r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4153
Expires: Thu, 27 Oct 2022 00:45:46 GMT
Date: Wed, 26 Oct 2022 23:36:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6587
Cache-Control: max-age=128655
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 23:36:33 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:20:48 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7015
Expires: Thu, 27 Oct 2022 01:33:28 GMT
Date: Wed, 26 Oct 2022 23:36:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MNnre319+yNQ8hzVIrPwsdiZAPIhr1OmNR7X59F7zD8Yhip5UFVwVNNRyvf9PjOQciDK0nGkpJk=
x-amz-request-id: RJHJDFXGAZ4Y7R7W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 23:09:34 GMT
age: 1619
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
aayushjyotirmaan.com/
156.246.132.13301 Moved Permanently 0 B IP 156.246.132.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: aayushjyotirmaan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: nginx
Location: http://www.aayushjyotirmaan.com/
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 23:36:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.aayushjyotirmaan.com/
156.246.132.13200 OK 801 B URL HTTP/1.1 www.aayushjyotirmaan.com/
IP 156.246.132.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash ab9f61d38d6e0542353451d32b03a9bf
50c3a5081f516deb4654fed64be0dbacb9784c44
29b3965a26fd3b271389bba173677ca60a106c3e9e68168e12eca28ab0c5586d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.aayushjyotirmaan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 23:36:33 GMT
Content-Length: 801
Content-Type: text/html
Server: nginx
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3113
Cache-Control: max-age=120127
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 23:36:33 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 08:58:40 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.aayushjyotirmaan.com/common.js
156.246.132.13200 OK 4.0 kB URL HTTP/1.1 www.aayushjyotirmaan.com/common.js
IP 156.246.132.13:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (466), with CRLF line terminators
Hash ff69f1e1044801500523119b373990fa
5581df40f97c3de3bdb1ed1f8584cbe28024bafe
e4c47d296f44417b65ccb3fb97527325495ac4b52cb8ad1b5bdba4998a925de5
Analyzer Verdict Alert fortinet Malware
GET /common.js HTTP/1.1
Host: www.aayushjyotirmaan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aayushjyotirmaan.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 23:36:34 GMT
Content-Length: 3989
Content-Type: application/x-javascript
Server: nginx
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PdNxtRhVKVpCjYepcKTSkQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bMAMF6/wM8twpSzlPcab+D6R1jc=
www.aayushjyotirmaan.com/tj.js
156.246.132.13200 OK 19 kB URL HTTP/1.1 www.aayushjyotirmaan.com/tj.js
IP 156.246.132.13:0
File type ASCII text, with very long lines (17702), with CRLF line terminators
Hash bdabc8540bd256bc16652fbacb95c40c
a0a1581e4eebd31b0b74acc4e686607ca378f376
884c0ae1fe32865ca79f6871358ec821be74e4c2dd5112a2a281cb05e51af52b
Analyzer Verdict Alert fortinet Malware
GET /tj.js HTTP/1.1
Host: www.aayushjyotirmaan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aayushjyotirmaan.com/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 23:36:33 GMT
Content-Length: 18894
Content-Type: application/x-javascript
Server: nginx
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 570c84633ca5d1da09e71c4e42aa8407
ede66f1d6cfd3ee92bba4819276d7925a97df60d
12aaab4a7383d9eac30f245c33065c980ed4877b29fe29bdb369dc551ec2be22
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 23:36:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 30 Oct 2022 20:02:20 GMT
ETag: "ede66f1d6cfd3ee92bba4819276d7925a97df60d"
Last-Modified: Wed, 26 Oct 2022 20:02:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2432
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760703d24e4fb505-OSL
www.aayushjyotirmaan.com/favicon.ico
156.246.132.13200 OK 801 B URL HTTP/1.1 www.aayushjyotirmaan.com/favicon.ico
IP 156.246.132.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash ab9f61d38d6e0542353451d32b03a9bf
50c3a5081f516deb4654fed64be0dbacb9784c44
29b3965a26fd3b271389bba173677ca60a106c3e9e68168e12eca28ab0c5586d
GET /favicon.ico HTTP/1.1
Host: www.aayushjyotirmaan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aayushjyotirmaan.com/
Cookie: __tins__21274147=%7B%22sid%22%3A%201666827394197%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666829194197%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 23:36:34 GMT
Content-Length: 801
Content-Type: text/html
Server: nginx
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6be274ed9919e9e5583f094f923f8951
058cba225d0edaab11845c75924a16c708f0df98
43181183d8eb437b29cf4b829cbdbbe5a362753a30680b80ff94039299284858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43181183D8EB437B29CF4B829CBDBBE5A362753A30680B80FF94039299284858"
Last-Modified: Wed, 26 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Thu, 27 Oct 2022 05:36:25 GMT
Date: Wed, 26 Oct 2022 23:36:34 GMT
Connection: keep-alive
ia.51.la/go1?id=21274147&rt=1666827394197&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1666827394197&tt=%25E5%2591%25A8%25E5%258F%25A3%25E7%2589%25A1%25E6%25A4%25BF%25E6%2595%2599%25E8%2582%25B2%25E5%2592%25A8%25E8%25AF%25A2%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.aayushjyotirmaan.com%252F&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21274147&rt=1666827394197&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1666827394197&tt=%25E5%2591%25A8%25E5%258F%25A3%25E7%2589%25A1%25E6%25A4%25BF%25E6%2595%2599%25E8%2582%25B2%25E5%2592%25A8%25E8%25AF%25A2%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.aayushjyotirmaan.com%252F&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21274147&rt=1666827394197&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1666827394197&tt=%25E5%2591%25A8%25E5%258F%25A3%25E7%2589%25A1%25E6%25A4%25BF%25E6%2595%2599%25E8%2582%25B2%25E5%2592%25A8%25E8%25AF%25A2%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.aayushjyotirmaan.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aayushjyotirmaan.com/
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 26 Oct 2022 23:36:34 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=5fb6b334a5d5f207444; path=/
HWWAFSESTIME=1666827393152; path=/
push.zhanzhang.baidu.com/push.js
182.61.240.101200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aayushjyotirmaan.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 26 Oct 2022 23:36:34 GMT
Etag: "4078521116"
Expires: Thu, 26 Oct 2023 23:36:34 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=E919E0F9DC7F2610B0FEB9B58A62E39C:FG=1; max-age=31536000; expires=Thu, 26-Oct-23 23:36:34 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18756
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Wed, 26 Oct 2022 23:36:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18756
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Wed, 26 Oct 2022 23:36:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18756
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Wed, 26 Oct 2022 23:36:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18756
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Wed, 26 Oct 2022 23:36:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ded5eb41644bfe7ea87cff5ab0d79f0
9b13eca2d768277b92c05a8a82743018489783a6
3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:58:12 GMT
age: 5903
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36dbf36c45aa3c5d6e10f8c4afd8bf34
bee7e540981a4ffb14728d2ac4a53ce28e299d0d
0dad70dc63e95aa8fd9befdb7dc4f971bad962e300f380dab2a04cc60138374d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8760
x-amzn-requestid: 013df52a-1abe-4a1b-ac52-9a5ec5da55b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocv2HRMoAMF5mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fe-70e98155664262621b8538b5;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9uDSJn3yAYI7RNgIs96f2AT8nfTgd6YbFkMAc9aJAW4wTMiN_JqhEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:46 GMT
etag: "bee7e540981a4ffb14728d2ac4a53ce28e299d0d"
content-type: image/jpeg
age: 6529
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd4d7051e9d8525d8ed7d5249b24068d
cbad9147991b1a1b27088f90fe7078d1056a9633
4701cc21f58c8ac8b8ad78a34973b3ade538255868afbf59be40e7f1365bcc20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7542
x-amzn-requestid: 95e8df21-80b6-400a-bcd5-41efdab9cc57
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwLH0lIAMFT2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a800-3300914f11c46b9902b30fe4;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:56 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4aCnw-Gulpqp0Vsa-kZQuR4y22SLWYZP9HbtIz2eMuI1lpPqb3kddg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:48 GMT
etag: "cbad9147991b1a1b27088f90fe7078d1056a9633"
content-type: image/jpeg
age: 6527
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ccapi.api-daxiangjiao.com/common.php?val=daxiangjiao&t=0.31769432837456657?v=027311430706147455
156.240.106.112200 OK 4.8 kB URL HTTP/2 ccapi.api-daxiangjiao.com/common.php?val=daxiangjiao&t=0.31769432837456657?v=027311430706147455
IP 156.240.106.112:0
ASN #140227 Hong Kong Communications International Co., Limited
Hash c0636623ee246cf39452fb97d15208e1
d012fa5a3601831b43717847dfecbf59f6bd9236
a63e56bb1cf4cbf10b7331ff60d9541bf0ea33bcea394575c384ce0b8a08922d
GET /common.php?val=daxiangjiao&t=0.31769432837456657?v=027311430706147455 HTTP/1.1
Host: ccapi.api-daxiangjiao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.aayushjyotirmaan.com
Connection: keep-alive
Referer: http://www.aayushjyotirmaan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 23:40:36 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ace7660d2948795997e3c7cb9cf12495
fed9b6693077d233f60cc7394c7b667291ffade7
fd4718a6649572cbaf13f46b8e2961cd1c680afa1494b0bacd5fda9010a95098
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5136
x-amzn-requestid: 0059b05c-746b-41cd-8cc1-c744d0b149fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aoc2-H9sIAMFquA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a82c-772120580c4cf9e45b685971;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:35:40 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fqqRNgPgAZRwp_xRyHC3YzEKQTwydDs45MNLQC7hoRpytCb91-9b5Q==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:05 GMT
age: 6330
etag: "fed9b6693077d233f60cc7394c7b667291ffade7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ade2141cef5b6b1335242f470d37a00a
ae2ca70b5ba11ddb8299ce7a5ca46cc986727d79
fa757f3535a5264cda3be842a0a9107d766df54d5f2cb9e7af33d963821e9b7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA757F3535A5264CDA3BE842A0A9107D766DF54D5F2CB9E7AF33D963821E9B7D"
Last-Modified: Wed, 26 Oct 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9842
Expires: Thu, 27 Oct 2022 02:20:37 GMT
Date: Wed, 26 Oct 2022 23:36:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg
34.120.237.76200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed4462f023dbabb596a2e3b521425ca1
61b82445b422a5f917bb10640beb6d73eb0e62c3
a02af2897331acc123bf7d54b30929e3bc062a0875b5dea95302ddf60d808ded
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 18182
x-amzn-requestid: f1232b1f-32ac-4820-b186-b3bfb928c0b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aYvSKFF4oAMF2Wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63535f40-0b9bc4d27b7534176cc278ed;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 03:10:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6Ep7Z_31m6kPwBoVaHyE2TioMdDmF_SkwT5kl326QvWN1pFEX_sy6Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 10:29:50 GMT
age: 47205
etag: "61b82445b422a5f917bb10640beb6d73eb0e62c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a51c09fc8ea515661c8784fb273a536
d603deb83d9b79a1181f79f3883ccae2e8cd1308
9b8f1f025325742791d986f9d164ea04f32e84c47d09d3dcff7ff8fb8df232a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B8F1F025325742791D986F9D164EA04F32E84C47D09D3DCFF7FF8FB8DF232A4"
Last-Modified: Mon, 24 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13002
Expires: Thu, 27 Oct 2022 03:13:20 GMT
Date: Wed, 26 Oct 2022 23:36:38 GMT
Connection: keep-alive
api.ii10-daxiangjiao.com/js/jquery.js
20.24.217.103200 OK 2.2 kB URL HTTP/2 api.ii10-daxiangjiao.com/js/jquery.js
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 54c3972f44fac62047fc84c0ac392fe8
7bbdd70bb9acb9d95b1b636f2b9f40e37865661c
5295b3709225058addba0f85afa468a0657e8ae9d928082746dfaf822aa8c132
GET /js/jquery.js HTTP/1.1
Host: api.ii10-daxiangjiao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ii10-daxiangjiao.com/1666827636.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:36 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 07:35:02 GMT
vary: Accept-Encoding
etag: W/"61cabe26-109b"
expires: Thu, 27 Oct 2022 04:15:41 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 72ddd049ab8b4c839bd1910a31b0fbfa
5ce019e512836d3cdc47d021f35317fcfe0f4ab6
6fb8425d2da1f653d5a21f90c48eef967a855edd297090309736c7213eca7db0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FB8425D2DA1F653D5A21F90C48EEF967A855EDD297090309736C7213ECA7DB0"
Last-Modified: Mon, 24 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9807
Expires: Thu, 27 Oct 2022 02:20:07 GMT
Date: Wed, 26 Oct 2022 23:36:40 GMT
Connection: keep-alive
api.615k0wln.life/static/js/chunk-vendors.cbebd8a9.js
20.24.217.103200 OK 279 kB URL HTTP/2 api.615k0wln.life/static/js/chunk-vendors.cbebd8a9.js
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 279 kB (279322 bytes)
Hash 29b6dc17f522c72ccb5940effdb7915e
daf15713c7b585c566cf5aca6ec4da5cf0e23e75
239452dd8c1a2119a166149bc399f22247a4f8b3b5231ac3fc6472e15f5f3597
GET /static/js/chunk-vendors.cbebd8a9.js HTTP/1.1
Host: api.615k0wln.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/?tt=1666827637
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:38 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 08:50:28 GMT
vary: Accept-Encoding
etag: W/"634a7454-b4f96"
expires: Thu, 27 Oct 2022 04:18:15 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
dxjbar.github.io/dxj/logo.png
185.199.108.153200 OK 7.4 kB URL HTTP/2 dxjbar.github.io/dxj/logo.png
IP 185.199.108.153:0
File type PNG image data, 558 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 6dff4818f659a9931d6422729c79c1c0
6fe249b74c53bddca7b418c4a24ea007e2e1ba3d
36d048f954a26361ea2081106246c43f288b2963ee0f2ca94b26bfa065b28a71
GET /dxj/logo.png HTTP/1.1
Host: dxjbar.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 15 Oct 2022 09:08:19 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "634a7883-1ccd"
expires: Tue, 25 Oct 2022 23:40:20 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 0802:7449:36F470:48B930:6358718C
accept-ranges: bytes
date: Wed, 26 Oct 2022 23:36:40 GMT
via: 1.1 varnish
age: 7
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666827400.279271,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 128f7df8ed476178c4d4b2db815d01c94cdf27da
content-length: 7373
X-Firefox-Spdy: h2
api.615k0wln.life/static/loading.svg
20.24.217.103200 OK 1.8 kB URL HTTP/2 api.615k0wln.life/static/loading.svg
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type exported SGML document, ASCII text
Hash 91762b2af9bdefdd58f5a5b6e7387361
0a511968514d38a4702c5585ead7c01d4f20def0
d887368f18aa4483d5a267a86d1ff5d26a09048bb1c93c0ac9d374e438014342
GET /static/loading.svg HTTP/1.1
Host: api.615k0wln.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/?tt=1666827637
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:40 GMT
content-type: image/svg+xml
content-length: 1784
last-modified: Sat, 15 Oct 2022 08:50:28 GMT
etag: "634a7454-6f8"
via: cdn-node-a9-new-hk-03
cdn-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 199e5d57db8a9ec0d6b822f50929bd67
d9efa93caf0b21757b8c5f988c84138c179dac27
4df055743085f80bbec3b5facce99f54f02de63899f04f274925f93c588890ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DF055743085F80BBEC3B5FACCE99F54F02DE63899F04F274925F93C588890FF"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2555
Expires: Thu, 27 Oct 2022 00:19:16 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 199e5d57db8a9ec0d6b822f50929bd67
d9efa93caf0b21757b8c5f988c84138c179dac27
4df055743085f80bbec3b5facce99f54f02de63899f04f274925f93c588890ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DF055743085F80BBEC3B5FACCE99F54F02DE63899F04F274925F93C588890FF"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2555
Expires: Thu, 27 Oct 2022 00:19:16 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 26 Oct 2022 23:36:41 GMT
content-type: text/html
content-length: 162
location: https://kvkiii.top/ca302b14c051bf41d75347daaf6e7ab3.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
78.46.107.74301 Moved Permanently 162 B URL HTTP/2 kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
IP 78.46.107.74:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /712c8059cb44f5944e47108c6b8dd5bd.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 26 Oct 2022 23:36:41 GMT
content-type: text/html
content-length: 162
location: https://kvkiii.top/712c8059cb44f5944e47108c6b8dd5bd.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1a7f286c8a926b2f7f1662c93cb9c49
441a1bdf8b5322b792bce79b4382135925fc28cc
0aa86783a9da50cfb9c9838af8d01f711d4dad8bd671df03c4c00b8d43d2f609
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AA86783A9DA50CFB9C9838AF8D01F711D4DAD8BD671DF03C4C00B8D43D2F609"
Last-Modified: Mon, 24 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8556
Expires: Thu, 27 Oct 2022 01:59:17 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1a7f286c8a926b2f7f1662c93cb9c49
441a1bdf8b5322b792bce79b4382135925fc28cc
0aa86783a9da50cfb9c9838af8d01f711d4dad8bd671df03c4c00b8d43d2f609
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AA86783A9DA50CFB9C9838AF8D01F711D4DAD8BD671DF03C4C00B8D43D2F609"
Last-Modified: Mon, 24 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8556
Expires: Thu, 27 Oct 2022 01:59:17 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f4530d358ea159877e67d5628c7dfabf
7fb0d0ab303947189364ea038fc926d064563f83
c5ef66b9a7340a1ba178b83099d4b682d4ff0ab5dc96bc04c70f1169eab8afaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5EF66B9A7340A1BA178B83099D4B682D4FF0AB5DC96BC04C70F1169EAB8AFAF"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9182
Expires: Thu, 27 Oct 2022 02:09:43 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69d729a4c25e47ab99b93779f3e73944
01dee9885d27551327c0b5566328aeadbd1bc5d2
3556a5ff5b74414cad9b6e45e716dff30ad331347f04796592dbdc6b504fff57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3556A5FF5B74414CAD9B6E45E716DFF30AD331347F04796592DBDC6B504FFF57"
Last-Modified: Mon, 24 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19695
Expires: Thu, 27 Oct 2022 05:04:56 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc46b1e2b46329e856ce1e4c89444bb1
0502069f76d9dde7166849faca45103283242a0f
3339310e2aa539fbc33e051c4be02474d4b26c94998d0b18fe43eb77da3e2db6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3339310E2AA539FBC33E051C4BE02474D4B26C94998D0B18FE43EB77DA3E2DB6"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5676
Expires: Thu, 27 Oct 2022 01:11:17 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 488e9bc1348e7ccd6b4bc193c597b7e7
0742afddeba5cbc85bce4a79c8341df07a59c4f1
d71ea2292018c2b25455acd9485e6eefb0194782e1c7a171fd85bfa9b8237f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D71EA2292018C2B25455ACD9485E6EEFB0194782E1C7A171FD85BFA9B8237F9F"
Last-Modified: Wed, 26 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Thu, 27 Oct 2022 00:20:47 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0cb3fc012db31d6502775c05c0697821
3b84d44e8eb00c56cd4d902a4050adbb9f9a5086
3b53406e770c7d2852da3a20a1fa45c22fda1c7553988cdb7b08ab0c1f5b2af5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B53406E770C7D2852DA3A20A1FA45C22FDA1C7553988CDB7B08AB0C1F5B2AF5"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2967
Expires: Thu, 27 Oct 2022 00:26:08 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 26 Oct 2022 23:36:41 GMT
content-type: text/html
content-length: 162
location: https://kvhwww.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.ipj8ts1p.club/web.php/index/base
20.205.123.153200 OK 29 kB URL HTTP/2 api.ipj8ts1p.club/web.php/index/base
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 38287ff8f1c5e91e706d126ab1864157
caa3875834d20609242d15cbba6d1a11dce875db
f181a382e1eb94fee5be709b6550cd2996de420921ceae8994e04e693ea0e2c7
GET /web.php/index/base HTTP/1.1
Host: api.ipj8ts1p.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.615k0wln.life
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cdn-node-a9-new-hk-02
cdn-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1c287549b26383e1daea9385cb4d4ff0
5d145d5efd8358b884cfb8b8fbd61d569cb7eeaa
df3c7534841c7afc62cf928505a3b2a039c8ee0aab058a0d5546dc0f4ddf486a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3C7534841C7AFC62CF928505A3B2A039C8EE0AAB058A0D5546DC0F4DDF486A"
Last-Modified: Tue, 25 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9867
Expires: Thu, 27 Oct 2022 02:21:08 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 26 Oct 2022 23:36:41 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.ipj8ts1p.club/web.php/index/showType
20.205.123.153200 OK 713 B URL HTTP/2 api.ipj8ts1p.club/web.php/index/showType
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 629cadbe2f382cdaf7d81d3f6c1f8b1f
dc48fa76dfd7ddcd23544f4326c2d462dd8287b6
6e6a3e0b9661b3fe50515e212702722714b9f51e136b32579176d22033234f0f
GET /web.php/index/showType HTTP/1.1
Host: api.ipj8ts1p.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.615k0wln.life
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cdn-node-a9-new-hk-02
cdn-cache: HIT
X-Firefox-Spdy: h2
kveww.com/99462c01e85acc1311bebac224df6cce.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 26 Oct 2022 23:36:41 GMT
content-type: text/html
content-length: 162
location: https://kvhqqq.top/99462c01e85acc1311bebac224df6cce.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e74b75b58cdf79b04bfb0592f5a858dc.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 26 Oct 2022 23:36:41 GMT
content-type: text/html
content-length: 162
location: https://acoossz.top/e74b75b58cdf79b04bfb0592f5a858dc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.ipj8ts1p.club/web.php/index/index
20.205.123.153200 OK 28 kB URL HTTP/2 api.ipj8ts1p.club/web.php/index/index
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash bd77e046b0b4e648730e2382d938c3bb
cae7c814325cfc0d0f34dc0fbdbb0892aef65e21
f0933a55311e7ea10745c8b31c1bb5cc579965ff00308c357199920af379ce14
GET /web.php/index/index HTTP/1.1
Host: api.ipj8ts1p.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.615k0wln.life
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cdn-node-a9-new-hk-02
cdn-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0eb759929886217c36e6c0d7861f8038
5af77e3adddb852ac7847e0e908e3cb9e8fe32cc
a8199435f58a37099bea096bb26d6118fd8bdb3d456ba2be8b710d7f4ce636d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8199435F58A37099BEA096BB26D6118FD8BDB3D456BA2BE8B710D7F4CE636D1"
Last-Modified: Wed, 26 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2684
Expires: Thu, 27 Oct 2022 00:21:25 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
api.ipj8ts1p.club/web.php/index/tj
20.205.123.153200 OK 617 B URL HTTP/2 api.ipj8ts1p.club/web.php/index/tj
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 625142ff3868b53d98fe546fab863f29
34f1607f8b016efb12721875531e7928560b0c24
5180d9c1e152399d59d98045b18a606d53ec51eb0581f910df925b07992d009d
GET /web.php/index/tj HTTP/1.1
Host: api.ipj8ts1p.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.615k0wln.life
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cdn-node-a9-new-hk-02
cdn-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc976858bb0c25feb2396819c33d0de2
45831b9c812af1b4e116336180b33608f36ca905
5cf5652b6f55e9e2880a53aadc3ecf9d5f75eedaff3b99a786c7dac7537825c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CF5652B6F55E9E2880A53AADC3ECF9D5F75EEDAFF3B99A786C7DAC7537825C2"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9138
Expires: Thu, 27 Oct 2022 02:08:59 GMT
Date: Wed, 26 Oct 2022 23:36:41 GMT
Connection: keep-alive
kvhfff.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
104.21.64.204200 OK 566 kB URL HTTP/2 kvhfff.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 104.21.64.204:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kvhfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.615k0wln.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 23:36:41 GMT
content-type: image/gif
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
etag: "63441a05-8a16f"
expires: Wed, 09 Nov 2022 15:02:10 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1413271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwaLYOqgyT3k6ycQ8RJcu1ze2I0WhJ2q3pmUgy3FCtE8Oe4QSAlEEZcnpUq34il2TTh7cd8aI14%2F%2B%2FeJjkDXGAlW3Rk4ppDMwuxwZ9DcIC%2FhrqKku1hTZjkSnDVT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760703fce926b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Ww6r2bCjfLU
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ww6r2bCjfLU
IP 142.250.74.3:0
Hash c09f502e73e53eafe937c7a49a4360d9
ef8cb0da24eac1ecb406565582c497983b80b056
1db8aa787c2b487688f91146f406824ef6859b2337a27b3c46eabce4bdcec6c9
POST /s/gts1p5/Ww6r2bCjfLU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 23:36:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6c2e67173681c110e1250dd36383b780
1b9ef4ef9b763550486e74a8294179fd1f20dcaf
161d0767af815ca2ff3519c711e1e742723ade300daf3943a431913aa52dc39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112357
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 23:36:41 GMT
Etag: "6358d86e-117"
Expires: Fri, 28 Oct 2022 06:49:18 GMT
Last-Modified: Wed, 26 Oct 2022 06:49:18 GMT
Server: nginx
Content-Length: 279
kvhwww.top/4bf88adf466b90cef3686374a27fc0e2.gif
172.67.162.45200 OK 756 kB URL HTTP/2 kvhwww.top/4bf88adf466b90cef3686374a27fc0e2.gif
IP 172.67.162.45:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 756 kB (755861 bytes)
Hash c2dc0ed33af046deabc8a896c8ca57ca
b4f888334f869de4eb3dddd6b7542b0e2922f36a
c613a49de134cd30594eb822368a4a16eb3de0648b857ad44d872944c4bd407a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvhwww.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.615k0wln.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 23:36:41 GMT
content-type: image/gif
content-length: 755861
last-modified: Thu, 06 Oct 2022 15:26:58 GMT
etag: "633ef3c2-b8895"
expires: Sun, 20 Nov 2022 15:59:35 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 459426
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS2928pOMIqvv5lWq4b%2FKyeB2rLkFmIi0HTxZ7T7xyRvFU%2BgcCuUKM2m5u8hUTfjh2QgP1gj4eTacaLya3KW2gALX59HN%2BAFb3Yc8tVXKrHE4iWr463P61Qu1Y9u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760703fd98551c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6c2e67173681c110e1250dd36383b780
1b9ef4ef9b763550486e74a8294179fd1f20dcaf
161d0767af815ca2ff3519c711e1e742723ade300daf3943a431913aa52dc39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112357
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 23:36:41 GMT
Etag: "6358d86e-117"
Expires: Fri, 28 Oct 2022 06:49:18 GMT
Last-Modified: Wed, 26 Oct 2022 06:49:18 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/s/gts1p5/Ww6r2bCjfLU
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ww6r2bCjfLU
IP 142.250.74.3:0
Hash c09f502e73e53eafe937c7a49a4360d9
ef8cb0da24eac1ecb406565582c497983b80b056
1db8aa787c2b487688f91146f406824ef6859b2337a27b3c46eabce4bdcec6c9
POST /s/gts1p5/Ww6r2bCjfLU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 23:36:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8179e95dffc38cb853c56a4ae0fcea2d
ea5fb885f2905c89b53a60b2a53686e65af538ca
df8442ad6af39379bbfe53a0135f1ed9abe4b56b4c9312c0a77a9ec8d3b13138
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=123463
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 23:36:41 GMT
Etag: "635903d0-117"
Expires: Fri, 28 Oct 2022 09:54:24 GMT
Last-Modified: Wed, 26 Oct 2022 09:54:24 GMT
Server: nginx
Content-Length: 279
api.ipj8ts1p.club/web.php/index/config
20.205.123.153200 OK 0 B URL HTTP/2 api.ipj8ts1p.club/web.php/index/config
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /web.php/index/config HTTP/1.1
Host: api.ipj8ts1p.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.615k0wln.life
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cdn-node-a9-new-hk-02
cdn-cache: HIT
X-Firefox-Spdy: h2
api.ipj8ts1p.club/web.php/index/type
20.205.123.153200 OK 0 B URL HTTP/2 api.ipj8ts1p.club/web.php/index/type
IP 20.205.123.153:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /web.php/index/type HTTP/1.1
Host: api.ipj8ts1p.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://api.615k0wln.life
Connection: keep-alive
Referer: https://api.615k0wln.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: cdn-node-a9-new-hk-02
cdn-cache: HIT
X-Firefox-Spdy: h2
kvkiii.top/712c8059cb44f5944e47108c6b8dd5bd.gif
104.21.234.205200 OK 0 B URL HTTP/2 kvkiii.top/712c8059cb44f5944e47108c6b8dd5bd.gif
IP 104.21.234.205:0
GET /712c8059cb44f5944e47108c6b8dd5bd.gif HTTP/1.1
Host: kvkiii.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.615k0wln.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 23:36:41 GMT
content-type: image/gif
content-length: 1121344
last-modified: Sun, 26 Jun 2022 12:14:24 GMT
etag: "62b84da0-111c40"
expires: Fri, 25 Nov 2022 07:53:31 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 56590
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=763q6L2xv869acoE%2Bxf02D4Y3trm%2Fg2C203x%2FqVUfe0QW%2Fce4UfzTzXxDzriQPGpUPyg38VxXGhN%2F0FvCiSVNZgW0QzCNMIZde73PH0m5osxkwjpz5OvDohNTOL%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760703fdaffed184-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.ii10-daxiangjiao.com/1666827636.html
20.24.217.103200 OK 0 B URL HTTP/2 api.ii10-daxiangjiao.com/1666827636.html
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /1666827636.html HTTP/1.1
Host: api.ii10-daxiangjiao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.aayushjyotirmaan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:35 GMT
content-type: text/html
last-modified: Sat, 18 Dec 2021 07:18:36 GMT
vary: Accept-Encoding
etag: W/"61bd8b4c-427"
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: MISS
X-Firefox-Spdy: h2
api.ii10-daxiangjiao.com/js/api.php
20.24.217.103200 OK 0 B URL HTTP/2 api.ii10-daxiangjiao.com/js/api.php
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
POST /js/api.php HTTP/1.1
Host: api.ii10-daxiangjiao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://api.ii10-daxiangjiao.com
Connection: keep-alive
Referer: https://api.ii10-daxiangjiao.com/1666827636.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=1
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cdn-node-a9-new-hk-03
X-Firefox-Spdy: h2
api.615k0wln.life/static/js/index.029b76c6.js
20.24.217.103200 OK 0 B URL HTTP/2 api.615k0wln.life/static/js/index.029b76c6.js
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /static/js/index.029b76c6.js HTTP/1.1
Host: api.615k0wln.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/?tt=1666827637
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:38 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 08:50:28 GMT
vary: Accept-Encoding
etag: W/"634a7454-1bb77"
expires: Thu, 27 Oct 2022 04:18:15 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
api.ii10-daxiangjiao.com/js/jquery.min.js
20.24.217.103200 OK 0 B URL HTTP/2 api.ii10-daxiangjiao.com/js/jquery.min.js
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/jquery.min.js HTTP/1.1
Host: api.ii10-daxiangjiao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.ii10-daxiangjiao.com/1666827636.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:36 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 13:00:00 GMT
vary: Accept-Encoding
etag: W/"617012d0-15d84"
expires: Thu, 27 Oct 2022 00:46:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2
api.615k0wln.life/static/index.2772579d.css
20.24.217.103200 OK 0 B URL HTTP/2 api.615k0wln.life/static/index.2772579d.css
IP 20.24.217.103:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /static/index.2772579d.css HTTP/1.1
Host: api.615k0wln.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.615k0wln.life/?tt=1666827637
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 26 Oct 2022 23:36:38 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 08:50:28 GMT
vary: Accept-Encoding
etag: W/"634a7454-17031"
expires: Thu, 27 Oct 2022 04:17:27 GMT
cache-control: max-age=43200
content-encoding: gzip
via: cdn-node-a9-new-hk-03
cdn-cache: HIT
X-Firefox-Spdy: h2