ff5-7fdff"
expires: Fri, 16 Dec 2022 18:59:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1742061
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pu92DxYB1n9oVAAn098vsVdLPuUEmIJE0iZT%2B9O%2FYlrrlvWYO6mUN1wGKqhUOBTvrcs%2FlO1gbcTBU9owfA%2B0StzMup1%2FTw1Q%2BhAChqco1yymZaN9dReuS3zJqjdv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77589935ae3fb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
200 OK 1.1 MB URL HTTP/2 nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys11.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:35 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1927181
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jf0KjgsNMVvJ5vqJACg1WnC4cS4W%2Fh2r5zXnFOrZ3TEAqSgT8e%2Fi2G8Y5jkTiqLffwnliJeNfddzWlFi0ijQ%2BiUUj5WYhzq7fm0bpXA53pf0MAsKKwXQe%2BQYWMLz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77589935ce55b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
200 OK 685 kB URL HTTP/1.1 kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
IP
File type GIF image data, version 89a, 384 x 216\012- data
Size 685 kB (684992 bytes)
Hash 6f531c957ea61da41ab38ccc064ac606
e2c1ccf65b2c8e2dadee1bd61ecf5539a2100825
e1094802df1cac8e84815e0d8807bbb5e73e161994c773d3a58d201f918d64b3
GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 684992
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:07:09 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 06 Dec 2022 15:56:43 GMT
ETag: "6f531c957ea61da41ab38ccc064ac606"
X-Cache: Hit from cloudfront
Via: 1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: WWMIZ8SQVcpYGiwktGJ83BOHYAvkSiLQUlUcKx_MBoxjVOWb3aNkKw==
Age: 25011
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
Hash fc3d9b2b1be1519356dae8de85139921
5cdfb40fc31cb3191be3474035d6fa36949711ca
a482ae109ec40039a0339d4e555cf44569309fd1ca67b32e157333aee78c5f51
POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 727 B IP
Hash 0f16558350cdc0791ab380ce4cd55636
7a1654c58ed6498272e499839d14aa99909199e8
6162272254439de90561c9a5529ea309b8d2dbd2522299ec26ca6fed6afe4532
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169293
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:35 GMT
Etag: "638fba3b-2d7"
Expires: Thu, 08 Dec 2022 21:55:07 GMT
Last-Modified: Tue, 06 Dec 2022 21:55:07 GMT
Server: nginx
Content-Length: 727
kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
200 OK 740 kB URL HTTP/2 kvkggg.top/800a83efcf662b60b2ec0c6bb37ce110.gif
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 740 kB (739561 bytes)
Hash 5318e42d25e6b9b53726d8166248cc33
762b03c16562865a9a58a02dba471f78608376db
b632e7a04d032c4853a8460e9d636ac032f697db8f50cfee6a6016587ed8f62c
Analyzer Verdict Alert quad9 Sinkholed
GET /800a83efcf662b60b2ec0c6bb37ce110.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys11.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:35 GMT
content-type: image/gif
content-length: 739561
last-modified: Mon, 02 May 2022 19:20:49 GMT
etag: "62702f11-b48e9"
expires: Tue, 03 Jan 2023 15:14:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 200354
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LP1cS%2Bv374YlzAZ%2FoEEz6RhwNklX9dnI%2FRe%2FgBpnC4Bh1nwiCsAFUKMF%2B0oktc2Ob1URNkRmHB2c3HwjlI%2BkCyV7K5rh6BG1lA7ULFuKxid9MFdYpvyqdLLWKR%2Fh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775899369a280b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tpkj2222.com/img/k80m/oCIA5ZH28.gif
200 OK 54 kB URL HTTP/1.1 tpkj2222.com/img/k80m/oCIA5ZH28.gif
IP
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 60\012- data
Hash 229a4026db2406ebd6fd4ff49b78c17a
c4fa9b8a95fe3e583fba87826af4b3eaf2faca0c
79fc0f33ed6ccd3acc6c6317b9d4cea3d8eb238085b0ea7fdcf9b16c70681ba9
GET /img/k80m/oCIA5ZH28.gif HTTP/1.1
Host: tpkj2222.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"54275-1670144930000"
Last-Modified: Sun, 04 Dec 2022 09:08:50 GMT
Expires: Wed, 21 Dec 2022 22:53:34 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 49bb549342c7363b5004a8d5b2e82461
b48e27aba48df20e1b7ca38bb4b0f06639e632f9
a7e58fde2fbe35241ed5e99ab57dd2c6feab5bf2309f6cfc1f6f0ff00adbab45
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A7E58FDE2FBE35241ED5E99AB57DD2C6FEAB5BF2309F6CFC1F6F0FF00ADBAB45"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19739
Expires: Wed, 07 Dec 2022 04:22:34 GMT
Date: Tue, 06 Dec 2022 22:53:35 GMT
Connection: keep-alive
p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb
200 OK 440 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 440 kB (439790 bytes)
Hash 07ad6948d174b603a75e166a521bbb04
d08af2d0fc9693ce636e66cbb89277875d7954f4
40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b
GET /obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 439790
date: Sat, 26 Nov 2022 13:16:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 26 Nov 2022 11:30:39 GMT
nw-session-id: 2022112619303901015013207634B66C26h2vnt03dy
nw-session-trace: 2022-11-26T19:30:39.564101929+08:00 31
x-bdcdn-cache-status: TCP_HIT
x-length: 439790
x-powered-by: ImageX
x-response-date: Sat, 26 Nov 2022 19:30:39 GMT
x-tt-logid: 2022112619303901015013207634B66C26
via: n150-059-155, cache1.l2de2[0,0,206-0,H], cache14.l2de2[1,0], cache14.l2de2[1,0], cache8.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc02:22:88::209
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 017a400951cb8b1f6f99182a8c8a87682f36a7bc8c9d51c44eea0062d5621a593cf11ecf59e1d039d14eacf478f79a4f6c371b82af94314a1c2da27ab8970cef0e421d48454c58e7340acddc4faf3a396fa65def9cb218d02bc5986a2c25b010d8
x-response-lb: image
ali-swift-global-savetime: 1669468593
age: 898622
x-cache: HIT TCP_MEM_HIT dirn:1:46882085
x-swift-savetime: Sat, 26 Nov 2022 13:38:46 GMT
x-swift-cachetime: 31534667
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916703672151325317e
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/6NFsAw0VKxk
IP
Hash 494aaaf4b850e21c93f05fd18de163c8
65651bfdb5feac6f09fd5fdcc0a92e13f10c9b52
fbff6623f1743a6ba9387ad1bb719492678d0d3bfb043f64a47e105d13c24845
POST /s/gts1p5/6NFsAw0VKxk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jxys11.xyz/template/m1938pc/static/css/swiper.min.css
200 OK 65 kB URL HTTP/2 www.jxys11.xyz/template/m1938pc/static/css/swiper.min.css
IP
Hash 984440686f181234f4774269e6c6724a
9afa638b1944695630c26a7d5f10359d97905125
f89e24e22d1153aa645d3ac7506f1707cdf016ef9bcd75bfde6274735fc662f9
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:30 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Wed, 07 Dec 2022 10:53:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif
403 Forbidden 455 B URL HTTP/2 acoosso.top/3c1bcbe1527d69a7efc3687b42d7ea1f.gif
IP
Hash 5204cf3a87d4a235ed89f1e5b84593da
fc42bbf34592cb6a4de56a063b145aaae6eb2322
ef91080ad0ec40b2aa4ab7a05932481dc9a8e538e0c3fa05dd0164213dab197f
GET /3c1bcbe1527d69a7efc3687b42d7ea1f.gif HTTP/1.1
Host: acoosso.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Tue, 06 Dec 2022 22:53:34 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
200 OK 671 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 640 x 480\012- data
Size 671 kB (670683 bytes)
Hash 61c09a981829377054623156baf850e6
5cd5e1eaf04ef37423d10627843e7343f6d9cf1b
5db0fc0627b1e799b901b2b8b9776554140691b3a0af637830583ce11ebd5732
GET /obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 670683
date: Sat, 03 Dec 2022 23:04:06 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 03 Dec 2022 14:51:25 GMT
nw-session-id: 202212032251250101580272332408E39Dmsccj01dy
nw-session-trace: 2022-12-03T22:51:25.303965852+08:00 76
x-bdcdn-cache-status: TCP_HIT
x-length: 670683
x-powered-by: ImageX
x-response-date: Sat, 03 Dec 2022 22:51:25 GMT
x-tt-logid: 202212032251250101580272332408E39D
via: n128-134-083, cache19.l2de2[0,0,206-0,H], cache23.l2de2[1,0], cache23.l2de2[2,0], cache5.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc03:14:106::139
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01d2b933b80cd63bdabd535e81ee82cdcf68acbb1b0a41eec30a7ae2f552e036542f9211f10318f683bc70e3f62b7da904ee6bc7dc68c52ba9c2b46f593a97a406ba73f7c822f084e318764226c6a1a745212e77f051359e3af4d91fa2736f9983
x-response-lb: image
ali-swift-global-savetime: 1670108646
age: 258569
x-cache: HIT TCP_MEM_HIT dirn:-2:-2 mlen:0
x-swift-savetime: Mon, 05 Dec 2022 10:16:57 GMT
x-swift-cachetime: 31409229
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916703672152275372e
X-Firefox-Spdy: h2
max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
200 OK 864 kB URL HTTP/2 max004.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: max004.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys11.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:35 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Mon, 26 Dec 2022 12:02:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 903049
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jR72Ds9Y27Q%2FosUXOqxlsjrzMUctyYTMgb9wOCy%2Fhqmj%2FCCiG%2FH%2FSA4LqRQlvc9MTdZvOJhQ2Xi9hOIXbWlWASu4oMDVHpi259NPu9F8W7nUQiEedGSI6dRATmV4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775899374840fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash dae750546bb982e1fe2a8a43def15b5e
2a338dc30d4fcc62c667756d2a95fb1f6b60d46c
11e9b7c279a9cb92e8cf51161be2dcfb5cab92350b7d0dbe05c97aaa325b0543
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 14:12:35 GMT
Expires: Mon, 12 Dec 2022 14:12:34 GMT
Etag: "2a338dc30d4fcc62c667756d2a95fb1f6b60d46c"
Cache-Control: max-age=486539,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899347edcb509-OSL
sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
200 OK 112 kB URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/1212/af640x350.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 640 x 350\012- data
Size 112 kB (112297 bytes)
Hash 8bb96c4387fdae545693ec79e18c0278
e0428e9c4e3f04c38ef89e236c37e523151329c6
0222f1b7240cf95fca28796002c45ea1b6cd976750e3223f25d2aaeeb1b6c106
GET /1212/af640x350.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: image/gif
Content-Length: 112297
Connection: keep-alive
x-oss-request-id: 638FC7EEB4DCFB3139E7B110
Accept-Ranges: bytes
ETag: "8BB96C4387FDAE545693EC79E18C0278"
Last-Modified: Tue, 11 Oct 2022 10:34:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9438539724646848523
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: i7lsQ4f9rlRWk+x54YwCeA==
x-oss-server-time: 1
ocsp.sectigo.com/
200 OK 472 B IP
Hash a22ef0a141153d0eaae9b468dee24110
fc19fdbe2756787f773b559b68351ed1e48305b4
2e5dd0aef974e96081d5b29509b265598d60f91a342a7328e2e66941e0dc6ff5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 13:28:28 GMT
Expires: Sat, 10 Dec 2022 13:28:27 GMT
Etag: "fc19fdbe2756787f773b559b68351ed1e48305b4"
Cache-Control: max-age=311091,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899377888b505-OSL
max002.top/68a7807de3933bf7079116fa9df99e6f.gif
200 OK 366 kB URL HTTP/2 max002.top/68a7807de3933bf7079116fa9df99e6f.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: max002.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys11.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:35 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Thu, 05 Jan 2023 08:50:53 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 50562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ggysz3W1pQaiG1%2BouV7Gl6K7uNHTxPqiJOpm1B9DInt6hqNC800n%2FGvNxbxOwbDQKwt%2FEBDT07%2FSSqb0XdDxQsEzS4ebkKYdg1%2FTIpKeqsV%2FhX5Qh1vSQ40mJNxM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775899376d5b4066-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
200 OK 161 kB URL HTTP/1.1 585227ybn.com/41b638d808b64a4db1c3e57fb5622e78.gif
IP
File type GIF image data, version 89a, 320 x 185\012- data
Size 161 kB (160599 bytes)
Hash 1e6146135f463f9dd5a91b6ec27e6dc6
b4871d778c720ce51a7c0e9fef07230b6ac0935a
ee63a02abc03ac35bb66a8010518568351f9215b346ffdc244f6b8926ff08519
Analyzer Verdict Alert quad9 Sinkholed
GET /41b638d808b64a4db1c3e57fb5622e78.gif HTTP/1.1
Host: 585227ybn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b9085-27357"
Date: Tue, 29 Nov 2022 13:38:20 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:19:17 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-30
Content-Length: 160599
ocsp.digicert.com/
200 OK 279 B IP
Hash db3cfe85021496411444a5ca32e38d13
52c190836506e9234928affe7110f46eb7e8f2f8
fdb369c9d3185d4b143cd9a5490d6ed2bbbb1500e74d9e67b755aba0ced06221
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=144433
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:35 GMT
Etag: "638f5920-117"
Expires: Thu, 08 Dec 2022 15:00:48 GMT
Last-Modified: Tue, 06 Dec 2022 15:00:48 GMT
Server: nginx
Content-Length: 279
592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
200 OK 580 kB URL HTTP/1.1 592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 580 kB (580315 bytes)
Hash 1a429adb0604b6dd52d269910a16df11
0e6e0b7135822c02ae159c14a1b4aebfa75b0982
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
Analyzer Verdict Alert quad9 Sinkholed
GET /ec0e8c2b5d2a4082a1acaceabcfca983.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba261-8dadb"
Date: Wed, 30 Nov 2022 10:16:24 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:35:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-18
Content-Length: 580315
ocsp.sectigo.com/
200 OK 472 B IP
Hash be96384f67d739bfc777eca2009aa2d5
7e24abfcfc315abef7279fdc6eb7e9e1e0a5d4a0
44970ac66b02239944ce92795d167d11bcf2b6e402dff67d7416906fd7dab826
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 13:11:48 GMT
Expires: Mon, 12 Dec 2022 13:11:47 GMT
Etag: "7e24abfcfc315abef7279fdc6eb7e9e1e0a5d4a0"
Cache-Control: max-age=482891,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899382c670b39-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 43a130a5599ab3488eb1c50fdd5715e1
0efe6db064c6e272699cb74812da3f1dcf768766
780db7b986a6a4a66391e7e99b18c69945b518ad9a146e0e316517e8aa59bddc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 01:45:21 GMT
Expires: Sun, 11 Dec 2022 01:45:20 GMT
Etag: "0efe6db064c6e272699cb74812da3f1dcf768766"
Cache-Control: max-age=355304,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77589938a973b505-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash db3cfe85021496411444a5ca32e38d13
52c190836506e9234928affe7110f46eb7e8f2f8
fdb369c9d3185d4b143cd9a5490d6ed2bbbb1500e74d9e67b755aba0ced06221
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:35 GMT
Etag: "638e079f-116"
Server: ECS (amb/6B76)
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash a0c90e452647f7933952002f1da800cc
b8e941dac013b3a088439ee7b708c4d6eac657f0
4e565b3e8294bac10ac0a673fdafa76381ba93d67fd570335cf9c43a31627e72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89371
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:35 GMT
Etag: "638e820a-117"
Expires: Wed, 07 Dec 2022 23:43:06 GMT
Last-Modified: Mon, 05 Dec 2022 23:43:06 GMT
Server: nginx
Content-Length: 279
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash f0d2ce83b27f6f7d878086da74dec7b0
deabb90acffdee15d6f11130eb88dd1acb94a1da
12c912cb154596d16f01f0b51f61a04a0d688b54d07288c1c18d39bac8cf27b8
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 11:06:57 GMT
Expires: Sat, 10 Dec 2022 11:06:56 GMT
Etag: "deabb90acffdee15d6f11130eb88dd1acb94a1da"
Cache-Control: max-age=302600,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899381db4b503-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash be96384f67d739bfc777eca2009aa2d5
7e24abfcfc315abef7279fdc6eb7e9e1e0a5d4a0
44970ac66b02239944ce92795d167d11bcf2b6e402dff67d7416906fd7dab826
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 13:11:48 GMT
Expires: Mon, 12 Dec 2022 13:11:47 GMT
Etag: "7e24abfcfc315abef7279fdc6eb7e9e1e0a5d4a0"
Cache-Control: max-age=482891,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77589935c917b4ff-OSL
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 1423947c617b6ff31c941a1652e19cf0
695f8996a2a252bbe2663012d32cbfcf2a140f44
12148427e34b9762dc09b761641143b23401be6d84cc3c5df0e226e782f60b67
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 15:32:34 GMT
Expires: Sun, 11 Dec 2022 15:32:33 GMT
Etag: "695f8996a2a252bbe2663012d32cbfcf2a140f44"
Cache-Control: max-age=404937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899392828b51d-OSL
ocsp.digicert.com/
200 OK 280 B IP
Hash c7e8e15bec4337e96ff2670a943e6771
65416a3f63ba24851cbfd798dcf6669d0c8c01e6
fc4cc54f2f49b89b2a102b4c855c4a21e5ed92ba81ea2c1a6578a8839fe57c18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3383
Cache-Control: max-age=146727
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:35 GMT
Etag: "638f54df-118"
Expires: Thu, 08 Dec 2022 15:39:02 GMT
Last-Modified: Tue, 06 Dec 2022 14:42:39 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
200 OK 358 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 440 x 240\012- data
Size 358 kB (358276 bytes)
Hash 40b26808b7743791705f32cf49aa84d0
4ad6b4a4aea098d64566cb7d1efe401821890591
091c7316fb23f6614d103255be50c63bcb15e04c3dc5c3574456acedf9977d43
GET /obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 358276
date: Fri, 21 Oct 2022 06:41:51 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 21 Oct 2022 06:37:28 GMT
nw-session-id: 20221021143728010175136074453D5CBFz8wd402dy
nw-session-trace: 2022-10-21T14:37:28.551011358+08:00 71
x-bdcdn-cache-status: TCP_HIT
x-length: 358276
x-powered-by: ImageX
x-response-date: Fri, 21 Oct 2022 14:37:28 GMT
x-tt-logid: 20221021143728010175136074453D5CBF
via: n204-098-037, cache6.l2de2[0,0,206-0,H], cache14.l2de2[4,0], cache14.l2de2[5,0], cache1.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc01:25:80::214
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 0117853d8cc79e5d77738cab4f594f364156c824771e29f615804f746fdb99e074612b530aaff0431fb3c2f771771ecafad581836a17d7ab7f11b242956cf29bfa52e7a0c525a19a5811d03d87a864a9c15e73d6d056b582e53a7965d856d36e13
x-response-lb: image
ali-swift-global-savetime: 1666334511
age: 4032704
x-cache: HIT TCP_MEM_HIT dirn:2:249196714
x-swift-savetime: Fri, 21 Oct 2022 08:23:11 GMT
x-swift-cachetime: 31529920
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916703672155575554e
X-Firefox-Spdy: h2
kvhiii.top/0eddc09b941df608c7dbb65fd7344c05.gif
200 OK 501 kB URL HTTP/2 kvhiii.top/0eddc09b941df608c7dbb65fd7344c05.gif
IP
File type GIF image data, version 89a, 384 x 216\012- data
Size 501 kB (500709 bytes)
Hash 034336a5237349a60154dea96de80b58
3542d0bbdf703508930fc994eabce17681c818fa
602d2dfc2f528acbe33ca7ff13c163f8ea4f908fc7aed58c4d3a50a5931ccc0d
GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvhiii.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys11.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:35 GMT
content-type: image/gif
content-length: 500709
last-modified: Sun, 26 Jun 2022 12:08:26 GMT
etag: "62b84c3a-7a3e5"
expires: Mon, 02 Jan 2023 08:12:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 312092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oank2EmvlqmsNDK3TeDvwLgDE0UlLS2x%2B66R0RlMuNs2FHfsVEGdRdbmmPtz6hRB%2F3EKb4HaYl8rTylfkc2jf3RH8GU7p5G8VeITHXCcm2%2BcVIpaF6WjCkA%2BYoa4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775899394fbd7199-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 1423947c617b6ff31c941a1652e19cf0
695f8996a2a252bbe2663012d32cbfcf2a140f44
12148427e34b9762dc09b761641143b23401be6d84cc3c5df0e226e782f60b67
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 15:32:34 GMT
Expires: Sun, 11 Dec 2022 15:32:33 GMT
Etag: "695f8996a2a252bbe2663012d32cbfcf2a140f44"
Cache-Control: max-age=404937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899396beab509-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/5b58507d564c4559af6ebe8217b81453
200 OK 142 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/5b58507d564c4559af6ebe8217b81453
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 180 x 122\012- data
Size 142 kB (141874 bytes)
Hash e1b59b57620c29aff529e6e97167c1c3
f9637174cfc6c957e6d373e956236221d89114cf
8168d1c40b3993250740f6230bd9cca3a3adffd46d2a706a2e03192cdf1ace7d
GET /obj/tos-cn-i-dy/5b58507d564c4559af6ebe8217b81453 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 141874
date: Mon, 05 Dec 2022 07:39:22 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 07:21:07 GMT
nw-session-id: 2022120515210601013113601228A66D69nwmg401dy
nw-session-trace: 2022-12-05T15:21:07.011630559+08:00 27
x-bdcdn-cache-status: TCP_HIT
x-length: 141874
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 15:21:07 GMT
x-tt-logid: 2022120515210601013113601228A66D69
via: n132-080-035, cache16.l2de2[0,0,206-0,H], cache12.l2de2[0,0], cache12.l2de2[1,0], cache3.se1[0,0,200-0,H], cache5.se1[1,0]
x-request-ip: fdbd:dc03:11:628::202
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01e020d57922b124ea57a5f1a1775a3560cc096defbd24a76ae2c9c30eaeb1e90d376ed1a0ca4e95ae7f30de8707e7939a65f93b68c9aa1c486300a2749dc79ede7259b3f91d9674e671e0a5b3bac692ca2f435b35172c52406a35916518300166
x-response-lb: image
ali-swift-global-savetime: 1670225962
age: 141253
x-cache: HIT TCP_MEM_HIT dirn:6:1325085447
x-swift-savetime: Mon, 05 Dec 2022 08:01:21 GMT
x-swift-cachetime: 31534681
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9916703672155785572e
X-Firefox-Spdy: h2
kvhiii.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
200 OK 1.6 MB URL HTTP/2 kvhiii.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.6 MB (1590489 bytes)
Hash 59648e1a4d52551c26255ff6bc625648
165fbacafad21065e9faa33c5e3752cd463549ad
eb53352fe423b9358ba49249e57fe3d55746d854c681f6c45baedb23eb2196e5
GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvhiii.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jxys11.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:35 GMT
content-type: image/gif
content-length: 1590489
last-modified: Sun, 26 Jun 2022 12:04:30 GMT
etag: "62b84b4e-1844d9"
expires: Fri, 30 Dec 2022 05:11:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 582144
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UHJc4kKQPLzZ%2BS9%2BB%2B8qm%2B0dlQpEe5y57LFKgT2JN7KFzSwUNYcVL%2BT3LrM4XJv2Uj9ivwtwzp473D056dqBoTC6C8iwrS8P5IEqKnrDE820fsWRTk3rLFRIDkP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77589938bf267199-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Znjnq24wuXoi43Bfc9aPdcUHhMh-a00hSCXUHFpHq3sTtQQoUYe6Uw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:29:49 GMT
age: 55426
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 8e5e234315b20816ff4c28c2ab606019
8158391f504092c1258c6a27ae0fb2617d34d54f
96f8395757f7160d495dabf32869246d0c5c30fa647e35a553f3a07d46682370
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 05:36:53 GMT
Expires: Tue, 13 Dec 2022 05:36:52 GMT
Etag: "8158391f504092c1258c6a27ae0fb2617d34d54f"
Cache-Control: max-age=541996,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758993a3fdfb503-OSL
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 8e5e234315b20816ff4c28c2ab606019
8158391f504092c1258c6a27ae0fb2617d34d54f
96f8395757f7160d495dabf32869246d0c5c30fa647e35a553f3a07d46682370
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 05:36:53 GMT
Expires: Tue, 13 Dec 2022 05:36:52 GMT
Etag: "8158391f504092c1258c6a27ae0fb2617d34d54f"
Cache-Control: max-age=541996,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899393f71b4ee-OSL
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
Hash fc3d9b2b1be1519356dae8de85139921
5cdfb40fc31cb3191be3474035d6fa36949711ca
a482ae109ec40039a0339d4e555cf44569309fd1ca67b32e157333aee78c5f51
POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4dccfd6be2f1ab5afc0e48f582d6e5c5
3b9424cd3e504dc56d8cf8b412d21f564401d038
fd4a4d412b6ddc5c93348d1d4ad5164b20be64dd1dccba1ebd2d63eda039463e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:43:09 GMT
Expires: Sun, 11 Dec 2022 12:43:08 GMT
Etag: "3b9424cd3e504dc56d8cf8b412d21f564401d038"
Cache-Control: max-age=394772,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758993a6af9b505-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4dccfd6be2f1ab5afc0e48f582d6e5c5
3b9424cd3e504dc56d8cf8b412d21f564401d038
fd4a4d412b6ddc5c93348d1d4ad5164b20be64dd1dccba1ebd2d63eda039463e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:43:09 GMT
Expires: Sun, 11 Dec 2022 12:43:08 GMT
Etag: "3b9424cd3e504dc56d8cf8b412d21f564401d038"
Cache-Control: max-age=394772,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775899398db70b39-OSL
8499225.com/8499/s/960x60.gif
200 OK 331 kB URL HTTP/2 8499225.com/8499/s/960x60.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/s/960x60.gif HTTP/1.1
Host: 8499225.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:34 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
etag: "50d23-5ed03b0c9c3d8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 49bb549342c7363b5004a8d5b2e82461
b48e27aba48df20e1b7ca38bb4b0f06639e632f9
a7e58fde2fbe35241ed5e99ab57dd2c6feab5bf2309f6cfc1f6f0ff00adbab45
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A7E58FDE2FBE35241ED5E99AB57DD2C6FEAB5BF2309F6CFC1F6F0FF00ADBAB45"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19739
Expires: Wed, 07 Dec 2022 04:22:34 GMT
Date: Tue, 06 Dec 2022 22:53:35 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash db3cfe85021496411444a5ca32e38d13
52c190836506e9234928affe7110f46eb7e8f2f8
fdb369c9d3185d4b143cd9a5490d6ed2bbbb1500e74d9e67b755aba0ced06221
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=144433
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 22:53:35 GMT
Etag: "638f5920-117"
Expires: Thu, 08 Dec 2022 15:00:48 GMT
Last-Modified: Tue, 06 Dec 2022 15:00:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
img.9219x.com/images/6381f7d0fbdac46b425ad664.gif
302 Found 0 B URL HTTP/2 img.9219x.com/images/6381f7d0fbdac46b425ad664.gif
IP
ASN #134835 Starry Network Limited
GET /images/6381f7d0fbdac46b425ad664.gif HTTP/1.1
Host: img.9219x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246
X-Firefox-Spdy: h2
img.1190555.com/images/638f442f93f8ec5e6b5c07d0.gif
302 Found 0 B URL HTTP/2 img.1190555.com/images/638f442f93f8ec5e6b5c07d0.gif
IP
ASN #134835 Starry Network Limited
GET /images/638f442f93f8ec5e6b5c07d0.gif HTTP/1.1
Host: img.1190555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5f20e8f5c682499b8eb059dd144345a9
X-Firefox-Spdy: h2
sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
200 OK 0 B URL HTTP/1.1 sszhan.oss-cn-shenzhen.aliyuncs.com/tycsz.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /tycsz.gif HTTP/1.1
Host: sszhan.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: image/gif
Content-Length: 614471
Connection: keep-alive
x-oss-request-id: 638FC7EE0E39533034D2A957
Accept-Ranges: bytes
ETag: "B5D129EDAAAEC2DB9B9FBDBB13E162FF"
Last-Modified: Sun, 20 Nov 2022 08:15:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1485979328286445117
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: tdEp7aquwtubn727E+Fi/w==
x-oss-server-time: 3
taiwtp1.com/xin/225135.gif
200 OK 0 B URL HTTP/2 taiwtp1.com/xin/225135.gif
IP
ASN #3462 Data Communication Business Group
GET /xin/225135.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:51:03 GMT
content-type: image/gif
content-length: 67441
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10771"
expires: Thu, 05 Jan 2023 22:51:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
200 OK 0 B URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP
ASN #64050 BGPNET Global ASN
GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Wed, 30 Nov 2022 04:48:54 GMT
ETag: "1669783735"
Expires: Fri, 30 Dec 2022 04:48:54 GMT
Last-Modified: Wed, 30 Nov 2022 04:48:55 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
img.9623x.com/images/6381f76ffbdac46b425ad663.gif
302 Found 0 B URL HTTP/2 img.9623x.com/images/6381f76ffbdac46b425ad663.gif
IP
ASN #134835 Starry Network Limited
GET /images/6381f76ffbdac46b425ad663.gif HTTP/1.1
Host: img.9623x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
200 OK 0 B URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP
ASN #64050 BGPNET Global ASN
GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Wed, 30 Nov 2022 04:48:54 GMT
ETag: "1669783735"
Expires: Fri, 30 Dec 2022 04:48:54 GMT
Last-Modified: Wed, 30 Nov 2022 04:48:55 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
img.2577u.com/images/638d9bc8f537036e2be97d78.gif
302 Found 0 B URL HTTP/2 img.2577u.com/images/638d9bc8f537036e2be97d78.gif
IP
ASN #134835 Starry Network Limited
GET /images/638d9bc8f537036e2be97d78.gif HTTP/1.1
Host: img.2577u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/5b58507d564c4559af6ebe8217b81453
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200sas.gif
200 OK 0 B URL HTTP/2 taiwtp1.com/xin/200200sas.gif
IP
ASN #3462 Data Communication Business Group
GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:51:03 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Thu, 05 Jan 2023 22:51:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
200 OK 0 B URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP
ASN #64050 BGPNET Global ASN
GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Wed, 30 Nov 2022 04:48:42 GMT
ETag: "1669783723"
Expires: Fri, 30 Dec 2022 04:48:42 GMT
Last-Modified: Wed, 30 Nov 2022 04:48:43 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
885364.com/af487946377641ea8b2db51483f4b919.gif
200 OK 0 B URL HTTP/1.1 885364.com/af487946377641ea8b2db51483f4b919.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
GET /af487946377641ea8b2db51483f4b919.gif HTTP/1.1
Host: 885364.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 06 Dec 2022 22:53:35 GMT
Content-Type: image/gif
Content-Length: 33267
Connection: keep-alive
x-oss-request-id: 638FC7EF9DB57834339B9792
Accept-Ranges: bytes
ETag: "BC3F27F450AD0EBD19370D3737FC2E07"
Last-Modified: Tue, 02 Aug 2022 10:36:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2465277436600690179
x-oss-storage-class: Standard
Content-MD5: vD8n9FCtDr0ZNw03N/wuBw==
x-oss-server-time: 2
img.1202555.com/images/638f447893f8ec5e6b5c07d3.gif
302 Found 0 B URL HTTP/2 img.1202555.com/images/638f447893f8ec5e6b5c07d3.gif
IP
ASN #134835 Starry Network Limited
GET /images/638f447893f8ec5e6b5c07d3.gif HTTP/1.1
Host: img.1202555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/63604a9717d74877812944f72866f3f1
X-Firefox-Spdy: h2
www.jxys11.xyz/template/m1938pc/html9/ads/zxf.js
200 OK 0 B URL HTTP/2 www.jxys11.xyz/template/m1938pc/html9/ads/zxf.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:31 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 11:16:18 GMT
vary: Accept-Encoding
etag: W/"638b3002-51a"
expires: Wed, 07 Dec 2022 10:53:31 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxys88.net/news/list.php
200 OK 0 B URL HTTP/2 www.jxys88.net/news/list.php
IP
GET /news/list.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
200 OK 0 B URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894189710457.gif
IP
ASN #64050 BGPNET Global ASN
GET /static/uploads/image/x26/20221004/1664894189710457.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Wed, 30 Nov 2022 04:48:39 GMT
ETag: "1669783720"
Expires: Fri, 30 Dec 2022 04:48:39 GMT
Last-Modified: Wed, 30 Nov 2022 04:48:40 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
www.jxys11.xyz/template/m1938pc/static/css/style.css
200 OK 0 B URL HTTP/2 www.jxys11.xyz/template/m1938pc/static/css/style.css
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:30 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Wed, 07 Dec 2022 10:53:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
200 OK 0 B URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP
ASN #64050 BGPNET Global ASN
GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Wed, 30 Nov 2022 04:48:55 GMT
ETag: "1669783735"
Expires: Fri, 30 Dec 2022 04:48:55 GMT
Last-Modified: Wed, 30 Nov 2022 04:48:55 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
200 OK 0 B URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP
ASN #64050 BGPNET Global ASN
GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Wed, 30 Nov 2022 04:48:55 GMT
ETag: "1669783735"
Expires: Fri, 30 Dec 2022 04:48:55 GMT
Last-Modified: Wed, 30 Nov 2022 04:48:55 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
8499163.com/8499/224x134.gif
200 OK 0 B URL HTTP/2 8499163.com/8499/224x134.gif
IP
GET /8499/224x134.gif HTTP/1.1
Host: 8499163.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 22:53:35 GMT
content-type: image/gif
content-length: 194792
last-modified: Thu, 17 Nov 2022 05:33:07 GMT
etag: "2f8e8-5eda3ec91c7d5"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys11.xyz/template/m1938pc/static/css/1.css
200 OK 0 B URL HTTP/2 www.jxys11.xyz/template/m1938pc/static/css/1.css
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:30 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Wed, 07 Dec 2022 10:53:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.9276x.com/images/638d9b63840bf2ee54dad6a3.gif
302 Found 0 B URL HTTP/2 img.9276x.com/images/638d9b63840bf2ee54dad6a3.gif
IP
ASN #134835 Starry Network Limited
GET /images/638d9b63840bf2ee54dad6a3.gif HTTP/1.1
Host: img.9276x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
X-Firefox-Spdy: h2
img.9712x.com/images/63523e235fe50f0585d3ef83.gif
302 Found 0 B URL HTTP/2 img.9712x.com/images/63523e235fe50f0585d3ef83.gif
IP
ASN #134835 Starry Network Limited
GET /images/63523e235fe50f0585d3ef83.gif HTTP/1.1
Host: img.9712x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/69ebec53574449c6b6e73cbfa00331d0
X-Firefox-Spdy: h2
www.jxys11.xyz/template/m1938pc/static/css/mm-content.css
200 OK 0 B URL HTTP/2 www.jxys11.xyz/template/m1938pc/static/css/mm-content.css
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: www.jxys11.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:53:30 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Wed, 07 Dec 2022 10:53:30 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
taiwtp1.com/img/960240.gif
200 OK 0 B URL HTTP/2 taiwtp1.com/img/960240.gif
IP
ASN #3462 Data Communication Business Group
GET /img/960240.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 22:51:03 GMT
content-type: image/gif
content-length: 223879
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
etag: "622827b6-36a87"
expires: Thu, 05 Jan 2023 22:51:03 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
200 OK 0 B URL HTTP/1.1 sz88.oss-cn-shenzhen.aliyuncs.com/af/q960x120-6.gif
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /af/q960x120-6.gif HTTP/1.1
Host: sz88.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: image/gif
Content-Length: 478685
Connection: keep-alive
x-oss-request-id: 638FC7EE0059583932DD084A
Accept-Ranges: bytes
ETag: "5BF732E915BAF1D960C69A7DFEB3EF7C"
Last-Modified: Tue, 27 Sep 2022 07:43:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8402549840524505905
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: W/cy6RW68dlgxpp9/rPvfA==
x-oss-server-time: 3
img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
302 Found 0 B URL HTTP/2 img.2559u.com/images/636ce31fc474e9c06ec29f98.gif
IP
ASN #134835 Starry Network Limited
GET /images/636ce31fc474e9c06ec29f98.gif HTTP/1.1
Host: img.2559u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/55615f1dc7f54c2181f94026727d701b
X-Firefox-Spdy: h2
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
200 OK 0 B URL HTTP/1.1 aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif
IP
ASN #45102 Alibaba US Technology Co., Ltd.
GET /b5/f554e2887180883376a154c0d49550.gif?attname=899E8306-3565-4974-AD46-916F3A0C3E17.gif HTTP/1.1
Host: aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys11.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 06 Dec 2022 22:53:34 GMT
Content-Type: image/gif
Content-Length: 294418
Connection: keep-alive
x-oss-request-id: 638FC7EE0E14E43134AC7E5A
Vary: Origin
Accept-Ranges: bytes
ETag: "B5F554E2887180883376A154C0D49550"
Last-Modified: Tue, 25 Jan 2022 08:46:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7927258656666560621
x-oss-storage-class: Standard
Content-Disposition: inline;filename=899E8306-3565-4974-AD46-916F3A0C3E17.gif
Content-MD5: tfVU4ohxgIgzdqFUwNSVUA==
x-oss-server-time: 1
107.186.179.9
103.170.15.75
104.18.3.36
45.153.131.58
23.36.77.32
112.34.113.148
43.153.174.204
163.171.134.109
93.184.220.29
188.114.96.1
162.19.58.158
91.195.240.12
118.107.10.173