Report - jaytakeapic.com/

Report Overview

Submitted URL
jaytakeapic.com/
IP
154.205.217.205
ASN
#399674 IHGGROUP-001
Submitted
2022-11-28 07:23:40
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	66 kB	34.120.237.76
fmlb.netlbtu.com	187701	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	232 kB	45.89.208.114
kzerr.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	422 B	45.154.215.92
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.9 kB	23.36.77.32
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.8 kB	93.184.220.29
www.jaytakeapic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	154.205.217.205
kvemm.com	222018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	422 B	45.154.214.219
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.223.160.237
kzeaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	422 B	67.198.205.125
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	37 kB	103.235.46.191
kvmaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	422 B	170.178.176.170
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	3.8 kB	104.18.21.226
207.60.181.202	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	35 kB	207.60.181.202
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	9.3 kB	23.36.79.17
nvhbbb.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	1.1 MB	104.21.55.74
dimg04.c-ctrip.com	139731	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	842 B	1.3 MB	104.110.17.24
kvkccc.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	66 kB	104.21.28.152
kvheee.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	66 kB	104.21.234.198
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
jaytakeapic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	200 B	154.205.217.205
kvhjjj.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	903 kB	104.21.234.216

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed
2022-11-28	medium	207.60.181.202	Sinkholed

JavaScript (44)

	URL	Size	First Seen	Last Seen
	www.jaytakeapic.com/tj.js	258 B	2023-03-11	2023-03-12
Pretty URL www.jaytakeapic.com/tj.js IP 154.205.217.205 ASN #399674 IHGGROUP-001 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-12 17:00:24 Times Seen1 Hash 327e9ffc8979e0469060bcd6eda50ffa 24bb61ee2a8e55dc1631833d537213912a26301a e799c18a5f443687da21b35228cdf85125274478988a26943d1a539469c3e38e Loading...

	207.60.181.202/template/m1938pc/ads/tj.js	258 B	2023-03-11	2023-03-14
Pretty URL 207.60.181.202/template/m1938pc/ads/tj.js IP 207.60.181.202 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-14 07:05:42 Times Seen1 Hash 0e68e22c503aaf4fcb177bc3a43ad81f 7c40d1865fc783f1dfbee4538acd6d8cd57c6d28 cb0ae1dece623a679019eca54a80e5a7b9121acb98c2ba4271b7db65ec05abad Loading...

	207.60.181.202/	254 B	2023-03-07	2023-12-13
Pretty URL 207.60.181.202/ IP 207.60.181.202 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:55 Last Seen2023-12-13 01:13:28 Times Seen111 Hash 4f89cc1ce739c480747456d64f3870f6 37fb55a0b3211bbe4a85ff258a4c8ea6bc101fa0 0c99a866ff4dbfb0f1ccd12c9d69d730cd193af0ddfd266faeeceaf6adf38fe7 Loading...

	hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash ef9bea7eb5380c0ed57928dd6aa58e93 b0d1908e795e017ebae167f2d9d0ff14b0e23489 7d1f216e821d0416d93f703fd559295967d389362094995b4fb1f23634e563fb Loading...

	hm.baidu.com/hm.js?3eb04e3382620d144da5a7211093bbe4	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?3eb04e3382620d144da5a7211093bbe4 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash e81cc51c4c13b08f6f4b2a7845f6ef75 42de8379fb5bcf72ecdde137d19cb55046939557 8f0b6b66520d728c53e992e8b29453955807ad2fa8c15247ebee344a049fa11a Loading...

	hm.baidu.com/hm.js?21163e28fa33ea9019628ea7f6431328	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?21163e28fa33ea9019628ea7f6431328 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash c72baf53d12c7095f7d889b9353ea972 d100015008f26e4934d4542a42e219acc54da3b2 565b2117f3dd7db01278f910a7efa0e7ad976b2b499d8cca2d1daad2ef28475e Loading...

	www.jaytakeapic.com/index.php	42 B	2023-03-11	2023-03-11
Pretty URL www.jaytakeapic.com/index.php IP 154.205.217.205 ASN #399674 IHGGROUP-001 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 6c9e6861c2aad4a8f568be88240ed6f7 9cf936c93e9f896e0333282b5e5a0ed3a810a4bb 82e90553203d817843c5f602b7b8427a7f2a4bbe53436125941b6e19c0f0a79b Loading...

	www.jaytakeapic.com/common.js	1.5 kB	2023-03-11	2023-03-11
Pretty URL www.jaytakeapic.com/common.js IP 154.205.217.205 ASN #399674 IHGGROUP-001 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash cc5e9adf1da81e6c23162f5f243dc898 770d2c27c49771e86cc690ea0c5fbfb671f2d658 43f0b2bd6dc806f5842b383c134d8de6b1b53578f0cba9890bd749fa68438d93 Loading...

	207.60.181.202/template/m1938pc/ads/xx1.js	3.6 kB	2023-03-11	2023-03-11
Pretty URL 207.60.181.202/template/m1938pc/ads/xx1.js IP 207.60.181.202 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 8bd7bb9d0f7f4efe2a9b458d152c91fb 06a55d3f8aaadb283fd8d65c0dad17738c726f41 e3f3c31c0ea4e917ea7ed34d5400b1f4a2bd8b1ca136eca1221f6c0c8996ea33 Loading...

	207.60.181.202/template/m1938pc/ads/dh1.js	0 B	2023-03-07	2024-04-20
Pretty URL 207.60.181.202/template/m1938pc/ads/dh1.js IP 207.60.181.202 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 01:55:39 Times Seen36969183 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	207.60.181.202/template/m1938pc/ads/dh.js	1.3 kB	2023-03-11	2023-03-11
Pretty URL 207.60.181.202/template/m1938pc/ads/dh.js IP 207.60.181.202 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 1fe9a75afebe051238245edca34f0f4e dca480c90e40c54588e630fff16ad8a09178f340 d172adcf257fa154b747830919857a8f5a13c03eec41ce55743f663d17662a5e Loading...

	207.60.181.202/template/m1938pc/ads/xx3.js	916 B	2023-03-11	2023-03-11
Pretty URL 207.60.181.202/template/m1938pc/ads/xx3.js IP 207.60.181.202 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 7562417f475bfa59faf6ad7f4e40e62a 4353a59f832183c267b4143e0d45caed4f0fcb22 7f49249153bb3d4239652e215c33a3b01ee17cee3a596c8cfeb862d587f5d355 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 87c7d44c6329948bc9ab21c80ff5a867	466 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 87c7d44c6329948bc9ab21c80ff5a867 394a4eba7897009c94ac1c53261e743b467dd1d1 868f74d68a57b411f2ae7a30668a8d5d3dcd3ace558f17c01f75bbff35a060b4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 63c677751664c0def5dded367602a1fd	71 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 63c677751664c0def5dded367602a1fd a3e2c92d6be38888f034886be03f9ed8824077cb 21e74a8beeb835a02331ca3ab12bc37ff075b21910e1d0640ee08584db20b077 Loading...

	#2 Write - 6d0f14425329783cec199be8f521a934	166 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 6d0f14425329783cec199be8f521a934 ca5e9f530f355403f316c987d9750faef95d6080 464f89e9fc679e41870da2b01575526132a20cd23ce42cccfecfe44abb9656f5 Loading...

	#3 Write - f452eb8edd878bb8f221edae4c0e0638	104 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash f452eb8edd878bb8f221edae4c0e0638 30508e93a366c424d3c8fe7d80a2471450810757 fc17a924a9f43e9184dedef921e0e681237221cc573beb754039fc8a45f3db0e Loading...

	#4 Write - cc51f31f71de7047f7fc4feedb71b99d	100 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash cc51f31f71de7047f7fc4feedb71b99d b5c13933a544dd44b8d008ce6d33ed5492f23a36 bdcaa556b03b5fae32ff549c626fbc785e69c7a1c9d8428e19eb4b149728fa72 Loading...

	#5 Write - 8cecf3f7b30e469fda4a51e213525dbb	108 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 8cecf3f7b30e469fda4a51e213525dbb 12ee6bb63d3e4ea5eeb344d2da3b23a5b6c1e00a d03e78a32197e1563bc5fd9fad707298062281a5c68ffaaf00e7bc52a052ff03 Loading...

	#6 Write - 4401fb13fe84478a183779136e3650ff	188 B	2023-03-11	2023-03-12
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-12 17:00:24 Times Seen1 Hash 4401fb13fe84478a183779136e3650ff 93b72b95e2e7c9a678a1861765110fbd0afaf4ab 6c0e30c07de55b7027a2e2a13e3c4156e6602c6dcccb3c22e54789d94c16ab0e Loading...

	#7 Write - c915a2f2e67ff7577e13cefdffd3ee21	4 B	2023-03-07	2024-04-02
Pretty Observations First Seen2023-03-07 01:03:56 Last Seen2024-04-02 13:17:58 Times Seen377 Hash c915a2f2e67ff7577e13cefdffd3ee21 30c2f6467f10c307ccf18fb156ccb449362e639d c873ba64798050fd57353b5e587878f5deb1a72612b0817b050830bb92a6f228 Loading...

	#8 Write - 7ad167d102e48a60ac3dbb58885d8b2e	108 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 7ad167d102e48a60ac3dbb58885d8b2e da8a9670e4ec787418d3976266bf97464a141771 6b01ca0a0ca6c09128b62e8d66bcf151250dc1408428a2761271e9aefd25e06f Loading...

	#9 Write - 123dc5321af85cb64d3feea199601211	5 B	2023-03-07	2024-04-08
Pretty Observations First Seen2023-03-07 01:10:45 Last Seen2024-04-08 08:36:34 Times Seen1688 Hash 123dc5321af85cb64d3feea199601211 6887c1b72f02b402dd3c3a92cf5a530fdbf5e1e2 5190f9c0a1366612a15dc5cba14f2d78829e0f503a6d7a4777a27c64a230baef Loading...

	#10 Write - 3d82cfb3d4be82150e7f43fcb5cd283d	166 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 3d82cfb3d4be82150e7f43fcb5cd283d 541929fbf00a2e6c1bd72d3b1e65e64fcdaee4e9 324f5f4fca87a3dfa865dde1d07e6100b05a0425b4854212f6506fed2398a1f8 Loading...

	#11 Write - 1fa8db8dce73e83e2fbb7576f3c8ca94	81 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 14:47:03 Last Seen2023-03-17 12:43:37 Times Seen1 Hash 1fa8db8dce73e83e2fbb7576f3c8ca94 1ab01645d149869cc01d9d151f32a2abff016b5d 7fd66529c1daf5ed0e62d0bc5515a1e85ce3cf0083455e001547536c24ee9f33 Loading...

	#12 Write - fce5a86f10fccc1e45f74f9fa28f0cde	166 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash fce5a86f10fccc1e45f74f9fa28f0cde aff93c49558fa35c0ca0fc2c0ad1fbacf7f217b6 4fa9dbbfd6c3052004b6c9e3b529274217cfb9bd1f85b08185f6f4e7abd261e3 Loading...

	#13 Write - 017485a82684dd016329ddf27880ad21	188 B	2023-03-11	2023-03-12
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-12 17:00:24 Times Seen1 Hash 017485a82684dd016329ddf27880ad21 66bda53e0f2279f43b038aee489a29e766f48a98 04030890576187d60acc83b30f6f5954798ab7860939115c5384ff471b39dedf Loading...

	#14 Write - 51ea3ca4d015e7b11d873d17a78f4fc0	97 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 51ea3ca4d015e7b11d873d17a78f4fc0 057d28739398603e3d38d4ee06eedd183e5787ac 0ac755cc3ce596b2b80e9df0cabdbdb1b935001a54580775e08aeeafee27ce11 Loading...

	#15 Write - 639115b23994764ebca31aeb5bc92501	71 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 639115b23994764ebca31aeb5bc92501 ede83a43ddafc17f270fa10ceb19cdc2003b2748 010e33133d8ef5ed813d3c68665007b7816d0699800de9d0701cbce0f1224b6a Loading...

	#16 Write - b024b8b980db1bbbaed70cd692c372fd	137 B	2023-03-08	2023-05-17
Pretty Observations First Seen2023-03-08 02:50:52 Last Seen2023-05-17 20:13:30 Times Seen3 Hash b024b8b980db1bbbaed70cd692c372fd e174f87a6d0e5a211e93a47d1c8ccdfa413b218c 5ac778244f56eaa3f77a673821a493d0d661c08078348ea00915db340b0b399a Loading...

	#17 Write - e16a4ea7318ae3c015c451147d6af492	70 B	2023-03-11	2023-03-12
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-12 17:00:24 Times Seen1 Hash e16a4ea7318ae3c015c451147d6af492 832d1968b08e3bf6a3e4da39062903413b5a0e29 9d6ad53312f7263e43fb5cd49fb8f9656c4f3c361d642afaa16360be2da4a517 Loading...

	#18 Write - 179155d2ae2225bfe2725edd2657002f	103 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 179155d2ae2225bfe2725edd2657002f 2fb446ff2ab7e0e5b9661fe3c621ab94f15b6a2b 4ccac60322ed809b6590a019ba6a0d7a37ab7013d269020ebf7d2e8f8709bf52 Loading...

	#19 Write - 96bc099c8992d672688917cb967623f2	82 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 96bc099c8992d672688917cb967623f2 14b3bf9b955a669761b1359575f1ba29653f24ba b422b85a87a67f934eae17f5f160b0d9cc09bc038bb84c8812feed55ffe30c31 Loading...

	#20 Write - 4f16daa36c59bf1fa3637bd0a1a37a5c	447 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 4f16daa36c59bf1fa3637bd0a1a37a5c 15c8c38ac7f6e5ebe834ae4491f9e368061825d4 8213544a2a9b4a0879d541f172c1b085796a82818e28ca595ab081fc9ec71aed Loading...

	#21 Write - a1c11e0402c63f90f81e9be0e6057d2d	107 B	2023-03-07	2023-11-22
Pretty Observations First Seen2023-03-07 12:21:25 Last Seen2023-11-22 06:46:45 Times Seen34 Hash a1c11e0402c63f90f81e9be0e6057d2d ee4fdafad59b749d88d0ca3a0360032ff5287035 54a7049b8ff3415b98e35a667bf77114e2d2e2812eef3920c474b41b82f11a5c Loading...

	#22 Write - a9b8fe25fdbe37e24ff24d5b159ce6f1	23 B	2023-03-07	2023-12-03
Pretty Observations First Seen2023-03-07 01:03:56 Last Seen2023-12-03 08:32:47 Times Seen104 Hash a9b8fe25fdbe37e24ff24d5b159ce6f1 2327cf262399432e851b8cea12414826af734e46 2e5383928b91f3076d6450bffc6a5d886d2f0d88f04ea8dcccfd986a3eb14d5e Loading...

	#23 Write - 4e5bb0a15e469803967ead0d4d15d792	108 B	2023-03-11	2023-03-14
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-14 07:05:42 Times Seen1 Hash 4e5bb0a15e469803967ead0d4d15d792 e152b96ac6d6a83f2d0ae0efa0ec105414c268a9 ad6d5081705f58827fd4b18e0378ae32926c86cd58aa76f34566663bbb4f5dab Loading...

	#24 Write - 01a4eaeb12645ce04835a96bcebc0586	104 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 01a4eaeb12645ce04835a96bcebc0586 c65dce2f603d93cf2e833d92b828e115b8b988f2 5c991a8bd8f1470ba082da309dfc54e9c27c85889c7b4e9b7e67fb379f7a3e15 Loading...

	#25 Write - 2d5c8cbdde93eae3976d6b57a4ae4c32	104 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 2d5c8cbdde93eae3976d6b57a4ae4c32 a37a046ae39d4da1bd718d0e952c7045fca4f534 d85a09594a05ffec9e3527c3748984df401a45abec5038a438ac85f84b6d9578 Loading...

	#26 Write - f680cb488250264c3cd73ca1cc0fbef0	86 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 14:47:03 Last Seen2023-03-17 12:43:36 Times Seen1 Hash f680cb488250264c3cd73ca1cc0fbef0 44302b4b11735a27cbc5f98420d3870a87311960 2154381c8bddfce62da31433e312fb7862f46c1370fa317d4889552676cee34c Loading...

	#27 Write - 078cb1275fefd2d8bb308b67144b8514	166 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 078cb1275fefd2d8bb308b67144b8514 541be9bdb92785ff7b933d74308c16757f9ef739 644ea440ebe5b8c90516bf9a5972ea2c655e3175ee60e71a73a6df0bc31e0508 Loading...

	#28 Write - 2251137aad311f6b9288b7ee06fdbaf5	71 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 2251137aad311f6b9288b7ee06fdbaf5 1f958af9dc6dc5d49f6f500ec518858f9d25930f 5b3fb8f06f7fc0d57fe671264f81db37b14d3fb9aff4dc70376640c3be61c4d3 Loading...

	#29 Write - d453ce2f3628d03e60a1b000cde6978a	66 B	2023-03-07	2023-12-03
Pretty Observations First Seen2023-03-07 01:03:56 Last Seen2023-12-03 08:32:47 Times Seen74 Hash d453ce2f3628d03e60a1b000cde6978a 494f66aafb09836cc4ed485c20cd415bddcc205a 7a77e396fd4fefb9e0b99573605ad3868973e67ace1eab1c9ce79f2c9bd0729f Loading...

	#30 Write - bf3b74191bda4dc56db8b1eb871768e9	69 B	2023-03-11	2023-03-12
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-12 17:00:24 Times Seen1 Hash bf3b74191bda4dc56db8b1eb871768e9 f04a48b920a8b6dec80c8c38b388781c8d1dd103 dde552963acfff73acc40ea36d1bca7625f42891fb3f7d6d4589ebeb2994d11a Loading...

	#31 Write - 8be60c339155d717abc499934ee91fee	96 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:47:16 Last Seen2023-03-11 21:47:16 Times Seen1 Hash 8be60c339155d717abc499934ee91fee 43c9b8eac0d5021e5a79a0bfcbb81a27a4bad601 0f3cc4e9e9d3c5e5043b9ff99bd96de461b6a00502efb91bfbd05b489dd8fc36 Loading...

HTTP Transactions (95)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3070
Expires: Mon, 28 Nov 2022 08:14:38 GMT
Date: Mon, 28 Nov 2022 07:23:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3985
Expires: Mon, 28 Nov 2022 08:29:53 GMT
Date: Mon, 28 Nov 2022 07:23:28 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1839
Cache-Control: max-age=99504
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:28 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:01:52 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 4shSxjDWph2nm0QarF/L4H1qsgN368aWcQPc+o9Xf9RJtIAUEsAzn5GppHl+Vzf5PUP9M+Nj+ko=
x-amz-request-id: EPS1PSTD7XMHG9Y2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 06:44:56 GMT
age: 2312
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 07:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 236
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 07:23:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

jaytakeapic.com/

154.205.217.205

301 Moved Permanently

0 B

URL HTTP/1.1
jaytakeapic.com/
IP
154.205.217.205:0
ASN
#399674 IHGGROUP-001

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 07:23:28 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.jaytakeapic.com/index.php

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 07:11:12 GMT
cache-control: public,max-age=3600
age: 737
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5883
Cache-Control: max-age=98486
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:29 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:44:55 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.223.160.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.223.160.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: u3O2S+hgPqlldmbXFb9tbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G7a2q/Y9QUWwn+aLN+jeMpY/CFg=

www.jaytakeapic.com/index.php

154.205.217.205

200 OK

590 B

URL HTTP/1.1
www.jaytakeapic.com/index.php
IP
154.205.217.205:0
ASN
#399674 IHGGROUP-001

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (917), with CRLF line terminators
Size
590 B (590 bytes)
Hash
7634ce294dec2f48fa5ef2bfcd6c7bdc
8278b8c2f74a270c4c300745d1ca02ca9f462a37
32966d38b6195007abfb3b8bdeb696a25d7eeb4c889240c107279adeb2503c78

HTTP Headers

GET /index.php HTTP/1.1
Host: www.jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:23:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.jaytakeapic.com/common.js

154.205.217.205

200 OK

687 B

URL HTTP/1.1
www.jaytakeapic.com/common.js
IP
154.205.217.205:0
ASN
#399674 IHGGROUP-001

File type
HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Size
687 B (687 bytes)
Hash
553233f1173faba094c589715d4e9544
19e02ff53dda165bffccbcd3cc4970f54b7fd484
c28e22bdeac69caf2df0472b6c439f278f82e899beaa7c82d1f552ea26fcc4f8

HTTP Headers

GET /common.js HTTP/1.1
Host: www.jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jaytakeapic.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:23:30 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.jaytakeapic.com/tj.js

154.205.217.205

200 OK

258 B

URL HTTP/1.1
www.jaytakeapic.com/tj.js
IP
154.205.217.205:0
ASN
#399674 IHGGROUP-001

File type
ASCII text, with CRLF line terminators
Size
258 B (258 bytes)
Hash
327e9ffc8979e0469060bcd6eda50ffa
24bb61ee2a8e55dc1631833d537213912a26301a
e799c18a5f443687da21b35228cdf85125274478988a26943d1a539469c3e38e

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jaytakeapic.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:23:30 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 07:23:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2500
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 07:23:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4708 bytes)
Hash
4060284252d32701c42e2df4a83970a0
a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da
53eca0f8435d6e2e62962ef80d4597afad2773a582746d523f7f5d30c3e07b8e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4708
x-amzn-requestid: 6efd15cd-c944-42e7-8142-01360fbe4a25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JFbXIAMFc_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3c7d91eb7a2f3a9669f89d88;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6FSZ3Zw-s95LlrU3skAr5_g6m36c9SQ9_6vA3HFbMKYTTFzJRBJ76w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:43 GMT
age: 32207
etag: "a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6263 bytes)
Hash
b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X6t2ucU4VTXi5XIRLVpmTMxEW3MtinOQs3mIHIhgeW6aK6kN53dWEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:18 GMT
age: 34332
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 33704
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10119 bytes)
Hash
15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _jTN1lFL0_PS-9DYgE6O2V6s6AYnlGJs0xCEHn761Mxq_asytlaRoQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:40 GMT
age: 34310
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11165 bytes)
Hash
a8935783026c10470f60033d3a860f7b
65941dd34eb1063a3f7fe2b6790a11a484a06b9a
e88c706458faf5b5512212692392c7c1a0d8e60af62962267166f5cb60ee9c89

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11165
x-amzn-requestid: 9e35d865-adea-4d2a-b20f-beb014cdd42f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JE2VIAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-7cf4db38152cdfa1448cba3d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: SFO5-C3, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4YRocKXYUOkfho0bEHNX0xMxhhKNH2Cm3XtQDtQK7x2dFOsipPjfCw==
via: 1.1 dec8fa38a453902521b941c7cd70d33c.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:45 GMT
age: 32205
etag: "65941dd34eb1063a3f7fe2b6790a11a484a06b9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7556 bytes)
Hash
7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 70UuQl2XCoplrZYENrKleE2mcvB-xP9zZGs8Tuh21NidSiHvA97sXw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 34341
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.jaytakeapic.com/favicon.ico

154.205.217.205

200 OK

1.2 kB

URL HTTP/1.1
www.jaytakeapic.com/favicon.ico
IP
154.205.217.205:0
ASN
#399674 IHGGROUP-001

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.jaytakeapic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jaytakeapic.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:23:30 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 03 Dec 2022 07:23:30 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

207.60.181.202/

207.60.181.202

200 OK

7.1 kB

URL HTTP/1.1
207.60.181.202/
IP
207.60.181.202:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
7.1 kB (7126 bytes)
Hash
f1a927a2199675730bc328407accb359
de80d43a7aecf8a3e05be83b11ac5493adbf7dae
cece9e6b17a1b0e8829c0164d683701d1483dcac96d3c3f61d2ff4bc8d0cdaf6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jaytakeapic.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 7126

207.60.181.202/template/m1938pc/ads/xx1.js

207.60.181.202

200 OK

1.1 kB

URL HTTP/1.1
207.60.181.202/template/m1938pc/ads/xx1.js
IP
207.60.181.202:0
ASN
#0

File type
HTML document text\012- HTML document, Unicode text, UTF-8 text
Size
1.1 kB (1108 bytes)
Hash
0dae7d9110d594399ba264a945f3d7f4
bfeabb1f4b7b4857be87ca42376aaec79fb57dd6
6d5466f2d754ee66741a58a1e0a2a50865e76f9b7f267ad8e6c01e78a4d2e8dc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/xx1.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 26 Nov 2022 13:33:53 GMT
Accept-Ranges: bytes
ETag: "8076a0b99b1d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 1108

207.60.181.202/template/m1938pc/css/ate.css

207.60.181.202

200 OK

4.5 kB

URL HTTP/1.1
207.60.181.202/template/m1938pc/css/ate.css
IP
207.60.181.202:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4498 bytes)
Hash
1164a38c5186eff1838f351d96dbd192
1f5c06f7969ca9602774591594b1d4170137cdc3
fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/css/ate.css HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "8074f0655cced81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 4498

207.60.181.202/template/m1938pc/ads/dh.js

207.60.181.202

200 OK

491 B

URL HTTP/1.1
207.60.181.202/template/m1938pc/ads/dh.js
IP
207.60.181.202:0
ASN
#0

File type
HTML document, Unicode text, UTF-8 text
Size
491 B (491 bytes)
Hash
ce4cdaa3c9e059cf365b058fe78aa070
39c21e555929b53ba53a3d82c1b5d6eed0dd89e1
d3bec708e755cadb3a0f84b70ebb36e796305f3663ff730d1670ac1a91e3c056

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 19 Nov 2022 13:44:48 GMT
Accept-Ranges: bytes
ETag: "df8256171dfcd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 491

207.60.181.202/template/m1938pc/ads/dh1.js

207.60.181.202

200 OK

0 B

URL HTTP/1.1
207.60.181.202/template/m1938pc/ads/dh1.js
IP
207.60.181.202:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/dh1.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 07 Oct 2022 14:04:02 GMT
Accept-Ranges: bytes
ETag: "43637da755dad81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 0

207.60.181.202/template/m1938pc/ads/xx2.js

207.60.181.202

200 OK

0 B

URL HTTP/1.1
207.60.181.202/template/m1938pc/ads/xx2.js
IP
207.60.181.202:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/xx2.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 12:40:26 GMT
Accept-Ranges: bytes
ETag: "2a35ff6feff8d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 0

207.60.181.202/template/m1938pc/ads/1.js

207.60.181.202

200 OK

0 B

URL HTTP/1.1
207.60.181.202/template/m1938pc/ads/1.js
IP
207.60.181.202:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/1.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "b1ef49665cced81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 0

207.60.181.202/template/m1938pc/css/zui.css

207.60.181.202

200 OK

15 kB

URL HTTP/1.1
207.60.181.202/template/m1938pc/css/zui.css
IP
207.60.181.202:0
ASN
#0

File type
assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
15 kB (15351 bytes)
Hash
48c376278eb9da985b90bb1612dbeee1
4d755742285a8bc38f9c73b3a5976c6b381e3c32
af7cb37270a26d66dd3bb89f42d9c122bb2a1bfe9f6fe076138d9864c7193bee

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/css/zui.css HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "8074f0655cced81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 15351

207.60.181.202/template/m1938pc/ads/dl.js

207.60.181.202

200 OK

0 B

URL HTTP/1.1
207.60.181.202/template/m1938pc/ads/dl.js
IP
207.60.181.202:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/dl.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "b1ef49665cced81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 0

207.60.181.202/template/m1938pc/ads/xx3.js

207.60.181.202

200 OK

470 B

URL HTTP/1.1
207.60.181.202/template/m1938pc/ads/xx3.js
IP
207.60.181.202:0
ASN
#0

File type
HTML document, ASCII text
Size
470 B (470 bytes)
Hash
fd1db2274681647a0f119c6e150a0d32
f632bc81979605156515387e66164c78ee17caed
52385f00222714147b75e426bfbaea7a9cceaf04e31e10fee4a782df0fb35d3b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/xx3.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2022 08:00:27 GMT
Accept-Ranges: bytes
ETag: "4bc1b1c8edd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 470

207.60.181.202/template/m1938pc/ads/tj.js

207.60.181.202

200 OK

316 B

URL HTTP/1.1
207.60.181.202/template/m1938pc/ads/tj.js
IP
207.60.181.202:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
316 B (316 bytes)
Hash
934d35ffe49d41adff5e0e697aa874b3
6194ac34df66999136f98af90fedd5e302fc05ed
91fed33b067f8d1dfe1f221ea3003cceadb9b67b550c5ec51bc71a642718f7c8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/ads/tj.js HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 23 Sep 2022 15:49:49 GMT
Accept-Ranges: bytes
ETag: "b03ead1c64cfd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 316

207.60.181.202/template/m1938pc/images/1.gif

207.60.181.202

200 OK

254 B

URL HTTP/1.1
207.60.181.202/template/m1938pc/images/1.gif
IP
207.60.181.202:0
ASN
#0

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/images/1.gif HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "581651665cced81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 254

207.60.181.202/template/m1938pc/images/video-play.png

207.60.181.202

200 OK

1.6 kB

URL HTTP/1.1
207.60.181.202/template/m1938pc/images/video-play.png
IP
207.60.181.202:0
ASN
#0

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: 207.60.181.202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://207.60.181.202/template/m1938pc/css/zui.css

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 22 Sep 2022 08:22:05 GMT
Accept-Ranges: bytes
ETag: "581651665cced81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 28 Nov 2022 07:23:24 GMT
Content-Length: 1567

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
121c75c7e1872f739cf62675a09131ef
1b16d00adfa7a30e8b9ad3d1492aa878760bbfff
d7e30c140bca4f285f2ae26ca14ee15c35c8f915601255dce2523f176fa1f031

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=754
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
121c75c7e1872f739cf62675a09131ef
1b16d00adfa7a30e8b9ad3d1492aa878760bbfff
d7e30c140bca4f285f2ae26ca14ee15c35c8f915601255dce2523f176fa1f031

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=809
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
121c75c7e1872f739cf62675a09131ef
1b16d00adfa7a30e8b9ad3d1492aa878760bbfff
d7e30c140bca4f285f2ae26ca14ee15c35c8f915601255dce2523f176fa1f031

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=793
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
121c75c7e1872f739cf62675a09131ef
1b16d00adfa7a30e8b9ad3d1492aa878760bbfff
d7e30c140bca4f285f2ae26ca14ee15c35c8f915601255dce2523f176fa1f031

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=847
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
8f330fe49c56bacf9d8322e0d560dbf3
767d3f169fd961ea30ce3bba6a2d72dc4b2e5e25
bf586e470cf2ce79b7d3e7eaab36c78de50e3445dc62b81afc4a1e50af322c18

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive
X-N: S

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b59dbe808b4873a26925272d5087a110
f4b9b1c5fafe75b1e349e88c14b7693a6ad59977
38e9b67dce1e34551444efefc648c73b2f3084257394193120c0d3fae7078115

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38E9B67DCE1E34551444EFEFC648C73B2F3084257394193120C0D3FAE7078115"
Last-Modified: Sun, 27 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1448
Expires: Mon, 28 Nov 2022 07:47:40 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fa83a1f103ffe503bacb761df256642
adc420a46019985993794463ebab62667e7b0713
813ded61d535d7ae20e265bf2f11858ba2748fe517fa4311edb8c1749754190e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "813DED61D535D7AE20E265BF2F11858BA2748FE517FA4311EDB8C1749754190E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8438
Expires: Mon, 28 Nov 2022 09:44:10 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive

fmlb.netlbtu.com/upload/vod/2022/07-20/07/zld4oxj30bj0718zld4oxj30bj337159.jpg

45.89.208.114

200 OK

8.2 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/zld4oxj30bj0718zld4oxj30bj337159.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.2 kB (8184 bytes)
Hash
330e3e39cd11626e6ce5f3371729f394
adc3bf026be2b7dcf5001c4ce7cdfc1e0aeab10d
62d4113e5bc7469e3c11b9e6967a730fbcb6eeb426394e4fa0b687bc49ac21c2

HTTP Headers

GET /upload/vod/2022/07-20/07/zld4oxj30bj0718zld4oxj30bj337159.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8184
Last-Modified: Wed, 09 Nov 2022 11:42:07 GMT
Connection: keep-alive
ETag: "636b920f-1ff8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/07/nl2j1mpzbe40718nl2j1mpzbe4367165.jpg

45.89.208.114

200 OK

7.9 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/nl2j1mpzbe40718nl2j1mpzbe4367165.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
7.9 kB (7911 bytes)
Hash
6f8f94161c59ef9c678933c1c2df1f8b
e44c655b65d388483e6c94737677fc4d601c8503
766b6cffa78bf890e249f1d04821c8909db90f717855ebb92ad07d82c6f94d5e

HTTP Headers

GET /upload/vod/2022/07-20/07/nl2j1mpzbe40718nl2j1mpzbe4367165.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 7911
Last-Modified: Wed, 09 Nov 2022 11:40:41 GMT
Connection: keep-alive
ETag: "636b91b9-1ee7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif

170.178.176.170

301 Moved Permanently

162 B

URL HTTP/2
kvmaa.com/0faf263b1025a51efcea7acd844cc402.gif
IP
170.178.176.170:0
ASN
#46844 ST-BGP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: kvmaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 07:23:31 GMT
content-type: text/html
content-length: 162
location: https://nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7a89106459f40b9157060dde51fd5cf5
0d602b318be754a1c364e5b5ff4a19561750f1ab
cb19d78d30fa1d93fad1e4ead9e621554129db877b74f34caa9332bd3b5676b7

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 03:22:22 GMT
ETag: "0d602b318be754a1c364e5b5ff4a19561750f1ab"
Last-Modified: Mon, 28 Nov 2022 03:22:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2543
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77115bd71f2cb51e-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7a89106459f40b9157060dde51fd5cf5
0d602b318be754a1c364e5b5ff4a19561750f1ab
cb19d78d30fa1d93fad1e4ead9e621554129db877b74f34caa9332bd3b5676b7

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 03:22:22 GMT
ETag: "0d602b318be754a1c364e5b5ff4a19561750f1ab"
Last-Modified: Mon, 28 Nov 2022 03:22:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2543
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77115bd72f4cb51e-OSL

fmlb.netlbtu.com/upload/vod/2022/07-20/07/05xlhrmcis0071805xlhrmcis0377167.jpg

45.89.208.114

200 OK

8.1 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/05xlhrmcis0071805xlhrmcis0377167.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
8.1 kB (8111 bytes)
Hash
9110872e144cdcc574fa76a3b51300f3
9b8cce500e0ee032ff51c6eda41364434d5b81de
d9b87f6d8299d3e4f42385c288e2784c79252cf0062ba3e121ec95b1e405a7b1

HTTP Headers

GET /upload/vod/2022/07-20/07/05xlhrmcis0071805xlhrmcis0377167.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8111
Last-Modified: Wed, 09 Nov 2022 11:41:11 GMT
Connection: keep-alive
ETag: "636b91d7-1faf"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f524d6afaad8038b17f7e675efca55ee
4996823fdc6ee00d67bbe7c9c35c55a453f1d5d9
6c32b1dcd393f020d8f92903920d09ef351a54ab81fb44d1060d70fdb0ff3feb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C32B1DCD393F020D8F92903920D09EF351A54AB81FB44D1060D70FDB0FF3FEB"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17494
Expires: Mon, 28 Nov 2022 12:15:06 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive

fmlb.netlbtu.com/upload/vod/2022/07-20/07/sqdj5xeg1w40718sqdj5xeg1w4347161.jpg

45.89.208.114

200 OK

10 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/sqdj5xeg1w40718sqdj5xeg1w4347161.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10013 bytes)
Hash
dd6a12a0d6563f00438ffb53f471ea0f
a665cc40abd717f431b1f95c17b64bf193c5ee65
a730505bea85d35dab789df7fc0b9bcbf38dab0f28877f6830e1362a963e810f

HTTP Headers

GET /upload/vod/2022/07-20/07/sqdj5xeg1w40718sqdj5xeg1w4347161.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10013
Last-Modified: Wed, 09 Nov 2022 11:42:56 GMT
Connection: keep-alive
ETag: "636b9240-271d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif

45.154.214.219

301 Moved Permanently

162 B

URL HTTP/2
kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
IP
45.154.214.219:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: text/html
content-length: 162
location: https://kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/07-20/01/meuwx4qbl1r0150meuwx4qbl1r156841.jpg

45.89.208.114

200 OK

9.7 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/01/meuwx4qbl1r0150meuwx4qbl1r156841.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.7 kB (9675 bytes)
Hash
0d1c6c8b179914e28712800fdfd1fc85
40c49f6f4c3241735ee28b251372204cc146d3b1
b611cd1eff5ba9517b91f0c194708d45f52f142a1b0daaa9613a2fdecf36b9fe

HTTP Headers

GET /upload/vod/2022/07-20/01/meuwx4qbl1r0150meuwx4qbl1r156841.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 9675
Last-Modified: Wed, 09 Nov 2022 11:39:29 GMT
Connection: keep-alive
ETag: "636b9171-25cb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/07/aifgkjrcyq40718aifgkjrcyq4357163.jpg

45.89.208.114

200 OK

10 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/aifgkjrcyq40718aifgkjrcyq4357163.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10190 bytes)
Hash
4f030e2ae2a584631c29bac548aefc3c
a4637b253e9c4d99053c475b3514d390a1b3b7a5
57ae25969284b01cbf811b4604fd0a2647064633c719f84271bc324b6e8d9015

HTTP Headers

GET /upload/vod/2022/07-20/07/aifgkjrcyq40718aifgkjrcyq4357163.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10190
Last-Modified: Wed, 09 Nov 2022 11:44:15 GMT
Connection: keep-alive
ETag: "636b928f-27ce"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6a262e58e5b41705d2c667a8e5c3d231
343aea0d15c3758a646c41b07fd1d05bf4db66d8
66bc1680137cb941c3fed0d1dc9125c32223d043c7ff045666fa5b9fa92da339

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66BC1680137CB941C3FED0D1DC9125C32223D043C7FF045666FA5B9FA92DA339"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2864
Expires: Mon, 28 Nov 2022 08:11:16 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
669622262b0a30b379c436d6cb58b060
d2515b4feb2d37d678f21fdd00c08dea9e82b57a
e53960082de76e466bdff97529df6c0da99e6fea38d6717965767c9017ff16dc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112745
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: "6383775d-117"
Expires: Tue, 29 Nov 2022 14:42:37 GMT
Last-Modified: Sun, 27 Nov 2022 14:42:37 GMT
Server: nginx
Content-Length: 279

fmlb.netlbtu.com/upload/vod/2022/07-20/07/zkyd42zotvd0717zkyd42zotvd547125.jpg

45.89.208.114

200 OK

9.6 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/zkyd42zotvd0717zkyd42zotvd547125.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.6 kB (9619 bytes)
Hash
f00198dc27604226dd78bc34c040c1ff
b83851431b1809b0fdc05633a35aa7a33f9fabf7
0ed51e0b84217b3fa610a0d3b0e67df80abb3bfd279061e548d1a80777965e75

HTTP Headers

GET /upload/vod/2022/07-20/07/zkyd42zotvd0717zkyd42zotvd547125.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 9619
Last-Modified: Wed, 09 Nov 2022 11:43:48 GMT
Connection: keep-alive
ETag: "636b9274-2593"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/07/lwhwcgxcpfm0717lwhwcgxcpfm557127.jpg

45.89.208.114

200 OK

6.4 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/lwhwcgxcpfm0717lwhwcgxcpfm557127.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.4 kB (6438 bytes)
Hash
fc2fad388912974e6994c3879bf35383
f01fa4e24525aea08c155d9e1cb69c5cd4abe46c
ef3773b0156c510ea03eba56f50f77fcbf8da66e0a47b3ee8178315b926e99ec

HTTP Headers

GET /upload/vod/2022/07-20/07/lwhwcgxcpfm0717lwhwcgxcpfm557127.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 6438
Last-Modified: Wed, 09 Nov 2022 11:43:48 GMT
Connection: keep-alive
ETag: "636b9274-1926"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif

104.21.55.74

200 OK

1.1 MB

URL HTTP/2
nvhbbb.top/0faf263b1025a51efcea7acd844cc402.gif
IP
104.21.55.74:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 120\012- data
Size
1.1 MB (1082384 bytes)
Hash
a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71

HTTP Headers

GET /0faf263b1025a51efcea7acd844cc402.gif HTTP/1.1
Host: nvhbbb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://207.60.181.202/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: image/gif
content-length: 1082384
last-modified: Sat, 27 Aug 2022 07:44:24 GMT
etag: "6309cb58-108410"
expires: Wed, 14 Dec 2022 15:33:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1180178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGsIXpoDCWCPUWwj0r8hdKx7KJUzdrtw0lNYF0%2FjSWvOAD8BDdItVrObm%2FIwdcyRwXVbT9qpw87WbEeLb9xoO5LMBwc7dWQA9Q%2BUQuHG7oHrIvlhe%2BwMyQfb0i3I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77115bd81fadb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif

67.198.205.125

301 Moved Permanently

162 B

URL HTTP/2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
67.198.205.125:0
ASN
#35908 VPLSNET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: text/html
content-length: 162
location: https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
669622262b0a30b379c436d6cb58b060
d2515b4feb2d37d678f21fdd00c08dea9e82b57a
e53960082de76e466bdff97529df6c0da99e6fea38d6717965767c9017ff16dc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=112745
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: "6383775d-117"
Expires: Tue, 29 Nov 2022 14:42:37 GMT
Last-Modified: Sun, 27 Nov 2022 14:42:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

fmlb.netlbtu.com/upload/vod/2022/07-20/07/vm3lo50stbd0717vm3lo50stbd567129.jpg

45.89.208.114

200 OK

8.6 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/vm3lo50stbd0717vm3lo50stbd567129.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
cb529944681f22bfd1936676a935fb45
cab2656ecdc80d0c053b537b48cec75e71a4c246
4f5307eb1c982a33153d918911586abcccce5feffed894f4aa1bf02d74530e38

HTTP Headers

GET /upload/vod/2022/07-20/07/vm3lo50stbd0717vm3lo50stbd567129.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8615
Last-Modified: Wed, 09 Nov 2022 11:43:10 GMT
Connection: keep-alive
ETag: "636b924e-21a7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

dimg04.c-ctrip.com/images/0100b120009wpqidiDE76.gif?proc=autoorient

104.110.17.24

200 OK

428 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0100b120009wpqidiDE76.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 480 x 120\012- data
Size
428 kB (427987 bytes)
Hash
2b6121af78d72099e298dcf6cc7ceb1d
12c503fbff1dba92877272ee4c0a8f97d13a9523
ccc4caf4d395a29d3abb4cbc013b3a08989b657aae80e6de4ddd0869f5cee6ba

HTTP Headers

GET /images/0100b120009wpqidiDE76.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 427987
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 6
x-edgeconnect-origin-mex-latency: 329
cache-control: max-age=8380748
expires: Sun, 05 Mar 2023 07:22:40 GMT
date: Mon, 28 Nov 2022 07:23:32 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/0105r12000a29rypgA90D.gif?proc=autoorient

104.110.17.24

200 OK

836 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0105r12000a29rypgA90D.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 480 x 120\012- data
Size
836 kB (835977 bytes)
Hash
db39efa1f7ba68b4f5a0df4f035f4fcb
3cc29e0c40bf76e9233314000d195fa100974c4b
dd57c61bbc385ab5d83156982eedc19f47cd0edbf3afb681271a4f020aa7ff27

HTTP Headers

GET /images/0105r12000a29rypgA90D.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 835977
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 22
x-edgeconnect-origin-mex-latency: 113
cache-control: max-age=11331597
expires: Sat, 08 Apr 2023 11:03:29 GMT
date: Mon, 28 Nov 2022 07:23:32 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/07-20/07/3zv10mgaicy07173zv10mgaicy587135.jpg

45.89.208.114

200 OK

9.2 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/3zv10mgaicy07173zv10mgaicy587135.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.2 kB (9198 bytes)
Hash
eb2788e202b42bd4ed9c00da65177cab
b41274430e9536997de023417d92f11369e77575
5080078742b9bbbba8c621d5d792cd85924bd38de6fe98c307519635c85068eb

HTTP Headers

GET /upload/vod/2022/07-20/07/3zv10mgaicy07173zv10mgaicy587135.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 9198
Last-Modified: Wed, 09 Nov 2022 11:56:55 GMT
Connection: keep-alive
ETag: "636b9587-23ee"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/07/aobuj0z3f5l0717aobuj0z3f5l567131.jpg

45.89.208.114

200 OK

11 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/aobuj0z3f5l0717aobuj0z3f5l567131.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (10992 bytes)
Hash
a851699c040093c6258a517d4a21754c
36694f6e59355810812cc9bf4f14923bd113bf57
4324808633de91c512226f155a53e2948cecde35d7c043e345b1808ca3e654fc

HTTP Headers

GET /upload/vod/2022/07-20/07/aobuj0z3f5l0717aobuj0z3f5l567131.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10992
Last-Modified: Wed, 09 Nov 2022 11:43:49 GMT
Connection: keep-alive
ETag: "636b9275-2af0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/07/nmi3vlysc1a0717nmi3vlysc1a577133.jpg

45.89.208.114

200 OK

8.8 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/nmi3vlysc1a0717nmi3vlysc1a577133.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.8 kB (8820 bytes)
Hash
b37668393badadcdc83cbbd8c2d270b9
ec868345651a0a572be800dc280c523a5141746e
9f6b1fb2fc86f344f90be7f8c9e3b7dd46f720c763cf2c512281c2d5b0eefeb1

HTTP Headers

GET /upload/vod/2022/07-20/07/nmi3vlysc1a0717nmi3vlysc1a577133.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8820
Last-Modified: Wed, 09 Nov 2022 11:56:39 GMT
Connection: keep-alive
ETag: "636b9577-2274"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/07/lrkqf3n3wwa0717lrkqf3n3wwa597137.jpg

45.89.208.114

200 OK

8.1 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/lrkqf3n3wwa0717lrkqf3n3wwa597137.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.1 kB (8112 bytes)
Hash
727b944cd1aba9ef6c40fff23ff8dd16
2d53f409fbb8c61e5b546afe620c9f0060d595f5
1ca41272012a8ce6e49b03ffadbe019e597e6a0ce4209f2ea9aa44bedb8bbc58

HTTP Headers

GET /upload/vod/2022/07-20/07/lrkqf3n3wwa0717lrkqf3n3wwa597137.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8112
Last-Modified: Wed, 09 Nov 2022 11:43:45 GMT
Connection: keep-alive
ETag: "636b9271-1fb0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
cd1b39b551eaba1fd79a8e4ad85ab583
1a16d37a805f8fcf79c9c292a7dec46416075deb
131ee1012301e871aa6c42f25a18534eecc19f191b45c5b5e79c5582437c43b8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: "638274cc-118"
Server: ECS (amb/6B80)
Content-Length: 279

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
89f90763cb02cdac6febf898020db5d9
a0c1e963279fe05bcc630481c5c8a4d3e9a85acb
b45dbab89343f359026753ef7b29c0bc9a3f56d88d679a967b0e6c361fcb65d8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B45DBAB89343F359026753EF7B29C0BC9A3F56D88D679A967B0E6C361FCB65D8"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3630
Expires: Mon, 28 Nov 2022 08:24:02 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive

fmlb.netlbtu.com/upload/vod/2022/07-20/07/u2gx2tnvmr50718u2gx2tnvmr5007139.jpg

45.89.208.114

200 OK

12 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/u2gx2tnvmr50718u2gx2tnvmr5007139.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (12295 bytes)
Hash
4bc1f6080808f5567aa2754091308cfe
46c0ef41ca2dbca42a6032a588f209dd180e838c
c744e7bac9264d81e0a1bd4aca7c54f0237396c643569834dceace99fb3e022b

HTTP Headers

GET /upload/vod/2022/07-20/07/u2gx2tnvmr50718u2gx2tnvmr5007139.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 12295
Last-Modified: Wed, 09 Nov 2022 11:43:49 GMT
Connection: keep-alive
ETag: "636b9275-3007"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
8e4352389a1d0c31caf03d7b12f5d32f
56047be6ed1a8cfd77a329933b16936fb6abbcf0
971e60d4f19aab4c74ebe008b4a2336a5465c4afbf67b4a520dcc2bcd51fdfeb

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "971E60D4F19AAB4C74EBE008B4A2336A5465C4AFBF67B4A520DCC2BCD51FDFEB"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2786
Expires: Mon, 28 Nov 2022 08:09:58 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive

kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif

104.21.28.152

200 OK

65 kB

URL HTTP/2
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP
104.21.28.152:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
65 kB (65414 bytes)
Hash
514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52

HTTP Headers

GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://207.60.181.202/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 22:57:57 GMT
etag: "637c0275-ff86"
expires: Thu, 22 Dec 2022 05:10:56 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 526356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOpPXHo5fjLZ%2BI2Xd5cKLMA1GkO5PjiaQaMM959%2FipinvkEtSZPE6yXqgFWm03fgadYuTW66aDDUAT6X6giuciVO2o0kODUE%2F0wEhiujO6dfCB7KvQdSLKtJ9vfk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77115bd9bcdffab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
89f90763cb02cdac6febf898020db5d9
a0c1e963279fe05bcc630481c5c8a4d3e9a85acb
b45dbab89343f359026753ef7b29c0bc9a3f56d88d679a967b0e6c361fcb65d8

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B45DBAB89343F359026753EF7B29C0BC9A3F56D88D679A967B0E6C361FCB65D8"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3630
Expires: Mon, 28 Nov 2022 08:24:02 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
cd1b39b551eaba1fd79a8e4ad85ab583
1a16d37a805f8fcf79c9c292a7dec46416075deb
131ee1012301e871aa6c42f25a18534eecc19f191b45c5b5e79c5582437c43b8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:23:32 GMT
Last-Modified: Mon, 28 Nov 2022 07:23:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

fmlb.netlbtu.com/upload/vod/2022/07-20/01/qckbp413egz0150qckbp413egz096827.jpg

45.89.208.114

200 OK

7.0 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/01/qckbp413egz0150qckbp413egz096827.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.0 kB (7026 bytes)
Hash
dada8b67d302d8494cf5a263e5d82b22
c6c99c0ba3823f827b61267f1c98759e65fb7786
e43322f2ca7b1ed6208d7446885692b70eb1b5f813cd4449d9f8fc535d37becf

HTTP Headers

GET /upload/vod/2022/07-20/01/qckbp413egz0150qckbp413egz096827.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 7026
Last-Modified: Wed, 09 Nov 2022 11:40:03 GMT
Connection: keep-alive
ETag: "636b9193-1b72"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif

104.21.234.198

200 OK

65 kB

URL HTTP/2
kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP
104.21.234.198:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
65 kB (65414 bytes)
Hash
514c48163ce5b65fb6bf16d8578b478b
6c21c2f7fd18259458573225fbfdf80cd27b6bac
045b14c655e54a2b1c3bef56f95352d2bb6b794889c746985ec51ef03578cb52

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvheee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://207.60.181.202/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: image/gif
content-length: 65414
last-modified: Mon, 21 Nov 2022 22:57:02 GMT
etag: "637c023e-ff86"
expires: Wed, 21 Dec 2022 23:06:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 548236
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkLEFAO3DntcaipcH%2FUrtj7ehm7oICnrpBzsIlFQeG%2F7D%2BNx0luFY92onCncMNSQwjfs%2FZ6QXdLOZf%2BSI%2BSW%2BaTU1dxiAhyNUlfMaHPgTbsWl75LF7OV12tl5Szd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77115bd9dd4a7591-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif

104.21.234.216

200 OK

902 kB

URL HTTP/2
kvhjjj.top/ec9fcd758df74f805f29f72e8545d13b.gif
IP
104.21.234.216:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
902 kB (902313 bytes)
Hash
8b4a95ea7cfbb7fb4d2b18efca5145f3
d2966ecbeb7369620cce5dbcd15d0fe591d79648
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002

HTTP Headers

GET /ec9fcd758df74f805f29f72e8545d13b.gif HTTP/1.1
Host: kvhjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://207.60.181.202/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:23:32 GMT
content-type: image/gif
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
etag: "622cb988-dc4a9"
expires: Sat, 24 Dec 2022 17:43:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 308408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tYUhYKxNnJUigZN8LlniGiTASDkx%2FZvWdYth4flQMPjiUM0kQAQ1qbGuIjkm%2BpQT5chOGjzEC0vd0gT4Pt2T505pHLy1Z6GGJT92ILJ3mcWup9apSiFp7oTff8b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77115bd99ac574b5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fmlb.netlbtu.com/upload/vod/2022/07-20/01/2rqhjtrfnsy01502rqhjtrfnsy116833.jpg

45.89.208.114

200 OK

2.0 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/01/2rqhjtrfnsy01502rqhjtrfnsy116833.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
2.0 kB (2025 bytes)
Hash
8211e789e788a734ae74e5312a400d2e
3a5c26bb629db8e45053f809a7dc6abe1476d2b2
60c30c2a95cdcb0ccea3048f987d412525c82039a0e3fe8046429ecd8849aad8

HTTP Headers

GET /upload/vod/2022/07-20/01/2rqhjtrfnsy01502rqhjtrfnsy116833.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 2025
Last-Modified: Wed, 09 Nov 2022 11:43:59 GMT
Connection: keep-alive
ETag: "636b927f-7e9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/01/pknycfzsm0e0150pknycfzsm0e096829.jpg

45.89.208.114

200 OK

11 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/01/pknycfzsm0e0150pknycfzsm0e096829.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (10645 bytes)
Hash
4539a1894800311e3a3527f0bdb390fe
a5b64596b6de6bb31c89e23ce0a0f94ed5ca5c0b
642626194e2523a143e5597404e6ceccace5022a05b4847411c196e0621429d2

HTTP Headers

GET /upload/vod/2022/07-20/01/pknycfzsm0e0150pknycfzsm0e096829.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10645
Last-Modified: Wed, 09 Nov 2022 11:40:03 GMT
Connection: keep-alive
ETag: "636b9193-2995"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
8e4352389a1d0c31caf03d7b12f5d32f
56047be6ed1a8cfd77a329933b16936fb6abbcf0
971e60d4f19aab4c74ebe008b4a2336a5465c4afbf67b4a520dcc2bcd51fdfeb

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "971E60D4F19AAB4C74EBE008B4A2336A5465C4AFBF67B4A520DCC2BCD51FDFEB"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2786
Expires: Mon, 28 Nov 2022 08:09:58 GMT
Date: Mon, 28 Nov 2022 07:23:32 GMT
Connection: keep-alive

fmlb.netlbtu.com/upload/vod/2022/07-20/01/qarbgtzbkt10150qarbgtzbkt1106831.jpg

45.89.208.114

200 OK

10 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/01/qarbgtzbkt10150qarbgtzbkt1106831.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10033 bytes)
Hash
0bb34342cf6806ac6c7b344d352717da
498a8923ac084f3c5580630eba2ea7c47e1f96bd
956506047c8d808eafff6f2b6e6841e0e58a42b247c29f11b1f3a9010b6e7303

HTTP Headers

GET /upload/vod/2022/07-20/01/qarbgtzbkt10150qarbgtzbkt1106831.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10033
Last-Modified: Wed, 09 Nov 2022 11:39:31 GMT
Connection: keep-alive
ETag: "636b9173-2731"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/01/dalji5bccfd0150dalji5bccfd126835.jpg

45.89.208.114

200 OK

8.2 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/01/dalji5bccfd0150dalji5bccfd126835.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.2 kB (8161 bytes)
Hash
2771a20baaddfe8db263fe867d0eae26
2793488c395a8ffdda0e31c6f8a70c7b2994d1aa
505d7cb39c06faa1e0f9bb2ff5832913400cf6c30de923a622ff66484d2dba34

HTTP Headers

GET /upload/vod/2022/07-20/01/dalji5bccfd0150dalji5bccfd126835.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 8161
Last-Modified: Wed, 09 Nov 2022 11:43:51 GMT
Connection: keep-alive
ETag: "636b9277-1fe1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/01/gj1sjsecd1w0150gj1sjsecd1w136837.jpg

45.89.208.114

200 OK

11 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/01/gj1sjsecd1w0150gj1sjsecd1w136837.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (10913 bytes)
Hash
41dd7c53078ee5871d126546efea5c4e
259775415f17df3edb015160d36e30cf14bdc40a
1009762ffa46ad416ff40f875f3f781e5fc45f1ddd031c2ce3c0de4843d2faba

HTTP Headers

GET /upload/vod/2022/07-20/01/gj1sjsecd1w0150gj1sjsecd1w136837.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10913
Last-Modified: Wed, 09 Nov 2022 11:43:52 GMT
Connection: keep-alive
ETag: "636b9278-2aa1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/07/eo0bgkzmn0y0718eo0bgkzmn0y387169.jpg

45.89.208.114

200 OK

8.0 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/eo0bgkzmn0y0718eo0bgkzmn0y387169.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
8.0 kB (7968 bytes)
Hash
ad2999740a5b6501bac8e1676b5f2847
551d6c44ca7c692e348241325dcfec75228b813f
54b108efb27260f2ef820d1ee07a923c33c5dc3d8b6a46e8b4a559d768876ddd

HTTP Headers

GET /upload/vod/2022/07-20/07/eo0bgkzmn0y0718eo0bgkzmn0y387169.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 7968
Last-Modified: Wed, 09 Nov 2022 11:42:10 GMT
Connection: keep-alive
ETag: "636b9212-1f20"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/01/tsnvpzpv5be0150tsnvpzpv5be146839.jpg

45.89.208.114

200 OK

12 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/01/tsnvpzpv5be0150tsnvpzpv5be146839.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (12175 bytes)
Hash
9910d299751b7d620f2d30e6754a1c5a
7c166d9642f7bfe0f067a628257b8bae9aac4ce1
99256fc0694118af3e459dfd3b44b2cbc5e32a6ba4bcf52708b79e4f762d593f

HTTP Headers

GET /upload/vod/2022/07-20/01/tsnvpzpv5be0150tsnvpzpv5be146839.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 12175
Last-Modified: Wed, 09 Nov 2022 11:38:54 GMT
Connection: keep-alive
ETag: "636b914e-2f8f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/07/0purcldhkpq07180purcldhkpq397173.jpg

45.89.208.114

200 OK

11 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/0purcldhkpq07180purcldhkpq397173.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Size
11 kB (10891 bytes)
Hash
4d3b65d8f36d23984f5bdfe49571502f
c97873a2844dc97559e545c9699a0e9885fa5013
65c8bc62017d28bbf38914f1d2e4f401b773c3379d97aa9b5bf70f80abf9bb84

HTTP Headers

GET /upload/vod/2022/07-20/07/0purcldhkpq07180purcldhkpq397173.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 10891
Last-Modified: Wed, 09 Nov 2022 11:42:04 GMT
Connection: keep-alive
ETag: "636b920c-2a8b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

fmlb.netlbtu.com/upload/vod/2022/07-20/07/oko3v1gikg50718oko3v1gikg5397171.jpg

45.89.208.114

200 OK

15 kB

URL HTTP/1.1
fmlb.netlbtu.com/upload/vod/2022/07-20/07/oko3v1gikg50718oko3v1gikg5397171.jpg
IP
45.89.208.114:0
ASN
#40065 CNSERVERS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
15 kB (14727 bytes)
Hash
8296b8a301ce7d31d92c082ca510e26b
94c13b750e4de0da862e73bd425b91677f81ab9a
8bd6092076e884c96e18272460dfef0b740eb3413e8a79c986049ab33492e42d

HTTP Headers

GET /upload/vod/2022/07-20/07/oko3v1gikg50718oko3v1gikg5397171.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 07:23:32 GMT
Content-Type: image/jpeg
Content-Length: 14727
Last-Modified: Wed, 09 Nov 2022 11:42:03 GMT
Connection: keep-alive
ETag: "636b920b-3987"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

hm.baidu.com/hm.js?3eb04e3382620d144da5a7211093bbe4

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?3eb04e3382620d144da5a7211093bbe4
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
bb3b695c2e69240a93f14e9fc1cb6f79
e0074a5daa6b89f3dd44e8c07a0dd370f3731a42
6f62f8efd3862c89a9bec8ea409c59d3f36e8936f1acff92813327849513767e

HTTP Headers

GET /hm.js?3eb04e3382620d144da5a7211093bbe4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jaytakeapic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: 838af249e546d22734c435db1374df06
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F24923D0EA28693B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?21163e28fa33ea9019628ea7f6431328

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?21163e28fa33ea9019628ea7f6431328
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
992e8e889ac5814ea3dfa3226b559e51
e9e099ebff14d9c845893d3ccf41eea90d8f9fc5
c8bdab6fa7bde77b079b3e461d8baf85c0eef33b2e87a1b1e5c937f8c64a9958

HTTP Headers

GET /hm.js?21163e28fa33ea9019628ea7f6431328 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: b928c521870c4d0fba849e6b2164480b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3B89FE7D3DAC9E8B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
fddf5133ff6420ac87498d5651516b7f
37859c9b980342aca1e8ad595df4d943d66744b9
0aa4bbffe3cf371290773b45d48a033d7ae9b3cc4588670ed0494ae95a9319ea

HTTP Headers

GET /hm.js?3df8be917891033aa229f40ad4fd25e3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 07:23:32 GMT
Etag: b0b6fc7ad124911e79045304807ba882
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=509C090274E59881; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1013551462&si=3eb04e3382620d144da5a7211093bbe4&v=1.3.0&lv=1&sn=50553&r=0&ww=1280&u=http%3A%2F%2Fwww.jaytakeapic.com%2Findex.php&tt=%E5%BF%BB%E5%B7%9E%E9%80%97%E4%BB%9D%E4%BB%A3%E7%90%86%E8%AE%B0%E8%B4%A6%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1013551462&si=3eb04e3382620d144da5a7211093bbe4&v=1.3.0&lv=1&sn=50553&r=0&ww=1280&u=http%3A%2F%2Fwww.jaytakeapic.com%2Findex.php&tt=%E5%BF%BB%E5%B7%9E%E9%80%97%E4%BB%9D%E4%BB%A3%E7%90%86%E8%AE%B0%E8%B4%A6%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1013551462&si=3eb04e3382620d144da5a7211093bbe4&v=1.3.0&lv=1&sn=50553&r=0&ww=1280&u=http%3A%2F%2Fwww.jaytakeapic.com%2Findex.php&tt=%E5%BF%BB%E5%B7%9E%E9%80%97%E4%BB%9D%E4%BB%A3%E7%90%86%E8%AE%B0%E8%B4%A6%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.jaytakeapic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 07:23:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CB4EBF3056E7B312; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1953862464&si=21163e28fa33ea9019628ea7f6431328&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1953862464&si=21163e28fa33ea9019628ea7f6431328&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1953862464&si=21163e28fa33ea9019628ea7f6431328&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 07:23:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=33B4845943904FB8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=634851621&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=634851621&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=634851621&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.jaytakeapic.com%2F&v=1.3.0&lv=1&sn=50553&r=0&ww=1268&u=http%3A%2F%2F207.60.181.202%2F&tt=%E6%97%A5%E6%9C%AC%E9%AB%98%E6%B8%85%E6%97%A0%E5%8D%A1%E7%A0%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA%E4%B9%85%E4%B9%85%2C%E7%B2%BE%E5%93%81%E5%9B%BD%E4%BA%A7%E4%B8%89%E7%BA%A7%E5%A4%A7%E5%85%A8%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%2C%E5%85%8D%E8%B4%B9%E7%9A%84av%E7%BD%91%E7%AB%99%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%2C337p%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E6%B4%B2%E5%A4%A7%E8%83%86%E4%BA%BA%E4%BA%BA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://207.60.181.202/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 07:23:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2F49C3895329F9DE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8771 bytes)
Hash
b0bd385532089b45a14e461abbecc1af
3da359b1ba09138a425094715b9f3a2f8d0257fe
803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:08 GMT
age: 32849
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations