Report - newxhamster.com/t/super

Report Overview

Submitted URL
newxhamster.com/t/super
IP
172.120.162.242
ASN
#18779 EGIHOSTING
Submitted
2023-02-09 03:24:43
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-13T05:37:01Z	289 B	750 B	182.61.201.93
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-13T05:37:01Z	341 B	114 B	182.61.201.94
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	3.2 kB	37 kB	103.235.46.191
z4a.net	575468	2016-04-02T12:21:55Z	2023-03-13T05:36:48Z	2.4 kB	1.8 MB	104.21.234.235
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.7 kB	4.7 kB	93.184.220.29
jx.tongdoumaoyi.com	unknown	2022-12-16T08:41:15Z	2023-03-12T10:17:47Z	1.4 kB	1.8 kB	20.239.85.25
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	357 B	712 B	142.250.74.131
1999ddd.com	unknown	2016-05-09T16:21:30Z	2023-02-15T08:48:22Z	402 B	278 B	45.61.212.129
kvezz.com	237784	2021-10-17T10:32:09Z	2023-03-13T08:13:32Z	800 B	52 kB	13.227.254.101
99887aaa.com	unknown	2022-11-25T14:12:24Z	2023-03-12T15:54:59Z	403 B	285 B	103.170.15.103
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.newxhamster.com	unknown	2013-09-26T06:54:13Z	2023-03-10T01:04:18Z	1.3 kB	4.0 kB	172.120.162.242
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	718 B	4.0 kB	151.101.130.133
kzecc.com	unknown	2017-01-29T05:39:36Z	2023-03-13T08:13:33Z	800 B	1.0 MB	13.227.254.104
dvcasha2.ocsp-certum.com	71753	2014-11-27T09:04:42Z	2023-03-13T08:02:07Z	348 B	1.9 kB	23.36.79.17
ggtupian.comcom008.com	unknown	2022-09-01T14:53:21Z	2023-02-25T09:49:11Z	402 B	431 kB	104.21.59.180
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-13T05:14:15Z	348 B	1.2 kB	104.18.32.68
newxhamster.com	unknown	2014-08-10T03:41:55Z	2023-03-10T03:21:16Z	354 B	198 B	172.120.162.242
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	3.4 kB	9.6 kB	104.18.32.68
683tuchuang.com	unknown	2022-12-21T13:40:45Z	2023-03-13T08:45:57Z	381 B	364 B	23.224.37.109
3366812ccc.com	unknown	2022-12-24T11:39:57Z	2023-03-13T08:55:36Z	405 B	283 B	103.170.15.78
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.4 kB	12 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	64 kB	34.120.237.76
img.9376x.com	unknown	2022-11-03T20:44:19Z	2023-03-13T00:53:49Z	403 B	182 B	3.36.126.81
3718896ccc.com	unknown	2022-12-24T11:40:13Z	2023-03-12T16:36:41Z	405 B	283 B	103.170.15.103
595tuchuang.com	unknown	2022-12-21T13:40:45Z	2023-03-13T05:36:49Z	381 B	364 B	23.224.37.45
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.189.204.30
www.jxy29.xyz	unknown	2023-02-01T11:36:22Z	2023-02-01T11:36:22Z	3.9 kB	18 kB	27.124.33.150
kvegg.com	unknown	2022-11-17T08:04:49Z	2023-03-12T09:10:10Z	800 B	537 kB	172.83.155.45
dimg04.c-ctrip.com	139731	2014-05-08T18:11:10Z	2023-03-13T05:37:25Z	421 B	63 kB	104.110.17.24
help.ifeng.com	550386	2014-07-30T19:17:45Z	2023-03-04T03:29:02Z	297 B	286 B	49.51.190.27
66668aaa.com	unknown	2022-11-25T13:49:53Z	2023-02-25T19:43:51Z	810 B	556 B	45.61.212.129

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-09 03:25:34	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-09	medium	3366812ccc.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	hm.baidu.com/hm.js?cac70a3bf14f110bc309dab3106609eb	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?cac70a3bf14f110bc309dab3106609eb IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:08:55 Last Seen2023-03-13 20:08:55 Times Seen1 Hash db44d23a03ed6eb7195aaafbaf4905ad 3c27859b28d3873b2068d3023917fde8b6f05d2b 592a15a4ff8848fad8d45d49eb07c90e5e85b7612cef0e0200933cc76b5bf469 Loading...

	www.jxy29.xyz/	254 B	2023-03-07	2023-07-10
Pretty URL www.jxy29.xyz/ IP 27.124.33.150 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-07-10 02:29:30 Times Seen148 Hash 2b060c01c124335c89db809e88d801f5 4226dea14013c0d2b6a391cebcfafc02e00d9305 46b48e8582d3035db685d90fd6ef29a676ae4f59721521c4025568c81fc43621 Loading...

	hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:08:55 Last Seen2023-03-13 20:08:55 Times Seen1 Hash 86d5150d621303a71489c9cdbbbaf7a0 a82779a28a7be9d469b7533a12cd2fb84e7d5d66 4916dc4be186c1c982ac77195fe4306ade6ee68e02316ae8ad6942c2a03bf4cd Loading...

	www.newxhamster.com/t/super	404 B	2023-03-07	2024-05-09
Pretty URL www.newxhamster.com/t/super IP 172.120.162.242 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-09 23:23:40 Times Seen3016 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.newxhamster.com/tj.js	522 B	2023-03-10	2023-03-26
Pretty URL www.newxhamster.com/tj.js IP 172.120.162.242 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 02:23:16 Last Seen2023-03-26 05:44:43 Times Seen12 Hash 0c67519d6e2f3f03f240b876a167ab28 ecfd229fb238129c6116f712353e43341c71131d 842256da926299fab4208ac448e2193baff0eb77d88112ad9197ff195fcddfae Loading...

	jx.tongdoumaoyi.com/news/index.php	166 B	2023-03-07	2023-04-05
Pretty URL jx.tongdoumaoyi.com/news/index.php IP 20.239.85.25 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-04-05 02:05:15 Times Seen271 Hash 148c395b30fc62c19c4e96a387ce5080 aaad892b0553b427438079c39c45c04a4bd26683 3abae3dd940fa31948ccf4348d0b3dd0528808c33a99915e9ea06c6c9faf097c Loading...

	jx.tongdoumaoyi.com/news/data.php	316 B	2023-03-13	2023-03-13
Pretty URL jx.tongdoumaoyi.com/news/data.php IP 20.239.85.25 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:08:55 Last Seen2023-03-13 20:34:51 Times Seen1 Hash c1b7b27291582b6325b8772bb3c26264 7f9b75a57fb19b8dc1704fd88fcffe29a47936cd c9b427289ec96e58d055808d0edbd2d06b8f5da64ff59fa179027952c805f6be Loading...

	www.jxy29.xyz/template/m1938pc/html9/ads/zxf.js	895 B	2023-03-13	2023-03-13
Pretty URL www.jxy29.xyz/template/m1938pc/html9/ads/zxf.js IP 27.124.33.150 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:08:56 Last Seen2023-03-13 20:08:56 Times Seen1 Hash 8bf46bb0455d58fa79e547cf65c60124 f8173aa96c5318c08c5eba6ff685d7a0578fe506 a875a4f7009a95ac3109c3a4d464fc320546b8e8380d390cd82440d9ce25abc7 Loading...

	www.newxhamster.com/common.js	1.5 kB	2023-03-09	2023-10-19
Pretty URL www.newxhamster.com/common.js IP 172.120.162.242 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:31:50 Last Seen2023-10-19 01:51:07 Times Seen446 Hash 46b458a7218859f9e104d60dfaf1be1e b294e53b5af044e5b0b992c9baf639009d4b2ee7 52b19e0231b1983206d08645bc875476a80cfb274da47cfcd97fd082f8e51531 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-05-10
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.93 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-10 19:16:03 Times Seen19425 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:08:56 Last Seen2023-03-13 20:08:56 Times Seen1 Hash 900280429fb4801b5b444a72b5810d75 0477f7418d4b8f4e5c092ba03772a8dfa222da50 e808a6d69d0e2a210b80c002ab8764047ab2e2123eebce957626e6646ffbb0a1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1d1fa5ef0b3a3d290c2565783867de56	483 B	2023-03-12	2024-02-07
Pretty Observations First Seen2023-03-12 22:36:56 Last Seen2024-02-07 05:48:58 Times Seen11 Hash 1d1fa5ef0b3a3d290c2565783867de56 55a868f0ef912000b64d68b11d189c0adf7d31f1 a3c2aa22448e4ccbf66a632c3ee5bd861396fd47b79a6ad536234da1a601bf71 Loading...

		Size	First Seen	Last Seen
	#1 Write - dd4051c2afc580082dd99592153d274e	464 B	2023-03-12	2024-02-07
Pretty Observations First Seen2023-03-12 22:36:56 Last Seen2024-02-07 05:48:59 Times Seen11 Hash dd4051c2afc580082dd99592153d274e 61cda3247c9777b78010a6f9784620a7e3210d25 d4e284e5c2d312c56fcca136c4feaf4a58616b0d8c45d3fdf1b31295d461a6d4 Loading...

	#2 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-05-09
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-05-09 23:23:44 Times Seen3765 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#3 Write - 3a726a17f9f965ca39da639d1e90016e	594 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 14:41:19 Last Seen2023-03-13 23:52:48 Times Seen1 Hash 3a726a17f9f965ca39da639d1e90016e 419b43e6322e0727f968d29117f2d7461f2a68eb 348b154387a2238ee93efc24c478313c47b24816f96c0f94da68406743ebd156 Loading...

HTTP Transactions (96)

URL IP Response Size

newxhamster.com/t/super

172.120.162.242

301 Moved Permanently

0 B

URL HTTP/1.1
newxhamster.com/t/super
IP
172.120.162.242:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/super HTTP/1.1
Host: newxhamster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 09 Feb 2023 03:24:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.newxhamster.com/t/super

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3982
Expires: Thu, 09 Feb 2023 04:30:52 GMT
Date: Thu, 09 Feb 2023 03:24:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11874
Expires: Thu, 09 Feb 2023 06:42:24 GMT
Date: Thu, 09 Feb 2023 03:24:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 02:34:15 GMT
content-type: application/json
age: 3015
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13462
Expires: Thu, 09 Feb 2023 07:08:52 GMT
Date: Thu, 09 Feb 2023 03:24:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: UVa4Bu1AvuJeWHuKiSj5uVffcSiKbgnvl77mHZym7dLf2g1FzXQXM/4oi4L6o9OgQDMHghvBOVp2uRy/wI2rIA==
x-amz-request-id: R92JNDTKZT5EWMNJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 02:36:11 GMT
age: 2899
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.newxhamster.com/t/super

172.120.162.242

200 OK

785 B

URL HTTP/1.1
www.newxhamster.com/t/super
IP
172.120.162.242:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
785 B (785 bytes)
Hash
0e129709a69a520b290a7783e56aac1a
b988d7efd5224c4af64986d8a84b1363e4869371
e75560aa965bb252c3ad3dfdc0f5931ed9830d6d7b48db4d3cdb7580d717705d

HTTP Headers

GET /t/super HTTP/1.1
Host: www.newxhamster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 03:24:29 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 02:51:21 GMT
age: 1990
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.newxhamster.com/tj.js

172.120.162.242

200 OK

522 B

URL HTTP/1.1
www.newxhamster.com/tj.js
IP
172.120.162.242:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with CRLF line terminators
Size
522 B (522 bytes)
Hash
0c67519d6e2f3f03f240b876a167ab28
ecfd229fb238129c6116f712353e43341c71131d
842256da926299fab4208ac448e2193baff0eb77d88112ad9197ff195fcddfae

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.newxhamster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newxhamster.com/t/super

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 03:24:30 GMT
Content-Type: application/x-javascript
Content-Length: 522
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13215
Expires: Thu, 09 Feb 2023 07:04:46 GMT
Date: Thu, 09 Feb 2023 03:24:31 GMT
Connection: keep-alive

www.newxhamster.com/common.js

172.120.162.242

200 OK

753 B

URL HTTP/1.1
www.newxhamster.com/common.js
IP
172.120.162.242:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
753 B (753 bytes)
Hash
422fd880589a7fc1a2f9b43c88c64fbe
cd02b22cba108051097edd967d9b4e937386a05f
51ceb85b881f6f3a9a9deea0265b4960a9fd3d7fe698b72c0329332dc91585b9

HTTP Headers

GET /common.js HTTP/1.1
Host: www.newxhamster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newxhamster.com/t/super

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 03:24:30 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

54.189.204.30

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.204.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GWfqsMWgcxCCD/xhX3T9Tw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2ZRnsh90HkHjf31BrXCmtDtZtho=

www.newxhamster.com/favicon.ico

172.120.162.242

200 OK

1.2 kB

URL HTTP/1.1
www.newxhamster.com/favicon.ico
IP
172.120.162.242:0
ASN
#18779 EGIHOSTING

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.newxhamster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newxhamster.com/t/super

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 03:24:30 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 14 Feb 2023 03:24:30 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

ocsp.globalsign.com/gsrsaovsslca2018

151.101.130.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
33060a498d355655f47c4b8b145bd5c0
57246a9dd285e92a841bebc2d6290adb43f0ac68
f4026d6b7b7d01e5b7e5ed16f7fa10f72ab37a717cde433253c2333a4c2e0d96

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 13 Feb 2023 01:30:31 GMT
ETag: "57246a9dd285e92a841bebc2d6290adb43f0ac68"
Last-Modified: Thu, 09 Feb 2023 01:30:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 09 Feb 2023 03:24:32 GMT
Age: 642
X-Served-By: cache-qpg1274-QPG, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 5, 3
X-Timer: S1675913072.401510,VS0,VE0

ocsp.globalsign.com/gsrsaovsslca2018

151.101.130.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
33060a498d355655f47c4b8b145bd5c0
57246a9dd285e92a841bebc2d6290adb43f0ac68
f4026d6b7b7d01e5b7e5ed16f7fa10f72ab37a717cde433253c2333a4c2e0d96

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 13 Feb 2023 01:30:31 GMT
ETag: "57246a9dd285e92a841bebc2d6290adb43f0ac68"
Last-Modified: Thu, 09 Feb 2023 01:30:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 09 Feb 2023 03:24:32 GMT
Age: 642
X-Served-By: cache-qpg1274-QPG, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 5, 4
X-Timer: S1675913072.410320,VS0,VE0

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
7a44c0c1a9298e70063d771b28e39a90
687801c24d2a3947cdb3004309ae65192432f87f
d584312d3775fba8789e59cda4b4895cf60bd3e9f9cdd076709526302dbcd23e

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:32 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 18:23:36 GMT
Expires: Sun, 12 Feb 2023 18:23:35 GMT
Etag: "687801c24d2a3947cdb3004309ae65192432f87f"
Cache-Control: max-age=312542,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e1d9a0bb509-OSL

push.zhanzhang.baidu.com/push.js

182.61.201.93

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.93:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newxhamster.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 09 Feb 2023 03:24:32 GMT
Etag: "4078521116"
Expires: Fri, 09 Feb 2024 03:24:32 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=B24C4ECCE62EB8B923D06DE4E5714312:FG=1; max-age=31536000; expires=Fri, 09-Feb-24 03:24:32 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:24:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:24:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:24:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 03:24:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15019 bytes)
Hash
95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:24:16 GMT
age: 68417
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8717 bytes)
Hash
82ed633b05ccadc8b87e83413641f1ef
aafed39990cf6a3391d53355085d816167a500fa
c9202e36b231d0a9a9cba1ff8f570e5b0fbba215eb6b28e3989fd442ee7f5835

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8717
x-amzn-requestid: dbb8b5a2-d3f6-42e2-8778-da19de081cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2c0LHaiIAMF5cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df41b4-309b6b1f651f68453dd52f55;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 05:42:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hBfl0rPzn_iOD9xRlc236_IEvyGlK5WteH1y4cd0aYxlFzd3RVfgkQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:42:47 GMT
age: 20506
etag: "aafed39990cf6a3391d53355085d816167a500fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee0a4c-d2ba-4c9d-8ba5-2b4c94c98035.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5878 bytes)
Hash
b5d772db4ded57c20c60afa587324afe
caaf5472af022dfc83c5cc7d0b304083f72b9a93
30b95ed40ca5da3155a6d25132d69956fb7be65aa001d993e581efc0a9044b7d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee0a4c-d2ba-4c9d-8ba5-2b4c94c98035.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5878
x-amzn-requestid: a1edb6b2-0c7f-4f40-8eef-df9dbf08d568
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwCqJG3jIAMFqtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb173-20d3fbb92ec206647c246811;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: eOZ5iNdAnB7j0uVon7VG7FcOw1V8MjDbecd6_2trxcVN-id_hLZ84Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:12:24 GMT
age: 18729
etag: "caaf5472af022dfc83c5cc7d0b304083f72b9a93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7451 bytes)
Hash
5fc553a8677d9c0bf4835a0c29a7345c
ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8
e821faf86e44f2b9c9d5bd8cd3575c0a99acfc58774077034c413e345a7c0c0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7451
x-amzn-requestid: a900a5b4-85cd-4817-8e70-2516eb33a0a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fox8IHMuIAMFdHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c9e7-1122726b315a7c5623d1ff3f;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 02:09:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0giOb6VA3jgf_3ep6DqSBrFhYz8aBNWTjxpitvm9NWe2oNQlJ5UbEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:09:32 GMT
age: 18901
etag: "ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9846 bytes)
Hash
1d7814305f961caded310b6f2089219b
efcb6a067bb023865823625e67d9de60d44685e0
3c01637a052e2394774fc8f6dd37a284afaf76b423219ecd26a89c2d8b69c121

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9846
x-amzn-requestid: 4e6cc2be-bc18-4d66-b338-833a05d0d998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsaDlGV4oAMFoZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3d49-14fc32183d3c6afb3a64c27d;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 04:34:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -Gn6wHGlx11IB8EcdbgpJVc-6BTEeIyEDyhrW7fPdCiWqdnQ89k2bQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:11:08 GMT
age: 18805
etag: "efcb6a067bb023865823625e67d9de60d44685e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11256 bytes)
Hash
4b42802dc628e38e9631a01b6320040a
c83355f0828815ecbff47d8195d2deed8077e368
d0f093b1769b568a5d68ada359eadfd1ab3360488a20e1deeb99b0a51b649441

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11256
x-amzn-requestid: fc079b98-a94a-4945-8e51-9b5941fda799
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8SEOMIAMFomA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb381-72b83330325d280821ecf4c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tlIxKyJ3tqYVM667Uz4n2OHk2eiLer2Nc7bnFKqJUZcYDoPqjRlagQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 19:24:56 GMT
age: 28777
etag: "c83355f0828815ecbff47d8195d2deed8077e368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.share.baidu.com/s.gif?l=http://www.newxhamster.com/t/super

182.61.201.94

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.newxhamster.com/t/super
IP
182.61.201.94:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.newxhamster.com/t/super HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.newxhamster.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 09 Feb 2023 03:24:33 GMT

hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
5d0409cc73e2fe8a0eecdf1e65347533
2eaeba634d00f725a4a3ff093471cb6b60c8febb
19a8db30799cb623f190a277d7ee18f83f5738516c3423a3f3fddfe76f88acab

HTTP Headers

GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newxhamster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Thu, 09 Feb 2023 03:24:32 GMT
Etag: 55eab655ef13585dbd74452d7bc71676
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9F175DA565C261C6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?cac70a3bf14f110bc309dab3106609eb

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?cac70a3bf14f110bc309dab3106609eb
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (616)
Size
11 kB (11254 bytes)
Hash
d7b4639cc5ac25cf09c320616c793628
444d56771cc01a82a466a7823b29f70c20f357f6
8b2d72f4b42f5314ffb5d06e0b84d37b909f7505886229cd95794cf25f2da2de

HTTP Headers

GET /hm.js?cac70a3bf14f110bc309dab3106609eb HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newxhamster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Thu, 09 Feb 2023 03:24:32 GMT
Etag: f06a9ee946db3740e96417d1068bfcef
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E09A4749D10E73BE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1255127024&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=52111&r=0&ww=1280&u=http%3A%2F%2Fwww.newxhamster.com%2Ft%2Fsuper&tt=%E8%9A%8C%E5%9F%A0%E6%B5%87%E5%81%8C%E6%96%87%E5%8C%96%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1255127024&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=52111&r=0&ww=1280&u=http%3A%2F%2Fwww.newxhamster.com%2Ft%2Fsuper&tt=%E8%9A%8C%E5%9F%A0%E6%B5%87%E5%81%8C%E6%96%87%E5%8C%96%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1255127024&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=52111&r=0&ww=1280&u=http%3A%2F%2Fwww.newxhamster.com%2Ft%2Fsuper&tt=%E8%9A%8C%E5%9F%A0%E6%B5%87%E5%81%8C%E6%96%87%E5%8C%96%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newxhamster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 09 Feb 2023 03:24:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BE0992D0385644A2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2031730588&si=cac70a3bf14f110bc309dab3106609eb&v=1.3.0&lv=1&sn=52111&r=0&ww=1280&u=http%3A%2F%2Fwww.newxhamster.com%2Ft%2Fsuper&tt=%E8%9A%8C%E5%9F%A0%E6%B5%87%E5%81%8C%E6%96%87%E5%8C%96%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2031730588&si=cac70a3bf14f110bc309dab3106609eb&v=1.3.0&lv=1&sn=52111&r=0&ww=1280&u=http%3A%2F%2Fwww.newxhamster.com%2Ft%2Fsuper&tt=%E8%9A%8C%E5%9F%A0%E6%B5%87%E5%81%8C%E6%96%87%E5%8C%96%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2031730588&si=cac70a3bf14f110bc309dab3106609eb&v=1.3.0&lv=1&sn=52111&r=0&ww=1280&u=http%3A%2F%2Fwww.newxhamster.com%2Ft%2Fsuper&tt=%E8%9A%8C%E5%9F%A0%E6%B5%87%E5%81%8C%E6%96%87%E5%8C%96%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newxhamster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 09 Feb 2023 03:24:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=80D4E7BFDEB33F8E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d8c47989da7a1488f10bee3f49f14865
d55a140fd27509f918f64422e41d86e15ba9d662
c9e55f48d0479b83bc4f6d39a83b8cc59a23916e4ae38060c30c8ea5c3e7b14c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9E55F48D0479B83BC4F6D39A83B8CC59A23916E4AE38060C30C8EA5C3E7B14C"
Last-Modified: Wed, 08 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15835
Expires: Thu, 09 Feb 2023 07:48:30 GMT
Date: Thu, 09 Feb 2023 03:24:35 GMT
Connection: keep-alive

www.jxy29.xyz/template/m1938pc/html9/ads/1.gif

27.124.33.150

200 OK

254 B

URL HTTP/2
www.jxy29.xyz/template/m1938pc/html9/ads/1.gif
IP
27.124.33.150:0
ASN
#64050 BGPNET Global ASN

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxy29.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:35 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Sat, 11 Mar 2023 03:24:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxy29.xyz/template/m1938pc/html9/ads/zxf.js

27.124.33.150

200 OK

895 B

URL HTTP/2
www.jxy29.xyz/template/m1938pc/html9/ads/zxf.js
IP
27.124.33.150:0
ASN
#64050 BGPNET Global ASN

File type
HTML document, Unicode text, UTF-8 text, with very long lines (555)
Size
895 B (895 bytes)
Hash
8bf46bb0455d58fa79e547cf65c60124
f8173aa96c5318c08c5eba6ff685d7a0578fe506
a875a4f7009a95ac3109c3a4d464fc320546b8e8380d390cd82440d9ce25abc7

HTTP Headers

GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxy29.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:35 GMT
content-type: application/javascript
content-length: 895
last-modified: Tue, 07 Feb 2023 10:35:19 GMT
etag: "63e22967-37f"
expires: Thu, 09 Feb 2023 15:24:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
249717e20a64cb387caf11e317b51262
6542c55b5625d6583782bdeb3bee6cd2ab3db456
3fc9626f48196e178373d255148caeac9661c23f6b4fcec968493bf0c71a15f9

HTTP Headers

GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Thu, 09 Feb 2023 03:24:36 GMT
Etag: cbdc587941b1d00344105f43cbe3a43f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C9307CD44D1A21E0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

www.jxy29.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff

27.124.33.150

200 OK

13 kB

URL HTTP/2
www.jxy29.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP
27.124.33.150:0
ASN
#64050 BGPNET Global ASN

File type
Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size
13 kB (13408 bytes)
Hash
99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72

HTTP Headers

GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxy29.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxy29.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:36 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1961774499&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=52114&r=0&ww=1268&u=https%3A%2F%2Fwww.jxy29.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1961774499&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=52114&r=0&ww=1268&u=https%3A%2F%2Fwww.jxy29.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1961774499&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=52114&r=0&ww=1268&u=https%3A%2F%2Fwww.jxy29.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 09 Feb 2023 03:24:37 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=807D2F8876F96691; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
95cb0bcd6cea2c3c06373d47a01b6745
33fe990a7bfcb6761317a8784bfaa4481efc2ed1
285d0abcc1b032e78aa1d86c96cc98e63b35aa155fa14d5da418c44f2f9a963d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "285D0ABCC1B032E78AA1D86C96CC98E63B35AA155FA14D5DA418C44F2F9A963D"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12694
Expires: Thu, 09 Feb 2023 06:56:12 GMT
Date: Thu, 09 Feb 2023 03:24:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
95cb0bcd6cea2c3c06373d47a01b6745
33fe990a7bfcb6761317a8784bfaa4481efc2ed1
285d0abcc1b032e78aa1d86c96cc98e63b35aa155fa14d5da418c44f2f9a963d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "285D0ABCC1B032E78AA1D86C96CC98E63B35AA155FA14D5DA418C44F2F9A963D"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12008
Expires: Thu, 09 Feb 2023 06:44:46 GMT
Date: Thu, 09 Feb 2023 03:24:38 GMT
Connection: keep-alive

z4a.net/images/2023/01/14/960x609bf3ba8d7c4c2fc7.gif

104.21.234.235

200 OK

169 kB

URL HTTP/2
z4a.net/images/2023/01/14/960x609bf3ba8d7c4c2fc7.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
169 kB (168777 bytes)
Hash
729a348b918f6435c5a38c8938a81587
f82b088813167cd5396bf74feedb4d8e35612dcf
cd580979947876de1d553e460e57bd4d7b432c682097f67c6249b667eb3c6726

HTTP Headers

GET /images/2023/01/14/960x609bf3ba8d7c4c2fc7.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:24:38 GMT
content-type: image/gif
content-length: 168777
expires: Sun, 14 Jan 2024 13:27:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2210254
last-modified: Sat, 14 Jan 2023 13:27:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgFH7wqXt7L9WV746n4R1g4%2Bw99JiOBESgg%2BsvpOBxq023AB52TtfsE%2BwKGlzigWBrozuYlgZUo5cKo4cIvJWft2ZdZAUsLxS4CeiqLKEf46JC85YQVrA4F6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79697e42abfe240f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z4a.net/images/2023/01/14/960-60.gif

104.21.234.235

200 OK

198 kB

URL HTTP/2
z4a.net/images/2023/01/14/960-60.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
198 kB (198523 bytes)
Hash
785b488cd18db17252bbc6e2e90d15fb
733a0183c583aaac34ffd5b1019d4a6ca25434c6
01982c41cd3165a9490c613aee197531461568a26d6691509076dfcb7c5438a4

HTTP Headers

GET /images/2023/01/14/960-60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:24:38 GMT
content-type: image/gif
content-length: 198523
expires: Sun, 14 Jan 2024 13:27:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2210254
last-modified: Sat, 14 Jan 2023 13:27:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZI%2FKWqE1MHJ1uK26iKW4cnvHVY8ALo%2BpZWzIx1Q3VccS3LBJu4Vdzz8UwfJpZ%2FM8S9MpXKxYXmf8bJAi2pEGEq0gXk8E5bG7baikzy3wheBdCfEEhJ2wSNKJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79697e429bfc240f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z4a.net/images/2023/01/14/960x60.gif

104.21.234.235

200 OK

154 kB

URL HTTP/2
z4a.net/images/2023/01/14/960x60.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
154 kB (153648 bytes)
Hash
9dba57370346d55925673f34e7b0f3bd
748523fa5829dd2d77a14fedc720fe784c9a5603
59d9f14d0e0b4d6083f3c7b7959fd39bd6d7279892e5d9969c8ae06eae7821d7

HTTP Headers

GET /images/2023/01/14/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:24:38 GMT
content-type: image/gif
content-length: 153648
expires: Sun, 14 Jan 2024 13:27:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2210254
last-modified: Sat, 14 Jan 2023 13:27:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byCk%2Fu3zVGElVFb2nKB2vqUsZOAB7bUUYbyoG%2F%2FygfoKOOxyygp%2BmJRKIxEUSiPu8Jen2nYosca81rWFCv3jEp%2FUvXZhj%2BT1Tj165SaDU98Yb%2FFw%2Fyf4hQzY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79697e429bf8240f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z4a.net/images/2023/01/12/960x60.gif

104.21.234.235

200 OK

351 kB

URL HTTP/2
z4a.net/images/2023/01/12/960x60.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
351 kB (351002 bytes)
Hash
1fbf8164d728998b18362ec7b8d25518
89b704db462e7eba7ee7b49297d37526b0a96b62
3a7271d038244495bdf54aae544451e2e16e0283657de826631c246567c29f3d

HTTP Headers

GET /images/2023/01/12/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:24:38 GMT
content-type: image/gif
content-length: 351002
expires: Sun, 14 Jan 2024 13:27:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2210254
last-modified: Sat, 14 Jan 2023 13:27:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXCzcvkx2e8ct%2BQcwL60c0q0kUi3G%2BX4pLFTy2fkVYpjIvc6SfDwYJtDHq0ExIuBF0m4XqKd8%2FD%2Bw9ovZ4fuKlztewCDyeJVsCUnyB4OU5bbuz9Fv%2FPTVrA3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79697e42bc08240f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z4a.net/images/2022/11/20/960x60.gif

104.21.234.235

200 OK

578 kB

URL HTTP/2
z4a.net/images/2022/11/20/960x60.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
578 kB (577945 bytes)
Hash
6ae710163cd11c12a73a693024c46410
43041b87b2040371a052bf1f83d401c263a32178
42da405262416c9fbaa04b2718406d4ea93501bfb99774fae4956b6eab7c1831

HTTP Headers

GET /images/2022/11/20/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:24:38 GMT
content-type: image/gif
content-length: 577945
expires: Sun, 04 Feb 2024 00:29:33 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 442504
last-modified: Sat, 04 Feb 2023 00:29:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8rKc8QZ%2BDm5tB9JX3nr1kMUUc%2FztU6ATEWmkc%2FxP0kSlsVSZ295UFwotjgh3wBDRWK67Dq%2FSnWsY9PY4RjvlBXAoBrsU9CaQs2cy8tlRJV00Ed3cDm47VL%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79697e42ac01240f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kzecc.com/e06a35bc848b301fd5c9802d162bdf30.gif

13.227.254.104

200 OK

182 kB

URL HTTP/2
kzecc.com/e06a35bc848b301fd5c9802d162bdf30.gif
IP
13.227.254.104:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 300 x 150\012- data
Size
182 kB (181696 bytes)
Hash
ba9dcd35c39e60e245666e70f85fc335
38630969afd73016363a2f6f41bf36eb947405b2
624d0cce85aeb64c935d38705196c4ea696deaf4f5e1895e8557789b8b01380b

HTTP Headers

GET /e06a35bc848b301fd5c9802d162bdf30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 181696
date: Wed, 08 Feb 2023 17:23:35 GMT
last-modified: Mon, 19 Dec 2022 08:54:27 GMT
etag: "ba9dcd35c39e60e245666e70f85fc335"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4e3c79d06b4e17a0f3b574740ddc8206.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: wJU_NLjOGzi7Jb3e3HS57vMAoE515hwD1me-nZRq5fXFlFtSJBWc6g==
age: 36064
X-Firefox-Spdy: h2

kvegg.com/32a5b957e230ebec42250e5a4a1cedde.gif

172.83.155.45

200 OK

239 kB

URL HTTP/2
kvegg.com/32a5b957e230ebec42250e5a4a1cedde.gif
IP
172.83.155.45:0
ASN
#201106 Spartan Host Ltd

File type
GIF image data, version 89a, 374 x 126\012- data
Size
239 kB (239313 bytes)
Hash
426267138e320e27a4b0cffc72c52b8f
88180e2539bae08f81a3bd95a67e21bb4b0f1b01
f2221414922c9bcc08485aba237fb88b36151583a6953d5a39483f208637b1a2

HTTP Headers

GET /32a5b957e230ebec42250e5a4a1cedde.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:38 GMT
content-type: image/gif
content-length: 239313
last-modified: Sun, 18 Dec 2022 07:33:00 GMT
etag: "639ec22c-3a6d1"
expires: Thu, 09 Feb 2023 15:24:38 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 15512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FwQxmsDwU3LHh6DaSRJUd3W8ce4zhbVTa2anifftdRwQj%2BvKYp8eiOot2oBSyF8zhEm9tD1o58NIm5AvHFoAV1obLnx4d%2BFvDM1o0YyiBaz2a933rQNc%2Bu3IGTn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7941581ccd88c630-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

z4a.net/images/2023/01/14/960x60042b11717a2193cf.gif

104.21.234.235

200 OK

303 kB

URL HTTP/2
z4a.net/images/2023/01/14/960x60042b11717a2193cf.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
303 kB (302626 bytes)
Hash
85eb65de43588c3031c885128670f5cb
c012347086245faef4ac34370f2f5e28dd20b14a
7bc1cf9b1eb9cd61cd22407209476bb9b56ee393f431867bff1223bd26acd3ca

HTTP Headers

GET /images/2023/01/14/960x60042b11717a2193cf.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:24:39 GMT
content-type: image/gif
content-length: 302626
expires: Sun, 14 Jan 2024 13:27:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2210255
last-modified: Sat, 14 Jan 2023 13:27:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8QoVAorH2wQM6uzFqElDGIS22WI5dYaMjtPkF0cSQ4TT26n%2Fe0q8yTtsKR87%2F9Csc6IAc6P%2BvJPhbyrS00GNqN5JUIdjgeWzP7Hdr7gVuDxbzBuDAZT5tSD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79697e485d2b240f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif

172.83.155.45

200 OK

296 kB

URL HTTP/2
kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif
IP
172.83.155.45:0
ASN
#201106 Spartan Host Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
296 kB (295930 bytes)
Hash
298c2af98aa06470fcb80ad293146c0f
75be32a4c283cf249855e51c847d4f687d7436ec
e7060057157f5971d5b1031e9fe93528d70ad7bcf07d851bca10563594abae1e

HTTP Headers

GET /67a0474849f4ee10ccbe3b0d2cebf337.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:38 GMT
content-type: image/gif
content-length: 295930
last-modified: Mon, 30 Jan 2023 12:14:22 GMT
etag: "63d7b49e-483fa"
expires: Thu, 09 Feb 2023 15:24:38 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 3472
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXGE7nLqfsYyp2TuyHviBQ%2BOa6MbA8HldOLcyYCZvSnIdXD%2Fy4NcO4O1PGF%2BmaNhNbBcIJetWuEAlFtQm5doNbcELror49D9WJlbtXwG4TPlP4fukNoiBK%2Bz%2F%2FBZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 794032192fe42808-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5e2b2103a7d25069b48be21cae03f078
bccc006bad9aaa1b1ca74139bb7fca6552127cea
8f41f2216a1e5524b07335e8d7f93acfa9001168e37b597ba11d4ae2d8f41230

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4961
Cache-Control: max-age=89577
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:24:39 GMT
Etag: "63e30eff-116"
Expires: Fri, 10 Feb 2023 04:17:36 GMT
Last-Modified: Wed, 08 Feb 2023 02:54:55 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5e2b2103a7d25069b48be21cae03f078
bccc006bad9aaa1b1ca74139bb7fca6552127cea
8f41f2216a1e5524b07335e8d7f93acfa9001168e37b597ba11d4ae2d8f41230

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3296
Cache-Control: max-age=87912
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:24:39 GMT
Etag: "63e30eff-116"
Expires: Fri, 10 Feb 2023 03:49:51 GMT
Last-Modified: Wed, 08 Feb 2023 02:54:55 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 278

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
a67839601fe4809c2a8685536c00f0ba
638d9abb67b468bf5c75aae8a81f392e58b7a987
6c7c72cead8b00481b0cf922704f1b25dff57a57000b22cfa4b8883648b6d0db

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=115
Date: Thu, 09 Feb 2023 03:24:39 GMT
Connection: keep-alive
X-N: S

ggtupian.comcom008.com/20230204/6446/960x60x.gif

104.21.59.180

200 OK

430 kB

URL HTTP/2
ggtupian.comcom008.com/20230204/6446/960x60x.gif
IP
104.21.59.180:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
430 kB (430024 bytes)
Hash
be121710fc2b6e50ebfbe1980c2017f7
a5f14ad249cf20b60e85b5a6b7f65b4fe1078ab5
723229059aa9b18b2e07d98b6f165a4c23358be8ecc897b15c177542f75fbc04

HTTP Headers

GET /20230204/6446/960x60x.gif HTTP/1.1
Host: ggtupian.comcom008.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:24:38 GMT
content-type: image/gif
last-modified: Sat, 04 Feb 2023 03:36:35 GMT
etag: "63ddd2c3-68989"
expires: Tue, 07 Mar 2023 05:57:41 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 298041
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb8KJi%2FtuCRnC6FLVo56XnPwdCKEdTBR1t2MkLNIW0VGP0d2FGK0pDYygJNoIJblWdwtwCXRQjon4qULfs7DCHLnnzQ5Pr52qocf5cqRbRIswCj%2Fo1Fb4C6FuchonItM0eOYGmjyVOUw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79697e41fc171c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
eec6496017f28d1bc73d33d774dbcf2a
6c3f40920b1273dc0d07d18fe0a6fa7d4b6aeaeb
37bc9ba50a667dc7567920d93fc1f21d721d42a06b7b311507dfebc40f0277be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 21:14:29 GMT
Expires: Sun, 12 Feb 2023 21:14:28 GMT
Etag: "6c3f40920b1273dc0d07d18fe0a6fa7d4b6aeaeb"
Cache-Control: max-age=322788,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e496a7efac4-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f094e2cc63974a7d74f07330963822a8
9f729fa657c2a4967efc08a4994dfe1e9aae5463
c1be8a09450697aee73709d62e458a985fbf1b78bbee40f8f473ad410190307e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 17:34:48 GMT
Expires: Sun, 12 Feb 2023 17:34:47 GMT
Etag: "9f729fa657c2a4967efc08a4994dfe1e9aae5463"
Cache-Control: max-age=309607,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e496bcfb523-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
38ed8227ad45ea63ece53872169ae557
0886aa54212c1da8e8963d2f21117b6e594b0eaf
f2c907cfb0d5d71a3b87b45f8870c1a9c2e76dfcb83b9ab2e3515f1d65866701

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 23:43:07 GMT
Expires: Sun, 12 Feb 2023 23:43:06 GMT
Etag: "0886aa54212c1da8e8963d2f21117b6e594b0eaf"
Cache-Control: max-age=331706,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e496880fab8-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
eec6496017f28d1bc73d33d774dbcf2a
6c3f40920b1273dc0d07d18fe0a6fa7d4b6aeaeb
37bc9ba50a667dc7567920d93fc1f21d721d42a06b7b311507dfebc40f0277be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 21:14:29 GMT
Expires: Sun, 12 Feb 2023 21:14:28 GMT
Etag: "6c3f40920b1273dc0d07d18fe0a6fa7d4b6aeaeb"
Cache-Control: max-age=322788,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e496dedb500-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
443037e143d93a82654e8be09dce3d58
891c0e8e4c18c929319b8f772a320f8d7d253f70
7978bdd18d37a2fd5ac445d3ae46d182d35f66cd68378b62b398007e0a33d7fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 14:12:09 GMT
Expires: Wed, 15 Feb 2023 14:12:08 GMT
Etag: "891c0e8e4c18c929319b8f772a320f8d7d253f70"
Cache-Control: max-age=556648,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e49be11b500-OSL

kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif

13.227.254.104

200 OK

864 kB

URL HTTP/2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
13.227.254.104:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 960 x 60\012- data
Size
864 kB (864004 bytes)
Hash
d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 Feb 2023 14:33:01 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 4e3c79d06b4e17a0f3b574740ddc8206.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: MSNuBOkiZhgEUqKPyR1uqlLBITfm8lKKb-b6oFLzvyHEHg8nhDRfOw==
age: 66806
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
17fce62e6ac0aef2eac244bdaedaff21
12127277dcadb89ceb071a695022fd5430873a0d
e8d4ff0e0c88e76da8da7e615785d19a8fe8fe43d3d5762a6f4662dfb6360067

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 20:20:13 GMT
Expires: Tue, 14 Feb 2023 20:20:12 GMT
Etag: "12127277dcadb89ceb071a695022fd5430873a0d"
Cache-Control: max-age=492332,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e49cbecb523-OSL

ocsp.pki.goog/s/gts1p5/CasV9vn2MN4

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/CasV9vn2MN4
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1137dab3e70f7c265c668602aa4a2fb2
68b73eb8e84ed2a71ff7b6ee8d229a742efad24c
8a810359a1c15e63b3cc0546a60dc2d4569a73d4c842943697a7f438cf515034

HTTP Headers

POST /s/gts1p5/CasV9vn2MN4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:24:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d8d8e3acb63f7027982754fd8c66d871
04f68f63c267c73af26a0514c08c3ab05950c6c8
7dd6b58ca47f335fa32c3916059a013c78e6b36d20717321ee390134c1d99c5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=171021
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:24:39 GMT
Etag: "63e46084-118"
Expires: Sat, 11 Feb 2023 02:55:00 GMT
Last-Modified: Thu, 09 Feb 2023 02:55:00 GMT
Server: nginx
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d8d8e3acb63f7027982754fd8c66d871
04f68f63c267c73af26a0514c08c3ab05950c6c8
7dd6b58ca47f335fa32c3916059a013c78e6b36d20717321ee390134c1d99c5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=171021
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:24:39 GMT
Etag: "63e46084-118"
Expires: Sat, 11 Feb 2023 02:55:00 GMT
Last-Modified: Thu, 09 Feb 2023 02:55:00 GMT
Server: nginx
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d8d8e3acb63f7027982754fd8c66d871
04f68f63c267c73af26a0514c08c3ab05950c6c8
7dd6b58ca47f335fa32c3916059a013c78e6b36d20717321ee390134c1d99c5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=171021
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:24:39 GMT
Etag: "63e46084-118"
Expires: Sat, 11 Feb 2023 02:55:00 GMT
Last-Modified: Thu, 09 Feb 2023 02:55:00 GMT
Server: nginx
Content-Length: 280

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
285794ebb6b13a6507bad48b1f8a16d6
950d528ac7eb215497942e83ce75f1161971abf6
6dcdf9249c42a2869c8864df2a1939f7c970ffe6e7091b2d26d1f376d9ff0bad

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 15:26:07 GMT
Expires: Mon, 13 Feb 2023 15:26:06 GMT
Etag: "950d528ac7eb215497942e83ce75f1161971abf6"
Cache-Control: max-age=388286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e496f0a0b06-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
38ed8227ad45ea63ece53872169ae557
0886aa54212c1da8e8963d2f21117b6e594b0eaf
f2c907cfb0d5d71a3b87b45f8870c1a9c2e76dfcb83b9ab2e3515f1d65866701

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 23:43:07 GMT
Expires: Sun, 12 Feb 2023 23:43:06 GMT
Etag: "0886aa54212c1da8e8963d2f21117b6e594b0eaf"
Cache-Control: max-age=331706,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e4968fcb521-OSL

kvezz.com/e953bbb6e97dc9683489c4b681b2deb0.gif

13.227.254.101

200 OK

52 kB

URL HTTP/2
kvezz.com/e953bbb6e97dc9683489c4b681b2deb0.gif
IP
13.227.254.101:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 300 x 150\012- data
Size
52 kB (51573 bytes)
Hash
15f013bc483418e6e94193fc49f169fc
c2a73adaf83f727a937dd73a986da8f5be0cb934
50e6a3bfefa0c78e03803c5093ce18527edbd6463ded9b4f704aead1ed627454

HTTP Headers

GET /e953bbb6e97dc9683489c4b681b2deb0.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 51573
date: Wed, 08 Feb 2023 10:53:47 GMT
last-modified: Mon, 19 Dec 2022 08:24:15 GMT
etag: "15f013bc483418e6e94193fc49f169fc"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9c281f6d3073335c1b2f806823d50e2a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: osbw0GE1omOlBHjZZ8cAT8TOWb8vL4Knw8q6-A4QcokBRhK3zC3NvA==
age: 59453
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
443037e143d93a82654e8be09dce3d58
891c0e8e4c18c929319b8f772a320f8d7d253f70
7978bdd18d37a2fd5ac445d3ae46d182d35f66cd68378b62b398007e0a33d7fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 14:12:09 GMT
Expires: Wed, 15 Feb 2023 14:12:08 GMT
Etag: "891c0e8e4c18c929319b8f772a320f8d7d253f70"
Cache-Control: max-age=556648,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e49aa90fac4-OSL

dimg04.c-ctrip.com/images/0101312000ae3dzr08E27.gif?proc=autoorient

104.110.17.24

200 OK

63 kB

URL HTTP/2
dimg04.c-ctrip.com/images/0101312000ae3dzr08E27.gif?proc=autoorient
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
63 kB (62773 bytes)
Hash
419573857f8eb1ef0362ea8e353c0b0e
b71294e20c82d9932989a9d88eab91d889a68611
be6e0321941d5d21535621aae7f59bd0fc4c5de90b5575b17ccff9d5725062c3

HTTP Headers

GET /images/0101312000ae3dzr08E27.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 62773
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=4968900
expires: Fri, 07 Apr 2023 15:39:39 GMT
date: Thu, 09 Feb 2023 03:24:39 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a5607b13d6f08b25a67528d5b3fc5cd1
1b27673db9469f8c835b6518320afc901008a83c
600b679eb60e38187babeadf0f56e03ba0a869448ee10f99cd3935ff933f607f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3826
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:24:39 GMT
Etag: "63e33eae-117"
Last-Modified: Thu, 09 Feb 2023 02:20:53 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c36b47614433c5223e832fa0565608ad
80be8f4e3b6e668957158d528124656b5487eb9a
e7b090b89d4ae8bbc54e383b27e586be2558ee6078547f416fab8d909b486d3a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7B090B89D4AE8BBC54E383B27E586BE2558EE6078547F416FAB8D909B486D3A"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15890
Expires: Thu, 09 Feb 2023 07:49:29 GMT
Date: Thu, 09 Feb 2023 03:24:39 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
9aa4b21e600130bf292b1b9918c207a7
53fa095f72686ee862c4a84b7f2ad90a9f08689f
7a8fb1f9a2a25303c1fe85ac0d835f7ee21baac10b1fe2c6a999bb52ff5733be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 03:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 01:05:43 GMT
Expires: Tue, 14 Feb 2023 01:05:42 GMT
Etag: "53fa095f72686ee862c4a84b7f2ad90a9f08689f"
Cache-Control: max-age=423062,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79697e4a2e38b500-OSL

jx.tongdoumaoyi.com/news/index.php

20.239.85.25

200 OK

1.1 kB

URL HTTP/2
jx.tongdoumaoyi.com/news/index.php
IP
20.239.85.25:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.1 kB (1090 bytes)
Hash
20ec3461f8eb0b7525635ffb1031b777
cf27600db9cc5f980fb72c0102f164b7d4659e37
d5cb6cc7f3db8bdaea45eb5e72c0118f52c83e2aaf1a1938e4d2cc3e8addca4b

HTTP Headers

GET /news/index.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.newxhamster.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 09 Feb 2023 03:24:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
af8a900c1e474f9736722a2fb060d5cb
20ce477240b618875f4e9c689d330253311f598e
f649dcfb060a43f6f23001b82b67cd1aae0cd62cef142fa626804c964f8fd555

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F649DCFB060A43F6F23001B82B67CD1AAE0CD62CEF142FA626804C964F8FD555"
Last-Modified: Tue, 07 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=759
Expires: Thu, 09 Feb 2023 03:37:18 GMT
Date: Thu, 09 Feb 2023 03:24:39 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d8d8e3acb63f7027982754fd8c66d871
04f68f63c267c73af26a0514c08c3ab05950c6c8
7dd6b58ca47f335fa32c3916059a013c78e6b36d20717321ee390134c1d99c5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=171021
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:24:39 GMT
Etag: "63e46084-118"
Expires: Sat, 11 Feb 2023 02:55:00 GMT
Last-Modified: Thu, 09 Feb 2023 02:55:00 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
10dd4951cc6b0b9d053f3fcb2f7fbfee
df5ca710e9608b8df87cdad4756a90e549479ade
d72a3662312c186d5e7a4532fb31321d75e7a48a491201adf04ab38a351b73c8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 03:24:39 GMT
Etag: "63e3b7c0-117"
Last-Modified: Thu, 09 Feb 2023 03:19:42 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif

49.51.190.27

200 OK

0 B

URL HTTP/1.1
help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif
IP
49.51.190.27:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /datas/feedback/20221217/639d86e9b6b6d.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
server: openresty
date: Thu, 09 Feb 2023 03:24:38 GMT
content-type: image/gif
content-length: 166673
last-modified: Sat, 17 Dec 2022 09:07:53 GMT
etag: "639d86e9-28b11"
expires: Fri, 24 Feb 2023 03:24:38 GMT
cache-control: max-age=1296000
accept-ranges: bytes

683tuchuang.com/960x120.gif

23.224.37.109

200 OK

0 B

URL HTTP/2
683tuchuang.com/960x120.gif
IP
23.224.37.109:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /960x120.gif HTTP/1.1
Host: 683tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:24:39 GMT
content-type: image/gif
content-length: 131626
last-modified: Sat, 04 Feb 2023 12:11:08 GMT
etag: "63de4b5c-2022a"
expires: Fri, 10 Mar 2023 18:32:17 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif

45.61.212.129

200 OK

0 B

URL HTTP/1.1
66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
IP
45.61.212.129:0
ASN
#53587 AZT

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /137dd6d87688482eb020c1c774325059.185.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f2795c-24659"
Date: Mon, 06 Feb 2023 07:18:48 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:12:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-29
Content-Length: 149081

www.jxy29.xyz/template/m1938pc/static/css/style.css

27.124.33.150

200 OK

0 B

URL HTTP/2
www.jxy29.xyz/template/m1938pc/static/css/style.css
IP
27.124.33.150:0
ASN
#64050 BGPNET Global ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxy29.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Thu, 09 Feb 2023 15:24:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxy29.xyz/template/m1938pc/static/css/1.css

27.124.33.150

200 OK

0 B

URL HTTP/2
www.jxy29.xyz/template/m1938pc/static/css/1.css
IP
27.124.33.150:0
ASN
#64050 BGPNET Global ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxy29.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:35 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Thu, 09 Feb 2023 15:24:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif

45.61.212.129

200 OK

0 B

URL HTTP/1.1
66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif
IP
45.61.212.129:0
ASN
#53587 AZT

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /73f23e1f7ead40baa32cf579a4bb735b.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f27ac4-86f72"
Date: Thu, 02 Feb 2023 10:26:46 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:18:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-29
Content-Length: 552818

99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif

103.170.15.103

200 OK

0 B

URL HTTP/1.1
99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif
IP
103.170.15.103:0
ASN
#7483 Skycloud Computing co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /161f65b0d6174a0a94c6ba6b2e9c589b.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a43809-104685"
Date: Thu, 22 Dec 2022 11:28:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 10:57:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 1066629

3718896ccc.com/69267e805d7b4aa3b4db75a4ca964b7f.gif

103.170.15.103

200 OK

0 B

URL HTTP/1.1
3718896ccc.com/69267e805d7b4aa3b4db75a4ca964b7f.gif
IP
103.170.15.103:0
ASN
#7483 Skycloud Computing co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /69267e805d7b4aa3b4db75a4ca964b7f.gif HTTP/1.1
Host: 3718896ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a801bf-50c24"
Date: Wed, 01 Feb 2023 05:37:25 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 25 Dec 2022 07:54:39 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 330788

www.jxy29.xyz/template/m1938pc/static/css/swiper.min.css

27.124.33.150

200 OK

0 B

URL HTTP/2
www.jxy29.xyz/template/m1938pc/static/css/swiper.min.css
IP
27.124.33.150:0
ASN
#64050 BGPNET Global ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxy29.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Thu, 09 Feb 2023 15:24:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif

13.227.254.101

200 OK

0 B

URL HTTP/2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
13.227.254.101:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 Feb 2023 13:06:49 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 9c281f6d3073335c1b2f806823d50e2a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: j-ifR642D0UnK1vNP8bsaVmaGW14XzFZd-HqtK_N3QtKxUJgsM7CyA==
age: 51471
X-Firefox-Spdy: h2

595tuchuang.com/960x120.gif

23.224.37.45

200 OK

0 B

URL HTTP/2
595tuchuang.com/960x120.gif
IP
23.224.37.45:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /960x120.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 03:24:39 GMT
content-type: image/gif
content-length: 184991
last-modified: Sun, 29 Jan 2023 15:25:24 GMT
etag: "63d68fe4-2d29f"
expires: Fri, 10 Mar 2023 13:57:16 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxy29.xyz/template/m1938pc/static/css/bootstrap.min.css

27.124.33.150

200 OK

0 B

URL HTTP/2
www.jxy29.xyz/template/m1938pc/static/css/bootstrap.min.css
IP
27.124.33.150:0
ASN
#64050 BGPNET Global ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxy29.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Thu, 09 Feb 2023 15:24:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

jx.tongdoumaoyi.com/news/list.php

20.239.85.25

200 OK

0 B

URL HTTP/2
jx.tongdoumaoyi.com/news/list.php
IP
20.239.85.25:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /news/list.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 09 Feb 2023 03:24:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2

jx.tongdoumaoyi.com/news/data.php

20.239.85.25

200 OK

0 B

URL HTTP/2
jx.tongdoumaoyi.com/news/data.php
IP
20.239.85.25:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /news/data.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 09 Feb 2023 03:24:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2

www.jxy29.xyz/

27.124.33.150

200 OK

0 B

URL HTTP/2
www.jxy29.xyz/
IP
27.124.33.150:0
ASN
#64050 BGPNET Global ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: www.jxy29.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxy29.xyz/template/m1938pc/static/css/mm-content.css

27.124.33.150

200 OK

0 B

URL HTTP/2
www.jxy29.xyz/template/m1938pc/static/css/mm-content.css
IP
27.124.33.150:0
ASN
#64050 BGPNET Global ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: www.jxy29.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 03:24:35 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-1ccb"
expires: Thu, 09 Feb 2023 15:24:35 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.9376x.com/images/6399c27b56eec67c33ea8921.gif

3.36.126.81

302 Found

0 B

URL HTTP/2
img.9376x.com/images/6399c27b56eec67c33ea8921.gif
IP
3.36.126.81:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6399c27b56eec67c33ea8921.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
X-Firefox-Spdy: h2

3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif

103.170.15.78

200 OK

0 B

URL HTTP/1.1
3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif
IP
103.170.15.78:0
ASN
#7483 Skycloud Computing co., Ltd.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /31bae057f32c4263a5459428dcd9c2c0.gif HTTP/1.1
Host: 3366812ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b288d0-b68c2"
Date: Sat, 28 Jan 2023 11:22:59 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 02 Jan 2023 07:33:36 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-08
Content-Length: 747714

1999ddd.com/6d90b49947664ccba7b1289a63169ed1.gif

45.61.212.129

200 OK

0 B

URL HTTP/1.1
1999ddd.com/6d90b49947664ccba7b1289a63169ed1.gif
IP
45.61.212.129:0
ASN
#53587 AZT

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /6d90b49947664ccba7b1289a63169ed1.gif HTTP/1.1
Host: 1999ddd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxy29.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63e24872-a637b"
Date: Tue, 07 Feb 2023 13:15:46 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 07 Feb 2023 12:47:46 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-29
Content-Length: 680827

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML