Report - herniadrhouston.com/

Report Overview

Submitted URL
herniadrhouston.com/
IP
45.39.29.10
ASN
#18779 EGIHOSTING
Submitted
2022-12-08 08:43:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	14 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
api.share.baidu.com	44629	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	114 B	182.61.240.101
img.9219x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	685 B	185.239.226.87
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	172.64.155.188
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	293 B	750 B	182.61.201.93
223969ufy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	359 kB	45.61.212.216
tt.1468tu.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	271 B	373 B	20.249.88.42
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	54 kB	34.120.237.76
img.9623x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.87
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.114.252
www.herniadrhouston.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.0 kB	45.39.29.10
www.jxys12.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	210 kB	173.231.38.5
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	36 kB	103.235.46.191
kvemm.com	222018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	844 B	45.154.214.239
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	734 B	3.9 kB	104.18.21.226
5593qq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	283 B	103.170.15.111
herniadrhouston.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	195 B	45.39.29.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.0 kB	93.184.220.29
www.jxys88.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	156 kB	173.231.12.68
kvevv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	926 B	18.155.68.62
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	3.8 kB	104.18.21.226
339282bdb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	553 kB	45.61.212.216
img.9276x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	185.239.226.87
592773xgg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	278 B	45.61.212.55

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	223969ufy.com	Sinkholed
2022-12-08	medium	339282bdb.com	Sinkholed
2022-12-08	medium	592773xgg.com	Sinkholed

JavaScript (16)

	URL	Size	First Seen	Last Seen
	www.herniadrhouston.com/	404 B	2023-03-07	2024-04-17
Pretty URL www.herniadrhouston.com/ IP 45.39.29.10 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-17 19:36:54 Times Seen2974 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.herniadrhouston.com/tj.js	520 B	2023-03-07	2023-03-13
Pretty URL www.herniadrhouston.com/tj.js IP 45.39.29.10 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:10:57 Last Seen2023-03-13 14:40:12 Times Seen1 Hash 201dd7e40e7339ed3282fbdf40c1c583 862a8ba838ace9b09537cffb79e36106df92de83 b7bf4c87a1a23bf2fdb212ec234c808f1373ace0aac14db94800d3840b20e85d Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-18
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.93 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 07:50:39 Times Seen18940 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:55:12 Last Seen2023-03-08 21:55:12 Times Seen1 Hash 90ca1af09d01fdccaba68c4a85f76929 d15ce56e3285969c371234a8858175078d64c59b 9aa1329520b1e99b1739ba0cb87f2c5439577260329b03ac0968d9688b3f4994 Loading...

	hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:55:12 Last Seen2023-03-08 21:55:12 Times Seen1 Hash 930404009856c2c3e315a38f7ebe6332 b63e2c3041c4cb5243d61537c03f32326ba83039 0dfad62a69601a4dfc7e8a52194a8393769e45c4d6504e6d9a60c118de0cf35c Loading...

	www.herniadrhouston.com/common.js	1.5 kB	2023-03-07	2023-03-17
Pretty URL www.herniadrhouston.com/common.js IP 45.39.29.10 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:14 Last Seen2023-03-17 10:41:04 Times Seen1 Hash 2d67599d1e21388fb35a4f6ae7c75a34 d659e4906bd306b2056c78675375c10c520f0435 4f619b09ee009853db7003ec09d8562208b4fd9a643d4706084159df5804b84d Loading...

	www.jxys88.net/news/index.php	166 B	2023-03-07	2023-04-05
Pretty URL www.jxys88.net/news/index.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-04-05 02:05:15 Times Seen271 Hash 148c395b30fc62c19c4e96a387ce5080 aaad892b0553b427438079c39c45c04a4bd26683 3abae3dd940fa31948ccf4348d0b3dd0528808c33a99915e9ea06c6c9faf097c Loading...

	hm.baidu.com/hm.js?aecfe4a2ad79729f816997d3ee0d19b3	30 kB	2023-03-08	2023-03-08
Pretty URL hm.baidu.com/hm.js?aecfe4a2ad79729f816997d3ee0d19b3 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:55:12 Last Seen2023-03-08 21:55:12 Times Seen1 Hash 938ba12a8582c5966912b67adbb38cf4 73a39245ace3c7bd8c0942285317644c60ee0089 42d6ffdb543c54c7d1987a338c1bb334173f4b608a27256d240a6162cd70b876 Loading...

	www.jxys88.net/news/data.php	469 B	2023-03-08	2023-03-11
Pretty URL www.jxys88.net/news/data.php IP 173.231.12.68 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 7f56be0ca5a97f81ac641229e5c24b4c 692a4379baa5daf6b4e173fb012a87641bde14d1 032baef139f9557423b7d7536a112f7bfb6b12b1a17210dec23ed069d5f2d005 Loading...

	www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js	1.3 kB	2023-03-08	2023-03-09
Pretty URL www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js IP 173.231.38.5 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-09 01:11:08 Times Seen1 Hash ee28cd2242b8ac191e0621392ec7c514 26b3f68fbfdbb75791ddd97b5036352324aa6536 37670225415ca73d6a9adc2a320abbc03ae72fc302ea9e55ed9dea3ca4a567d0 Loading...

	www.jxys12.xyz/	254 B	2023-03-07	2023-07-10
Pretty URL www.jxys12.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-07-10 02:29:30 Times Seen148 Hash 2b060c01c124335c89db809e88d801f5 4226dea14013c0d2b6a391cebcfafc02e00d9305 46b48e8582d3035db685d90fd6ef29a676ae4f59721521c4025568c81fc43621 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 21d92412832217293182fd7820b7aaf3	477 B	2023-03-07	2023-03-10
Pretty Observations First Seen2023-03-07 13:10:57 Last Seen2023-03-10 11:28:46 Times Seen1 Hash 21d92412832217293182fd7820b7aaf3 cafc3a6de922e19b60c51302866c0012c1be39ce c08d00aac1159de99bea3848a1baf37637bb60f581c8091048c64991a1c5a246 Loading...

		Size	First Seen	Last Seen
	#1 Write - 6b83563ff6790455d9a189afa1320899	458 B	2023-03-07	2023-03-10
Pretty Observations First Seen2023-03-07 13:10:58 Last Seen2023-03-10 11:28:46 Times Seen1 Hash 6b83563ff6790455d9a189afa1320899 37c8cdd6e7fcde99012bb21affebe56faa48fd01 63e84c8613da5cad9f15e333f3a1ecdfe2870463f7210ca1a4ce4b7fa4ccb4a1 Loading...

	#2 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-16
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-16 23:49:23 Times Seen3759 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#3 Write - 9e58bc71ba979d178641dc7a36580d52	328 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-11 22:51:19 Times Seen1 Hash 9e58bc71ba979d178641dc7a36580d52 1e38142c09934e54bb33e6bdc2eda1a28da6c7c7 380ed21bcde40c675ea4aa1b4208659bcfec7172b3b42ba8c71961b354c91c28 Loading...

	#4 Write - dd7976ad1391230765780162eb89256e	329 B	2023-03-08	2023-03-09
Pretty Observations First Seen2023-03-08 16:44:00 Last Seen2023-03-09 01:11:08 Times Seen1 Hash dd7976ad1391230765780162eb89256e eb1b9e94a766839cd7b1369dea299e3c75d6aee5 c36dd2175e308da12015e207ad74bd4e85e938bf9077646461849e6eba101fd1 Loading...

HTTP Transactions (73)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19396
Expires: Thu, 08 Dec 2022 14:06:11 GMT
Date: Thu, 08 Dec 2022 08:42:55 GMT
Connection: keep-alive

herniadrhouston.com/

45.39.29.10

301 Moved Permanently

0 B

URL HTTP/1.1
herniadrhouston.com/
IP
45.39.29.10:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: herniadrhouston.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Dec 2022 08:42:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.herniadrhouston.com/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8286
Expires: Thu, 08 Dec 2022 11:01:01 GMT
Date: Thu, 08 Dec 2022 08:42:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5806
Expires: Thu, 08 Dec 2022 10:19:41 GMT
Date: Thu, 08 Dec 2022 08:42:55 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 08:08:09 GMT
content-type: application/json
age: 2086
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: zYo8Mg5c+2sduKzg+T2sdIJ9pqjLee9oJ+qbS6NwKPU4P6hcsUNoRGSU+R6gVrvS8Zfbgru9gYc=
x-amz-request-id: A9AZKM9VCEEXQYHR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 07:49:42 GMT
age: 3193
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:42:55 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 08:07:58 GMT
age: 2098
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 629
Cache-Control: max-age=88463
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:42:56 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:17:19 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.89.114.252

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.114.252:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OUx7oTWxW6RIl7Vh69Gd4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: covypalKlFt73rLE2zZlJBxnasc=

www.herniadrhouston.com/

45.39.29.10

200 OK

783 B

URL HTTP/1.1
www.herniadrhouston.com/
IP
45.39.29.10:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
783 B (783 bytes)
Hash
0008ac34017a3900006546798c5768b3
69bedef39cd5b67f330f8ea833e2ff75c28c264b
0a3ed236879419087e3802d632dc82378296144bb9ce2cd5a8f8340eb5d1cd49

HTTP Headers

GET / HTTP/1.1
Host: www.herniadrhouston.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 08:42:56 GMT
Content-Type: text/html
Content-Length: 783
Connection: keep-alive

www.herniadrhouston.com/tj.js

45.39.29.10

200 OK

520 B

URL HTTP/1.1
www.herniadrhouston.com/tj.js
IP
45.39.29.10:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
201dd7e40e7339ed3282fbdf40c1c583
862a8ba838ace9b09537cffb79e36106df92de83
b7bf4c87a1a23bf2fdb212ec234c808f1373ace0aac14db94800d3840b20e85d

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.herniadrhouston.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.herniadrhouston.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 08:42:57 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive

www.herniadrhouston.com/common.js

45.39.29.10

200 OK

738 B

URL HTTP/1.1
www.herniadrhouston.com/common.js
IP
45.39.29.10:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
738 B (738 bytes)
Hash
70670d0986c3d241b2799f9b5ae5e100
e0a9285c476b9339f8ee575c4cbc26ecfc4d0a8b
788c72241a91da39f72a02d61ea2da8aa6a57d0db6b1118e583ad166b61b1ea6

HTTP Headers

GET /common.js HTTP/1.1
Host: www.herniadrhouston.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.herniadrhouston.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 08:42:57 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
04bbb33d7f61b03bc9bbed7e5860a4a7
62322ee32e7f42171b2cfb117b2758f8ccccb87d
45206ad87dcff3a25e295ae1c82f9a0fe7bf41ec6e7eeaf4d95c1f47564af72d

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:42:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 12 Dec 2022 07:28:04 GMT
ETag: "62322ee32e7f42171b2cfb117b2758f8ccccb87d"
Last-Modified: Thu, 08 Dec 2022 07:28:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 291
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776435f03a0eb521-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
04bbb33d7f61b03bc9bbed7e5860a4a7
62322ee32e7f42171b2cfb117b2758f8ccccb87d
45206ad87dcff3a25e295ae1c82f9a0fe7bf41ec6e7eeaf4d95c1f47564af72d

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:42:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 12 Dec 2022 07:28:04 GMT
ETag: "62322ee32e7f42171b2cfb117b2758f8ccccb87d"
Last-Modified: Thu, 08 Dec 2022 07:28:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 291
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776435f04a28b521-OSL

www.herniadrhouston.com/favicon.ico

45.39.29.10

200 OK

1.2 kB

URL HTTP/1.1
www.herniadrhouston.com/favicon.ico
IP
45.39.29.10:0
ASN
#18779 EGIHOSTING

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.herniadrhouston.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.herniadrhouston.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 08:42:57 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 13 Dec 2022 08:42:57 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5793
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 08:42:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5793
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 08:42:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5793
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 08:42:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5793
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 08:42:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5620 bytes)
Hash
ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ITQgs0jVosYx5zvT7j4YLqGZ1HEmsNgartV3g8uaNuJHs4VqVs50OQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:47:24 GMT
age: 39334
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10164 bytes)
Hash
3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 10:23:11 GMT
age: 80387
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5245 bytes)
Hash
43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:24:13 GMT
age: 37125
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3744 bytes)
Hash
bdf4703f3372054a7aadce1cb0e11bd0
84d060f66accd412503d52c385ee47cb35795c07
c5853b653ee328e567e2456be12450e04c1704ed64fb6234f008532e4b6c8363

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3744
x-amzn-requestid: 73eab74b-e50c-46d1-adde-3ef85fb772f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlj7FDiIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb618-70ffb1925e3a9ef6081d1cd1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: F-LcglSz1NX1Q2t84r1dv0vQzONyYMhlGB6TdS6CeKf9I8Krk1mDUg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:05:24 GMT
age: 38254
etag: "84d060f66accd412503d52c385ee47cb35795c07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 32979
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8438 bytes)
Hash
f4cbd333b74ebe10e77c1bdf1fec0269
bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8
7c868974824cef2f1a08c4500d10490fbaa8515984391b822c70a5009ad8c225

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 79861560-2468-4c0a-afd8-800d1e6d6814
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4A5EbzIAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d2-0b1efe0b006b8b0b2f69870b;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IwKyyl2JhvfaJVvVRouj0tvuI5j5o_a4y1qNyTYKaNTVG6Cj98RVYQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:47:24 GMT
age: 39334
etag: "bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

push.zhanzhang.baidu.com/push.js

182.61.201.93

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.93:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.herniadrhouston.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 08 Dec 2022 08:42:57 GMT
Etag: "4078521116"
Expires: Fri, 08 Dec 2023 08:42:57 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=4AFE64FEC8BD118C53B9BAF48C2AAF3B:FG=1; max-age=31536000; expires=Fri, 08-Dec-23 08:42:57 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8e96867cd5a0a0cca1c6ea471369cbee
4e4a5b01ed79ee5e094bdece55afa185654d7b55
2a2dabd8185486bdb8550d269103942e634deb449d8372ba38edf73baa9313f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A2DABD8185486BDB8550D269103942E634DEB449D8372BA38EDF73BAA9313F2"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21540
Expires: Thu, 08 Dec 2022 14:41:58 GMT
Date: Thu, 08 Dec 2022 08:42:58 GMT
Connection: keep-alive

hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
351303fec2b4169b895b00695fac8391
84e6d151e23896ee0ad56b9306f35491b10a4916
bbc3a6e5b1b70ff2032a32d107d4e5aeaa3f6c5234f08cfe788c287d3d702424

HTTP Headers

GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.herniadrhouston.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Thu, 08 Dec 2022 08:42:58 GMT
Etag: 4294959e005d3678a8551c1943ee70c7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=467BA2951D3B74A5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

api.share.baidu.com/s.gif?l=http://www.herniadrhouston.com/

182.61.240.101

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.herniadrhouston.com/
IP
182.61.240.101:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.herniadrhouston.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.herniadrhouston.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 08 Dec 2022 08:42:58 GMT

hm.baidu.com/hm.js?aecfe4a2ad79729f816997d3ee0d19b3

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?aecfe4a2ad79729f816997d3ee0d19b3
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (617)
Size
11 kB (11255 bytes)
Hash
16ac0a83d4fb8a9b27108bab85e03449
ad413f80798251dfef730ae23700e8653d71c35d
61e6192d10608722de8cc89f1be523c21c9b0db87e50af76ee92d0a5dba48451

HTTP Headers

GET /hm.js?aecfe4a2ad79729f816997d3ee0d19b3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.herniadrhouston.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Thu, 08 Dec 2022 08:42:58 GMT
Etag: 4608d51a31946f2e8c860451d11e8307
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=295398636544F750; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

www.jxys88.net/news/index.php

173.231.12.68

200 OK

630 B

URL HTTP/2
www.jxys88.net/news/index.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
630 B (630 bytes)
Hash
c6923286d39474b573f61f9ad9dda249
491b5acbb92ddcb379820c2ccbdc9c7f977db5d8
6308772b260a93495bef907edf0fe60bbe46b4ca1f3de2a9f85ccfb063b69dd5

HTTP Headers

GET /news/index.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.herniadrhouston.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:42:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1006858077&si=aecfe4a2ad79729f816997d3ee0d19b3&v=1.3.0&lv=1&sn=1829&r=0&ww=1280&u=http%3A%2F%2Fwww.herniadrhouston.com%2F&tt=%E6%BF%AE%E9%98%B3%E9%A5%B2%E7%96%9A%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1006858077&si=aecfe4a2ad79729f816997d3ee0d19b3&v=1.3.0&lv=1&sn=1829&r=0&ww=1280&u=http%3A%2F%2Fwww.herniadrhouston.com%2F&tt=%E6%BF%AE%E9%98%B3%E9%A5%B2%E7%96%9A%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1006858077&si=aecfe4a2ad79729f816997d3ee0d19b3&v=1.3.0&lv=1&sn=1829&r=0&ww=1280&u=http%3A%2F%2Fwww.herniadrhouston.com%2F&tt=%E6%BF%AE%E9%98%B3%E9%A5%B2%E7%96%9A%E6%96%B0%E6%9D%90%E6%96%99%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.herniadrhouston.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Dec 2022 08:42:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=37A778703BF2727A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c49c9e406916e9580df818d262bbf59a
b10c1f06cb7a7350625dd8aab666159c96fd50e8
925a9f400c1f1abb0acbb3e67be2c09be31b14179e603881cdf54e9203d8cf48

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "925A9F400C1F1ABB0ACBB3E67BE2C09BE31B14179E603881CDF54E9203D8CF48"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3644
Expires: Thu, 08 Dec 2022 09:43:44 GMT
Date: Thu, 08 Dec 2022 08:43:00 GMT
Connection: keep-alive

www.jxys12.xyz/template/m1938pc/html9/ads/1.gif

173.231.38.5

200 OK

254 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:43:01 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Sat, 07 Jan 2023 08:43:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif

173.231.38.5

200 OK

193 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/ob1.gif
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 960 x 90\012- data
Size
193 kB (193193 bytes)
Hash
a0f25aca4ee2af38f3d3f5cbfde1bdf8
252b04cdfaa6918b897fc8ef8ae759469ca831eb
89cb08a7d3e9821e1bda6a5c77b1e22d1d6feb91b4645be63ffa61c06709bff2

HTTP Headers

GET /template/m1938pc/html9/ads/ob1.gif HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:43:01 GMT
content-type: image/gif
content-length: 193193
last-modified: Fri, 11 Nov 2022 06:41:02 GMT
etag: "636dee7e-2f2a9"
expires: Sat, 07 Jan 2023 08:43:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff

173.231.38.5

200 OK

13 kB

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type
Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size
13 kB (13408 bytes)
Hash
99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72

HTTP Headers

GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys12.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:43:01 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
2bb72f9c916d49b8d6077eb74f4ee260
8658b6bc877fb57b1f8d74a17d9d4a26c0d9f90a
9a0178a82d66b57f69157ddbf83f56d7b66e24b4475008beaf682aaa2b95e363

HTTP Headers

GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Thu, 08 Dec 2022 08:43:01 GMT
Etag: e5dec89c229a584b153e69e138756359
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1DC95BEB446E6A40; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1296721374&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=1831&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1296721374&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=1831&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1296721374&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fwww.jxys88.net%2F&v=1.3.0&lv=1&sn=1831&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys12.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Dec 2022 08:43:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A6BCB653B8FFFB59; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a7734a38de27975a782c9c9695d19450
b3f18ffd932b092807af03c04d25984234be6bf0
e40a8676b06c332499884deb06cf79c7c0784ab786858142ad01b76e5f1ad6bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E40A8676B06C332499884DEB06CF79C7C0784AB786858142AD01B76E5F1AD6BF"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10980
Expires: Thu, 08 Dec 2022 11:46:04 GMT
Date: Thu, 08 Dec 2022 08:43:04 GMT
Connection: keep-alive

kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif

45.154.214.239

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/0eddc09b941df608c7dbb65fd7344c05.gif
IP
45.154.214.239:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0eddc09b941df608c7dbb65fd7344c05.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 08 Dec 2022 08:43:04 GMT
content-type: text/html
content-length: 162
location: https://kvknnn.top/0eddc09b941df608c7dbb65fd7344c05.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a7734a38de27975a782c9c9695d19450
b3f18ffd932b092807af03c04d25984234be6bf0
e40a8676b06c332499884deb06cf79c7c0784ab786858142ad01b76e5f1ad6bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E40A8676B06C332499884DEB06CF79C7C0784AB786858142AD01B76E5F1AD6BF"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19175
Expires: Thu, 08 Dec 2022 14:02:39 GMT
Date: Thu, 08 Dec 2022 08:43:04 GMT
Connection: keep-alive

kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif

45.154.214.239

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/c70f7dd4a4c94432f7e7dfd8886c435b.gif
IP
45.154.214.239:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /c70f7dd4a4c94432f7e7dfd8886c435b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 08 Dec 2022 08:43:04 GMT
content-type: text/html
content-length: 162
location: https://kvknnn.top/c70f7dd4a4c94432f7e7dfd8886c435b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bda8b484f3681f1a2ed3f7f320e00fae
87fc3b98df26bc5f48d604c2587106b93542df1d
9007747a263c983eccd8e28a8706034c79e2804c82b4af0196e777ad9fa59ccf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9007747A263C983ECCD8E28A8706034C79E2804C82B4AF0196E777AD9FA59CCF"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4747
Expires: Thu, 08 Dec 2022 10:02:11 GMT
Date: Thu, 08 Dec 2022 08:43:04 GMT
Connection: keep-alive

img.9219x.com/images/6381f7d0fbdac46b425ad664.gif

185.239.226.87

302 Found

503 B

URL HTTP/2
img.9219x.com/images/6381f7d0fbdac46b425ad664.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type
data
Size
503 B (503 bytes)
Hash
bda8b484f3681f1a2ed3f7f320e00fae
87fc3b98df26bc5f48d604c2587106b93542df1d
9007747a263c983eccd8e28a8706034c79e2804c82b4af0196e777ad9fa59ccf

HTTP Headers

GET /images/6381f7d0fbdac46b425ad664.gif HTTP/1.1
Host: img.9219x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d75f97e45164ebf913aedd35d2ce246
X-Firefox-Spdy: h2

www.jxys88.net/news/data.php

173.231.12.68

200 OK

154 kB

URL HTTP/2
www.jxys88.net/news/data.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type
data
Size
154 kB (154255 bytes)
Hash
6e68b3ff741b25a2f98bd367c0c849c3
41eccec8334699512d3c5dd05d018c6977a9bf2f
df568c2434fe6c27fbe162d589d52413301ac79893be1d0fc1f799305ca51fd7

HTTP Headers

GET /news/data.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:42:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif

45.61.212.216

200 OK

359 kB

URL HTTP/1.1
223969ufy.com/ddc7ee998e5442059a05a76f45a279b8.gif
IP
45.61.212.216:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
359 kB (358672 bytes)
Hash
668143938c3bb811847d83330decd423
f86300da5d773b84bc65d3c901a4767fd8566c48
a06c47f458fdbd01ba8ba0202fb615e94e2353d65098b480ede52a13a645f859

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ddc7ee998e5442059a05a76f45a279b8.gif HTTP/1.1
Host: 223969ufy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63665362-57910"
Date: Mon, 21 Nov 2022 16:57:12 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 05 Nov 2022 12:13:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-16
Content-Length: 358672

tt.1468tu.com/58tu/405x204.gif

20.249.88.42

301 Moved Permanently

166 B

URL HTTP/1.1
tt.1468tu.com/58tu/405x204.gif
IP
20.249.88.42:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /58tu/405x204.gif HTTP/1.1
Host: tt.1468tu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 08:43:04 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://tt.1468tu.com:1382/58tu/405x204.gif
Server: X-Y

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
8d754caa1ded6f9231b58a821d27e1e9
5ce8a9445bbad67d4fd6b96b2e5fad798466fc0c
20eeef4cf0067017e0a74908d8eda0ac8d5012a1e67b48183e957d3d8675c52c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5405
Cache-Control: max-age=147957
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:43:05 GMT
Etag: "63912d71-116"
Expires: Sat, 10 Dec 2022 01:49:02 GMT
Last-Modified: Thu, 08 Dec 2022 00:18:57 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7eaa9a99f346ffdd69a8cbc694e915f9
962ab3af6d805e56b790be2245194419ca0c7a60
25691b9f0215c9bd38e2463bef67b81093c2b7029cd60ec9369ba6596c2c1f04

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25691B9F0215C9BD38E2463BEF67B81093C2B7029CD60EC9369BA6596C2C1F04"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14458
Expires: Thu, 08 Dec 2022 12:44:03 GMT
Date: Thu, 08 Dec 2022 08:43:05 GMT
Connection: keep-alive

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4538 bytes)
Hash
2f5ce4070e5050733be6bded399afe53
77cf1dd30e86f5568a8e64cb42f536cf2af9301c
7fe19657e1add41e913e9a326023ff484180ca17615175ddc5d2ab57217566bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4538
x-amzn-requestid: 143f359f-c0fd-4d32-8de5-cc2c2804bb39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gIHzXoAMFqmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-27db2e3c6de7216e3c17caea;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CTvoYad2nNPubKimSZrkJXGTDWZK6u3fTli1YnBgrXk7WPAtmvO2rA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:04:30 GMT
age: 38315
etag: "77cf1dd30e86f5568a8e64cb42f536cf2af9301c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
8d754caa1ded6f9231b58a821d27e1e9
5ce8a9445bbad67d4fd6b96b2e5fad798466fc0c
20eeef4cf0067017e0a74908d8eda0ac8d5012a1e67b48183e957d3d8675c52c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5405
Cache-Control: max-age=147957
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:43:05 GMT
Etag: "63912d71-116"
Expires: Sat, 10 Dec 2022 01:49:02 GMT
Last-Modified: Thu, 08 Dec 2022 00:18:57 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278

339282bdb.com/e20f57018fba490b9af887342222147f.gif

45.61.212.216

200 OK

553 kB

URL HTTP/1.1
339282bdb.com/e20f57018fba490b9af887342222147f.gif
IP
45.61.212.216:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 960 x 60\012- data
Size
553 kB (552818 bytes)
Hash
097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e20f57018fba490b9af887342222147f.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b939b-86f72"
Date: Mon, 05 Dec 2022 13:20:06 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:32:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-16
Content-Length: 552818

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da439da26b65091e32155faa2dcaa4f1
b1f8db7ef36276eb0a836f74dad478eac1db1893
842fecc1dd3661b070905b9049a47ef7317286423c0e8e521794ba23feb0f967

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "842FECC1DD3661B070905B9049A47EF7317286423C0E8E521794BA23FEB0F967"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9865
Expires: Thu, 08 Dec 2022 11:27:30 GMT
Date: Thu, 08 Dec 2022 08:43:05 GMT
Connection: keep-alive

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
f8e080fb759dd89914537fad0b407c2b
c6fb5ae376133178a9aab618a50315883614d9cd
e3a2f5bc86dcb98e29b793b9c9c109a4ad3419e8543542a92fdff62f31ee2b0b

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:43:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 12 Dec 2022 04:38:05 GMT
ETag: "c6fb5ae376133178a9aab618a50315883614d9cd"
Last-Modified: Thu, 08 Dec 2022 04:38:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2725
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7764361fe8200b41-OSL

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
f8e080fb759dd89914537fad0b407c2b
c6fb5ae376133178a9aab618a50315883614d9cd
e3a2f5bc86dcb98e29b793b9c9c109a4ad3419e8543542a92fdff62f31ee2b0b

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:43:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 12 Dec 2022 04:38:05 GMT
ETag: "c6fb5ae376133178a9aab618a50315883614d9cd"
Last-Modified: Thu, 08 Dec 2022 04:38:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2725
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7764361fea8cfac0-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
568221031a969a120341d8e3827a1c41
561eca6692acf695cb16dbcc1825c6f0b97ab26e
53616e833681da3208393b12710d5c583bb1b7f1c3678a3d72a453390132e586

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53616E833681DA3208393B12710D5C583BB1B7F1C3678A3D72A453390132E586"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12602
Expires: Thu, 08 Dec 2022 12:13:07 GMT
Date: Thu, 08 Dec 2022 08:43:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
568221031a969a120341d8e3827a1c41
561eca6692acf695cb16dbcc1825c6f0b97ab26e
53616e833681da3208393b12710d5c583bb1b7f1c3678a3d72a453390132e586

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53616E833681DA3208393B12710D5C583BB1B7F1C3678A3D72A453390132E586"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12602
Expires: Thu, 08 Dec 2022 12:13:07 GMT
Date: Thu, 08 Dec 2022 08:43:05 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
40cdc4fffc791f0e23e63abc5753caac
513d2aa7fb7c25faeccc5f5146e677be16d8b36d
419e7552c44dc4d805c3db47306bf6b708c916d956ba5876c72f2bee3f62a3b4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:43:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:19:41 GMT
Expires: Wed, 14 Dec 2022 03:19:40 GMT
Etag: "513d2aa7fb7c25faeccc5f5146e677be16d8b36d"
Cache-Control: max-age=498394,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7764361fee04b4fa-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b501cdbec9f892dac1525c6180856544
44bad2ee0255ac9d045925f31608ffbc9eafed23
c5504851b797163de4bbd621bde9cac8a18583d804773def0088fde8ee5958a5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:43:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 22:05:43 GMT
Expires: Tue, 13 Dec 2022 22:05:42 GMT
Etag: "44bad2ee0255ac9d045925f31608ffbc9eafed23"
Cache-Control: max-age=479556,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7764361fe8210b41-OSL

www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/html9/ads/zxf.js
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:43:01 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 11:16:18 GMT
vary: Accept-Encoding
etag: W/"638b3002-51a"
expires: Thu, 08 Dec 2022 20:43:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.9276x.com/images/638d9b63840bf2ee54dad6a3.gif

185.239.226.87

302 Found

0 B

URL HTTP/2
img.9276x.com/images/638d9b63840bf2ee54dad6a3.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/638d9b63840bf2ee54dad6a3.gif HTTP/1.1
Host: img.9276x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4c28866f219340e2bcb4b1878eb49c78
X-Firefox-Spdy: h2

www.jxys88.net/news/list.php

173.231.12.68

200 OK

0 B

URL HTTP/2
www.jxys88.net/news/list.php
IP
173.231.12.68:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /news/list.php HTTP/1.1
Host: www.jxys88.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys88.net/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:42:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/1.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/1.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:43:01 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Thu, 08 Dec 2022 20:43:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/white.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/white.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:43:01 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-29d9"
expires: Thu, 08 Dec 2022 20:43:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif

18.155.68.62

200 OK

0 B

URL HTTP/1.1
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP
18.155.68.62:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 506851
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:08:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 07 Dec 2022 10:42:50 GMT
ETag: "720e80d2a7ff4cf1bbf0b1608c2f35de"
X-Cache: Hit from cloudfront
Via: 1.1 59200cf8e35c5a7273b88a148fe1e0a4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: lt8uOfSla8rQz2Jtmaly7oKjIGreXpSrvkHZyAMds8G1sBfmZqotdg==
Age: 79215

kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif

18.155.68.62

200 OK

0 B

URL HTTP/1.1
kvevv.com/7546c860e55fa3bf22e5cd95994dd097.gif
IP
18.155.68.62:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /7546c860e55fa3bf22e5cd95994dd097.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 684992
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 08:07:09 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 08 Dec 2022 03:29:58 GMT
ETag: "6f531c957ea61da41ab38ccc064ac606"
X-Cache: Hit from cloudfront
Via: 1.1 740fccc7c62d49696904618862f889f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: mEA0R18fUZ1c8P96eVW0Y0G-07qlOZqvIBPZS3kgqmVEKoE61Wf-xA==
Age: 18787

www.jxys12.xyz/template/m1938pc/static/css/swiper.min.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/swiper.min.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:43:01 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Thu, 08 Dec 2022 20:43:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/style.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/style.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:43:01 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Thu, 08 Dec 2022 20:43:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys12.xyz/template/m1938pc/static/css/mm-content.css

173.231.38.5

200 OK

0 B

URL HTTP/2
www.jxys12.xyz/template/m1938pc/static/css/mm-content.css
IP
173.231.38.5:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: www.jxys12.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:43:01 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Thu, 08 Dec 2022 20:43:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif

45.61.212.55

200 OK

0 B

URL HTTP/1.1
592773xgg.com/ec0e8c2b5d2a4082a1acaceabcfca983.gif
IP
45.61.212.55:0
ASN
#53587 AZT

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ec0e8c2b5d2a4082a1acaceabcfca983.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635ba261-8dadb"
Date: Thu, 08 Dec 2022 02:31:47 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 09:35:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-25
Content-Length: 580315

img.9623x.com/images/6381f76ffbdac46b425ad663.gif

185.239.226.87

302 Found

0 B

URL HTTP/2
img.9623x.com/images/6381f76ffbdac46b425ad663.gif
IP
185.239.226.87:0
ASN
#134835 Starry Network Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6381f76ffbdac46b425ad663.gif HTTP/1.1
Host: img.9623x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/a2b80ab204704324a83fbd20f39ec3bb
X-Firefox-Spdy: h2

5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif

103.170.15.111

200 OK

0 B

URL HTTP/1.1
5593qq.com/4aa44d1866a149878b6b79cadb7ab527.gif
IP
103.170.15.111:0
ASN
#7483 Skycloud Computing co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /4aa44d1866a149878b6b79cadb7ab527.gif HTTP/1.1
Host: 5593qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys12.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63032a8a-b6a86"
Date: Tue, 06 Dec 2022 17:37:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 22 Aug 2022 07:04:42 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-41
Content-Length: 748166

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations