r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2565
Expires: Tue, 20 Dec 2022 08:50:16 GMT
Date: Tue, 20 Dec 2022 08:07:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11800
Expires: Tue, 20 Dec 2022 11:24:11 GMT
Date: Tue, 20 Dec 2022 08:07:31 GMT
Connection: keep-alive
ezansesi.net/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ezansesi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 20 Dec 2022 08:07:25 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.ezansesi.net/index.php
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cf03270e3476f7482a2cc7ddc6a9e857
ab70d5ee87b01e0601f8e518bf36f97c8ceeba9a
43a4e796860a1481636dac103488cadc68c261d13cfe835d273efc368e569f97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A4E796860A1481636DAC103488CADC68C261D13CFE835D273EFC368E569F97"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8649
Expires: Tue, 20 Dec 2022 10:31:40 GMT
Date: Tue, 20 Dec 2022 08:07:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 20 Dec 2022 07:34:25 GMT
content-type: application/json
age: 1986
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: l4zLE6duYp7zgdWmhlqELiw3j93iws6xQI3r5qwQYvk0ucTD1I0LiaIvwd0r/eN1NdKq9FYW5AM=
x-amz-request-id: M3S99P1YS3XV6BJK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 20 Dec 2022 07:54:54 GMT
age: 757
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:31 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 20 Dec 2022 07:08:02 GMT
age: 3569
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ezansesi.net/index.php
200 OK 541 B URL HTTP/1.1 www.ezansesi.net/index.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (609), with CRLF line terminators
Hash 37c109f4e196ce7a6d6853ac3c8edd22
5896890178d2d20e81b52cef408dc15b49b38430
6d5ca9cde9dd844731ba81dc1aa9f94ef1330a773752b190792a5a3e38234272
GET /index.php HTTP/1.1
Host: www.ezansesi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 08:07:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 4df678b16094ceafefdbbd55707f4dbe
39a68e051456a8ab6c782502a94e8b95ccb0a71d
00561de9683c69a89e084b685df25c6ea4d3a38654a40554f127814200aadf6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5682
Cache-Control: max-age=95638
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 08:07:32 GMT
Etag: "63a029a8-1d7"
Expires: Wed, 21 Dec 2022 10:41:30 GMT
Last-Modified: Mon, 19 Dec 2022 09:06:48 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.ezansesi.net/common.js
200 OK 695 B URL HTTP/1.1 www.ezansesi.net/common.js
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Hash 6d7fb2cf20944966c8bb465223d4f960
697ddd9e4b013d63e51e09a1c5a686d306553841
afb26bf87ba68ae3813c5e76f115052510ca8d500a91de7af234cc1bfac90fd6
GET /common.js HTTP/1.1
Host: www.ezansesi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ezansesi.net/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 08:07:26 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9KiMVl6z0u5cr3JhuJGq3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C1nDlrNr4H+bB9+vuheayO1X/kI=
www.ezansesi.net/tj.js
200 OK 522 B IP
File type ASCII text, with CRLF line terminators
Hash 5f113c86b44c09cb56a26cc77c8a1ca5
834d0cbd57765f8b314951acf4d7814aeaadbec5
3cb3c42109dff2652283d8a7b8244e431c0459e7a3cbbf943bedb1e085779608
GET /tj.js HTTP/1.1
Host: www.ezansesi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ezansesi.net/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 08:07:26 GMT
Content-Type: application/x-javascript
Content-Length: 522
Connection: keep-alive
www.ezansesi.net/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 www.ezansesi.net/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.ezansesi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ezansesi.net/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 08:07:26 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 25 Dec 2022 08:07:26 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 978163e61a59f0d46fb1afda68600bea
dfe6b6fa46137783673ff50297255f28be587bee
2eb45b928e5a2392d5838444ccc9dc7eb405afcad830865c2c713bd764971a36
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Dec 2022 07:23:41 GMT
ETag: "dfe6b6fa46137783673ff50297255f28be587bee"
Last-Modified: Tue, 20 Dec 2022 07:23:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 188
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77c6e290bceab4f4-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10655
Expires: Tue, 20 Dec 2022 11:05:08 GMT
Date: Tue, 20 Dec 2022 08:07:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10655
Expires: Tue, 20 Dec 2022 11:05:08 GMT
Date: Tue, 20 Dec 2022 08:07:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10655
Expires: Tue, 20 Dec 2022 11:05:08 GMT
Date: Tue, 20 Dec 2022 08:07:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
200 OK 2.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac396f580b50a626abbeb37c0ec5f005
626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb
3546f7a2be3f578ad9d8b8f57b89a69b6ece9b08da63fb9448e5e6dde4d3332c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2054
x-amzn-requestid: 5072b75c-7455-45cc-a35e-be7e0ed77496
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabqhHE6IAMFrxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d976-026c95822615b2550edb00e7;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XxmrTTAq667e3H9thY8MDXLqO2QWJXuLKm0YvmyNm96fd8DTs8tvwQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:45:54 GMT
age: 37299
etag: "626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf13d30b-168d-4075-96df-955f428ae325.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf13d30b-168d-4075-96df-955f428ae325.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35a588f727cbb53c2cf495e5736ef7aa
bae4be57801e820925fdb3dcb2378ed2bfa6dc38
0e9e1acd1c7195f6ec9eabb3937d8bd611bc67c5ef96dffcc3325dee30683295
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf13d30b-168d-4075-96df-955f428ae325.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: bff05f9e-5ac2-49ec-afbd-fefd6a558535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da271FMNIAMFtNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10518-6f3b84fb0fdb11fd04ecc5b2;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tmeYmTw37jSgSHwYnptPQFD3ZtZV1gh8HCVB0fsPyMVL8zciyvgXLg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:14:40 GMT
etag: "bae4be57801e820925fdb3dcb2378ed2bfa6dc38"
content-type: image/jpeg
age: 24773
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7ac0b5738bab6b4ed770c26ca922250
e56fd4ee2f5354a54a6271db2be528f98eecd3d7
5997d5be6bbeb189ef08af2f6c6dd5bb0cfa70ad7b40daab8712efe5adc2c6e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: a9f11c68-8327-46ba-9075-e316a2f9fdbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FoSIAMFdtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-61b788f5675fe0e815e1e967;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _nupdrdRDG-S085FRNoJgzDQVg9Ngb_nYDR5C1AkkterWy8vlXBxGw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:45:54 GMT
age: 37299
etag: "e56fd4ee2f5354a54a6271db2be528f98eecd3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4017f13d-fc40-4034-9f27-d4af3c2f16f8.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4017f13d-fc40-4034-9f27-d4af3c2f16f8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4535f00ed3710172a5f7debc715cb36f
b176b458d20465245409f5b442fd4ad50c6a11f9
ad0fbd8a82b0859dc9c36053d8190bc20b3759ffa5971f55b0faedf8ba7ec001
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4017f13d-fc40-4034-9f27-d4af3c2f16f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10533
x-amzn-requestid: 31f0445f-d7e5-4d9d-98c7-60441253c2be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da6p9EVToAMFoBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10b0c-5e2b65513b791ea728b8e2a0;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 01:08:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xxdUvP80nnpsxvuekSouVB84wNHLNisCIQBAoULLrnPiBlks1qHUdA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:08:58 GMT
age: 25115
etag: "b176b458d20465245409f5b442fd4ad50c6a11f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 045f016fb66e6e0d1da1fb742d9b19a7
8f98bf2cedfccfce71464a733e2fd37482fd71c2
593cf38d1c2c315ff23fcda60e41141caa0266874f36a0c517554ca01ea51f12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9216
x-amzn-requestid: 460a95bf-5724-4bea-b6c1-f6ce263da5e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabq8FXboAMFwCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d979-70340469247cdcf952a98c3e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: utr-CdnBX5-MjBHX3PW6rdC06JzmIvfrj9FOrQtOUDd91_Fo4wVzGg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:45:55 GMT
age: 37298
etag: "8f98bf2cedfccfce71464a733e2fd37482fd71c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35d10a39-d4a4-4dab-a6c5-b26190cd8d9c.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35d10a39-d4a4-4dab-a6c5-b26190cd8d9c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7954c03ff4f2bade4a70f50c5aa46b14
576056e8336ae400a1652be8073a2a20e41cec85
00803b3df8b4b876b7fd205008a407f08c40519c32dcb07b3b99b30528d1215f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35d10a39-d4a4-4dab-a6c5-b26190cd8d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5325
x-amzn-requestid: 1b391874-5da9-44eb-ad08-d8fc05a5e709
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da4QKEceIAMF4fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10734-2b19a25a181c2c1b25f00952;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:52:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 1pAbr4nwgpvYMXoNkGmDV3-tsK-AWQqoTw1I5f2Qj-yAUNzWefrrFg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:14:37 GMT
etag: "576056e8336ae400a1652be8073a2a20e41cec85"
content-type: image/jpeg
age: 24776
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.bjys777.xyz/news/index.php
200 OK 47 B URL HTTP/1.1 api.bjys777.xyz/news/index.php
IP
ASN #64050 BGPNET Global ASN
File type HTML document, ASCII text, with no line terminators
Hash fc85f8ae73e9115d7d0db8bdb3049f87
ea85207ece10f485dfafc746433640e1a00a2465
06e8aab0f94e607266dfee3aa62468025bd845498f0912b9dd9b87a0832f3569
GET /news/index.php HTTP/1.1
Host: api.bjys777.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ezansesi.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 08:07:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
api.bjys777.xyz/news/api.php
200 OK 203 B URL HTTP/1.1 api.bjys777.xyz/news/api.php
IP
ASN #64050 BGPNET Global ASN
File type ISO-8859 text, with CRLF line terminators
Hash e99d29abf8d24cdf3ee5a2a5afd1422d
9e5b14f92331471be5a04f4d90ac83f095c736bc
95a7bb0384789d85cababc06d0ec6e72f065fce814a91d1663418c1b87674e17
GET /news/api.php HTTP/1.1
Host: api.bjys777.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://api.bjys777.xyz/news/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 08:07:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
hm.baidu.com/hm.js?60dd88fe91038ee8080d02cbf1581e29
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?60dd88fe91038ee8080d02cbf1581e29
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 56410d5cf37d3665fa23dd2bc67b91f6
1f1c7a49abe21423083680a7748cd44ff48d5a1e
009d29daca7536ce3c58fad989c39d03a9da265036fa1a1ef0a2d343726c357d
GET /hm.js?60dd88fe91038ee8080d02cbf1581e29 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ezansesi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 20 Dec 2022 08:07:33 GMT
Etag: c030bd1d170c70430276a2edf777418f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=525689BD69DB40DB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ae64c300062e1e13cb09f4e681db7b1b
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ae64c300062e1e13cb09f4e681db7b1b
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 78a0d8649023ab8a4a5238edb534c7f0
13b2ef8263d76abe36139e1b45c0881480b65f6c
98223e11321e536799379fbd606fd044a6739ed3d44c0f593b2928245fe38dea
GET /hm.js?ae64c300062e1e13cb09f4e681db7b1b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ezansesi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Tue, 20 Dec 2022 08:07:33 GMT
Etag: e26ac2a254a4811d7e7dbd297b6d9486
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0AC8705EA99A5109; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1796941884&si=60dd88fe91038ee8080d02cbf1581e29&v=1.3.0&lv=1&sn=53489&r=0&ww=1280&u=http%3A%2F%2Fwww.ezansesi.net%2Findex.php&tt=%E4%BA%94%E6%8C%87%E5%B1%B1%E5%87%B9%E7%AC%A8%E8%A3%85%E9%A5%B0%E8%AE%BE%E8%AE%A1%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1796941884&si=60dd88fe91038ee8080d02cbf1581e29&v=1.3.0&lv=1&sn=53489&r=0&ww=1280&u=http%3A%2F%2Fwww.ezansesi.net%2Findex.php&tt=%E4%BA%94%E6%8C%87%E5%B1%B1%E5%87%B9%E7%AC%A8%E8%A3%85%E9%A5%B0%E8%AE%BE%E8%AE%A1%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1796941884&si=60dd88fe91038ee8080d02cbf1581e29&v=1.3.0&lv=1&sn=53489&r=0&ww=1280&u=http%3A%2F%2Fwww.ezansesi.net%2Findex.php&tt=%E4%BA%94%E6%8C%87%E5%B1%B1%E5%87%B9%E7%AC%A8%E8%A3%85%E9%A5%B0%E8%AE%BE%E8%AE%A1%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ezansesi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 20 Dec 2022 08:07:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5E323649DD612F3A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1019995141&si=ae64c300062e1e13cb09f4e681db7b1b&v=1.3.0&lv=1&sn=53489&r=0&ww=1280&u=http%3A%2F%2Fwww.ezansesi.net%2Findex.php&tt=%E4%BA%94%E6%8C%87%E5%B1%B1%E5%87%B9%E7%AC%A8%E8%A3%85%E9%A5%B0%E8%AE%BE%E8%AE%A1%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1019995141&si=ae64c300062e1e13cb09f4e681db7b1b&v=1.3.0&lv=1&sn=53489&r=0&ww=1280&u=http%3A%2F%2Fwww.ezansesi.net%2Findex.php&tt=%E4%BA%94%E6%8C%87%E5%B1%B1%E5%87%B9%E7%AC%A8%E8%A3%85%E9%A5%B0%E8%AE%BE%E8%AE%A1%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1019995141&si=ae64c300062e1e13cb09f4e681db7b1b&v=1.3.0&lv=1&sn=53489&r=0&ww=1280&u=http%3A%2F%2Fwww.ezansesi.net%2Findex.php&tt=%E4%BA%94%E6%8C%87%E5%B1%B1%E5%87%B9%E7%AC%A8%E8%A3%85%E9%A5%B0%E8%AE%BE%E8%AE%A1%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ezansesi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 20 Dec 2022 08:07:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=3C099650D694EB88; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4a205981ddaf32a843db875fbcbe15fb
ed9e004c105a60963e5fc6c8a5d7008235018cf6
42fbcc133976af2f32511b3dcdba27436f9956d86745aea0d84261d829f1b24c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42FBCC133976AF2F32511B3DCDBA27436F9956D86745AEA0D84261D829F1B24C"
Last-Modified: Tue, 20 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Tue, 20 Dec 2022 14:06:55 GMT
Date: Tue, 20 Dec 2022 08:07:34 GMT
Connection: keep-alive
dimg04.c-ctrip.com/images/0104912000a9zkfav47CE.gif?proc=autoorient
200 OK 1.1 MB URL HTTP/2 dimg04.c-ctrip.com/images/0104912000a9zkfav47CE.gif?proc=autoorient
IP
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /images/0104912000a9zkfav47CE.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1082384
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7260849
expires: Tue, 14 Mar 2023 09:01:44 GMT
date: Tue, 20 Dec 2022 08:07:35 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 08588ff118207d12222a51087a89dde5
54b6678f28c76dc7fcd812c756425d07c93e259e
302498dd2ccdc3b5a5d226ece752f570321a86fa78a84ad5c4f64211dd35e31b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "302498DD2CCDC3B5A5D226ECE752F570321A86FA78A84AD5C4F64211DD35E31B"
Last-Modified: Tue, 20 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19772
Expires: Tue, 20 Dec 2022 13:37:07 GMT
Date: Tue, 20 Dec 2022 08:07:35 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 68e8ce4634884d7ae481fea3b25f9b53
2063f87357a3613cce725ed80524fca8b3182fc2
f1b9ed061fb7c08b7eeb146a412eeba384c7a53b9ea30d0a25c1203f6e29713c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F1B9ED061FB7C08B7EEB146A412EEBA384C7A53B9EA30D0A25C1203F6E29713C"
Last-Modified: Tue, 20 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19724
Expires: Tue, 20 Dec 2022 13:36:19 GMT
Date: Tue, 20 Dec 2022 08:07:35 GMT
Connection: keep-alive
tupkku.top/hf/xincha.gif
200 OK 287 kB IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 287 kB (287106 bytes)
Hash bf69a23dccde7e62074b6300ea402b95
dd009214a977991f1ce608f209962267a2db1e2c
6e329ba63b5b8b6493317c2c2f140b49bc76cb72d5eb06793d5f32e87ac308fb
GET /hf/xincha.gif HTTP/1.1
Host: tupkku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/gif
content-length: 287106
last-modified: Mon, 06 Jun 2022 10:46:28 GMT
etag: "629ddb04-46182"
expires: Sun, 01 Jan 2023 14:32:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1532117
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDY66uJjydEgZN3fIfE7jJGP7oFOM5bSuJM6Rf4iS%2B7m0bUL%2BzX6Amh94%2BxLP3h0Y5gDF2HO%2BIeUpOX3daVQYAZPZecz4Fq4Eij93zYjW05pD%2FHYIYmoUsRdEehY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77c6e29c2d4eb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 08588ff118207d12222a51087a89dde5
54b6678f28c76dc7fcd812c756425d07c93e259e
302498dd2ccdc3b5a5d226ece752f570321a86fa78a84ad5c4f64211dd35e31b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "302498DD2CCDC3B5A5D226ECE752F570321A86FA78A84AD5C4F64211DD35E31B"
Last-Modified: Tue, 20 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19772
Expires: Tue, 20 Dec 2022 13:37:07 GMT
Date: Tue, 20 Dec 2022 08:07:35 GMT
Connection: keep-alive
loadimg.cdn-xxx.com/images/gif/98.gif
200 OK 110 kB URL HTTP/2 loadimg.cdn-xxx.com/images/gif/98.gif
IP
File type GIF image data, version 89a, 350 x 350\012- data
Size 110 kB (109872 bytes)
Hash 91f76cb46bc896ad3b7dc09fecfa2811
cc7d36f91d8a4635e5b16c4a3ba603392e12ceff
012d186e1e2e62ee389aabd839cc5bad6f4367302215b33b60ff6434fbfad3d3
GET /images/gif/98.gif HTTP/1.1
Host: loadimg.cdn-xxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/gif
content-length: 109872
last-modified: Sun, 04 Sep 2022 06:54:16 GMT
etag: "63144b98-1ad30"
expires: Wed, 11 Jan 2023 03:55:38 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 507669
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1Kj8duP35n7XtZS9swa4GBFnQ8mtlByP1kP%2FUpEUtXLM99w%2F4cNI2jBixWwaY%2B7IAHNuC3%2FavQLR9HgK37jSIiIygCcJML%2FHsTsLLdpeJo2%2BRhDlJhP4N%2BSliXtXXzUqeuUd5yg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77c6e29c3bf6dd83-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 68e8ce4634884d7ae481fea3b25f9b53
2063f87357a3613cce725ed80524fca8b3182fc2
f1b9ed061fb7c08b7eeb146a412eeba384c7a53b9ea30d0a25c1203f6e29713c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F1B9ED061FB7C08B7EEB146A412EEBA384C7A53B9EA30D0A25C1203F6E29713C"
Last-Modified: Tue, 20 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19724
Expires: Tue, 20 Dec 2022 13:36:19 GMT
Date: Tue, 20 Dec 2022 08:07:35 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 5871c5234226d831cca02cab67b2b8ab
b2a29cd9d09d17348e4dca30bc5dc7553f9b32b1
8d675e67504edc23bbf2e94867dde4d1979b9baa8151379f7c6f5942e98dd2fb
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Dec 2022 05:38:19 GMT
ETag: "b2a29cd9d09d17348e4dca30bc5dc7553f9b32b1"
Last-Modified: Tue, 20 Dec 2022 05:38:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1275
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77c6e29cdb64b4f4-OSL
www.dxjyy121.xyz/static/images/hot.gif
200 OK 254 B URL HTTP/2 www.dxjyy121.xyz/static/images/hot.gif
IP
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/hot.gif HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: image/gif
content-length: 254
last-modified: Wed, 29 Sep 2021 05:51:09 GMT
etag: "6153fecd-fe"
expires: Thu, 19 Jan 2023 08:07:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dxjyy121.xyz/static/images/empty.jpg
200 OK 47 kB URL HTTP/2 www.dxjyy121.xyz/static/images/empty.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:05:13 21:35:29], baseline, precision 8, 235x141, components 3\012- data
Hash 23eb9e82fb7523ac495688e32e3b484b
a8b2b1cfa9b7587e5a29482317104d1655087fd3
166172be9d739f235271d347708bcfd323f5222d1fa573afdcfd345b4019fd97
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/empty.jpg HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: image/jpeg
content-length: 46597
last-modified: Thu, 07 Apr 2022 12:02:06 GMT
etag: "624ed2be-b605"
expires: Thu, 19 Jan 2023 08:07:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dxjyy121.xyz/static/images/sprite.gif
200 OK 55 B URL HTTP/2 www.dxjyy121.xyz/static/images/sprite.gif
IP
File type GIF image data, version 89a, 10 x 10\012- data
Hash 8647a09907f1a5c35a56aaf41e8e0132
b55547d0446299a57eed391407359d1378032a09
d16e2c8d92eb72e4b584790314f6ca14916e3d5ae9374358515429b5b999bd31
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/sprite.gif HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: image/gif
content-length: 55
last-modified: Thu, 30 Sep 2021 05:50:28 GMT
etag: "61555024-37"
expires: Thu, 19 Jan 2023 08:07:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34373)
Hash 1390e823e4464795cd66ac593d94809a
208e2903bbe19109c7781db997395111d09b0c2b
8812cbab04c1444c5cb9f012f72b9c45ef827b91f933925de28011b9a65701af
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 20 Dec 2022 08:07:35 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 16 Dec 2022 06:31:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"639c10ba-8724"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.dxjyy121.xyz/static/images/006.gif
200 OK 140 kB URL HTTP/2 www.dxjyy121.xyz/static/images/006.gif
IP
File type GIF image data, version 89a, 600 x 200\012- data
Size 140 kB (139590 bytes)
Hash c26b438fb3967395e723c7be01ba4cfc
e06149c9a3b3b6318f51f9ed7af8e1fa7dad475e
8be6db381df1fb0ee430c6c116bdb81719d3b201729a3d32d49636ae8ae07baf
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/006.gif HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: image/gif
content-length: 139590
last-modified: Mon, 12 Dec 2022 09:11:23 GMT
etag: "6396f03b-22146"
expires: Thu, 19 Jan 2023 08:07:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dxjyy121.xyz/dingbu.html
200 OK 158 B URL HTTP/2 www.dxjyy121.xyz/dingbu.html
IP
File type HTML document, ASCII text
Hash 53dc6e5cc71be4c5e06628a8eff61e71
9ab8ebb88319d704ade7c08f25d0a8dcee3d43cd
a0f16d472872804a34e6816bd4d06be3a737c67168586b0fe524ba3b993e5c8f
Analyzer Verdict Alert quad9 Sinkholed
GET /dingbu.html HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: text/html
content-length: 158
last-modified: Tue, 13 Dec 2022 09:21:38 GMT
etag: "63984422-9e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dxjyy121.xyz/logo.html
200 OK 798 B URL HTTP/2 www.dxjyy121.xyz/logo.html
IP
File type HTML document, Unicode text, UTF-8 text
Hash 9a6d45b0ed70c5543b8c0bab01cec4bb
98a3e064681f419cc342bd241c505533f5831f4d
661369b4a9f46e372b036c837e7b66dfa805eead1a287d4544ddfb68c55b5789
Analyzer Verdict Alert quad9 Sinkholed
GET /logo.html HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: text/html
content-length: 798
last-modified: Tue, 13 Sep 2022 15:39:21 GMT
etag: "6320a429-31e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dxjyy121.xyz/static/images/hfyp.gif
200 OK 179 kB URL HTTP/2 www.dxjyy121.xyz/static/images/hfyp.gif
IP
File type GIF image data, version 89a, 960 x 240\012- data
Size 179 kB (178672 bytes)
Hash efee8a79540ee00db69bebdc99794192
d0065a17839693634546f59f1adcf59f8b4da39f
3a56867d2650ebcbaed66b0255e1752f0236284585167348be04fbd52aea4037
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/hfyp.gif HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: image/gif
content-length: 178672
last-modified: Fri, 18 Nov 2022 07:24:26 GMT
etag: "6377332a-2b9f0"
expires: Thu, 19 Jan 2023 08:07:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dxjyy121.xyz/static/images/pngtree-icon-close-button-png-image_1357955.jpg
200 OK 9.2 kB URL HTTP/2 www.dxjyy121.xyz/static/images/pngtree-icon-close-button-png-image_1357955.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/jpeg
content-length: 9166
last-modified: Thu, 30 Jun 2022 06:45:34 GMT
etag: "62bd468e-23ce"
expires: Thu, 19 Jan 2023 08:07:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2a7c8ecf8809535981d6c974067e22b7
c4bf057a7a0a6231c79128dc0c616be745e75aa0
82c1a84ab28257ef22031dc2d35d40d386dae90bdc319e57754f707dcb4bec3a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 02:28:25 GMT
Expires: Sun, 25 Dec 2022 02:28:24 GMT
Etag: "c4bf057a7a0a6231c79128dc0c616be745e75aa0"
Cache-Control: max-age=411048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c6e29ef8d5fabc-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2a7c8ecf8809535981d6c974067e22b7
c4bf057a7a0a6231c79128dc0c616be745e75aa0
82c1a84ab28257ef22031dc2d35d40d386dae90bdc319e57754f707dcb4bec3a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 02:28:25 GMT
Expires: Sun, 25 Dec 2022 02:28:24 GMT
Etag: "c4bf057a7a0a6231c79128dc0c616be745e75aa0"
Cache-Control: max-age=411048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c6e29efb52b50f-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2a7c8ecf8809535981d6c974067e22b7
c4bf057a7a0a6231c79128dc0c616be745e75aa0
82c1a84ab28257ef22031dc2d35d40d386dae90bdc319e57754f707dcb4bec3a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 02:28:25 GMT
Expires: Sun, 25 Dec 2022 02:28:24 GMT
Etag: "c4bf057a7a0a6231c79128dc0c616be745e75aa0"
Cache-Control: max-age=411048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c6e29f0bf10afe-OSL
www.dxjyy121.xyz/static/images/009.gif
200 OK 89 kB URL HTTP/2 www.dxjyy121.xyz/static/images/009.gif
IP
File type GIF image data, version 89a, 960 x 80\012- data
Hash 6e666b1b7dde969b4d0bfd1fd5582c5a
72837144e5ba3a021116d776ee6c37cfc42e6521
e2981343e43dea8cfb6960df3c7bb0d0b9b5e2c1d9e8ab06513e347b286b1619
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/009.gif HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/dingbu.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/gif
content-length: 89259
last-modified: Tue, 13 Dec 2022 09:20:39 GMT
etag: "639843e7-15cab"
expires: Thu, 19 Jan 2023 08:07:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.dxjyy121.xyz/DXJ.png
200 OK 4.2 kB IP
File type PNG image data, 399 x 81, 4-bit colormap, non-interlaced\012- data
Hash 1d8ce1ae2e88160af2d6442a55c6ced0
8e56e18fda5cc79c78e04ba812a3553e6fe170a7
cf8a03743d5c4d4f947722af7df1b7ce4e21d45a8f7f34d0450d1b9221bb7828
Analyzer Verdict Alert quad9 Sinkholed
GET /DXJ.png HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/logo.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/png
content-length: 4237
last-modified: Tue, 13 Sep 2022 15:39:46 GMT
etag: "6320a442-108d"
expires: Thu, 19 Jan 2023 08:07:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?50a05674b1caecdee6d4f03c0f24301c
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?50a05674b1caecdee6d4f03c0f24301c
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 2c9474458f2bf7819c1549fe1b5665b9
bb5c5483da1a29b89027c10cc3f11453ccddbfb4
27ffcbee7a5a89d6eceefcc92e0a5cb27b041be038e8a60bc1dba842af2f8639
GET /hm.js?50a05674b1caecdee6d4f03c0f24301c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 20 Dec 2022 08:07:35 GMT
Etag: 1af21633cedf41e42e39c139913192f0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1E4DBD555EB4D778; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2a7c8ecf8809535981d6c974067e22b7
c4bf057a7a0a6231c79128dc0c616be745e75aa0
82c1a84ab28257ef22031dc2d35d40d386dae90bdc319e57754f707dcb4bec3a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 02:28:25 GMT
Expires: Sun, 25 Dec 2022 02:28:24 GMT
Etag: "c4bf057a7a0a6231c79128dc0c616be745e75aa0"
Cache-Control: max-age=411048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c6e29f0e430b3d-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2a7c8ecf8809535981d6c974067e22b7
c4bf057a7a0a6231c79128dc0c616be745e75aa0
82c1a84ab28257ef22031dc2d35d40d386dae90bdc319e57754f707dcb4bec3a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 02:28:25 GMT
Expires: Sun, 25 Dec 2022 02:28:24 GMT
Etag: "c4bf057a7a0a6231c79128dc0c616be745e75aa0"
Cache-Control: max-age=411048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c6e29f0915b512-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8405f432e39ad9af3d455c1c58539229
09a1ac8f83676e6e7488b825c7e264882bd62adc
f4991a782ed65a2a6e31984d53309d14db5ae1377865e0822fa68a51bf3cecdc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4991A782ED65A2A6E31984D53309D14DB5AE1377865E0822FA68A51BF3CECDC"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21552
Expires: Tue, 20 Dec 2022 14:06:48 GMT
Date: Tue, 20 Dec 2022 08:07:36 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=150524208&si=50a05674b1caecdee6d4f03c0f24301c&su=http%3A%2F%2Fapi.bjys777.xyz%2F&v=1.3.0&lv=1&sn=53491&r=0&ww=1268&u=https%3A%2F%2Fwww.dxjyy121.xyz%2F&tt=%F0%9F%8D%8C%E9%A6%99%E8%95%89%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E5%BD%B1%E8%A7%86%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E5%BD%B1%E5%BA%93%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E8%A7%86%E9%A2%91%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E5%BD%B1%E9%99%A2%20-%F0%9F%8D%8C%20D%20X%20J%20Y%20Y%20.%20X%20Y%20Z%F0%9F%8D%8C
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=150524208&si=50a05674b1caecdee6d4f03c0f24301c&su=http%3A%2F%2Fapi.bjys777.xyz%2F&v=1.3.0&lv=1&sn=53491&r=0&ww=1268&u=https%3A%2F%2Fwww.dxjyy121.xyz%2F&tt=%F0%9F%8D%8C%E9%A6%99%E8%95%89%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E5%BD%B1%E8%A7%86%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E5%BD%B1%E5%BA%93%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E8%A7%86%E9%A2%91%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E5%BD%B1%E9%99%A2%20-%F0%9F%8D%8C%20D%20X%20J%20Y%20Y%20.%20X%20Y%20Z%F0%9F%8D%8C
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=150524208&si=50a05674b1caecdee6d4f03c0f24301c&su=http%3A%2F%2Fapi.bjys777.xyz%2F&v=1.3.0&lv=1&sn=53491&r=0&ww=1268&u=https%3A%2F%2Fwww.dxjyy121.xyz%2F&tt=%F0%9F%8D%8C%E9%A6%99%E8%95%89%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E5%BD%B1%E8%A7%86%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E5%BD%B1%E5%BA%93%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E8%A7%86%E9%A2%91%2C%F0%9F%8D%8C%E5%A4%A7%E9%A6%99%E8%95%89%E5%BD%B1%E9%99%A2%20-%F0%9F%8D%8C%20D%20X%20J%20Y%20Y%20.%20X%20Y%20Z%F0%9F%8D%8C HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 20 Dec 2022 08:07:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F311DB6E702DD877; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img.firefoxcartoon.com/image/a9.gif
200 OK 32 kB URL HTTP/2 img.firefoxcartoon.com/image/a9.gif
IP
File type GIF image data, version 89a, 80 x 80\012- data
Hash de948955b8e6d65433eb907119bf18c8
28696320fefa6fe75cd4d23965be6ed184a913c3
f7f9f85b540b478227170770328ae067b159c9d7c9eb0c08a291d687463041fc
GET /image/a9.gif HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/gif
content-length: 32370
last-modified: Thu, 21 Jul 2022 11:37:06 GMT
etag: "62d93a62-7e72"
expires: Thu, 19 Jan 2023 08:07:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.firefoxcartoon.com/image/202.gif
200 OK 14 kB URL HTTP/2 img.firefoxcartoon.com/image/202.gif
IP
File type GIF image data, version 89a, 120 x 120\012- data
Hash 380d2a538e661645a65fcc38f3f996cb
c6830ee1a1241d88941d79b6a08ba6e7309ad7cc
ff06350bafb5d7d3f580a67171254416d2f358791bb85922a7603ef7e1cb6e0b
GET /image/202.gif HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:36 GMT
content-type: image/gif
content-length: 13987
last-modified: Mon, 14 Nov 2022 10:58:35 GMT
etag: "63721f5b-36a3"
expires: Thu, 19 Jan 2023 08:07:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
collect-v6-alqy.51.la/v6/collect?dt=4
200 OK 0 B URL HTTP/2 collect-v6-alqy.51.la/v6/collect?dt=4
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6-alqy.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 354
Origin: https://www.dxjyy121.xyz
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:36 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.dxjyy121.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash b30840b73f0657f2ab1c6fafc135b772
597cd9f1c9734d51acf6d7b29d711b0b15186dc2
77eab2e5b93680781d977d553cb1134e4503b668cb4d63087ab6d972c513b699
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:36 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 19 Dec 2022 23:09:43 GMT
Expires: Mon, 26 Dec 2022 23:09:42 GMT
Etag: "597cd9f1c9734d51acf6d7b29d711b0b15186dc2"
Cache-Control: max-age=571925,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c6e2a51eea0b31-OSL
img.firefoxcartoon.com/image/im4.webp
200 OK 362 kB URL HTTP/2 img.firefoxcartoon.com/image/im4.webp
IP
File type GIF image data, version 89a, 156 x 156\012- data
Size 362 kB (362153 bytes)
Hash 3906b55b535728017f6f334a34c2a4ed
7881c601a56f4f58c7c73c1cbb41431886bd9b0c
9bf1372b607e5ed48897c858929729d40c3c7a90999634ed0c50de9e149f36ce
GET /image/im4.webp HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/webp
content-length: 362153
last-modified: Mon, 14 Nov 2022 08:14:17 GMT
etag: "6371f8d9-586a9"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.firefoxcartoon.com/image/a6.gif
200 OK 253 kB URL HTTP/2 img.firefoxcartoon.com/image/a6.gif
IP
File type GIF image data, version 89a, 120 x 120\012- data
Size 253 kB (252949 bytes)
Hash 7171cfea1cf96b0008296a127c03deb7
74fe57752752cbb12a6768eff807d15622560aa0
76f12223e3483c523839c89116f38c6719c9a46e7251bd561188f38b8265fcec
GET /image/a6.gif HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:36 GMT
content-type: image/gif
content-length: 252949
last-modified: Thu, 21 Jul 2022 11:37:50 GMT
etag: "62d93a8e-3dc15"
expires: Thu, 19 Jan 2023 08:07:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash a77216646e03f24162be311e4d5b26e3
3ad64bfd1e7d4a8d3a683498aa75cc09bc964842
515bdcc5d5a70b95e7e04ec78a43212f88716c0592ef630a2c61e657bf82e87c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=104361
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 08:07:36 GMT
Etag: "63a061f1-2d7"
Expires: Wed, 21 Dec 2022 13:06:57 GMT
Last-Modified: Mon, 19 Dec 2022 13:06:57 GMT
Server: nginx
Content-Length: 727
img.firefoxcartoon.com/image/a7.gif
200 OK 1.3 MB URL HTTP/2 img.firefoxcartoon.com/image/a7.gif
IP
File type GIF image data, version 89a, 200 x 200\012- data
Size 1.3 MB (1264586 bytes)
Hash 24276ed40d33cdc7c91be6aee4a5c649
406a93691820e9768a0190f7a216c61b939ce22c
e6ed2d7c48fa4150292f76a06067d50597c16e7f402b030c9d2d22d8540ff733
GET /image/a7.gif HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/gif
content-length: 1264586
last-modified: Thu, 21 Jul 2022 11:37:53 GMT
etag: "62d93a91-134bca"
expires: Thu, 19 Jan 2023 08:07:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.firefoxcartoon.com/image/im8.webp
200 OK 1.3 MB URL HTTP/2 img.firefoxcartoon.com/image/im8.webp
IP
File type GIF image data, version 89a, 225 x 225\012- data
Size 1.3 MB (1324517 bytes)
Hash 570ead008ba41f4b6dbda76cd5f4f928
d7f99ac7f3a3c7b4b2bbb11b73f28c5487171829
7a911fb4c82c82d2fd0afcf9fc87a282157aec861cc197e1e0fcc5a940f57c5b
GET /image/im8.webp HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/webp
content-length: 1324517
last-modified: Mon, 14 Nov 2022 08:14:21 GMT
etag: "6371f8dd-1435e5"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img.firefoxcartoon.com/image/22cc.gif
200 OK 840 kB URL HTTP/2 img.firefoxcartoon.com/image/22cc.gif
IP
File type GIF image data, version 89a, 128 x 128\012- data
Size 840 kB (840352 bytes)
Hash 367441fd0f9cc373d70d8fc69e97d46a
fb39591de5c3e2692f952801ffb34e88f4765c47
b22f3ed319624e493ebe8e41e7ef367fe86e9bc5b0ddbcc22d1ab75deafe05a3
GET /image/22cc.gif HTTP/1.1
Host: img.firefoxcartoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: image/gif
content-length: 840352
last-modified: Sun, 23 Oct 2022 07:47:52 GMT
etag: "6354f1a8-cd2a0"
expires: Thu, 19 Jan 2023 08:07:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash d30054623facc2b19473837b0dc8a73b
7fb0dddae458be75cb26fb5c57e002018fe61cd0
f912af4aed9d25db962696be8f73c6bf2aceded0dd0c4311e519b6ee88221936
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 574
Cache-Control: max-age=136622
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 08:07:37 GMT
Etag: "63a0ddb9-2d7"
Expires: Wed, 21 Dec 2022 22:04:39 GMT
Last-Modified: Mon, 19 Dec 2022 21:55:05 GMT
Server: ECS (amb/6B8C)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/381ed9b5f2144536b63f742b694d9781
200 OK 1.1 MB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/381ed9b5f2144536b63f742b694d9781
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 160\012- data
Size 1.1 MB (1054461 bytes)
Hash d53398965b2d9a3918bbb9d918d0362f
6f2a18a6b9662a5572bbe072a12aa37107e12963
9aadc31581ca6dd246c10cc847576788cd173b15c4f1ca780661b49bec4127a6
GET /obj/tos-cn-i-dy/381ed9b5f2144536b63f742b694d9781 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1054461
date: Mon, 19 Dec 2022 14:24:25 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 18 Dec 2022 15:54:48 GMT
nw-session-id: 202212182354480101511371710B236958s9zw701dy
nw-session-trace: 2022-12-18T23:54:48.271899331+08:00 49
x-bdcdn-cache-status: TCP_HIT
x-length: 1054461
x-powered-by: ImageX
x-response-date: Sun, 18 Dec 2022 23:54:48 GMT
x-tt-logid: 202212182354480101511371710B236958
via: n204-098-012, cache4.l2de2[0,0,206-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache8.se1[0,0,200-0,H], cache2.se1[2,0]
x-request-ip: fdbd:dc01:27:215::152
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 011252894df15b6c848407bffe816bf0110c2399da54f8dd4493cf3f6f64a1f5f4796cc73adee198066595d1e37adc43ab9cdad59de0cfd2d8832935a99dd3ba175c69e87271e07c33bbc674220db74118e35bcf47eafe929eb17117a630c907be
x-response-lb: image
ali-swift-global-savetime: 1671459865
age: 63792
x-cache: HIT TCP_MEM_HIT dirn:11:33141665 mlen:0
x-swift-savetime: Mon, 19 Dec 2022 20:26:36 GMT
x-swift-cachetime: 31514269
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9616715236574517841e
X-Firefox-Spdy: h2
8499483.com/8499/zzxx/960x80.gif
200 OK 361 kB URL HTTP/2 8499483.com/8499/zzxx/960x80.gif
IP
File type GIF image data, version 89a, 960 x 80\012- data
Size 361 kB (361424 bytes)
Hash b12a03db70310ffc051aaacb7d9512a4
93448a6a7e455b0cd9d7ddde4254cf06100661a6
75cf49510043cb5a7ad701286ace70c98ba17775fdbb866f8f70fe82dee24db0
GET /8499/zzxx/960x80.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 08:07:36 GMT
content-type: image/gif
content-length: 361424
last-modified: Sat, 17 Dec 2022 10:44:45 GMT
etag: "583d0-5f003c6452b57"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
collect-v6.51.la/v6/collect?dt=4
403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 354
Origin: https://www.dxjyy121.xyz
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403
Server: CloudWAF
Date: Tue, 20 Dec 2022 08:07:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=702ec118a74585d5c74; path=/
HWWAFSESTIME=1671523657417; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.dxjyy121.xyz
Access-Control-Allow-Credentials: true
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
200 OK 678 kB URL HTTP/2 p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
IP
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 270 x 160\012- data
Size 678 kB (677521 bytes)
Hash 94051cb1d1b77200b4462281a864b96e
e5b468a1b2f4bbdda1b6a3a0df2dcce6b3de7e06
d44d0d2dd188024b60ec38cb3f3ea10c080690175e923f90c9c2a2e862670c84
GET /img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image HTTP/1.1
Host: p26.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 08:07:36 GMT
content-type: image/gif
content-length: 677521
set-cookie: hccesp_lttk=AAAAAgAAAAAAAAAFAAAAAQAAAAeBwwi0wpEfjD7TIu80Sa6GjmYF4RZ0Bmaq/dBtelRv9AAAAAAAAAAAAAAAQC673Qaoj3eBfKPwMAzewc+XHt/GYVja2SMBiYaehiad0ApBbgoH10bJwPKETUHbCe+q9r0pgi00eigZzz55slg=; Expires=Wed, 20 Dec 2023 08:07:36 GMT; path=/;
server: openresty
age: 3941237
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
x-bdcdn-cache-status: TCP_HIT
x-ccdn-cachettl: 31536000
x-length: 677521
x-powered-by: ImageX
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
x-response-lb: image
x-tt-logid: 2021123008073501015013614530ADE9B0
nginx-hit: 1
server-timing: cdn-cache;desc=HIT, edge;dur=5
via: CHN-HAzhengzhou-AREACUCC1-CACHE22[5],CHN-HAzhengzhou-AREACUCC1-CACHE35[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE102[6],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,5]
x-hcs-proxy-type: 1
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
accept-ranges: bytes
access-control-allow-origin: *
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
X-Firefox-Spdy: h2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
200 OK 354 kB URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
File type GIF image data, version 89a, 960 x 60\012- data
Size 354 kB (354278 bytes)
Hash c6442fd82dd00372e745f394887172f2
dc8ce1d9b050eb7b70c1e47e815169c8ffdc77b9
813a5a49ef0682cdb74754e84f7b5d0159392b1fef69ec06e2875388e97d8843
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 354278
date: Mon, 19 Dec 2022 20:30:05 GMT
last-modified: Mon, 19 Dec 2022 07:47:28 GMT
etag: "c6442fd82dd00372e745f394887172f2"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 d9489e2767e0db346f3f22252b2a1210.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN51-C1
x-amz-cf-id: AIEwHm_oB0KRQsuQMNmRzL0qjGa26DWJPy29oCIqAQ7isFXmjjSLwA==
age: 41851
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 28a3167edfab2c0f2f6390c4e778d1e6
20adc8fc673ec4c87fc7db17412d58bc86ade685
6476f898a468692623f1731d654a86d278bfe3290ac7e7d784feb258555e034e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Dec 2022 05:45:58 GMT
ETag: "20adc8fc673ec4c87fc7db17412d58bc86ade685"
Last-Modified: Tue, 20 Dec 2022 05:45:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77c6e2b1eb11b4f4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 28a3167edfab2c0f2f6390c4e778d1e6
20adc8fc673ec4c87fc7db17412d58bc86ade685
6476f898a468692623f1731d654a86d278bfe3290ac7e7d784feb258555e034e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 08:07:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Dec 2022 05:45:58 GMT
ETag: "20adc8fc673ec4c87fc7db17412d58bc86ade685"
Last-Modified: Tue, 20 Dec 2022 05:45:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77c6e2b38a08b4f3-OSL
www.dxjyy121.xyz/
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://api.bjys777.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/jquery.base.js
200 OK 0 B URL HTTP/2 www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/jquery.base.js
IP
GET /template/RX@04dgr@r/static/henniu/jquery.base.js HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:08 GMT
vary: Accept-Encoding
etag: W/"61554e6c-1917"
expires: Tue, 20 Dec 2022 20:07:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.dxjyy121.xyz/smbaidu/yxf.js
200 OK 0 B URL HTTP/2 www.dxjyy121.xyz/smbaidu/yxf.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /smbaidu/yxf.js HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 06:48:38 GMT
vary: Accept-Encoding
etag: W/"638ee5c6-69e"
expires: Tue, 20 Dec 2022 20:07:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.1135555.com/images/6391e1760771a0fd6ab2b06f.gif
302 Found 0 B URL HTTP/2 img.1135555.com/images/6391e1760771a0fd6ab2b06f.gif
IP
GET /images/6391e1760771a0fd6ab2b06f.gif HTTP/1.1
Host: img.1135555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/381ed9b5f2144536b63f742b694d9781
X-Firefox-Spdy: h2
www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/style.css
200 OK 0 B URL HTTP/2 www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/style.css
IP
GET /template/RX@04dgr@r/static/henniu/style.css HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: text/css
last-modified: Wed, 14 Sep 2022 07:59:07 GMT
vary: Accept-Encoding
etag: W/"632189cb-56b1"
expires: Tue, 20 Dec 2022 20:07:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/jquery.autocomplete.js
200 OK 0 B URL HTTP/2 www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/jquery.autocomplete.js
IP
GET /template/RX@04dgr@r/static/henniu/jquery.autocomplete.js HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:40:42 GMT
vary: Accept-Encoding
etag: W/"61554dda-64a0"
expires: Tue, 20 Dec 2022 20:07:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/jquery.superslide.js
200 OK 0 B URL HTTP/2 www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/jquery.superslide.js
IP
GET /template/RX@04dgr@r/static/henniu/jquery.superslide.js HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:41:32 GMT
vary: Accept-Encoding
etag: W/"61554e0c-2506"
expires: Tue, 20 Dec 2022 20:07:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.dxjyy121.xyz/static/fonts/voltaire.woff
404 Not Found 0 B URL HTTP/2 www.dxjyy121.xyz/static/fonts/voltaire.woff
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/home.js
200 OK 0 B URL HTTP/2 www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/home.js
IP
GET /template/RX@04dgr@r/static/henniu/home.js HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:34 GMT
content-type: application/javascript
last-modified: Thu, 30 Sep 2021 05:43:46 GMT
vary: Accept-Encoding
etag: W/"61554e92-994b"
expires: Tue, 20 Dec 2022 20:07:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.dxjyy121.xyz/static/fonts/voltaire.woff
404 Not Found 0 B URL HTTP/2 www.dxjyy121.xyz/static/fonts/voltaire.woff
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /static/fonts/voltaire.woff HTTP/1.1
Host: www.dxjyy121.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/template/RX@04dgr@r/static/henniu/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 20 Dec 2022 08:07:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
200 OK 0 B URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
IP
ASN #56041 China Mobile communications corporation
GET /ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dxjyy121.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 08:07:40 GMT
content-type: image/gif
content-length: 1368366
cache-control: max-age=15552000
expires: Wed, 07 Jun 2023 14:52:16 GMT
last-modified: Fri, 25 Nov 2022 14:35:51 GMT
age: 926124
via: http/1.1 ORI-CLOUD-HUZ-MIX-6 (jcs [cHs f ]), http/1.1 HAZ-CM-2-MIX-21 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1670597536373-0-0-1-10-10;200;200-1670917297140-0-0-0-5-5;200-1671523660225-0-0-0-0-0
X-Firefox-Spdy: h2
38.165.98.124
23.33.119.27
104.18.21.226
202.61.129.57
120.78.77.218
103.235.46.191
47.246.44.230
3.36.126.81
93.184.220.29