Report - nils-holgerson.com/

Report Overview

Submitted URL
nils-holgerson.com/
IP
172.121.89.17
ASN
#18779 EGIHOSTING
Submitted
2023-01-05 04:04:56
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
zhibo128x.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	345 B	154.83.25.141
kvezz.com	237784	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	457 B	13.227.254.18
3p8801.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	38 kB	107.148.202.17
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
nils-holgerson.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	203 B	172.121.89.17
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.203.40
66668aaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	812 B	310 kB	103.170.15.75
jx.tongdoumaoyi.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	815 kB	20.239.85.25
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	9.1 kB	192.124.249.24
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.1 kB	13 kB	23.36.76.226
www.nils-holgerson.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.0 kB	172.121.89.17
api.share.baidu.com	44629	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	114 B	182.61.240.101
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	23.33.119.27
lbfm.lbpictupian.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	239 kB	172.67.28.138
66669aaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	283 B	103.170.15.75
kzeoo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	751 B	172.83.155.45
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	6.0 kB	151.101.66.133
z4a.net	575468	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	1.9 MB	104.21.234.235
3718896ccc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	331 kB	45.61.212.47
img30.360buyimg.com	52988	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	172 kB	163.171.134.109
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	1.9 kB	23.36.79.17
img.9367x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	38.54.81.125
ldbbs.ldmnq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	436 B	817 B	120.52.95.238
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	796 B	93.184.220.29
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	292 B	750 B	112.34.113.148
www.jxys16.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	108 kB	173.231.38.6
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.7 kB	104.18.32.68
ocsp.buypass.com	157566	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	6.5 kB	23.33.119.18
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	1.2 kB	172.64.155.188
kzecc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	1.0 MB	13.227.254.83
xinchacha2dv.ocsp-certum.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	704 B	3.6 kB	23.36.79.10
99887aaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	808 B	1.1 MB	103.170.15.115
99885aaa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	283 B	103.170.15.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	37 kB	103.235.46.191
3366812ccc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	748 kB	103.170.15.79
image.tnmvgr.cn	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	110 kB	47.246.44.206
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	2.0 kB	151.101.194.133
kvegg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	251 kB	172.83.155.45
help.ifeng.com	550386	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	572 B	49.51.190.27
img.9376x.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	182 B	38.54.81.125

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-05 04:04:41	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-01-05 04:04:43	low	172.247.109.214	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-01-05 04:04:43	low	172.247.109.212	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-01-05 04:04:43	low	172.247.109.212	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-04	medium	66668aaa.com	Sinkholed
2023-01-04	medium	66668aaa.com	Sinkholed
2023-01-05	medium	99887aaa.com	Sinkholed
2023-01-05	medium	99887aaa.com	Sinkholed
2023-01-05	medium	99885aaa.com	Sinkholed

JavaScript (16)

	URL	Size	First Seen	Last Seen
	www.nils-holgerson.com/tj.js	520 B	2023-03-07	2023-03-17
Pretty URL www.nils-holgerson.com/tj.js IP 172.121.89.17 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-03-17 09:44:57 Times Seen1 Hash c641843bbee2dbe645c9de13d8f953ed 1a93b5d7b8540d5acbaae9c8bc00c16926a23588 4604c89ab81e21b0a8e7e762b60c0190dd44643056504ae5c28ebd2b4e739ed7 Loading...

	jx.tongdoumaoyi.com/news/index.php	166 B	2023-03-07	2023-04-05
Pretty URL jx.tongdoumaoyi.com/news/index.php IP 20.239.85.25 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-04-05 02:05:15 Times Seen271 Hash 148c395b30fc62c19c4e96a387ce5080 aaad892b0553b427438079c39c45c04a4bd26683 3abae3dd940fa31948ccf4348d0b3dd0528808c33a99915e9ea06c6c9faf097c Loading...

	hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332	30 kB	2023-03-12	2023-03-12
Pretty URL hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:48:00 Last Seen2023-03-12 14:48:00 Times Seen1 Hash 29f7e52287e616b5bd7a44d095af5be0 6e38666bdccca4092f2be681242c2197d6b2382a a48bec2d0ba380c27fd15acc847bd3278d47a5a413eb72cd4e68f0ea88a1eeef Loading...

	www.nils-holgerson.com/index.php	404 B	2023-03-07	2024-04-25
Pretty URL www.nils-holgerson.com/index.php IP 172.121.89.17 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 10:56:51 Times Seen2976 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.nils-holgerson.com/common.js	1.5 kB	2023-03-09	2023-10-19
Pretty URL www.nils-holgerson.com/common.js IP 172.121.89.17 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:31:50 Last Seen2023-10-19 01:51:07 Times Seen446 Hash 46b458a7218859f9e104d60dfaf1be1e b294e53b5af044e5b0b992c9baf639009d4b2ee7 52b19e0231b1983206d08645bc875476a80cfb274da47cfcd97fd082f8e51531 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-25
Pretty URL push.zhanzhang.baidu.com/push.js IP 112.34.113.148 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 10:56:53 Times Seen18996 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab	30 kB	2023-03-12	2023-03-12
Pretty URL hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:48:00 Last Seen2023-03-12 14:48:00 Times Seen1 Hash 1c630056d12ee8a5252f562e9d1c8729 9e210603bf2abd7447b603f71e847bb51fadde4f bea9f1815e568a4a7e28f6fcf808fc25ecbc26f1a6800e502ee9ae0677365ffa Loading...

	hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824	30 kB	2023-03-12	2023-03-12
Pretty URL hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:48:00 Last Seen2023-03-12 14:48:00 Times Seen1 Hash 3810e3f6fbf4133c4b21f6ba5ba46bac b653cbad7f11b4a5ed1b77ab0cf41aff9bab1255 ca687e038a054bcd4016b946eb7ac289cc77db91bc0321b56c5dd556e01ae20c Loading...

	jx.tongdoumaoyi.com/news/data.php	402 B	2023-03-12	2023-03-12
Pretty URL jx.tongdoumaoyi.com/news/data.php IP 20.239.85.25 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:41:19 Last Seen2023-03-12 21:24:47 Times Seen1 Hash d13c17abc0435469076ec2d90477024a 5c3bb2de3ce816862941060c2c265c28dcec636e 894fcde8a417a27b964e370d5c179ea4a041c3eb36104f5b00cd8ee98a6cc1bc Loading...

	www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js	1.8 kB	2023-03-12	2023-03-13
Pretty URL www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js IP 173.231.38.6 ASN #18450 WEBNX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:41:19 Last Seen2023-03-13 09:23:26 Times Seen1 Hash 32c5c7081f5d603306ecf34193c69791 0a4d3032ea7cebab8a273a0acd59111654979427 4b2e60905711944df5f69e1f618b5cb668752f6b30a5cd007bd08b9ab80ccb76 Loading...

	www.jxys16.xyz/	254 B	2023-03-07	2023-07-10
Pretty URL www.jxys16.xyz/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:15 Last Seen2023-07-10 02:29:30 Times Seen148 Hash 2b060c01c124335c89db809e88d801f5 4226dea14013c0d2b6a391cebcfafc02e00d9305 46b48e8582d3035db685d90fd6ef29a676ae4f59721521c4025568c81fc43621 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f73bd51eba81e92528a281ae99e2fa97	479 B	2023-03-09	2023-03-12
Pretty Observations First Seen2023-03-09 17:30:48 Last Seen2023-03-12 20:34:20 Times Seen1 Hash f73bd51eba81e92528a281ae99e2fa97 8304f2deb3dce67554a667b4c04c9b875c34fea8 8f1a9e1a9bd070cb6eb751be78deb00a9154004da24940a848c0ed4412650397 Loading...

		Size	First Seen	Last Seen
	#1 Write - 6c833aea460a6628e673a60336cd0164	460 B	2023-03-09	2023-03-12
Pretty Observations First Seen2023-03-09 17:30:48 Last Seen2023-03-12 20:34:20 Times Seen1 Hash 6c833aea460a6628e673a60336cd0164 caed6e0312e83971b87a443e0e4d918dcd1d9998 b70985132d97e609f025d7123c07444aadffd4e948399cc5206a275de9c6fd60 Loading...

	#2 Write - b41c326655a1e61ea6f6dcc70f797eb7	201 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:06:53 Last Seen2024-04-19 06:49:25 Times Seen3761 Hash b41c326655a1e61ea6f6dcc70f797eb7 a416e2affbcd88fe88775b1dd7256dbb7b0e2b87 2d7d346bf62ff160f8d7d20318bedeb9dc7c79d0e2845f6061de5beabda471ca Loading...

	#3 Write - 3a726a17f9f965ca39da639d1e90016e	594 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 14:41:19 Last Seen2023-03-13 23:52:48 Times Seen1 Hash 3a726a17f9f965ca39da639d1e90016e 419b43e6322e0727f968d29117f2d7461f2a68eb 348b154387a2238ee93efc24c478313c47b24816f96c0f94da68406743ebd156 Loading...

	#4 Write - 8eeb3d92c61dde46fa7fa77b570e6023	580 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 14:41:19 Last Seen2023-03-13 09:23:26 Times Seen1 Hash 8eeb3d92c61dde46fa7fa77b570e6023 926b5ce45fb9b988a5243d868d2ee366a3d2004b a8e62d724092600f882c06fefa1aa63f21a151bb2468f312fdcdcf7ec913eaae Loading...

HTTP Transactions (131)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9126
Expires: Thu, 05 Jan 2023 06:36:51 GMT
Date: Thu, 05 Jan 2023 04:04:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3090
Expires: Thu, 05 Jan 2023 04:56:15 GMT
Date: Thu, 05 Jan 2023 04:04:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 03:47:48 GMT
content-type: application/json
age: 1017
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
225d42543c0190cdb3686bf236533f4f
13a0940800fce078487372b6b3ca614dd1ab6c31
766bbe15eb1642ac39e9b71669fbb44252471c8de5adb555cd1a76db44fbe7bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "766BBE15EB1642AC39E9B71669FBB44252471C8DE5ADB555CD1A76DB44FBE7BC"
Last-Modified: Mon, 02 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5732
Expires: Thu, 05 Jan 2023 05:40:17 GMT
Date: Thu, 05 Jan 2023 04:04:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mj61cxGdtSP5DDnbC+/qEj7vdEufVnCcP4o2WMUzUTvZY1gn+F+P6fMUuYyg2lQQ+v6lzWDK/TE=
x-amz-request-id: H4M0NPMT8V5K0KQZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 03:59:23 GMT
age: 322
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

nils-holgerson.com/

172.121.89.17

301 Moved Permanently

0 B

URL HTTP/1.1
nils-holgerson.com/
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 05 Jan 2023 04:04:44 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.nils-holgerson.com/index.php

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 03:08:11 GMT
age: 3394
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 654
Cache-Control: max-age=105180
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 04:04:45 GMT
Etag: "63b541ab-1d7"
Expires: Fri, 06 Jan 2023 09:17:45 GMT
Last-Modified: Wed, 04 Jan 2023 09:06:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

www.nils-holgerson.com/index.php

172.121.89.17

200 OK

785 B

URL HTTP/1.1
www.nils-holgerson.com/index.php
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Size
785 B (785 bytes)
Hash
449979d226b4709e707902a1275adecd
bc5083da744f7892a81e1a630855e6250b5f3959
235f81865fe0e97383deb1b88df3ba218d51bfc6cedb0ecbf0ad24f7029f1c0c

HTTP Headers

GET /index.php HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 04:04:45 GMT
Content-Type: text/html
Content-Length: 785
Connection: keep-alive

www.nils-holgerson.com/tj.js

172.121.89.17

200 OK

520 B

URL HTTP/1.1
www.nils-holgerson.com/tj.js
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with CRLF line terminators
Size
520 B (520 bytes)
Hash
c641843bbee2dbe645c9de13d8f953ed
1a93b5d7b8540d5acbaae9c8bc00c16926a23588
4604c89ab81e21b0a8e7e762b60c0190dd44643056504ae5c28ebd2b4e739ed7

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 04:04:45 GMT
Content-Type: application/x-javascript
Content-Length: 520
Connection: keep-alive

push.services.mozilla.com/

54.149.203.40

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.203.40:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JzO3FsmdOdJ/PK+Zb4Lgpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0wOa+KHgYQ1dUNBjm8lIQjHngLs=

www.nils-holgerson.com/common.js

172.121.89.17

200 OK

753 B

URL HTTP/1.1
www.nils-holgerson.com/common.js
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
753 B (753 bytes)
Hash
422fd880589a7fc1a2f9b43c88c64fbe
cd02b22cba108051097edd967d9b4e937386a05f
51ceb85b881f6f3a9a9deea0265b4960a9fd3d7fe698b72c0329332dc91585b9

HTTP Headers

GET /common.js HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 04:04:45 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.nils-holgerson.com/favicon.ico

172.121.89.17

200 OK

1.2 kB

URL HTTP/1.1
www.nils-holgerson.com/favicon.ico
IP
172.121.89.17:0
ASN
#18779 EGIHOSTING

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.nils-holgerson.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 04:04:46 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 10 Jan 2023 04:04:46 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

ocsp.globalsign.com/gsrsaovsslca2018

151.101.66.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
286305480b62eebc30fb590f099eb545
9f1077a949089c5da7460af8d9cdd558fe55b69c
71663de32204d79278392fb0e5b5352a195420105b022190aa8888fe0cc70bc2

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 09 Jan 2023 00:50:05 GMT
ETag: "9f1077a949089c5da7460af8d9cdd558fe55b69c"
Last-Modified: Thu, 05 Jan 2023 00:50:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 05 Jan 2023 04:04:46 GMT
Age: 4471
X-Served-By: cache-qpg1274-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 88, 3
X-Timer: S1672891487.955257,VS0,VE0

ocsp.globalsign.com/gsrsaovsslca2018

151.101.66.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
286305480b62eebc30fb590f099eb545
9f1077a949089c5da7460af8d9cdd558fe55b69c
71663de32204d79278392fb0e5b5352a195420105b022190aa8888fe0cc70bc2

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 09 Jan 2023 00:50:05 GMT
ETag: "9f1077a949089c5da7460af8d9cdd558fe55b69c"
Last-Modified: Thu, 05 Jan 2023 00:50:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 05 Jan 2023 04:04:46 GMT
Age: 4470
X-Served-By: cache-qpg1274-QPG, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 88, 9
X-Timer: S1672891487.955364,VS0,VE0

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
382a7055e2af34b70c27cb3232abdda4
f180a7977e96d170e2960055ce09c449013ce7b8
524519e0ea4cc83e539ac94e328d076fbd957e40d6783e4db5156e3771ee9c8e

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:47 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 18:23:35 GMT
Expires: Sun, 08 Jan 2023 18:23:34 GMT
Etag: "f180a7977e96d170e2960055ce09c449013ce7b8"
Cache-Control: max-age=310126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784954f16eff0b39-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9250
Expires: Thu, 05 Jan 2023 06:38:57 GMT
Date: Thu, 05 Jan 2023 04:04:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9250
Expires: Thu, 05 Jan 2023 06:38:57 GMT
Date: Thu, 05 Jan 2023 04:04:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9250
Expires: Thu, 05 Jan 2023 06:38:57 GMT
Date: Thu, 05 Jan 2023 04:04:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9250
Expires: Thu, 05 Jan 2023 06:38:57 GMT
Date: Thu, 05 Jan 2023 04:04:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9250
Expires: Thu, 05 Jan 2023 06:38:57 GMT
Date: Thu, 05 Jan 2023 04:04:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5507a575-db90-4030-a625-ae482beacb61.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5507a575-db90-4030-a625-ae482beacb61.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9690 bytes)
Hash
165bf3d40f0584e3b9839304ede47c76
27da520440229f2239721371d9338eb81a8b4b93
00075a96a87b16edb302ccc862e0dc9691c7195ac227ae805bc88ebe8dd3ee52

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5507a575-db90-4030-a625-ae482beacb61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: eba6ad45-abca-4781-88d0-28514de35851
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePMB5GxGIAMFZcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f3a5-2f3844833b7ead4f7121ae11;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:46:13 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AUNmGdRW5uyYG9Yiwi4ZR7Ss-aD5k5FuDgyHAgnuJgmtG-S2WQ4T6w==
via: 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:57:37 GMT
age: 22030
etag: "27da520440229f2239721371d9338eb81a8b4b93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7329 bytes)
Hash
f22f65ce84ef540224278e198edbe5dd
e64e4d49a0a630036019dbb06a8e5a526323975f
ad334d8c521c61a83836cecc0c2b2e19381d361c75a8f79a2c00536fdad5f4df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d88b301-0fcb-4763-915d-1cd04e82663f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7329
x-amzn-requestid: b78bdef1-e211-44e7-b08f-47be8c5ea903
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJWIBGiYoAMF3EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39d66-283f922756ee2b985c85bbb6;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:13:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ndC9iWs4MJqPSlJXAoFBp-DIdCdgMWE7Jx1xY7_z1qoBOqdF6LxMpQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 03:23:52 GMT
age: 2455
etag: "e64e4d49a0a630036019dbb06a8e5a526323975f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3e7735d-7041-4efd-8259-09922584e17d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10667 bytes)
Hash
a6730605ea953d8e0a3cd57e04d91297
e51e26f367a7da059df9dd0318cfad7b6941245a
013a74eb6f82f90daf91e8cdc87592b9c4f8065215b7aee0d3ba78f6d70a1687

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3e7735d-7041-4efd-8259-09922584e17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10667
x-amzn-requestid: 55ccb6c4-21ab-4687-96b0-46f4554156b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eMtmeGRoIAMFooQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4f629-2d7dc0b22716fb0126cd546b;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 03:44:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: J6X6GVBUkQGeX6ZCJHCwUWMWjIUUdegQ4DEnmkWIAkU0pHPwVRZOog==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 18:05:00 GMT
age: 35987
etag: "e51e26f367a7da059df9dd0318cfad7b6941245a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5872 bytes)
Hash
8cf33ce3c68b01f0c8f73549306ccfbc
621283dc19de9d911c21e75236b7218fd0096909
f5127032147e1659d3c9ad662b54a857c57020bb8daa4fd9974909b91224cdb8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f09f2c-6ba2-47e7-b5e9-ca1acce3a146.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5872
x-amzn-requestid: 3fef792c-199f-4317-a73f-be0832b978a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eAAvUFDLIAMFZbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afe195-2c1dc89f193aaba84a4563ee;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:15:33 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 5Vc5H_cA73sOXSUOy2GsC6UGsQ4kfKhCNmNp7v18Hx45z4onAIa-Cg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:40:15 GMT
age: 73472
etag: "621283dc19de9d911c21e75236b7218fd0096909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8307 bytes)
Hash
c820340d5ed98c9573754e3a749bf40c
09d31b45d4cc16c4d321e616e5445d9ba921a1ba
2a69c58358ae763ddef6603f783d7d25c465ff4d3777e6bd540c1b673381813a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8307
x-amzn-requestid: 37c27710-0d63-49f5-b929-87fa6fc9d654
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eKbG0GL1oAMFZCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b40bc5-2a3a53235b7c4f9c21dcb51e;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 11:04:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SEpv7jTgKBOEfRLOfLuDOmiadNqYRsIFfVthmVndwcA55BGXLYTV5Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 03:34:22 GMT
age: 1825
etag: "09d31b45d4cc16c4d321e616e5445d9ba921a1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7501442a-ef54-4aa9-a3fa-5362c9f60911.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4974 bytes)
Hash
17023e595d475bd09cd8768fe4099525
f79bc11eb9f5db4d750468d3c896502fdd2b7b23
cccac0d1215a6f0f285dd89c614d2580a2a7fb7c00eff50a8606c78921569b25

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7501442a-ef54-4aa9-a3fa-5362c9f60911.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4974
x-amzn-requestid: 2196cf39-c7fa-4b0b-88d0-04de5751e42f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eKpNxF2_oAMFuNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b42257-33a6f0245389c4b570748d0a;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 12:40:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2ImXkXs0qipRgLRoLbrA4pC_CM2zVNxjVkZ8M3rA0mKls4rq2PoVVQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 05:43:42 GMT
age: 80465
etag: "f79bc11eb9f5db4d750468d3c896502fdd2b7b23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

push.zhanzhang.baidu.com/push.js

112.34.113.148

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
112.34.113.148:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 05 Jan 2023 04:04:47 GMT
Etag: "4078521116"
Expires: Fri, 05 Jan 2024 04:04:47 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=4B3AF9B8C470F056F0DF55FF1891EBB8:FG=1; max-age=31536000; expires=Fri, 05-Jan-24 04:04:47 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?fec0eaa8fc52795617f18f518d42aaab
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (616)
Size
11 kB (11254 bytes)
Hash
8761c2a848172de3e75e7cc5e47100e5
f003cecfef1baac155c839d9a4924ae4b21f9a5f
473589c4d92fad19274b514af6aaeb3f343590b4f3c1ca2c1450b5252c2c9138

HTTP Headers

GET /hm.js?fec0eaa8fc52795617f18f518d42aaab HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 04:04:47 GMT
Etag: af72cca2eeddb98cf0f093420fa25978
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6CC9810871502A5D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
e57d714740ab21b7d40f7c9b9110cc85
268ffd137cc7bb49ac7e779e41926618ad0a3b49
0123d41138af6180e9771ca0243068cc93522eba9e4619e0ded828b8acc45d40

HTTP Headers

GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 04:04:47 GMT
Etag: 6b25c079dec336643254ee8da5aa4f99
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7E3AAE6BF7C316A7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

api.share.baidu.com/s.gif?l=http://www.nils-holgerson.com/index.php

182.61.240.101

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.nils-holgerson.com/index.php
IP
182.61.240.101:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.nils-holgerson.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nils-holgerson.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 05 Jan 2023 04:04:48 GMT

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1781144922&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=45068&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1781144922&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=45068&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1781144922&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=45068&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 04:04:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=94E752EF92AAE560; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=175048015&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=45068&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=175048015&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=45068&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=175048015&si=fec0eaa8fc52795617f18f518d42aaab&v=1.3.0&lv=1&sn=45068&r=0&ww=1280&u=http%3A%2F%2Fwww.nils-holgerson.com%2Findex.php&tt=%E4%B8%B9%E9%98%B3%E6%9D%80%E5%A7%A8%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 04:04:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F4D0626EF80306ED; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8418644a0a185cb406e89d2f0830a63a
8d52d13208441016208eca98cdee3a7d997d160e
9aa072baa67dd86197af37be57df43458fee24118931026338d6aa8f541e35d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA072BAA67DD86197AF37BE57DF43458FEE24118931026338D6AA8F541E35D3"
Last-Modified: Tue, 03 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21559
Expires: Thu, 05 Jan 2023 10:04:08 GMT
Date: Thu, 05 Jan 2023 04:04:49 GMT
Connection: keep-alive

www.jxys16.xyz/template/m1938pc/html9/ads/1.gif

173.231.38.6

200 OK

254 B

URL HTTP/2
www.jxys16.xyz/template/m1938pc/html9/ads/1.gif
IP
173.231.38.6:0
ASN
#18450 WEBNX

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:49 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Sat, 04 Feb 2023 04:04:49 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff

173.231.38.6

200 OK

13 kB

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP
173.231.38.6:0
ASN
#18450 WEBNX

File type
Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Size
13 kB (13408 bytes)
Hash
99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72

HTTP Headers

GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys16.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:50 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
d34d16dc1370313a19534ac0fa416d70
005828c4892aca9b574b89317fd22d5e48658be3
ccf27635c1f4025a1c53bc2bf00f4a2b5793c490e0a96fbd483c2e602cd10e2b

HTTP Headers

GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 04:04:50 GMT
Etag: d9152dfd9c8412931692dc1c37380517
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=432C27EF4F2C7A74; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=257810254&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=45071&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=257810254&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=45071&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=257810254&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=45071&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 04:04:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8B61ECB6D0708DC6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

z4a.net/images/2022/12/11/960x60.gif

104.21.234.235

200 OK

169 kB

URL HTTP/2
z4a.net/images/2022/12/11/960x60.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
169 kB (168777 bytes)
Hash
729a348b918f6435c5a38c8938a81587
f82b088813167cd5396bf74feedb4d8e35612dcf
cd580979947876de1d553e460e57bd4d7b432c682097f67c6249b667eb3c6726

HTTP Headers

GET /images/2022/12/11/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:51 GMT
content-type: image/gif
content-length: 168777
expires: Mon, 11 Dec 2023 14:12:40 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2123531
last-modified: Sun, 11 Dec 2022 14:12:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0%2FqzJswUQnfsJ7FW7w%2BGHxgo2idnD0TyS3MbtJ9k%2ByBfjsG5loZdgW4XglCBJNJkGLRt8rfFTXLRBteo8rAcjftCAN5%2B4UAKlShtDpg6mgNghE9GA%2F2yzU9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7849550d0e1323b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z4a.net/images/2022/12/11/960x603d5ab8438267da4d.gif

104.21.234.235

200 OK

176 kB

URL HTTP/2
z4a.net/images/2022/12/11/960x603d5ab8438267da4d.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
176 kB (176400 bytes)
Hash
790f7ce169b014489226f2bc54fcebdb
8c728b76de39bd04e942af210a6742a2727eedd5
111153d903587269530c51cc32126f82d51a9461b42be47237db3f289f6483c6

HTTP Headers

GET /images/2022/12/11/960x603d5ab8438267da4d.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:51 GMT
content-type: image/gif
content-length: 176400
expires: Sat, 16 Dec 2023 08:08:42 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1713369
last-modified: Fri, 16 Dec 2022 08:08:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMaztMxeGTQYiARirBaCyrE1Yxx3D8plvhmmx76JOeT6%2BoiXi0bLcwiMziQRe7EXTltQm5PaQNyE590EibAXNpY8YmnFYDKq0G%2FMcoLSrkoAT6q%2FTkGUxOTr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7849550d1e1c23b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z4a.net/images/2022/12/11/960-60-0.gif

104.21.234.235

200 OK

198 kB

URL HTTP/2
z4a.net/images/2022/12/11/960-60-0.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
198 kB (198523 bytes)
Hash
785b488cd18db17252bbc6e2e90d15fb
733a0183c583aaac34ffd5b1019d4a6ca25434c6
01982c41cd3165a9490c613aee197531461568a26d6691509076dfcb7c5438a4

HTTP Headers

GET /images/2022/12/11/960-60-0.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:51 GMT
content-type: image/gif
content-length: 198523
expires: Mon, 11 Dec 2023 14:13:22 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2123489
last-modified: Sun, 11 Dec 2022 14:13:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxbV1alWDDY5t3RcAt%2Fal2NTEnm9QRp0BOyd0o1wKeDiR6PPP4chG6E3kl7uMB3cplH6e6cSx%2Fd2V34vbo7%2B2DdlYyeXAhTG%2FVQim0BUArP7HCEL8TX6V0R8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7849550d1e1b23b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z4a.net/images/2022/12/10/960x60.gif

104.21.234.235

200 OK

245 kB

URL HTTP/2
z4a.net/images/2022/12/10/960x60.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
245 kB (245207 bytes)
Hash
0b25bc78e72da9cce4df6f8b35a75247
26e8c59347f9489d5922e92660d3fc2d44c44cbb
8ff60c94afa37237e7746c8095addb9476b20739a25163536a2cd89217089a88

HTTP Headers

GET /images/2022/12/10/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:51 GMT
content-type: image/gif
content-length: 245207
expires: Mon, 11 Dec 2023 14:13:06 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2123505
last-modified: Sun, 11 Dec 2022 14:13:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwpLKjqjVyQOb6m7F7s2RaAHczcP5uo19nbAEuCBEuPPGLLUDByyNbXOoaW4jTiecP%2FNQU41eWy%2BO64rzQXdCSxVTFc%2Bjn9aBknl4or2fHL%2Bx3gYMQfUq9ki"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7849550d2e2823b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z4a.net/images/2022/12/21/960x60d39aac802c494f86.gif

104.21.234.235

200 OK

528 kB

URL HTTP/2
z4a.net/images/2022/12/21/960x60d39aac802c494f86.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
528 kB (527657 bytes)
Hash
bc9315952b1de102c2097670f688e43d
2412c6e3aee17d6a271b6f69358ac96dec2afa24
b20477516ad5a2c0daef1e9f3037e32278a3740ca88be3614c1540b90675f396

HTTP Headers

GET /images/2022/12/21/960x60d39aac802c494f86.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:51 GMT
content-type: image/gif
content-length: 527657
expires: Thu, 21 Dec 2023 11:42:57 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1268514
last-modified: Wed, 21 Dec 2022 11:42:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZcapYemZGX6bkyX%2BFsDFJmbBdhsUYWbNZNcJxuFNimuWB2dxjmpEWGdLfrrgRv2MCg66rBp2FImYiTk22y7anP%2FqDy7locZrmSu3baLfWEj%2FhVom0CeXEVa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7849550cee0523b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z4a.net/images/2022/11/20/960x60.gif

104.21.234.235

200 OK

578 kB

URL HTTP/2
z4a.net/images/2022/11/20/960x60.gif
IP
104.21.234.235:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
578 kB (577945 bytes)
Hash
6ae710163cd11c12a73a693024c46410
43041b87b2040371a052bf1f83d401c263a32178
42da405262416c9fbaa04b2718406d4ea93501bfb99774fae4956b6eab7c1831

HTTP Headers

GET /images/2022/11/20/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:51 GMT
content-type: image/gif
content-length: 577945
expires: Thu, 21 Dec 2023 22:30:13 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1229678
last-modified: Wed, 21 Dec 2022 22:30:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMtQN5a95d6i%2Fjkgye7t6%2B79ILjPM4sNc9B3c6zYu14cw%2Fyn7grMNSMGqPm%2Fi0PxlEB8dRN8fDhoen1fHDYAfP14GqkRykfQp6316BRHdSDSo%2FHu9AyqYbQN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7849550cfe0a23b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d12a67ea1bb5710fdec7e2811cbd950f
7e233d837c8ec4442f8ceb159ab24b954e0df665
9a4bb6166348a7eccc2ed8b366a367175be80e29a77114f73983ea989630b5a8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A4BB6166348A7ECCC2ED8B366A367175BE80E29A77114F73983EA989630B5A8"
Last-Modified: Tue, 03 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14552
Expires: Thu, 05 Jan 2023 08:07:24 GMT
Date: Thu, 05 Jan 2023 04:04:52 GMT
Connection: keep-alive

66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif

103.170.15.75

200 OK

149 kB

URL HTTP/1.1
66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
IP
103.170.15.75:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
149 kB (149081 bytes)
Hash
ca110f84ebcc10dd498b26dc6c90087b
cfaf975d43693cfc7c2e05305068b0d933748d98
04dff307dc6fdc4da149bad386613e102c1f0e6d2b26974c5666505c7d97ef2e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /137dd6d87688482eb020c1c774325059.185.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f2795c-24659"
Date: Thu, 29 Dec 2022 02:55:32 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:12:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 149081

66668aaa.com/03f4c91859e345fd8955d5640194ce6e.gif

103.170.15.75

200 OK

161 kB

URL HTTP/1.1
66668aaa.com/03f4c91859e345fd8955d5640194ce6e.gif
IP
103.170.15.75:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
161 kB (160599 bytes)
Hash
1e6146135f463f9dd5a91b6ec27e6dc6
b4871d778c720ce51a7c0e9fef07230b6ac0935a
ee63a02abc03ac35bb66a8010518568351f9215b346ffdc244f6b8926ff08519

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /03f4c91859e345fd8955d5640194ce6e.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63427f5e-27357"
Date: Thu, 29 Dec 2022 02:55:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 09 Oct 2022 07:59:26 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 160599

kzecc.com/e06a35bc848b301fd5c9802d162bdf30.gif

13.227.254.83

200 OK

182 kB

URL HTTP/2
kzecc.com/e06a35bc848b301fd5c9802d162bdf30.gif
IP
13.227.254.83:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 300 x 150\012- data
Size
182 kB (181696 bytes)
Hash
ba9dcd35c39e60e245666e70f85fc335
38630969afd73016363a2f6f41bf36eb947405b2
624d0cce85aeb64c935d38705196c4ea696deaf4f5e1895e8557789b8b01380b

HTTP Headers

GET /e06a35bc848b301fd5c9802d162bdf30.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 181696
last-modified: Mon, 19 Dec 2022 08:54:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 13:59:40 GMT
etag: "ba9dcd35c39e60e245666e70f85fc335"
x-cache: Hit from cloudfront
via: 1.1 1ce5b4ee9f2f36701e8515d9d8ae140c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: GYxGcHkuVcwqgAYkAxe3253yg5qKE3ROmoEer7thqkSlMeQhx9tCOA==
age: 50713
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
62b6599436a3b69f7141923fd64120ed
30f26bc7398e4518c63ce81b857014879d6a633f
3762d8ea4244b118485570b8228d03e9caa52b9388f352f372d10e756486aeb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 04:50:06 GMT
Expires: Mon, 09 Jan 2023 04:50:05 GMT
Etag: "30f26bc7398e4518c63ce81b857014879d6a633f"
Cache-Control: max-age=347711,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784955183f9cb505-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
d2fb45eb9e8c21016940ae0b3d5c8acf
a8a8fb13b93d4086395ff036f8e8b1cc93514dc5
c37356b871229b7f4dfbc494fc35341bb056934168b31e0b00f8b2f089e75112

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 15:26:08 GMT
Expires: Mon, 09 Jan 2023 15:26:07 GMT
Etag: "a8a8fb13b93d4086395ff036f8e8b1cc93514dc5"
Cache-Control: max-age=385873,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784955183af50b06-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ba9c78901fa5d0b60f196410e91df7ba
a1e3a0bbd77b9fba54e90673aa1a779b10461ff5
edb83dc914bcc6a58f1da69b18b9e40cd5325849e10c5ce97e3ccfb0939ad48f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 17:34:46 GMT
Expires: Sun, 08 Jan 2023 17:34:45 GMT
Etag: "a1e3a0bbd77b9fba54e90673aa1a779b10461ff5"
Cache-Control: max-age=307191,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7849551839edb511-OSL

3718896ccc.com/69267e805d7b4aa3b4db75a4ca964b7f.gif

45.61.212.47

200 OK

331 kB

URL HTTP/1.1
3718896ccc.com/69267e805d7b4aa3b4db75a4ca964b7f.gif
IP
45.61.212.47:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 750 x 120\012- data
Size
331 kB (330788 bytes)
Hash
2fed29a7e518cace80f2ca8f57787c31
1f78c67a7a5864d12e6c0e13dd45fa477e80e528
b6407a42c658e82ec3ef6a64b6aff95018b90155c04648247c08e8df83afb35e

HTTP Headers

GET /69267e805d7b4aa3b4db75a4ca964b7f.gif HTTP/1.1
Host: 3718896ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a801bf-50c24"
Date: Tue, 27 Dec 2022 03:01:40 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 25 Dec 2022 07:54:39 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 330788

jx.tongdoumaoyi.com/news/list.php

20.239.85.25

200 OK

252 kB

URL HTTP/2
jx.tongdoumaoyi.com/news/list.php
IP
20.239.85.25:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
252 kB (251453 bytes)
Hash
8122a1130d65aab96f9b7a5ccf9f0491
87aea784617e1c05eaf7f22f7999f736e78a3b9c
24f08a97a86c56396a8c29e39c5578525ca3849f3e31adc0097d17ea2d137ca2

HTTP Headers

GET /news/list.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 05 Jan 2023 04:04:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2

jx.tongdoumaoyi.com/news/index.php

20.239.85.25

200 OK

553 kB

URL HTTP/2
jx.tongdoumaoyi.com/news/index.php
IP
20.239.85.25:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
553 kB (553405 bytes)
Hash
6eed05bc67d7e8611eadce1a33eb272a
d83f1ebbfe6c065b9d302f087c7fd6702081e2f5
e037c223a63c791c5ad1c53b5b175e8f00fed02022ff6cd65577d3049e6e82e6

HTTP Headers

GET /news/index.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nils-holgerson.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 05 Jan 2023 04:04:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2

kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif

172.83.155.45

200 OK

250 kB

URL HTTP/2
kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif
IP
172.83.155.45:0
ASN
#201106 Spartan Host Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
250 kB (250112 bytes)
Hash
70726a2c83ff355a82c1438f1f8cd31d
f3f76125f9ba333f1a2f30b633a99baa8df781bd
a2553ce629178b3a4850cd032075da81a2e01313d524caeba5d57c9613f7afff

HTTP Headers

GET /67a0474849f4ee10ccbe3b0d2cebf337.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:52 GMT
content-type: image/gif
content-length: 250112
last-modified: Sun, 18 Dec 2022 07:33:19 GMT
etag: "639ec23f-3d100"
expires: Thu, 05 Jan 2023 16:04:52 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 43545
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ate7nT8CtBd9W30m57gY4%2F%2FFqffLWzf7LsHYD4fRVGX99AJZ0U1hcKiiVhDhdg%2BCoMKjloAYPB3j2oPMGAZiluys3H9cv5EMvVzCfuRpsjGD%2FxOxQ%2B0CUOoNtP4E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f48617fb5e8444-YVR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

xinchacha2dv.ocsp-certum.com/

23.36.79.10

200 OK

1.5 kB

URL HTTP/1.1
xinchacha2dv.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.5 kB (1538 bytes)
Hash
21af77c1b6e9a7cd3b0ff6ad932de759
025b230bd1e1bbf9d062781ec035632e5a761d4d
53b3d8357a78e66943d157d9a0455a48ad78edb5b1213e9d210dbfcc0106d649

HTTP Headers

POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=860
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive
X-N: S

xinchacha2dv.ocsp-certum.com/

23.36.79.10

200 OK

1.5 kB

URL HTTP/1.1
xinchacha2dv.ocsp-certum.com/
IP
23.36.79.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.5 kB (1538 bytes)
Hash
c6e670b3c6aa164603969df6d05e33f3
957761c7ae7ad9fa279f1f8127453e61d60001b5
de8804d54181780f1b7ae8c7c62fdbbf199a0f6cbe61ffab092e240ca259c078

HTTP Headers

POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=847
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive
X-N: S

3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif

103.170.15.79

200 OK

748 kB

URL HTTP/1.1
3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif
IP
103.170.15.79:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
748 kB (747714 bytes)
Hash
190c632a93b23820398e76a78dccf39b
f156cddcc3d508f21aabaa1c08391a976f84e172
602526a271c67646875cf62980d7c3c4a16360b747ebc2810908ca274a8ca1ad

HTTP Headers

GET /31bae057f32c4263a5459428dcd9c2c0.gif HTTP/1.1
Host: 3366812ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b288d0-b68c2"
Date: Tue, 03 Jan 2023 02:40:20 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 02 Jan 2023 07:33:36 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-09
Content-Length: 747714

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
e65633c0e3a6dec7df7bebca0fd89e60
1742eb552b31d96c658ece4cbc08407dcb52455b
854aa9af1a54641402c8b1240267688f95687f53743f40a7412d9c86cf383af8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 21:14:28 GMT
Expires: Sun, 08 Jan 2023 21:14:27 GMT
Etag: "1742eb552b31d96c658ece4cbc08407dcb52455b"
Cache-Control: max-age=320373,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784955183888b4fd-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
867e5f340d14779681367f582b93853a
0847ee801df2281d87e1ee86b54a72047f2faeee
31681fa6a4a2c60ed09fb5471b4fff38d28ae35ca9466bc2e5bf45dd43e4354d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 23:43:08 GMT
Expires: Sun, 08 Jan 2023 23:43:07 GMT
Etag: "0847ee801df2281d87e1ee86b54a72047f2faeee"
Cache-Control: max-age=329293,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784955183cecfabc-OSL

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
d98dcd92e26b327cf8a8bde371841777
841e5c9ca3a129075f369bfb15f22f8fc178b1a7
2f358feca0386f42930403d8691e448700b16215cd5631f0a947c42360b436a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 04 Jan 2023 08:36:09 GMT
Expires: Thu, 05 Jan 2023 08:36:09 GMT
ETag: "841e5c9ca3a129075f369bfb15f22f8fc178b1a7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
d98dcd92e26b327cf8a8bde371841777
841e5c9ca3a129075f369bfb15f22f8fc178b1a7
2f358feca0386f42930403d8691e448700b16215cd5631f0a947c42360b436a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 04 Jan 2023 08:36:09 GMT
Expires: Thu, 05 Jan 2023 08:36:09 GMT
ETag: "841e5c9ca3a129075f369bfb15f22f8fc178b1a7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.globalsign.com/gsrsaovsslca2018

151.101.66.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
8e7bbc99d2bf1fa5b645b6ae9dd2ed86
08fd2dceb2979cba82f350abf5bb6b240a2809a1
ae08ed549fde9a1a7781d00234baf36680c396ca58a8e0905c5a9b1d7865995e

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 09 Jan 2023 01:26:24 GMT
ETag: "08fd2dceb2979cba82f350abf5bb6b240a2809a1"
Last-Modified: Thu, 05 Jan 2023 01:26:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 05 Jan 2023 04:04:53 GMT
Age: 2819
X-Served-By: cache-qpg1226-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 1
X-Timer: S1672891493.398066,VS0,VE1

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
867e5f340d14779681367f582b93853a
0847ee801df2281d87e1ee86b54a72047f2faeee
31681fa6a4a2c60ed09fb5471b4fff38d28ae35ca9466bc2e5bf45dd43e4354d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 23:43:08 GMT
Expires: Sun, 08 Jan 2023 23:43:07 GMT
Etag: "0847ee801df2281d87e1ee86b54a72047f2faeee"
Cache-Control: max-age=329293,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784955188fc4b505-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2741828acf074a99539807cd53a242cd
18e31684f7b8ece788536d2a89ae2a38fa535a2e
68f40215262806c62e8c1d552812c5574a257e05bc068c0db4ca4d872de286cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68F40215262806C62E8C1D552812C5574A257E05BC068C0DB4CA4D872DE286CD"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Thu, 05 Jan 2023 04:51:27 GMT
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2741828acf074a99539807cd53a242cd
18e31684f7b8ece788536d2a89ae2a38fa535a2e
68f40215262806c62e8c1d552812c5574a257e05bc068c0db4ca4d872de286cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68F40215262806C62E8C1D552812C5574A257E05BC068C0DB4CA4D872DE286CD"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Thu, 05 Jan 2023 04:51:27 GMT
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

img30.360buyimg.com/popXue/jfs/t1/212400/31/24084/171392/63aee9deFde497aa2/6bf6885541a9416c.gif

163.171.134.109

200 OK

171 kB

URL HTTP/2
img30.360buyimg.com/popXue/jfs/t1/212400/31/24084/171392/63aee9deFde497aa2/6bf6885541a9416c.gif
IP
163.171.134.109:0
ASN
#54994 QUANTILNETWORKS

File type
GIF image data, version 89a, 960 x 100\012- data
Size
171 kB (171392 bytes)
Hash
a13e5953b9b9868e6d79e79de68f86ae
7ce4811b6358d541d17d91521fbf2d18ce889e39
f2cce13596aab83e51968ad821abe6bf86704a9ed4bfe0d2a594f23b47cfb592

HTTP Headers

GET /popXue/jfs/t1/212400/31/24084/171392/63aee9deFde497aa2/6bf6885541a9416c.gif HTTP/1.1
Host: img30.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/gif
content-length: 171392
expires: Wed, 28 Jun 2023 13:59:02 GMT
server: nginx
cache-control: max-age=15552000
last-modified: Fri, 30 Dec 2022 13:38:38 GMT
via: http/1.1 ORI-CLOUD-ZJ-MIX-193 (jcs [cHs f ]), http/1.1 JN-UNI-2-MIX-14 (jcs [cMsSfW])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672407518600-0-0-1-10-10;200;200-1672407553481-0-0-0-10-10;200-1672407553489-0-0-0-22-22
age: 482751
x-via: 1.1 PSdgflkfFRA1ox201:3 (Cdn Cache Server V2.0), 1.1 PS-ARN-01C8L93:5 (Cdn Cache Server V2.0)
x-ws-request-id: 63b64c65_PSrdsdgemSTO1sw92_39603-4690
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
d98dcd92e26b327cf8a8bde371841777
841e5c9ca3a129075f369bfb15f22f8fc178b1a7
2f358feca0386f42930403d8691e448700b16215cd5631f0a947c42360b436a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 04 Jan 2023 08:36:09 GMT
Expires: Thu, 05 Jan 2023 08:36:09 GMT
ETag: "841e5c9ca3a129075f369bfb15f22f8fc178b1a7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
d98dcd92e26b327cf8a8bde371841777
841e5c9ca3a129075f369bfb15f22f8fc178b1a7
2f358feca0386f42930403d8691e448700b16215cd5631f0a947c42360b436a6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 04 Jan 2023 08:36:09 GMT
Expires: Thu, 05 Jan 2023 08:36:09 GMT
ETag: "841e5c9ca3a129075f369bfb15f22f8fc178b1a7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif

103.170.15.115

200 OK

1.1 MB

URL HTTP/1.1
99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif
IP
103.170.15.115:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 980 x 80\012- data
Size
1.1 MB (1066629 bytes)
Hash
709be30700e74aafa715f685cba66b67
1d0ee25014c3d61849625bfc386d6ec370181a7d
93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /161f65b0d6174a0a94c6ba6b2e9c589b.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a43809-104685"
Date: Thu, 29 Dec 2022 22:50:52 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 10:57:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-45
Content-Length: 1066629

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
d3c931254faf0b6d9831c18f70146fe1
1c305a8df12598bd01bca424dc909f58746b5c48
9aedd819a10ffb545b2e300f0c6d327e408d0d154b3613842f2dca262048fd0a

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=889
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive
X-N: S

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b0b15b3e172b8bdbddbb07ca92b8721f
819678937f962bcf1b8202d05aa957f42bb7193c
212fc5f84d3f252631f3e68045eb41deed763432849ea628631359a223a06d34

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 11:33:07 GMT
Expires: Wed, 11 Jan 2023 11:33:06 GMT
Etag: "819678937f962bcf1b8202d05aa957f42bb7193c"
Cache-Control: max-age=544692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78495519f92cb4fd-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6fcf461b02f418e4650f5b85e6477616
b4eeeea450e48e3c629218b8083997dad003c9e7
4e5b9b90ddc5f1965230997d4695aff089aff41725acba4b8eb5072eb5774fea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E5B9B90DDC5F1965230997D4695AFF089AFF41725ACBA4B8EB5072EB5774FEA"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16486
Expires: Thu, 05 Jan 2023 08:39:39 GMT
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2b1592ee8e39b49153a9fe6c8cbae82
3229bb172ec142cdaaf84a0ab3e3ba6c595aa79d
dfba311a3dc51687852964938e884ab474cc3c54a080f162190af0945cdb9514

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFBA311A3DC51687852964938E884AB474CC3C54A080F162190AF0945CDB9514"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2078
Expires: Thu, 05 Jan 2023 04:39:31 GMT
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

e1.o.lencr.org/

23.33.119.27

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
abea7198cdccea77e6f2b84576c59bd6
e1e3ad080f6d7bcfaa4a51152e5bd12180b38c5d
1b25dac46f7b5f533b02f8756b28f89d2a17691c2fdc1b588bdfba67eee9c0c0

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1B25DAC46F7B5F533B02F8756B28F89D2A17691C2FDC1B588BDFBA67EEE9C0C0"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=34
Expires: Thu, 05 Jan 2023 04:05:27 GMT
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

image.tnmvgr.cn/oms.1511122.com/1672811127181-960x60.gif

47.246.44.206

200 OK

109 kB

URL HTTP/1.1
image.tnmvgr.cn/oms.1511122.com/1672811127181-960x60.gif
IP
47.246.44.206:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
GIF image data, version 89a, 960 x 60\012- data
Size
109 kB (109246 bytes)
Hash
e573c37ce1ba8b57e8dfb8fcd43368c9
f5da3a1479bfd18c820893899b5b478df5d02d3c
d9f97dfc186d336e8a5da72bffc7b70378bf87f68de9af20d59a8b88ff271d53

HTTP Headers

GET /oms.1511122.com/1672811127181-960x60.gif HTTP/1.1
Host: image.tnmvgr.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 109246
Connection: keep-alive
Date: Thu, 05 Jan 2023 03:06:53 GMT
x-oss-request-id: 63B63ECD5C57FF303662263B
Vary: Origin
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "E573C37CE1BA8B57E8DFB8FCD43368C9"
Last-Modified: Wed, 04 Jan 2023 05:45:27 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5454499210466108819
x-oss-storage-class: Standard
Content-MD5: 5XPDfOG6i1fo37j81DNoyQ==
x-oss-server-time: 5
Ali-Swift-Global-Savetime: 1672888013
Via: cache4.l2de2[0,0,304-0,H], cache5.l2de2[0,0], cache5.se1[0,-1,200-0,H], cache2.se1[1,0]
Age: 3480
X-Cache: HIT TCP_MEM_HIT dirn:11:173044974
X-Swift-SaveTime: Thu, 05 Jan 2023 03:07:55 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9616728914935136079e

kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif

13.227.254.83

200 OK

864 kB

URL HTTP/2
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP
13.227.254.83:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 960 x 60\012- data
Size
864 kB (864004 bytes)
Hash
d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed

HTTP Headers

GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 15:30:45 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 1ce5b4ee9f2f36701e8515d9d8ae140c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: R_Bzsh1ItO-ZMWpZeysEXDtFUFenHHGR9Dd3j1UthPnenchT7UnknQ==
age: 45248
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/ioyhtumulof.jpg

172.67.28.138

200 OK

5.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/ioyhtumulof.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.4 kB (5408 bytes)
Hash
7166b8828b383416635552a4e7d934ce
87a7b007c91b402ac837ae8e266418ff7c2b3e6f
0d4d40ee2c8f25be22915ed40f628147f3c428bf48f54d5fc71a81bf91581919

HTTP Headers

GET /upload/vod/2022/12/ioyhtumulof.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 5408
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6438
content-disposition: inline; filename="ioyhtumulof.webp"
etag: "63919883-1926"
last-modified: Thu, 08 Dec 2022 07:55:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adf9ab515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg

172.67.28.138

200 OK

16 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
16 kB (16544 bytes)
Hash
fb8299566d6ea78f401c58aa1aed76b0
06b3ca9b2bee69473d2348c67feb9c598a1f3605
ea13b22c9d50069700778e892496aec8930d0aefd3180a8eb47e56452d55a22b

HTTP Headers

GET /upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/jpeg
content-length: 16544
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=16984, status=webp_bigger
etag: "6367473b-4258"
last-modified: Sun, 06 Nov 2022 05:33:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7849551adf9fb515-OSL
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/static/css/swiper.min.css

173.231.38.6

200 OK

55 kB

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/css/swiper.min.css
IP
173.231.38.6:0
ASN
#18450 WEBNX

File type
data
Size
55 kB (54864 bytes)
Hash
696d005b88dbe0b53e9de92990b5da73
f5190800429a275ca8b4b1c89c50c7764a85f3a9
ec853b71d087615dba4c9077e42152aa3a3d6b91b59c93c4a3d4a7868b124758

HTTP Headers

GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:49 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Thu, 05 Jan 2023 16:04:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg

172.67.28.138

200 OK

7.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.5 kB (7496 bytes)
Hash
3b0851d25dfdaf4453018d6ba6fcfb09
81778cc41bc16f83a5dffd2a1df0f10b236cd50c
ac260695a86f4ac2ba5e744f0f87b1e67c62b490474aa0a2d1880545283b07af

HTTP Headers

GET /upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 7496
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8924
content-disposition: inline; filename="3ntqevhmcwr14003ntqevhmcwr245572.webp"
etag: "638059f8-22dc"
last-modified: Fri, 25 Nov 2022 06:00:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adf9bb515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg

172.67.28.138

200 OK

4.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4482 bytes)
Hash
cf7a5eeca4da86ff2ddbdd9a77de5107
e905e417383ac44c6e7f1c4cce421c9695c711db
c326632d34b02c1c070119eba2fd4e7b0877599d691960c0b9ce7ad4e05aae47

HTTP Headers

GET /upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 4482
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6651
content-disposition: inline; filename="ti4dbnmfwc01152ti4dbnmfwc0156571.webp"
etag: "636880ef-19fb"
last-modified: Mon, 07 Nov 2022 03:52:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adf9eb515-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ba0bb07761a0392b2430d634c02524eb
21e307805f0c1f8a547d9ab7a01f8cfceb3da44c
ab54d6b229b0b825a7178b4b14fb0fef38ae21f1088cd588535fecbec8c25704

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB54D6B229B0B825A7178B4B14FB0FEF38AE21F1088CD588535FECBEC8C25704"
Last-Modified: Tue, 03 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17445
Expires: Thu, 05 Jan 2023 08:55:38 GMT
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg

172.67.28.138

200 OK

8.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.4 kB (8384 bytes)
Hash
54564f6fe5d24c3be0fb0abdcfc93ac0
33d65dadfacfb6b0c805a743af9666141f887c07
67bca5dc3ef300578aba244dcb069b8b835f8e0eeee20f4b624d415224b84771

HTTP Headers

GET /upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 8384
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9055
content-disposition: inline; filename="wuvpypjmdke1112wuvpypjmdke515303.webp"
etag: "636331b3-235f"
last-modified: Thu, 03 Nov 2022 03:12:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfa0b515-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
e65633c0e3a6dec7df7bebca0fd89e60
1742eb552b31d96c658ece4cbc08407dcb52455b
854aa9af1a54641402c8b1240267688f95687f53743f40a7412d9c86cf383af8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 21:14:28 GMT
Expires: Sun, 08 Jan 2023 21:14:27 GMT
Etag: "1742eb552b31d96c658ece4cbc08407dcb52455b"
Cache-Control: max-age=320373,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784955183de8b4f9-OSL

lbfm.lbpictupian.com/upload/vod/2022/10-27/13/yhnw02dkioo1342yhnw02dkioo132649.jpg

172.67.28.138

200 OK

9.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-27/13/yhnw02dkioo1342yhnw02dkioo132649.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.1 kB (9100 bytes)
Hash
6db6e065a2513b03e453cc933697321c
f23a72437919498c6b44f9596b4119e1b160df8a
6ebcfb862d051036bd7154bb6602dbcd24a353efe1ceb73ab5cf3e908ca91087

HTTP Headers

GET /upload/vod/2022/10-27/13/yhnw02dkioo1342yhnw02dkioo132649.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 9100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9698
content-disposition: inline; filename="yhnw02dkioo1342yhnw02dkioo132649.webp"
etag: "635a1a35-25e2"
last-modified: Thu, 27 Oct 2022 05:42:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfa4b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/spmhh0mm0iv.jpg

172.67.28.138

200 OK

4.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/spmhh0mm0iv.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.7 kB (4716 bytes)
Hash
968c2f36f362fa510b26fb5bc1608ab6
22a2b0c44dea4a7ab5d97e79b89d6b8ba731a464
55d294702d92209cd512d2d63293750ca3d1cc2e955ac624f30c6bcf1e247e09

HTTP Headers

GET /upload/vod/2023/01/spmhh0mm0iv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 4716
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7409
content-disposition: inline; filename="spmhh0mm0iv.webp"
etag: "63b534cc-1cf1"
last-modified: Wed, 04 Jan 2023 08:11:56 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfa7b515-OSL
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
836c04cce94b02c62d66d33e75ee6048
9af9f73041e7fac3f424f16a4be577ee82660fb8
b906ffae5e2829bc03cd278fe5f0d22a30d40301baba237b6daf27c94c9f95ae

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B906FFAE5E2829BC03CD278FE5F0D22A30D40301BABA237B6DAF27C94C9F95AE"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4855
Expires: Thu, 05 Jan 2023 05:25:48 GMT
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
abea7198cdccea77e6f2b84576c59bd6
e1e3ad080f6d7bcfaa4a51152e5bd12180b38c5d
1b25dac46f7b5f533b02f8756b28f89d2a17691c2fdc1b588bdfba67eee9c0c0

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1B25DAC46F7B5F533B02F8756B28F89D2A17691C2FDC1B588BDFBA67EEE9C0C0"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19322
Expires: Thu, 05 Jan 2023 09:26:55 GMT
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

lbfm.lbpictupian.com/upload/vod/2020/03-28/06/l1r4aieysv10604l1r4aieysv1481238.jpg

172.67.28.138

200 OK

10 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/l1r4aieysv10604l1r4aieysv1481238.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
10 kB (9960 bytes)
Hash
a0cb9340efc817b54c1ae7c2b8a8d76f
b2935e4d68381b0b1fe715bc7eb22ac137e7866a
0af101cffa3fc5bb2c3ea258a7295ee93e66034a7e5cbebda26052c0ba4376c9

HTTP Headers

GET /upload/vod/2020/03-28/06/l1r4aieysv10604l1r4aieysv1481238.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/jpeg
content-length: 9960
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10409, status=webp_bigger
etag: "5e7e7880-28a9"
last-modified: Fri, 27 Mar 2020 22:04:48 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7849551adfa1b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/10-22/15/gbe01acskgc1536gbe01acskgc001255.jpg

172.67.28.138

200 OK

2.6 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/10-22/15/gbe01acskgc1536gbe01acskgc001255.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.6 kB (2584 bytes)
Hash
4102154235bdfbcd293f663fe3c2b160
3daf389709bdecc7f092658709e3724d917971e2
e9cf648344aec4656ad9cfcdbb12afbfdd96752af431e800fd309fb40454f857

HTTP Headers

GET /upload/vod/2022/10-22/15/gbe01acskgc1536gbe01acskgc001255.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 2584
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=4317
content-disposition: inline; filename="gbe01acskgc1536gbe01acskgc001255.webp"
etag: "63539d60-10dd"
last-modified: Sat, 22 Oct 2022 07:36:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfa5b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/1liqvkv3hpa.jpg

172.67.28.138

200 OK

8.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/1liqvkv3hpa.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.1 kB (8054 bytes)
Hash
dea8f3b4def2d0dcd29bf0cee4675da4
d14428cb769ca9bf33492d00287c68816957ed9e
91641c977df71cd13d9d82b8f131d10d72bd0b165b81d8ccefffc42e1922ace6

HTTP Headers

GET /upload/vod/2023/01/1liqvkv3hpa.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 8054
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9213
content-disposition: inline; filename="1liqvkv3hpa.webp"
etag: "63b534c8-23fd"
last-modified: Wed, 04 Jan 2023 08:11:52 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfa6b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg

172.67.28.138

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (10870 bytes)
Hash
bd3fd037debb3b7ec9057e2f026c59d7
3fc2d3c0eddced427f460e12651685311ae0af29
b19b455ca9ef3725566c6908217391bf72bee54ece8f40504cebc593ebcc9b76

HTTP Headers

GET /upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 10870
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11415
content-disposition: inline; filename="znmtdtg3fn11619znmtdtg3fn1263009.webp"
etag: "6378918e-2c97"
last-modified: Sat, 19 Nov 2022 08:19:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adf9cb515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg

172.67.28.138

200 OK

9.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.2 kB (9176 bytes)
Hash
7d425f7bea4f48366f31883ea613ed55
6e282d4bfa59cc087ac52130fcb393301b6316bb
a9286fa4027b04fbfd0427fc19745a5eccf931b2e998d52e9e7e63d3ca4c3183

HTTP Headers

GET /upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 9176
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10099
content-disposition: inline; filename="qtzuufrjhye1318qtzuufrjhye592235.webp"
etag: "637472c3-2773"
last-modified: Wed, 16 Nov 2022 05:18:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adf9db515-OSL
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/static/css/white.css

173.231.38.6

200 OK

11 kB

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/css/white.css
IP
173.231.38.6:0
ASN
#18450 WEBNX

File type
data
Size
11 kB (10768 bytes)
Hash
72e66c699fe28b258f46e89f6e9b8f88
c11958f68293f2469fde276735696152e56cffaf
33dfa498f64fad1350ad485265fbe612c2e72bc311084b48d6e3d38da1987a2e

HTTP Headers

GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:49 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-29d9"
expires: Thu, 05 Jan 2023 16:04:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/knt24bqw2ip.jpg

172.67.28.138

200 OK

5.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/knt24bqw2ip.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.9 kB (5906 bytes)
Hash
b0a4923489d0ef46272df223126447a0
e82d0be85ba853c80a594e7cf43b71306faf8755
d153ebe5b74d061bfcf8343557ba4435b4fe86fad0a779f7e772ae5b05025404

HTTP Headers

GET /upload/vod/2023/01/knt24bqw2ip.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 5906
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8619
content-disposition: inline; filename="knt24bqw2ip.webp"
etag: "63b534e3-21ab"
last-modified: Wed, 04 Jan 2023 08:12:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfacb515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/s4hnjpywup1.jpg

172.67.28.138

200 OK

4.1 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/s4hnjpywup1.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.1 kB (4100 bytes)
Hash
41f666373e4a952ed810193af6000136
aa2a2ffb7e4181ca347f87c688c5d9394c8480ed
c25962ad4cb11ef0ba7b3e502098a14f9d5a93d312a43e0092926e58e7319eea

HTTP Headers

GET /upload/vod/2023/01/s4hnjpywup1.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 4100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6393
content-disposition: inline; filename="s4hnjpywup1.webp"
etag: "63b534e8-18f9"
last-modified: Wed, 04 Jan 2023 08:12:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfadb515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/oqbpj5fhwdl.jpg

172.67.28.138

200 OK

7.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/oqbpj5fhwdl.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.3 kB (7262 bytes)
Hash
2023f9f7d8112cab343fa582f4102e7e
809010e3d93eda8d9aa2b3048641a23c2c749fca
901e61084dd3fdb970c5605c548b2d54a0a90b67ba06db6fdd58bef477b71909

HTTP Headers

GET /upload/vod/2023/01/oqbpj5fhwdl.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 7262
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9520
content-disposition: inline; filename="oqbpj5fhwdl.webp"
etag: "63b534fa-2530"
last-modified: Wed, 04 Jan 2023 08:12:42 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfb1b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/uu51arjkykd.jpg

172.67.28.138

200 OK

7.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/uu51arjkykd.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.5 kB (7486 bytes)
Hash
2a9796775d97eb4c29c06a15596bc0fd
9b7cac3f1e8d8269f2638818604773bd7b3dfadf
7b679b1e62812a4077fcdb33450593e289a44e56dfc9842133add4b0db7d767b

HTTP Headers

GET /upload/vod/2023/01/uu51arjkykd.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 7486
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8725
content-disposition: inline; filename="uu51arjkykd.webp"
etag: "63b534fd-2215"
last-modified: Wed, 04 Jan 2023 08:12:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfb3b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/a0dqvw3gt3y.jpg

172.67.28.138

200 OK

8.4 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/a0dqvw3gt3y.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.4 kB (8384 bytes)
Hash
0b246929744b67d60a73f863d941edd2
18db6b03fafea882fbe032b73a799b030e412cc5
0cd564aba73885e5d159e86bb05f68fb3b103d1374c58845926ec54ea487da78

HTTP Headers

GET /upload/vod/2023/01/a0dqvw3gt3y.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 8384
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9790
content-disposition: inline; filename="a0dqvw3gt3y.webp"
etag: "63b534d1-263e"
last-modified: Wed, 04 Jan 2023 08:12:01 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfa8b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/o01hb4kye2k.jpg

172.67.28.138

200 OK

9.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/o01hb4kye2k.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.5 kB (9510 bytes)
Hash
b326ba55fa5597472b623ec4b08c3cde
13a26f828a56d1e2fd51a381eae5ca268bff14a4
557c3f429f94a9a80fc6999877dc7fecf53dbfbf6308370526b197e2cdac0ee1

HTTP Headers

GET /upload/vod/2023/01/o01hb4kye2k.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 9510
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10245
content-disposition: inline; filename="o01hb4kye2k.webp"
etag: "63b534ed-2805"
last-modified: Wed, 04 Jan 2023 08:12:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfaeb515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/sw1w0gkfupt.jpg

172.67.28.138

200 OK

8.3 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/sw1w0gkfupt.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.3 kB (8310 bytes)
Hash
f5edc921a031f04c58a44bf0cdc132fe
74bb5cd88584b31314d196d6d9233f7d930ce6e6
aade137d8ee62325b4797a59456932bea8f1c726b200ad8ea9f1794f83a179cf

HTTP Headers

GET /upload/vod/2023/01/sw1w0gkfupt.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 8310
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9128
content-disposition: inline; filename="sw1w0gkfupt.webp"
etag: "63b534f2-23a8"
last-modified: Wed, 04 Jan 2023 08:12:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfafb515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/drfhbidgpsq.jpg

172.67.28.138

200 OK

8.2 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/drfhbidgpsq.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.2 kB (8210 bytes)
Hash
c539e409049df3e6db162b7765115da7
e5fdf8dbde7d7d7bd0ea7dbb555a32f260d9f8ee
4ed41173f9aa202faece9ec96fcedefe23288edf82b931e30bd0f54ff86163ad

HTTP Headers

GET /upload/vod/2023/01/drfhbidgpsq.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 8210
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9069
content-disposition: inline; filename="drfhbidgpsq.webp"
etag: "63b534f7-236d"
last-modified: Wed, 04 Jan 2023 08:12:39 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551adfb0b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/jlqwywdy2s1.jpg

172.67.28.138

200 OK

10 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/jlqwywdy2s1.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10512 bytes)
Hash
3b3be2732e5904d8b601de6f3594b475
a70866e80b04d7efe4cf26c27fac69e24ef76734
a71ffaef29d95851f2522adde5a00774c9decdd07e64840689b440b4557e0f58

HTTP Headers

GET /upload/vod/2023/01/jlqwywdy2s1.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 10512
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11702
content-disposition: inline; filename="jlqwywdy2s1.webp"
etag: "63b53501-2db6"
last-modified: Wed, 04 Jan 2023 08:12:49 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551aefb4b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/re35cti1wdv.jpg

172.67.28.138

200 OK

7.5 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/re35cti1wdv.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.5 kB (7510 bytes)
Hash
d7ae1d67eb1f9671eb566b9b8ad4b895
f1c9146c0af25d14893738c120edeabddc8025eb
587417921f79c770ba15105ff42bccc15cbb969c05fd4315b57300ae43677021

HTTP Headers

GET /upload/vod/2023/01/re35cti1wdv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 7510
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8609
content-disposition: inline; filename="re35cti1wdv.webp"
etag: "63b5350b-21a1"
last-modified: Wed, 04 Jan 2023 08:12:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551aefb6b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/0fmod2gi10w.jpg

172.67.28.138

200 OK

10 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/0fmod2gi10w.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
10 kB (10183 bytes)
Hash
e3b1c173a6cf330b0208e1eed14133ee
196f12960c38b6e4d84aa51c7ed029070bb84b86
3854fd3016701ae26bd8e8b95987412f804c2f054fb83b446a568eeafcde1ebd

HTTP Headers

GET /upload/vod/2023/01/0fmod2gi10w.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/jpeg
content-length: 10183
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10665, status=webp_bigger
etag: "63b534d6-29a9"
last-modified: Wed, 04 Jan 2023 08:12:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7849551adfa9b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2023/01/im34ry15utv.jpg

172.67.28.138

200 OK

11 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2023/01/im34ry15utv.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
11 kB (10906 bytes)
Hash
98cc71dba8e1764a5ca95504da746451
a94c12ab0e004bfa269e43cd90592f4fa1d619fb
8a4da41871b94af58209f6bc598c8d87e515cc06094116476d454dca197e4aeb

HTTP Headers

GET /upload/vod/2023/01/im34ry15utv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/jpeg
content-length: 10906
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11326, status=webp_bigger
etag: "63b53506-2c3e"
last-modified: Wed, 04 Jan 2023 08:12:54 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7849551aefb5b515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/p33uukek2g5.jpg

172.67.28.138

200 OK

17 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/p33uukek2g5.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Size
17 kB (17124 bytes)
Hash
bcbfc37f4cfa30666e3c596b1a37746b
b0baeb44b937e5dbebbc2b3afaf59fb61e8f6682
d7e33db44d7bb6484c2424f04cb2d7f15c527e68390d5f6585b89c926369887f

HTTP Headers

GET /upload/vod/2022/12/p33uukek2g5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/jpeg
content-length: 17124
cf-bgj: imgq:85,h2pri
cf-polished: origSize=18053, status=webp_bigger
etag: "638da58f-4685"
last-modified: Mon, 05 Dec 2022 08:02:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7849551bb81bb515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/tedqfnlyoyp.jpg

172.67.28.138

200 OK

9.9 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/tedqfnlyoyp.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.9 kB (9858 bytes)
Hash
23fdc785a2c387a8921008b7aef07cbd
b97e64bea59d8efd1341a6b139a9023c951a19da
a30cc3d5cb4ad095190a9af6961a7a567a29ffbc395735d4be2c99f69f523a7f

HTTP Headers

GET /upload/vod/2022/12/tedqfnlyoyp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 9858
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10702
content-disposition: inline; filename="tedqfnlyoyp.webp"
etag: "63903e33-29ce"
last-modified: Wed, 07 Dec 2022 07:18:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551bb81fb515-OSL
X-Firefox-Spdy: h2

lbfm.lbpictupian.com/upload/vod/2022/12/wsjcnxu5mfc.jpg

172.67.28.138

200 OK

4.7 kB

URL HTTP/2
lbfm.lbpictupian.com/upload/vod/2022/12/wsjcnxu5mfc.jpg
IP
172.67.28.138:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.7 kB (4700 bytes)
Hash
a1e3b01fee0f819cf66b3a87d4cf2ac3
258aa12dc1c2bcb5ae43456ff474815cb7d925c5
c1a366d694caeb11be2024da4a41c8c1df1f33414363ca7aeadd55683739cbeb

HTTP Headers

GET /upload/vod/2022/12/wsjcnxu5mfc.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/webp
content-length: 4700
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7557
content-disposition: inline; filename="wsjcnxu5mfc.webp"
etag: "6396b759-1d85"
last-modified: Mon, 12 Dec 2022 05:08:41 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6860
accept-ranges: bytes
server: cloudflare
cf-ray: 7849551bb81ab515-OSL
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/static/css/style.css

173.231.38.6

200 OK

26 kB

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/css/style.css
IP
173.231.38.6:0
ASN
#18450 WEBNX

File type
data
Size
26 kB (26177 bytes)
Hash
2031f75f4857b768d1612f1b3998ab52
34b2249fd65a656d2b380e1a59f9f9460051492b
df47503b5746c1b6f26f163a6194d7e5dfae3832ae9754ec26cec70e74c10284

HTTP Headers

GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:49 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-10aff"
expires: Thu, 05 Jan 2023 16:04:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

jx.tongdoumaoyi.com/news/data.php

20.239.85.25

200 OK

9.8 kB

URL HTTP/2
jx.tongdoumaoyi.com/news/data.php
IP
20.239.85.25:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
9.8 kB (9831 bytes)
Hash
5905ca51d5def5923e3edf9de1d39613
fab5275de5d34cc20a72de1b58455c4a9866b66e
6383a3d5a8a3897650e362034f68cab48f316f3c898cf6d37f697639438f99c8

HTTP Headers

GET /news/data.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 05 Jan 2023 04:04:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.194.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.194.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
0aa929c7f50421eb967eee334d04883f
9c0aa03d5bd8a85ffebf2a223dd6c0cb77cf408c
4e9b6df8b816589b3dbdedef32c8c88b551d47dc47ff7ccb18d2fc66d81092a5

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 09 Jan 2023 03:09:07 GMT
ETag: "9c0aa03d5bd8a85ffebf2a223dd6c0cb77cf408c"
Last-Modified: Thu, 05 Jan 2023 03:09:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 05 Jan 2023 04:04:53 GMT
Age: 3345
X-Served-By: cache-qpg1239-QPG, cache-bma1678-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 13, 1
X-Timer: S1672891494.724880,VS0,VE1

3p8801.co/yy-960x60.gif

107.148.202.17

200 OK

37 kB

URL HTTP/2
3p8801.co/yy-960x60.gif
IP
107.148.202.17:0
ASN
#54600 PEGTECHINC

File type
GIF image data, version 89a, 960 x 60\012- data
Size
37 kB (37300 bytes)
Hash
95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644

HTTP Headers

GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Sat, 04 Feb 2023 04:04:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.buypass.com/

23.33.119.18

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.33.119.18:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1701 bytes)
Hash
25aad549aebeb1ea79ac0c240368e22a
fe2bdfe4114da509e3f71f43a4a14139bd0968e4
0cb97f94a5f9542910feeaf0de61d266aed45139f18a3b983cebc3ed33d1b82b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 8ff7b9ff-9215-46f1-bcd9-4935ee913a8d
Content-Length: 1701
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

ocsp.buypass.com/

23.33.119.18

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.33.119.18:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1701 bytes)
Hash
9fc35279bf0f0da1d5dcbca4563d3966
21b77473b0b037b141bc25ff49643c6d103e4b9a
80f5aad03931f4662ab6f046058072ab24b95ecf719e3c6edf277b0ec00655f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 77e65bea-504f-4d88-a201-26c26312bc6c
Content-Length: 1701
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

99887aaa.com/5bcd4bf0b8334404bd4ae2f523a4278a.gif

103.170.15.115

200 OK

47 kB

URL HTTP/1.1
99887aaa.com/5bcd4bf0b8334404bd4ae2f523a4278a.gif
IP
103.170.15.115:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 320 x 185\012- data
Size
47 kB (46862 bytes)
Hash
f7bc8826b4d1fb8058ba712134859f27
3904bda8ed2e2892d338fd0f31a715fafe2d226c
a986f5a6b2fe83b27c3f9bf6cafd6cdadd097eaeb61eb91ea8c782bbd565e259

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5bcd4bf0b8334404bd4ae2f523a4278a.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a43822-b70e"
Date: Mon, 02 Jan 2023 02:16:41 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 10:57:38 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-45
Content-Length: 46862

ocsp.buypass.com/

23.33.119.18

200 OK

1.7 kB

URL HTTP/1.1
ocsp.buypass.com/
IP
23.33.119.18:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1701 bytes)
Hash
b9d4eec7f6aa24e46966baa0518f71d7
19f2e959860885fd935a146846dee7a2609d378f
bad8e6932f954c8e77a915eccf9543371585cfffa17bf9d8747b562e48d4ab32

HTTP Headers

POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 4e42ea99-7872-458a-b705-f701573a34b6
Content-Length: 1701
Date: Thu, 05 Jan 2023 04:04:53 GMT
Connection: keep-alive

help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif

49.51.190.27

200 OK

0 B

URL HTTP/1.1
help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif
IP
49.51.190.27:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /datas/feedback/20221217/639d86e9b6b6d.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
server: openresty
date: Thu, 05 Jan 2023 04:04:52 GMT
content-type: image/gif
content-length: 166673
last-modified: Sat, 17 Dec 2022 09:07:53 GMT
etag: "639d86e9-28b11"
expires: Fri, 20 Jan 2023 04:04:52 GMT
cache-control: max-age=1296000
accept-ranges: bytes

66669aaa.com/2d7b4166a63c4e48bb523d07d45069fb.gif

103.170.15.75

200 OK

0 B

URL HTTP/1.1
66669aaa.com/2d7b4166a63c4e48bb523d07d45069fb.gif
IP
103.170.15.75:0
ASN
#7483 Skycloud Computing co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /2d7b4166a63c4e48bb523d07d45069fb.gif HTTP/1.1
Host: 66669aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6399cb60-3e19b"
Date: Wed, 04 Jan 2023 13:27:42 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 14 Dec 2022 13:10:56 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 254363

kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif

172.83.155.45

200 OK

0 B

URL HTTP/2
kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
IP
172.83.155.45:0
ASN
#201106 Spartan Host Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:53 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Thu, 05 Jan 2023 16:04:53 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1420381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwipRCov4sczHTcdIWkv%2FaUrYkMXIXYgzLjnYGeXGYrNTWiFyZ4kN%2FbAl29k5zhUJwdz4MPvR6gOiEVX0jKqomGgljR2%2BFim4H7cs%2FsgE0OBbp%2BdOSiFv8UW13GA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f29af56ca4c5f5-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

zhibo128x.xyz/128/318X216.gif

154.83.25.141

200 OK

0 B

URL HTTP/1.1
zhibo128x.xyz/128/318X216.gif
IP
154.83.25.141:0
ASN
#62587 ANT-CLOUD

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Thu, 05 Jan 2023 04:03:03 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Sat, 31 Dec 2022 05:06:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes

www.jxys16.xyz/template/m1938pc/static/css/bootstrap.min.css

173.231.38.6

200 OK

0 B

URL HTTP/2
www.jxys16.xyz/template/m1938pc/static/css/bootstrap.min.css
IP
173.231.38.6:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:49 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Thu, 05 Jan 2023 16:04:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js

173.231.38.6

200 OK

0 B

URL HTTP/2
www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js
IP
173.231.38.6:0
ASN
#18450 WEBNX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 04:04:49 GMT
content-type: application/javascript
last-modified: Mon, 02 Jan 2023 08:55:15 GMT
vary: Accept-Encoding
etag: W/"63b29bf3-6ee"
expires: Thu, 05 Jan 2023 16:04:49 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img.9367x.com/images/6399c32956eec67c33ea8925.gif

38.54.81.125

302 Found

0 B

URL HTTP/2
img.9367x.com/images/6399c32956eec67c33ea8925.gif
IP
38.54.81.125:0
ASN
#174 COGENT-174

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6399c32956eec67c33ea8925.gif HTTP/1.1
Host: img.9367x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
X-Firefox-Spdy: h2

ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif

120.52.95.238

200 OK

0 B

URL HTTP/1.1
ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
IP
120.52.95.238:0
ASN
#133119 China Unicom IP network

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 04:04:53 GMT
Content-Type: image/gif
Content-Length: 1082384
Connection: keep-alive
Server: openresty
Age: 1286702
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "a2513b4510f6797c4cbe4012fc79c64c"
Last-Modified: Wed, 21 Dec 2022 06:06:41 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HElangfang-AREACUCC1-CACHE22[2],CHN-HElangfang-AREACUCC1-CACHE30[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE54[16],CHN-TJ-GLOBAL1-CACHE30[0,TCP_HIT,13]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSFhv2Sr1BDL3xCdwQqA6DE4Gw8YvJHp
x-amz-request-id: 00000185334A8E1F900DAF7A4A1D6950
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes

kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif

13.227.254.18

200 OK

0 B

URL HTTP/2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
13.227.254.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 04 Jan 2023 07:21:53 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 a691085135305af276cea0859fd6b128.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: UIwNlLJd0xuQFSrhsU7ZHuzbWS30xT5tX3HREUXqhfia5biE6oc4lw==
age: 74581
X-Firefox-Spdy: h2

help.ifeng.com/datas/feedback/20221230/63aeea646e4a1.gif

49.51.190.27

200 OK

0 B

URL HTTP/1.1
help.ifeng.com/datas/feedback/20221230/63aeea646e4a1.gif
IP
49.51.190.27:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /datas/feedback/20221230/63aeea646e4a1.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
server: openresty
date: Thu, 05 Jan 2023 04:04:52 GMT
content-type: image/gif
content-length: 115583
last-modified: Fri, 30 Dec 2022 13:40:52 GMT
etag: "63aeea64-1c37f"
expires: Fri, 20 Jan 2023 04:04:52 GMT
cache-control: max-age=1296000
accept-ranges: bytes

99885aaa.com/2571b5232e904522b532216679441c82.gif

103.170.15.110

200 OK

0 B

URL HTTP/1.1
99885aaa.com/2571b5232e904522b532216679441c82.gif
IP
103.170.15.110:0
ASN
#7483 Skycloud Computing co., Ltd.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /2571b5232e904522b532216679441c82.gif HTTP/1.1
Host: 99885aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a44177-88c8b"
Date: Wed, 04 Jan 2023 12:44:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 11:37:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 560267

img.9376x.com/images/6399c27b56eec67c33ea8921.gif

38.54.81.125

302 Found

0 B

URL HTTP/2
img.9376x.com/images/6399c27b56eec67c33ea8921.gif
IP
38.54.81.125:0
ASN
#174 COGENT-174

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/6399c27b56eec67c33ea8921.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations