r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2256
Expires: Thu, 05 Jan 2023 22:54:03 GMT
Date: Thu, 05 Jan 2023 22:16:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2359
Expires: Thu, 05 Jan 2023 22:55:46 GMT
Date: Thu, 05 Jan 2023 22:16:27 GMT
Connection: keep-alive
weightloss-meals.com/gym-and-meals
107.165.125.108301 Moved Permanently 0 B URL HTTP/1.1 weightloss-meals.com/gym-and-meals
IP 107.165.125.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gym-and-meals HTTP/1.1
Host: weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 05 Jan 2023 22:16:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.weightloss-meals.com/gym-and-meals
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 21:41:16 GMT
content-type: application/json
age: 2111
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13118
Expires: Fri, 06 Jan 2023 01:55:05 GMT
Date: Thu, 05 Jan 2023 22:16:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EsB6+ncEeeRF4D1kO3yRIMRiRoK/bzRgFZXE6xvwLqcjTdElu/xVA5bkjouG4T+a6Cwu6hmd9Ec=
x-amz-request-id: ZM2JCZYCDKC271TW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 22:01:54 GMT
age: 873
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:27 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 21:33:38 GMT
age: 2570
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.weightloss-meals.com/gym-and-meals
107.165.125.108200 OK 783 B URL HTTP/1.1 www.weightloss-meals.com/gym-and-meals
IP 107.165.125.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash a942daf4507d5ead8823e6851783c6d8
a8a0cd5991f301b6f7e113222b2b5252d6fe5e56
f529b0ebc5e1f012afefc84e9e941c47217795f1aa56578c55d00bbdca4ed34a
GET /gym-and-meals HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 22:16:28 GMT
Content-Type: text/html
Content-Length: 783
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73a99621729e1bc9e236a1085b98a0cf
5e1f71493085f6be7788f59987c1f0850b77d4d7
219d1a8d7d1a027553f72c8c024488863d8996457b31c78014002f81174f3ad1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6554
Cache-Control: max-age=131975
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:16:28 GMT
Etag: "63b69329-1d7"
Expires: Sat, 07 Jan 2023 10:56:03 GMT
Last-Modified: Thu, 05 Jan 2023 09:06:49 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.weightloss-meals.com/tj.js
107.165.125.108200 OK 518 B URL HTTP/1.1 www.weightloss-meals.com/tj.js
IP 107.165.125.108:0
File type ASCII text, with CRLF line terminators
Hash 42d13181dd4c01c00e9e51359fa72da3
f42486f56c3ad0f9c1c924173afd2125a58b64f0
ab4722cfa6736dc75c10a0b0049115cb92910e5779f164f5347caadf1efc4fcd
GET /tj.js HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/gym-and-meals
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 22:16:28 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive
www.weightloss-meals.com/common.js
107.165.125.108200 OK 753 B URL HTTP/1.1 www.weightloss-meals.com/common.js
IP 107.165.125.108:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash 422fd880589a7fc1a2f9b43c88c64fbe
cd02b22cba108051097edd967d9b4e937386a05f
51ceb85b881f6f3a9a9deea0265b4960a9fd3d7fe698b72c0329332dc91585b9
GET /common.js HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/gym-and-meals
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 22:16:28 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.42.185.162101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.185.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RRMooTFWBJhjqUUdwYPfVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bDA3cpzq89BV9dQhFIYycwMDjEg=
www.weightloss-meals.com/favicon.ico
107.165.125.108200 OK 1.2 kB URL HTTP/1.1 www.weightloss-meals.com/favicon.ico
IP 107.165.125.108:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.weightloss-meals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/gym-and-meals
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 22:16:29 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Tue, 10 Jan 2023 22:16:29 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
112.34.113.148200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 05 Jan 2023 22:16:29 GMT
Etag: "4078521116"
Expires: Fri, 05 Jan 2024 22:16:29 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=85A7908919D7027C8CE891836A4D2DE8:FG=1; max-age=31536000; expires=Fri, 05-Jan-24 22:16:29 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 770dda47f99f4fa9ca71f2ce9efdedfd
c10cfb581c770224963e624eec726174d8e48d38
44e96f8a1d494226f50779876f7d847868306b147195ab22f58dfee44de3679b
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 20:52:53 GMT
ETag: "c10cfb581c770224963e624eec726174d8e48d38"
Last-Modified: Thu, 05 Jan 2023 20:52:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3106
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784f94201c48b527-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 770dda47f99f4fa9ca71f2ce9efdedfd
c10cfb581c770224963e624eec726174d8e48d38
44e96f8a1d494226f50779876f7d847868306b147195ab22f58dfee44de3679b
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 20:52:53 GMT
ETag: "c10cfb581c770224963e624eec726174d8e48d38"
Last-Modified: Thu, 05 Jan 2023 20:52:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3106
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784f94201d88b517-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash ad58b588213fb95d9802fd918f9b212e
d11084bdc43199fdf79155677238351368581eb9
e3c48962c266832623e3f762427967a08c0774afc4d31779c2e520401b8a4d23
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:29 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 06:23:37 GMT
Expires: Thu, 12 Jan 2023 06:23:36 GMT
Etag: "d11084bdc43199fdf79155677238351368581eb9"
Cache-Control: max-age=547026,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f941f9e700b65-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2691
Expires: Thu, 05 Jan 2023 23:01:20 GMT
Date: Thu, 05 Jan 2023 22:16:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2691
Expires: Thu, 05 Jan 2023 23:01:20 GMT
Date: Thu, 05 Jan 2023 22:16:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2691
Expires: Thu, 05 Jan 2023 23:01:20 GMT
Date: Thu, 05 Jan 2023 22:16:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2691
Expires: Thu, 05 Jan 2023 23:01:20 GMT
Date: Thu, 05 Jan 2023 22:16:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c43cd789c8a417cccb0fd1d0976b13f2
f7be1e65af4baa06da326d643a624fe46abe1ea2
863d781dc296cd5edb0f2630f4bb29533323917f455f512e7679e4afa0346323
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4577
x-amzn-requestid: 5e67ddf8-53fd-4cad-b6b9-8202560bf598
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSd60GXjoAMF41Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74378-042659c73cd71e1004a14faa;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:39:04 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1lbzfXbU7LtEjnlHa7ZypSnkSumraYEkaMdWkfa-OjnSgNVB0VMsXw==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:48 GMT
age: 1781
etag: "f7be1e65af4baa06da326d643a624fe46abe1ea2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc62c3ca8bc387a91c7d4711b5bc2409
7a984b459227e11984faa2539569a90875a58d29
e14a0e22b58fc1f3f392b842573e3abff7b24eb66db6b351046a186acc3b2954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7660
x-amzn-requestid: 9338abf2-1191-47da-95ff-0a201604fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCEDhoAMFZ4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-433f4ba9780dbc7a485ccbe9;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: W2UrX2IbKy5pDUZkncaKE7FeGGbHetQLbvqQ2jJsb-IhQdauHgrACA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 22:41:16 GMT
age: 84913
etag: "7a984b459227e11984faa2539569a90875a58d29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761dfafe-b068-458c-8353-add070181fbd.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761dfafe-b068-458c-8353-add070181fbd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5333b07c55ecc31c8aebfa5f80476ba9
7c1e058b189cf70dc46e35fc199a05e919d2b589
55932f33cea20066103fb067a5589bcaf548c21f99a1bf7a64fe95e05e39a7e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761dfafe-b068-458c-8353-add070181fbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8484
x-amzn-requestid: 11abddf9-f08a-4ec1-bbed-9b13f75667ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSd6THUMIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74374-355789823d721ed704e08c87;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:39:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _i_Yf8aS-CRuK6eD997E2wSEqR0cpNCqy_Iiwa0zW2NJ1wckXdU4AQ==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:52 GMT
age: 1777
etag: "7c1e058b189cf70dc46e35fc199a05e919d2b589"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636212af-8da6-439f-bad7-7f0a664c0444.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636212af-8da6-439f-bad7-7f0a664c0444.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash effeec9833abca0024c800a86049aeb2
bbe5831baff19f47ad6e149eb6bda644ada2df1a
86ec5c3a7a9643ec422b3bdf37962549a7de569e3881d1c1795035cda2889b40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636212af-8da6-439f-bad7-7f0a664c0444.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10059
x-amzn-requestid: c8e9b428-c3a6-43a1-b881-69807e2b6fe3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdr-G5poAMF4Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74319-26ab2ec02e7aa0406167faf9;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n_vXNWhOqETrC8t_tI8ywK8bTVpTqDf6E-ZKCu0EikavZ9PlHQOrVA==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 1788
etag: "bbe5831baff19f47ad6e149eb6bda644ada2df1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jx.tongdoumaoyi.com/news/index.php
20.239.85.25200 OK 13 kB URL HTTP/2 jx.tongdoumaoyi.com/news/index.php
IP 20.239.85.25:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4d04a57e90506fcd97ed40ef98217bf8
39db996016801291e36aeb66280a01e9dbecdef2
c580bc23d630104e82209c1c0f058347e9251e13029accb593eb5c67ef428cfb
GET /news/index.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 05 Jan 2023 22:16:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9b2480-67ce-4247-9d95-8e03d4ea893a.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9b2480-67ce-4247-9d95-8e03d4ea893a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a651a6052d9f980978b9872daf24f447
ce2c94232835dbe5aee99dd436f68f94ce42a7cb
263835059464a3085a3152436ef45140e29c917c30f7f238c442bb54e022003a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9b2480-67ce-4247-9d95-8e03d4ea893a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4930
x-amzn-requestid: 75be345e-998b-474b-884e-d0e5d501f3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdrpHqzIAMF52Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74317-5bf56aaf6a6c96f10e75c5dd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:27 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1jKsMbem-EgE9IEqUINZESinhqOIEv9T5QkIkyF7iIcql1UBJiZTvw==
via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:51 GMT
age: 1778
etag: "ce2c94232835dbe5aee99dd436f68f94ce42a7cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ac926d0332f02f4f5a734812940af824
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 5c57a05ee322201ca464f86e055af700
bd63d1b0b740c1aeedf1da5ce81002d1ebc90802
051b7062f0cc6ed3ad629b6319e2057835da2018193d47b8668b2dc8b67a4c50
GET /hm.js?ac926d0332f02f4f5a734812940af824 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 22:16:29 GMT
Etag: e6c0bd1c5e09faddd1b7563e833e0b46
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FBA02E1233880B53; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash d8964260abad94fbfcb68f5fcc252af4
6b9e281393e29e723e3a8b32a3643abd136d8da2
bd5b5a4fe40822a3afbca0e9ba13390dec4e385485177316b8f0506c3f22e2da
GET /hm.js?a8b62fdc23d9b1fca65d1fb2a7d3b162 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 22:16:29 GMT
Etag: e00839eaf6602f7b9aecb2d6db056cc9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5D5F4B55ACDBD2FC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
api.share.baidu.com/s.gif?l=http://www.weightloss-meals.com/gym-and-meals
39.156.68.163200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.weightloss-meals.com/gym-and-meals
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.weightloss-meals.com/gym-and-meals HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 05 Jan 2023 22:16:30 GMT
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1952026500&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=45035&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1952026500&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=45035&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1952026500&si=ac926d0332f02f4f5a734812940af824&v=1.3.0&lv=1&sn=45035&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 22:16:30 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=731C467C41046EE6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=59381320&si=a8b62fdc23d9b1fca65d1fb2a7d3b162&v=1.3.0&lv=1&sn=45035&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=59381320&si=a8b62fdc23d9b1fca65d1fb2a7d3b162&v=1.3.0&lv=1&sn=45035&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=59381320&si=a8b62fdc23d9b1fca65d1fb2a7d3b162&v=1.3.0&lv=1&sn=45035&r=0&ww=1280&u=http%3A%2F%2Fwww.weightloss-meals.com%2Fgym-and-meals&tt=%E6%99%AE%E6%B4%B1%E7%B1%B3%E6%A1%A3%E5%B7%A5%E8%89%BA%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.weightloss-meals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 22:16:30 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A87AC7AE137A33C4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8418644a0a185cb406e89d2f0830a63a
8d52d13208441016208eca98cdee3a7d997d160e
9aa072baa67dd86197af37be57df43458fee24118931026338d6aa8f541e35d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA072BAA67DD86197AF37BE57DF43458FEE24118931026338D6AA8F541E35D3"
Last-Modified: Tue, 03 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 06 Jan 2023 04:16:31 GMT
Date: Thu, 05 Jan 2023 22:16:31 GMT
Connection: keep-alive
www.jxys16.xyz/template/m1938pc/html9/ads/1.gif
173.231.38.6200 OK 254 B URL HTTP/2 www.jxys16.xyz/template/m1938pc/html9/ads/1.gif
IP 173.231.38.6:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/html9/ads/1.gif HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:32 GMT
content-type: image/gif
content-length: 254
last-modified: Sat, 02 Apr 2022 12:20:12 GMT
etag: "62483f7c-fe"
expires: Sat, 04 Feb 2023 22:16:32 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.jxys16.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
173.231.38.6200 OK 13 kB URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
IP 173.231.38.6:0
File type Web Open Font Format, TrueType, length 13408, version 1.0\012- data
Hash 99af6debcdaba3e7ffe01b4c3cbccacb
4efda64b06cd7c294f6214623bcb634f3def3bd1
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
GET /template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.jxys16.xyz/template/m1938pc/static/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:32 GMT
content-type: font/woff
content-length: 13408
last-modified: Fri, 14 Jan 2022 04:47:30 GMT
etag: "61e10062-3460"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2ac4a2d34c34a270e029b4996d351332
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash c548ad93989f79b5c502057e81f7cf29
7ce8622a38840bba47edfe4e6469fc1fde88ebb8
18c35e71528a61a7a7aa56160341333e9dfffba8d8b062365b9de26d5021fa82
GET /hm.js?2ac4a2d34c34a270e029b4996d351332 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 22:16:32 GMT
Etag: 60b29652ff52610abae6a8d4509284fc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=644410C3FB2C9BE0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1738317619&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=45038&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1738317619&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=45038&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1738317619&si=2ac4a2d34c34a270e029b4996d351332&su=https%3A%2F%2Fjx.tongdoumaoyi.com%2F&v=1.3.0&lv=1&sn=45038&r=0&ww=1268&u=https%3A%2F%2Fwww.jxys16.xyz%2F&tt=%E8%81%9A%E9%91%AB%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 22:16:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D3D53826AE1DB676; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
z4a.net/images/2022/12/11/960x603d5ab8438267da4d.gif
104.21.234.234200 OK 176 kB URL HTTP/2 z4a.net/images/2022/12/11/960x603d5ab8438267da4d.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 176 kB (176400 bytes)
Hash 790f7ce169b014489226f2bc54fcebdb
8c728b76de39bd04e942af210a6742a2727eedd5
111153d903587269530c51cc32126f82d51a9461b42be47237db3f289f6483c6
GET /images/2022/12/11/960x603d5ab8438267da4d.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:33 GMT
content-type: image/gif
content-length: 176400
expires: Sat, 16 Dec 2023 08:27:00 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1777773
last-modified: Fri, 16 Dec 2022 08:27:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwlYxFYGdrYQewT1KKceu%2FUhqHRkd4HJHk1Itqk8dC%2FcLshN%2BPq08nz8hHJ8HrPrt%2BSg6haRgCy2Kq1kLBOAFrGHteMnpraY5qVqk6fwBeJKxWVzntR%2BK0yn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 784f94389bf18926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/11/960x60.gif
104.21.234.234200 OK 169 kB URL HTTP/2 z4a.net/images/2022/12/11/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 169 kB (168777 bytes)
Hash 729a348b918f6435c5a38c8938a81587
f82b088813167cd5396bf74feedb4d8e35612dcf
cd580979947876de1d553e460e57bd4d7b432c682097f67c6249b667eb3c6726
GET /images/2022/12/11/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:33 GMT
content-type: image/gif
content-length: 168777
expires: Mon, 11 Dec 2023 13:33:34 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2191379
last-modified: Sun, 11 Dec 2022 13:33:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NOonUnnhqmGBDT6zFBn7qSyzIdT2acrsUf5l7qj%2FLbIvpHWSD6RoH4HG13dCs0vrrkyjMPL%2FUb%2BWChDx3rB15aEOY1CCXKoM2hqIFyOSUE5%2FYK7dXGBJftz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 784f94389be98926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/10/960x60.gif
104.21.234.234200 OK 245 kB URL HTTP/2 z4a.net/images/2022/12/10/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (245207 bytes)
Hash 0b25bc78e72da9cce4df6f8b35a75247
26e8c59347f9489d5922e92660d3fc2d44c44cbb
8ff60c94afa37237e7746c8095addb9476b20739a25163536a2cd89217089a88
GET /images/2022/12/10/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:33 GMT
content-type: image/gif
content-length: 245207
expires: Mon, 11 Dec 2023 13:33:34 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2191379
last-modified: Sun, 11 Dec 2022 13:33:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJ8njFRVrV%2B6WzgsuYCXlGroKuzq5BSN5C%2BsxitXMyR8K%2FKv2u3Fs6p2McRpZh%2FSRU4HkeYZe0dWt2ntxp%2FcLUElZauWc6dT5Y7%2F80%2Fq8aLN7g6Zjt3PWXDY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 784f94389bf48926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/11/960-60-0.gif
104.21.234.234200 OK 198 kB URL HTTP/2 z4a.net/images/2022/12/11/960-60-0.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 198 kB (198523 bytes)
Hash 785b488cd18db17252bbc6e2e90d15fb
733a0183c583aaac34ffd5b1019d4a6ca25434c6
01982c41cd3165a9490c613aee197531461568a26d6691509076dfcb7c5438a4
GET /images/2022/12/11/960-60-0.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:33 GMT
content-type: image/gif
content-length: 198523
expires: Mon, 11 Dec 2023 13:33:34 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2191379
last-modified: Sun, 11 Dec 2022 13:33:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WQBDyokFkjWQwWSHQepLg%2Bl46jSN5NgnYQ6WC5MHu8Vu7ACd91CG%2FmlmR7i9Ija3ZlTmXWZcEGjEE%2FZiV6Dey5RVJbhbjtpcpoPqixlwsgvePUC6KlR0ez%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 784f9438ac228926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/12/21/960x60d39aac802c494f86.gif
104.21.234.234200 OK 528 kB URL HTTP/2 z4a.net/images/2022/12/21/960x60d39aac802c494f86.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 528 kB (527657 bytes)
Hash bc9315952b1de102c2097670f688e43d
2412c6e3aee17d6a271b6f69358ac96dec2afa24
b20477516ad5a2c0daef1e9f3037e32278a3740ca88be3614c1540b90675f396
GET /images/2022/12/21/960x60d39aac802c494f86.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:33 GMT
content-type: image/gif
content-length: 527657
expires: Fri, 05 Jan 2024 18:44:42 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 12711
last-modified: Thu, 05 Jan 2023 18:44:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KN6pkLwlAFxzYOadrkRc%2FnF52q5kgNe%2Fw1VGXSkABGz4a1BfccAYrQDP75P%2FPpMB%2B1rOIFaZLNcYksCKkIMZfBTeqfO1yJ%2B264mTtszsQr66uNuC7g9JgA3x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 784f94387ba38926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z4a.net/images/2022/11/20/960x60.gif
104.21.234.234200 OK 578 kB URL HTTP/2 z4a.net/images/2022/11/20/960x60.gif
IP 104.21.234.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 578 kB (577945 bytes)
Hash 6ae710163cd11c12a73a693024c46410
43041b87b2040371a052bf1f83d401c263a32178
42da405262416c9fbaa04b2718406d4ea93501bfb99774fae4956b6eab7c1831
GET /images/2022/11/20/960x60.gif HTTP/1.1
Host: z4a.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:33 GMT
content-type: image/gif
content-length: 577945
expires: Wed, 13 Dec 2023 12:35:05 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2022088
last-modified: Tue, 13 Dec 2022 12:35:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BZ1TbQc2Z%2B3yQwUW3QPC7GUbvWeE3loPRozzsiPzIFjMp14YgF6qsG79iFLRxyRvN8e41jQ3A2dj7DYBoQHIVEIru3xPuROBbHUcKyrLW0kSZlpoPbMXoOJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 784f94389bed8926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash b8f177e60879107e25549515d5593814
581f67b4ca2ccff9725db186bd5a576165e1e53d
182102628191d57a1ce9a0d0885469216938df6717b4ea0ed71bad49690f307d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: UPDATING
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=692
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d3f45ddaeaa2c1044d7b3582e1d11a64
85d43335dcc50cf8fc409230c61c5c8ca39239d9
5d9a421bde9c9a38fd258830a2934b9e1d25b24672ad0529ae3e3e01d63aed76
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 09:14:26 GMT
Expires: Thu, 12 Jan 2023 09:14:25 GMT
Etag: "85d43335dcc50cf8fc409230c61c5c8ca39239d9"
Cache-Control: max-age=557270,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f943e99afb512-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 72450c2e5c85904be505a506ca1ab941
aa21c453d1f16e8cbcf0c92b9b10559894778f3e
c549f3743302d8abdd7ac271f8280085facb7673f78493687b3f5436981b36d3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 11:43:07 GMT
Expires: Thu, 12 Jan 2023 11:43:06 GMT
Etag: "aa21c453d1f16e8cbcf0c92b9b10559894778f3e"
Cache-Control: max-age=566191,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f943e98e8fac8-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d3f45ddaeaa2c1044d7b3582e1d11a64
85d43335dcc50cf8fc409230c61c5c8ca39239d9
5d9a421bde9c9a38fd258830a2934b9e1d25b24672ad0529ae3e3e01d63aed76
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 09:14:26 GMT
Expires: Thu, 12 Jan 2023 09:14:25 GMT
Etag: "85d43335dcc50cf8fc409230c61c5c8ca39239d9"
Cache-Control: max-age=557270,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f943ed861b500-OSL
image.tnmvgr.cn/oms.1511122.com/1672811127181-960x60.gif
47.246.44.206200 OK 109 kB URL HTTP/1.1 image.tnmvgr.cn/oms.1511122.com/1672811127181-960x60.gif
IP 47.246.44.206:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 109 kB (109246 bytes)
Hash e573c37ce1ba8b57e8dfb8fcd43368c9
f5da3a1479bfd18c820893899b5b478df5d02d3c
d9f97dfc186d336e8a5da72bffc7b70378bf87f68de9af20d59a8b88ff271d53
GET /oms.1511122.com/1672811127181-960x60.gif HTTP/1.1
Host: image.tnmvgr.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 109246
Connection: keep-alive
Date: Thu, 05 Jan 2023 22:16:20 GMT
x-oss-request-id: 63B74C34A8F7503939B9A906
Vary: Origin
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "E573C37CE1BA8B57E8DFB8FCD43368C9"
Last-Modified: Wed, 04 Jan 2023 05:45:27 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5454499210466108819
x-oss-storage-class: Standard
Content-MD5: 5XPDfOG6i1fo37j81DNoyQ==
x-oss-server-time: 5
Ali-Swift-Global-Savetime: 1672956980
Via: cache4.l2de2[0,0,304-0,H], cache21.l2de2[0,0], cache5.se1[29,29,200-0,H], cache1.se1[31,0]
Age: 14
X-Cache: HIT TCP_REFRESH_HIT dirn:11:427782195
X-Swift-SaveTime: Thu, 05 Jan 2023 22:16:34 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9516729569943493480e
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 72450c2e5c85904be505a506ca1ab941
aa21c453d1f16e8cbcf0c92b9b10559894778f3e
c549f3743302d8abdd7ac271f8280085facb7673f78493687b3f5436981b36d3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 11:43:07 GMT
Expires: Thu, 12 Jan 2023 11:43:06 GMT
Etag: "aa21c453d1f16e8cbcf0c92b9b10559894778f3e"
Cache-Control: max-age=566191,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f943e98120afa-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d2fb45eb9e8c21016940ae0b3d5c8acf
a8a8fb13b93d4086395ff036f8e8b1cc93514dc5
c37356b871229b7f4dfbc494fc35341bb056934168b31e0b00f8b2f089e75112
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 15:26:08 GMT
Expires: Mon, 09 Jan 2023 15:26:07 GMT
Etag: "a8a8fb13b93d4086395ff036f8e8b1cc93514dc5"
Cache-Control: max-age=320372,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f943e980c0b4d-OSL
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
13.227.254.18200 OK 400 kB URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 13.227.254.18:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 400264
last-modified: Mon, 19 Dec 2022 07:47:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 05 Jan 2023 07:21:52 GMT
etag: "b722c3905b96f11823e04826aafdd50e"
x-cache: Hit from cloudfront
via: 1.1 e7cd1f6615dc010d7043e73d81dddfca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: iL76UzH7-OUUauUdwPMRnA3yHokJmIBDDLRWwZGOWlZB2ZR8TCDseg==
age: 53681
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2741828acf074a99539807cd53a242cd
18e31684f7b8ece788536d2a89ae2a38fa535a2e
68f40215262806c62e8c1d552812c5574a257e05bc068c0db4ca4d872de286cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68F40215262806C62E8C1D552812C5574A257E05BC068C0DB4CA4D872DE286CD"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=277
Expires: Thu, 05 Jan 2023 22:21:11 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bc101dbc6b6119ab0d65be29096efaaf
76510e86f1c30ed52ab05f2ec5dcd2dfa84a87a0
59ce7c6d8d657d16a747cd9aa878b6bbb2c0e40b8633157d8231a912b0b8bba9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 05:34:44 GMT
Expires: Thu, 12 Jan 2023 05:34:43 GMT
Etag: "76510e86f1c30ed52ab05f2ec5dcd2dfa84a87a0"
Cache-Control: max-age=544088,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f943ee9f9b512-OSL
www.jxys16.xyz/template/m1938pc/static/css/swiper.min.css
173.231.38.6200 OK 55 kB URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/css/swiper.min.css
IP 173.231.38.6:0
Hash 696d005b88dbe0b53e9de92990b5da73
f5190800429a275ca8b4b1c89c50c7764a85f3a9
ec853b71d087615dba4c9077e42152aa3a3d6b91b59c93c4a3d4a7868b124758
GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:32 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:06 GMT
vary: Accept-Encoding
etag: W/"61e1000e-456d"
expires: Fri, 06 Jan 2023 10:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29c2a08159c5865169dfee2f2919941e
5cd94cb1ecc2ee86c5a19801d9f0a8132d9c0ac2
57ba8f4966e641611db8189fe84bd2bc99259a97211264b28057d1530dcde1e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57BA8F4966E641611DB8189FE84BD2BC99259A97211264B28057D1530DCDE1E8"
Last-Modified: Tue, 03 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Fri, 06 Jan 2023 00:38:40 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c4c81e1bd346e6eb10182ad4c122a3a0
cbfe887d5e4d738fcdf8f7e34d820963655011c0
66f69e246cf786e13633bc4dcdbba03b6d569af37757c3b915fbceba64bd2434
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 16:50:04 GMT
Expires: Thu, 12 Jan 2023 16:50:03 GMT
Etag: "cbfe887d5e4d738fcdf8f7e34d820963655011c0"
Cache-Control: max-age=584608,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f943f28d7b500-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3698c95531ecbf0f60369313c3915d0
084289e99e3328abf302c06a771295da9d4e2e57
ccac63e85641c9386e9cffd1fd3cebd6c0e2dee97f649bc1ea29b3ef2a2caa95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCAC63E85641C9386E9CFFD1FD3CEBD6C0E2DEE97F649BC1EA29B3EF2A2CAA95"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1680
Expires: Thu, 05 Jan 2023 22:44:34 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
xinchacha2dv.ocsp-certum.com/
23.36.79.10200 OK 1.5 kB URL HTTP/1.1 xinchacha2dv.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 4c219e5ab4fc73564a2318cc8e874bcf
676c26dcdaa6718e52852d368b670bbc53d25906
e8a277185383e14e09a6810e1eebb9e1260c814bc0acc1c2ba6a1cb78143603d
POST / HTTP/1.1
Host: xinchacha2dv.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1538
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=86
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 7d01c494f94edaaabf3b57b5f9b4e237
fb88584a31d99a6068785fd6ab4f651085451c52
deebd6f554b2126cea907389b2828e161a077b36bbd821767632aa403e47d1b1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 09 Jan 2023 20:56:32 GMT
ETag: "fb88584a31d99a6068785fd6ab4f651085451c52"
Last-Modified: Thu, 05 Jan 2023 20:56:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 244
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784f9440aa61b527-OSL
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 7f0ae40114b14fe1dc2b2fbee60cbdc0
3cd7def4c22d3378abb71ee3536cd169cd136b7f
0ea699e928a6049fff2dccb487df0eae92e586cbac8c2348b389f138beef6349
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 22:16:34 GMT
Last-Modified: Thu, 05 Jan 2023 21:25:04 GMT
ETag: "63b74030-1d7"
Expires: Sat, 07 Jan 2023 21:25:04 GMT
Cache-Control: max-age=169710
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1672956994
Via: cache21.l2de2[184,183,200-0,M], cache21.l2de2[186,0], cache5.se1[207,207,200-0,M], cache5.se1[208,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 05 Jan 2023 22:16:34 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916729569944491373e
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2b1592ee8e39b49153a9fe6c8cbae82
3229bb172ec142cdaaf84a0ab3e3ba6c595aa79d
dfba311a3dc51687852964938e884ab474cc3c54a080f162190af0945cdb9514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFBA311A3DC51687852964938E884AB474CC3C54A080F162190AF0945CDB9514"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13294
Expires: Fri, 06 Jan 2023 01:58:08 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 59f135e23fe913a25d8e41af0d37f3ee
b38d12aa029ac286dc78de4f9f1665de6868ab18
a5cadf124911c98f3487336765da7bb0a566a614c8b185f2950ec0e0d4d7546f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5CADF124911C98F3487336765DA7BB0A566A614C8B185F2950EC0E0D4D7546F"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14978
Expires: Fri, 06 Jan 2023 02:26:12 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
img30.360buyimg.com/popXue/jfs/t1/212400/31/24084/171392/63aee9deFde497aa2/6bf6885541a9416c.gif
163.171.134.109200 OK 171 kB URL HTTP/2 img30.360buyimg.com/popXue/jfs/t1/212400/31/24084/171392/63aee9deFde497aa2/6bf6885541a9416c.gif
IP 163.171.134.109:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 960 x 100\012- data
Size 171 kB (171392 bytes)
Hash a13e5953b9b9868e6d79e79de68f86ae
7ce4811b6358d541d17d91521fbf2d18ce889e39
f2cce13596aab83e51968ad821abe6bf86704a9ed4bfe0d2a594f23b47cfb592
GET /popXue/jfs/t1/212400/31/24084/171392/63aee9deFde497aa2/6bf6885541a9416c.gif HTTP/1.1
Host: img30.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 171392
expires: Wed, 28 Jun 2023 13:59:02 GMT
server: nginx
cache-control: max-age=15552000
last-modified: Fri, 30 Dec 2022 13:38:38 GMT
via: http/1.1 ORI-CLOUD-ZJ-MIX-193 (jcs [cHs f ]), http/1.1 JN-UNI-2-MIX-14 (jcs [cMsSfW])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672407518600-0-0-1-10-10;200;200-1672407553481-0-0-0-10-10;200-1672407553489-0-0-0-22-22
age: 548252
x-via: 1.1 PSdgflkfFRA1ox201:3 (Cdn Cache Server V2.0), 1.1 PS-ARN-01C8L93:5 (Cdn Cache Server V2.0)
x-ws-request-id: 63b74c42_PS-ARN-01C8L93_43424-57583
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 7f64937de402df83000d7ab4bcb7b73c
11255eee665b983eded80930de9cc91b6aa6f046
dd55e9fb4fbe91d33403b243dfb87f893b00444beaf0e4883fc30f4aea14b40b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 09 Jan 2023 20:05:14 GMT
ETag: "11255eee665b983eded80930de9cc91b6aa6f046"
Last-Modified: Thu, 05 Jan 2023 20:05:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1187
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784f94412e510b3d-OSL
www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js
173.231.38.6200 OK 48 kB URL HTTP/2 www.jxys16.xyz/template/m1938pc/html9/ads/zxf.js
IP 173.231.38.6:0
Hash 488fb18f9ac2b0e1e6fc6ad55c8b818f
1c0e88103edfa73a016aec926f4a9ccb6d68c928
49c7422946e7c890ac4fb046c2dab597aadeadc48774a9125e484ccd3c7cdf18
GET /template/m1938pc/html9/ads/zxf.js HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:32 GMT
content-type: application/javascript
last-modified: Mon, 02 Jan 2023 08:55:15 GMT
vary: Accept-Encoding
etag: W/"63b29bf3-6ee"
expires: Fri, 06 Jan 2023 10:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e1988ad6e023a77889aa9ea12a8689e7
d7893e00d386a33af2fa2e53e87dc232be9f2459
ede61f73b31b06c2ecdca73b448488693653cd7c45624096a0453bf3bc3286a7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 05 Jan 2023 13:00:09 GMT
Expires: Fri, 06 Jan 2023 13:00:09 GMT
ETag: "d7893e00d386a33af2fa2e53e87dc232be9f2459"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 836c04cce94b02c62d66d33e75ee6048
9af9f73041e7fac3f424f16a4be577ee82660fb8
b906ffae5e2829bc03cd278fe5f0d22a30d40301baba237b6daf27c94c9f95ae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B906FFAE5E2829BC03CD278FE5F0D22A30D40301BABA237B6DAF27C94C9F95AE"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11004
Expires: Fri, 06 Jan 2023 01:19:58 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 836c04cce94b02c62d66d33e75ee6048
9af9f73041e7fac3f424f16a4be577ee82660fb8
b906ffae5e2829bc03cd278fe5f0d22a30d40301baba237b6daf27c94c9f95ae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B906FFAE5E2829BC03CD278FE5F0D22A30D40301BABA237B6DAF27C94C9F95AE"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11004
Expires: Fri, 06 Jan 2023 01:19:58 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e1988ad6e023a77889aa9ea12a8689e7
d7893e00d386a33af2fa2e53e87dc232be9f2459
ede61f73b31b06c2ecdca73b448488693653cd7c45624096a0453bf3bc3286a7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 05 Jan 2023 13:00:09 GMT
Expires: Fri, 06 Jan 2023 13:00:09 GMT
ETag: "d7893e00d386a33af2fa2e53e87dc232be9f2459"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
lbfm.lbpictupian.com/upload/vod/2022/12/wu0pgmyswv1.jpg
172.67.28.138200 OK 8.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/wu0pgmyswv1.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 53a8cd043a389cc5b7c9728278cf3560
6767a51338c26b2691760b121fab0936ba35fbfc
d3a24ca26f5e2aaf1418fcb032962bd79b3e059521935b0f43f67ce9901b1b18
GET /upload/vod/2022/12/wu0pgmyswv1.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 8218
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9558
content-disposition: inline; filename="wu0pgmyswv1.webp"
etag: "63942e7f-2556"
last-modified: Sat, 10 Dec 2022 07:00:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbddb4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/j1ouxtcsblf.jpg
172.67.28.138200 OK 2.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/j1ouxtcsblf.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f076b7c0ed9c30ca3231147703a508e6
5b5688814aa2b5a7a21c35a1bbcea6f38c6c461e
0d34961a91e0817c59f2a66273048bf2c17b5553995f0c6c82d8924b34b6f7ca
GET /upload/vod/2023/01/j1ouxtcsblf.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 2920
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5141
content-disposition: inline; filename="j1ouxtcsblf.webp"
etag: "63b698c7-1415"
last-modified: Thu, 05 Jan 2023 09:30:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4793
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbf5b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/xfygcvk5d0w.jpg
172.67.28.138200 OK 2.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/xfygcvk5d0w.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d399bebde18f0e1be9331f46725ea9c7
99ca6c2300b9db583bc92ef43b3b94ede695b0b7
f522e0af89c313626466c1de3f856447d787125cf77e88b43cf4b4ee089c48dd
GET /upload/vod/2023/01/xfygcvk5d0w.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 2300
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=4939
content-disposition: inline; filename="xfygcvk5d0w.webp"
etag: "63b698c3-134b"
last-modified: Thu, 05 Jan 2023 09:30:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4793
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbf4b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/xuuictby3lo.jpg
172.67.28.138200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/xuuictby3lo.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c3f5f3133f8ab065a49b51b22701d753
1cf13203d5103d4ccc6a526cc8ced5f27015d942
6fb32c2ec8a8001569086f8bce8cc71dae871ecc6e2f98bd6d1d022cca988b91
GET /upload/vod/2023/01/xuuictby3lo.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 7976
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9061
content-disposition: inline; filename="xuuictby3lo.webp"
etag: "63b698b2-2365"
last-modified: Thu, 05 Jan 2023 09:30:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4793
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbefb4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/ughmczaw1nv.jpg
172.67.28.138200 OK 6.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/ughmczaw1nv.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9d7a6141a512235303e05be8bd9204e
b345439926190fc0e264b6bb419ee11cb011f918
806d8216e1bb6b0f98c742ca7a0c2d2470d7521b26c27c9c22445e32a9ecc04d
GET /upload/vod/2023/01/ughmczaw1nv.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 6260
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7222
content-disposition: inline; filename="ughmczaw1nv.webp"
etag: "63b698d0-1c36"
last-modified: Thu, 05 Jan 2023 09:30:56 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4793
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbf7b4f3-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7dfde08b8cb5a9e21bebeabdee054026
6efa48fac4bca1c31a3e1bd17c1027cad7e84ab1
35b5b6e4c3e3c763c1a887d7dc71058c69da1ba344af594d88058dc516b1195f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35B5B6E4C3E3C763C1A887D7DC71058C69DA1BA344AF594D88058DC516B1195F"
Last-Modified: Tue, 03 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11637
Expires: Fri, 06 Jan 2023 01:30:31 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2b1592ee8e39b49153a9fe6c8cbae82
3229bb172ec142cdaaf84a0ab3e3ba6c595aa79d
dfba311a3dc51687852964938e884ab474cc3c54a080f162190af0945cdb9514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFBA311A3DC51687852964938E884AB474CC3C54A080F162190AF0945CDB9514"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13392
Expires: Fri, 06 Jan 2023 01:59:46 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2023/01/haxucuizveg.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/haxucuizveg.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 427x320, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c44fa67d7b4148e1ba1c8b9388e801aa
c9537ac870da83c77837b7605a8d2be4facd94cb
8315c36056466e29bebbd7fdc7e83b4aa53caa74a143b97673eedad2d54d6519
GET /upload/vod/2023/01/haxucuizveg.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/jpeg
content-length: 10064
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10654, status=webp_bigger
etag: "63b698cc-299e"
last-modified: Thu, 05 Jan 2023 09:30:52 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4793
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f9441cbf6b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/3xdhbzq2xz4.jpg
172.67.28.138200 OK 8.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/3xdhbzq2xz4.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ccb39cce500716ca5131b937008b3c75
d5bfbff335f5d3b075b2668d89e07c645ffc2d98
a4be5fdfc069af093a31034b62e386ec967c65683dccfed582248a90b26db459
GET /upload/vod/2023/01/3xdhbzq2xz4.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 8026
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9492
content-disposition: inline; filename="3xdhbzq2xz4.webp"
etag: "63b698b5-2514"
last-modified: Thu, 05 Jan 2023 09:30:29 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4793
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbf1b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/1urivqoqvvt.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/1urivqoqvvt.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14a947d3810b3629dd027891c8cbfe6e
e51f56f5dc3c284d3eeac8631a2dec7ff39ed79c
0a4ff40a7bc77ccf79393d2724e47196203355e81dc7e9ccb9fc362d365513f2
GET /upload/vod/2023/01/1urivqoqvvt.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 11064
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11839
content-disposition: inline; filename="1urivqoqvvt.webp"
etag: "63b698d6-2e3f"
last-modified: Thu, 05 Jan 2023 09:31:02 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbf8b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/zbgd4k5wepp.jpg
172.67.28.138200 OK 6.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/zbgd4k5wepp.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ed9771ca43c381bb3d4711f0d20d234
9a6d56025d928d9591eaba88ff35afe9840f9a36
81b8285fb2d9189eb631b1b74e01ae9c373cb85ed54d0560fde7eaafdf271303
GET /upload/vod/2023/01/zbgd4k5wepp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 6112
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7415
content-disposition: inline; filename="zbgd4k5wepp.webp"
etag: "63b698e4-1cf7"
last-modified: Thu, 05 Jan 2023 09:31:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbfdb4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/y2eo3migq4t.jpg
172.67.28.138200 OK 8.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/y2eo3migq4t.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 661b33aa7f9d04279e4c301b8c12446b
4b0a9682ebfb2c9eaf467e4def65ede14687440e
f95c88f078ccb1ccf55a601611265e242564566faf314a059cdb4a1123b06927
GET /upload/vod/2023/01/y2eo3migq4t.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 8452
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10013
content-disposition: inline; filename="y2eo3migq4t.webp"
etag: "63b698ec-271d"
last-modified: Thu, 05 Jan 2023 09:31:24 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbffb4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/qvmmlyxmil3.jpg
172.67.28.138200 OK 5.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/qvmmlyxmil3.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1df5895781dc405a37f830a5fddb5d52
382e7042549dd6244c320d6ff4924cad5bfda34c
877e2b25db96c6e3b490be7bb0b108e42bb2a07d665da11106e73cc632c557f0
GET /upload/vod/2023/01/qvmmlyxmil3.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 5912
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8149
content-disposition: inline; filename="qvmmlyxmil3.webp"
etag: "63b698de-1fd5"
last-modified: Thu, 05 Jan 2023 09:31:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbfbb4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/gqbogicyhif.jpg
172.67.28.138200 OK 7.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/gqbogicyhif.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03de0be1c896f0ed27454ca0a6ed21be
ca1baff363bf796645c15820146e04bfd3038c14
a5e4e377a9f0eff06b15e33b826b1050bb98113e016bb23da89872c9ca0ab8c9
GET /upload/vod/2023/01/gqbogicyhif.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 7234
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8411
content-disposition: inline; filename="gqbogicyhif.webp"
etag: "63b698da-20db"
last-modified: Thu, 05 Jan 2023 09:31:06 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbf9b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/1yefcgdtbsb.jpg
172.67.28.138200 OK 2.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/1yefcgdtbsb.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2eac7ce2c40b74146699bbc2687c988b
4315190f31e46560826eb573783814e28b10edf1
c3047260818a1ac2bf1cef22cbeb1f0d3baa541531fcb9c401b10da03ef8cb40
GET /upload/vod/2023/01/1yefcgdtbsb.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 2938
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5648
content-disposition: inline; filename="1yefcgdtbsb.webp"
etag: "63b698e8-1610"
last-modified: Thu, 05 Jan 2023 09:31:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbfeb4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/vjtgzx2rzve.jpg
172.67.28.138200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/vjtgzx2rzve.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f0fd5adc65a225cf6d02ce25f288fea
c72ac0e8c6b42590b1a80f03aa6c83da6f41a1b8
b30a37e132194c6f064a563a648e1064b3ed8aba380068ffc6f0c0f98453c835
GET /upload/vod/2023/01/vjtgzx2rzve.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 8566
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10168
content-disposition: inline; filename="vjtgzx2rzve.webp"
etag: "63b698ba-27b8"
last-modified: Thu, 05 Jan 2023 09:30:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4793
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbf2b4f3-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7dfde08b8cb5a9e21bebeabdee054026
6efa48fac4bca1c31a3e1bd17c1027cad7e84ab1
35b5b6e4c3e3c763c1a887d7dc71058c69da1ba344af594d88058dc516b1195f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35B5B6E4C3E3C763C1A887D7DC71058C69DA1BA344AF594D88058DC516B1195F"
Last-Modified: Tue, 03 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11637
Expires: Fri, 06 Jan 2023 01:30:31 GMT
Date: Thu, 05 Jan 2023 22:16:34 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2023/01/54241wxqd1j.jpg
172.67.28.138200 OK 9.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/54241wxqd1j.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 7fc86138fbae2ac96a639bfd5aae8b60
6b21f850d2ba95d85784bbe962058ab1efdd79da
2de9af6327c5c16066aeed66ef9d75e021e421fe9e3276e4498c97e7a87fe492
GET /upload/vod/2023/01/54241wxqd1j.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/jpeg
content-length: 9078
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9551, status=webp_bigger
etag: "63b698be-254f"
last-modified: Thu, 05 Jan 2023 09:30:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4793
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f9441cbf3b4f3-OSL
X-Firefox-Spdy: h2
www.jxys16.xyz/template/m1938pc/static/css/1.css
173.231.38.6200 OK 5.3 kB URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/css/1.css
IP 173.231.38.6:0
Hash e90ada37fee2d211c0a77a0cb96965a6
2711e0b8fda8233a51700ab7d8c764372150677e
291c122afc5e582623a7592513ededd4a10ed088e2d7d536fc8d216042a1a41c
GET /template/m1938pc/static/css/1.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:32 GMT
content-type: text/css
last-modified: Sun, 16 Jan 2022 07:31:51 GMT
vary: Accept-Encoding
etag: W/"61e3c9e7-50e"
expires: Fri, 06 Jan 2023 10:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.jxys16.xyz/template/m1938pc/static/css/white.css
173.231.38.6200 OK 8.2 kB URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/css/white.css
IP 173.231.38.6:0
Hash 1f2b9a2e837312772d9ce5df6df12be0
c8f4680f66d1bfa1a19ed6d515efbd3071be6ad5
a0805d6a27070fc55cd9e82dbce4067c851cbeeefd2c9c5ca36855fc51225b4d
GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:32 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:10 GMT
vary: Accept-Encoding
etag: W/"61e10012-29d9"
expires: Fri, 06 Jan 2023 10:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/tedqfnlyoyp.jpg
172.67.28.138200 OK 9.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/tedqfnlyoyp.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 23fdc785a2c387a8921008b7aef07cbd
b97e64bea59d8efd1341a6b139a9023c951a19da
a30cc3d5cb4ad095190a9af6961a7a567a29ffbc395735d4be2c99f69f523a7f
GET /upload/vod/2022/12/tedqfnlyoyp.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/webp
content-length: 9858
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10702
content-disposition: inline; filename="tedqfnlyoyp.webp"
etag: "63903e33-29ce"
last-modified: Wed, 07 Dec 2022 07:18:11 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
server: cloudflare
cf-ray: 784f94428c9fb4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/12/p33uukek2g5.jpg
172.67.28.138200 OK 17 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/p33uukek2g5.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash bcbfc37f4cfa30666e3c596b1a37746b
b0baeb44b937e5dbebbc2b3afaf59fb61e8f6682
d7e33db44d7bb6484c2424f04cb2d7f15c527e68390d5f6585b89c926369887f
GET /upload/vod/2022/12/p33uukek2g5.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/jpeg
content-length: 17124
cf-bgj: imgq:85,h2pri
cf-polished: origSize=18053, status=webp_bigger
etag: "638da58f-4685"
last-modified: Mon, 05 Dec 2022 08:02:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f94428c9eb4f3-OSL
X-Firefox-Spdy: h2
66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
45.61.212.230200 OK 149 kB URL HTTP/1.1 66668aaa.com/137dd6d87688482eb020c1c774325059.185.gif
IP 45.61.212.230:0
File type GIF image data, version 89a, 320 x 185\012- data
Size 149 kB (149081 bytes)
Hash ca110f84ebcc10dd498b26dc6c90087b
cfaf975d43693cfc7c2e05305068b0d933748d98
04dff307dc6fdc4da149bad386613e102c1f0e6d2b26974c5666505c7d97ef2e
Analyzer Verdict Alert quad9 Sinkholed
GET /137dd6d87688482eb020c1c774325059.185.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f2795c-24659"
Date: Thu, 29 Dec 2022 23:22:23 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:12:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-30
Content-Length: 149081
lbfm.lbpictupian.com/upload/vod/2022/12/ykvbryflu2v.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/12/ykvbryflu2v.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 47d37a5faeb9b9e9711d5f0d4144dd0f
904fdd70ddb03fc80cdb4ba832ca602b07e21824
c9cad32a7bfcd3216222ebdc1c2a7707715da1cdfc54edfe0b4c73cd7fd2a4ba
GET /upload/vod/2022/12/ykvbryflu2v.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/jpeg
content-length: 11451
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12037, status=webp_bigger
etag: "6395898e-2f05"
last-modified: Sun, 11 Dec 2022 07:41:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4022
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f94428c9cb4f3-OSL
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 467510e5ab63faafc7ed0376222184a7
073a50674e583a370004fba2d9ada9e0419dc03f
5e86d41b5a52fd7f0d8a5f170b152c841571e669f20d8710b958ad51cd93b56d
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 06facc63-6a98-42e1-9cc8-fabd3ac82388
Content-Length: 1701
Date: Thu, 05 Jan 2023 22:16:35 GMT
Connection: keep-alive
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash f7f24d56b03125334ee3ad20c133d8cf
cbcc2e35e2932757b9d809136c3936f8de871051
04211eda5297e818799d465c3189bfad5a1e8df7539beaab88a6245b546881d3
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 2a37e5b0-d066-414e-8e79-6e82b5e95add
Content-Length: 1701
Date: Thu, 05 Jan 2023 22:16:35 GMT
Connection: keep-alive
66668aaa.com/03f4c91859e345fd8955d5640194ce6e.gif
45.61.212.230200 OK 161 kB URL HTTP/1.1 66668aaa.com/03f4c91859e345fd8955d5640194ce6e.gif
IP 45.61.212.230:0
File type GIF image data, version 89a, 320 x 185\012- data
Size 161 kB (160599 bytes)
Hash 1e6146135f463f9dd5a91b6ec27e6dc6
b4871d778c720ce51a7c0e9fef07230b6ac0935a
ee63a02abc03ac35bb66a8010518568351f9215b346ffdc244f6b8926ff08519
Analyzer Verdict Alert quad9 Sinkholed
GET /03f4c91859e345fd8955d5640194ce6e.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63427f5e-27357"
Date: Tue, 03 Jan 2023 03:50:51 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 09 Oct 2022 07:59:26 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-30
Content-Length: 160599
s2.loli.net/2022/12/18/5Z19HedNFCSBiQP.gif
172.67.69.40200 OK 373 kB URL HTTP/2 s2.loli.net/2022/12/18/5Z19HedNFCSBiQP.gif
IP 172.67.69.40:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 373 kB (372996 bytes)
Hash 8c9ac15f0b50d53ccbffec36af3a9607
11ff6593819530ecef60355648530649c41359f9
38c6fa07b3f8bc3b22124dc98fee75989e520816532202ba426bd204a8b242bb
GET /2022/12/18/5Z19HedNFCSBiQP.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 372996
last-modified: Sun, 18 Dec 2022 09:59:37 GMT
etag: "639ee489-5b104"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYd6QNHpm3o9D5OLGmfVfpRI6WpTcGznPyUf4SwjqjXYrIAG27PJ%2BzenNjzybgI7DdK59wWUSZKsQmfGpJZZhz%2FMRHwB9dm0lbyad%2BhIoO8gWoka6OkBE5M5G5Vv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784f943a8cfcb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash edcfb5e0971641e9bace4487ba8a773a
1dcea721490deb4cb253a2241058a8ff8b8960ad
d2215ff7f60f26d2bf27798f4290b7f4d44d5045677125c2eda027fc3250ed06
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 8cad2461-f6ec-4035-bde2-ff7795aa2c44
Content-Length: 1701
Date: Thu, 05 Jan 2023 22:16:35 GMT
Connection: keep-alive
3p8801.co/a-960x60.gif
107.148.202.17200 OK 49 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash bc918df261620170b7115cc2c1627bb9
59b4f2c3b1ae6fcc19becc440d212fa40cf3c15b
08f4f93ccef77488dbea402164b42335212bb9ecc09250f2d40d26f9dfe427db
GET /a-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 49174
last-modified: Sat, 12 Nov 2022 07:32:42 GMT
etag: "636f4c1a-c016"
expires: Sat, 04 Feb 2023 22:16:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash e1636f1a9d6e76b1ded0e52c3d310b4f
dea15e6dcac9c7be73f64080f217f941172da6c9
4af7f8f4e3b6232e87e793c96b36ad5c19a14788b14e464cd95b5468cbe10a73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2290
Cache-Control: max-age=87411
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:16:35 GMT
Etag: "63b5f5c4-2d7"
Expires: Fri, 06 Jan 2023 22:33:26 GMT
Last-Modified: Wed, 04 Jan 2023 21:55:16 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 727
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4bdc73c706a9206ae4417f30f6e01921
f921244e9ce2cf72f6ffca0d3e86f8a892321007
7a0cbfee206ed736a625bb629e0c52e1544e06fd658d7847963fdbdc6953c00d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 17:58:38 GMT
Expires: Thu, 12 Jan 2023 17:58:37 GMT
Etag: "f921244e9ce2cf72f6ffca0d3e86f8a892321007"
Cache-Control: max-age=588721,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f94434f5bb512-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
47.246.44.228200 OK 384 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 80\012- data
Size 384 kB (384491 bytes)
Hash 627acd5c4c2a9bb3bbf10748f1931947
0529b42ebe54b2cc9ed886ab83b50b8f14642062
a62b3a5eba800520fbb7b334c00db2e9f76e438891ae150c3b2d681ef228954a
GET /obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 384491
date: Sun, 13 Nov 2022 13:26:06 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 13 Nov 2022 12:38:36 GMT
nw-session-id: 20221113203836010175073134252D40ED7nb4v02dy
nw-session-trace: 2022-11-13T20:38:36.893240111+08:00 45
x-bdcdn-cache-status: TCP_HIT
x-length: 384491
x-powered-by: ImageX
x-response-date: Sun, 13 Nov 2022 20:38:36 GMT
x-tt-logid: 20221113203836010175073134252D40ED
via: n150-056-026, cache12.l2de2[0,0,206-0,H], cache19.l2de2[2,0], cache19.l2de2[3,0], cache5.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc02:22:46::67
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01fc3ea37d9c1ed5b7d2c200df23bf81d3980363a474adcbcdabe23efbe44349c9ded5894820052b9f65e8b67807703e46e752587a445df11739963b0fc31b09984170a333fed525dbd3f2408a1a3198fd79e91de509e1f853539053e961754b16
x-response-lb: image
ali-swift-global-savetime: 1668345966
age: 4611029
x-cache: HIT TCP_MEM_HIT dirn:11:260083718
x-swift-savetime: Sun, 13 Nov 2022 14:21:50 GMT
x-swift-cachetime: 31532656
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716729569950982076e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
47.246.44.228200 OK 415 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 750 x 80\012- data
Size 415 kB (414979 bytes)
Hash ecd0f421a231299ffaa9117a67c1e38a
6dd0678ee6c2a91eca8db2428d8743f607360d3a
dbd0423b88c8d785dd015e2e80105d0bcd41e677c3588acbf34cf1ca542565c9
GET /obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 414979
date: Mon, 05 Dec 2022 07:16:52 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 07:09:21 GMT
nw-session-id: 2022120515092101015013207630C082CC7t5wt01dy
nw-session-trace: 2022-12-05T15:09:21.716293741+08:00 48
x-bdcdn-cache-status: TCP_HIT
x-length: 414979
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 15:09:21 GMT
x-tt-logid: 2022120515092101015013207630C082CC
via: n204-100-053, cache12.l2de2[0,0,206-0,H], cache5.l2de2[2,0], cache5.l2de2[2,0], cache2.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc01:27:681::36
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c70dab46e58f2ac949ece2051ac89e2dd2773be35d3e5369524bf1f9f46f4ea066e23b5378fe9943c2f968c40c38ced9fa128ef7bf579b1467b9a779eb22ac0c37e53b062293a8a1e8061f8daaf0ff7b4e0f99e8da2482833909c1ebdc2d578e
x-response-lb: image
ali-swift-global-savetime: 1670224612
age: 2732383
x-cache: HIT TCP_MEM_HIT dirn:11:333709724
x-swift-savetime: Mon, 05 Dec 2022 10:48:27 GMT
x-swift-cachetime: 31523305
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716729569951072083e
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 970c778017aaaaebeff980ab747956d1
8d2f0e12d3fb68667a634aa556f69fbc72a39251
dc351cbfe604b62ffe1c0a5e50207b8c167318d300a35c25db9b2d988a42cefc
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 11:39:18 GMT
Expires: Mon, 09 Jan 2023 11:39:17 GMT
Etag: "8d2f0e12d3fb68667a634aa556f69fbc72a39251"
Cache-Control: max-age=306761,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f9443aed40b45-OSL
help.ifeng.com/datas/feedback/20221230/63aeea646e4a1.gif
49.51.190.27200 OK 116 kB URL HTTP/1.1 help.ifeng.com/datas/feedback/20221230/63aeea646e4a1.gif
IP 49.51.190.27:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 225 x 135\012- data
Size 116 kB (115583 bytes)
Hash a5a063e48084d912797121fe7940546f
45464ebb60042ffe2c502b86ab078eda8e3c5f19
c06ddd489a5f3b698416c55fca2fd1027d5fe04e41432b5b359426073ded1241
GET /datas/feedback/20221230/63aeea646e4a1.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 115583
last-modified: Fri, 30 Dec 2022 13:40:52 GMT
etag: "63aeea64-1c37f"
expires: Fri, 20 Jan 2023 22:16:34 GMT
cache-control: max-age=1296000
accept-ranges: bytes
3p8801.co/yy-960x60.gif
107.148.202.17200 OK 37 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 95ec3b09499f1a1828b7e7921f7fa2f5
ceff74a70c81395fcd3704fc94929968dc5d3a63
4cd52a6e9acb566d7bb83c792f04df294ac22c11645bdc0d8a6c9e19c5625644
GET /yy-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 37300
last-modified: Sat, 12 Nov 2022 07:15:04 GMT
etag: "636f47f8-91b4"
expires: Sat, 04 Feb 2023 22:16:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg
172.67.28.138200 OK 9.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d425f7bea4f48366f31883ea613ed55
6e282d4bfa59cc087ac52130fcb393301b6316bb
a9286fa4027b04fbfd0427fc19745a5eccf931b2e998d52e9e7e63d3ca4c3183
GET /upload/vod/2022/11-16/13/qtzuufrjhye1318qtzuufrjhye592235.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/webp
content-length: 9176
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10099
content-disposition: inline; filename="qtzuufrjhye1318qtzuufrjhye592235.webp"
etag: "637472c3-2773"
last-modified: Wed, 16 Nov 2022 05:18:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbe4b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg
172.67.28.138200 OK 8.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54564f6fe5d24c3be0fb0abdcfc93ac0
33d65dadfacfb6b0c805a743af9666141f887c07
67bca5dc3ef300578aba244dcb069b8b835f8e0eeee20f4b624d415224b84771
GET /upload/vod/2022/11-03/11/wuvpypjmdke1112wuvpypjmdke515303.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/webp
content-length: 8384
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9055
content-disposition: inline; filename="wuvpypjmdke1112wuvpypjmdke515303.webp"
etag: "636331b3-235f"
last-modified: Thu, 03 Nov 2022 03:12:51 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbe7b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg
172.67.28.138200 OK 16 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash fb8299566d6ea78f401c58aa1aed76b0
06b3ca9b2bee69473d2348c67feb9c598a1f3605
ea13b22c9d50069700778e892496aec8930d0aefd3180a8eb47e56452d55a22b
GET /upload/vod/2022/11-06/13/1rsw1lqafze13331rsw1lqafze476221.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/jpeg
content-length: 16544
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=16984, status=webp_bigger
etag: "6367473b-4258"
last-modified: Sun, 06 Nov 2022 05:33:47 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f9441cbe6b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-22/15/gbe01acskgc1536gbe01acskgc001255.jpg
172.67.28.138200 OK 2.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-22/15/gbe01acskgc1536gbe01acskgc001255.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4102154235bdfbcd293f663fe3c2b160
3daf389709bdecc7f092658709e3724d917971e2
e9cf648344aec4656ad9cfcdbb12afbfdd96752af431e800fd309fb40454f857
GET /upload/vod/2022/10-22/15/gbe01acskgc1536gbe01acskgc001255.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/webp
content-length: 2584
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=4317
content-disposition: inline; filename="gbe01acskgc1536gbe01acskgc001255.webp"
etag: "63539d60-10dd"
last-modified: Sat, 22 Oct 2022 07:36:00 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbedb4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2023/01/20yjcwb0psu.jpg
172.67.28.138200 OK 9.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2023/01/20yjcwb0psu.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b8ed434fbb21e1b135b0ed1690e95cf
593b875b149c012adacd47dbc9d75917aa03c2a1
dd8d4e172098de70ece650c824d21490f5f8e0bb3503d833de0a5544bab4d0c8
GET /upload/vod/2023/01/20yjcwb0psu.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/webp
content-length: 9220
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10436
content-disposition: inline; filename="20yjcwb0psu.webp"
etag: "63b698f0-28c4"
last-modified: Thu, 05 Jan 2023 09:31:28 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cc00b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/10-27/13/yhnw02dkioo1342yhnw02dkioo132649.jpg
172.67.28.138200 OK 9.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/10-27/13/yhnw02dkioo1342yhnw02dkioo132649.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6db6e065a2513b03e453cc933697321c
f23a72437919498c6b44f9596b4119e1b160df8a
6ebcfb862d051036bd7154bb6602dbcd24a353efe1ceb73ab5cf3e908ca91087
GET /upload/vod/2022/10-27/13/yhnw02dkioo1342yhnw02dkioo132649.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/webp
content-length: 9100
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9698
content-disposition: inline; filename="yhnw02dkioo1342yhnw02dkioo132649.webp"
etag: "635a1a35-25e2"
last-modified: Thu, 27 Oct 2022 05:42:13 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbeab4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg
172.67.28.138200 OK 4.5 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf7a5eeca4da86ff2ddbdd9a77de5107
e905e417383ac44c6e7f1c4cce421c9695c711db
c326632d34b02c1c070119eba2fd4e7b0877599d691960c0b9ce7ad4e05aae47
GET /upload/vod/2022/11-07/11/ti4dbnmfwc01152ti4dbnmfwc0156571.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/webp
content-length: 4482
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6651
content-disposition: inline; filename="ti4dbnmfwc01152ti4dbnmfwc0156571.webp"
etag: "636880ef-19fb"
last-modified: Mon, 07 Nov 2022 03:52:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbe5b4f3-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bd3fd037debb3b7ec9057e2f026c59d7
3fc2d3c0eddced427f460e12651685311ae0af29
b19b455ca9ef3725566c6908217391bf72bee54ece8f40504cebc593ebcc9b76
GET /upload/vod/2022/11-19/16/znmtdtg3fn11619znmtdtg3fn1263009.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/webp
content-length: 10870
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11415
content-disposition: inline; filename="znmtdtg3fn11619znmtdtg3fn1263009.webp"
etag: "6378918e-2c97"
last-modified: Sat, 19 Nov 2022 08:19:26 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 784f9441cbe2b4f3-OSL
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 28218accfe2e350c3ad8a43a7b90f103
2cdf653cf4c274acf0efe36fe8a6e54e389e9c6f
624aa75e8756276630f45a0449ef45f49b82aab33759beebd5f280e90c11ebaf
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 14:51:10 GMT
Expires: Tue, 10 Jan 2023 14:51:09 GMT
Etag: "2cdf653cf4c274acf0efe36fe8a6e54e389e9c6f"
Cache-Control: max-age=404673,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f9442deda0b65-OSL
lbfm.lbpictupian.com/upload/vod/2020/03-28/06/l1r4aieysv10604l1r4aieysv1481238.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/03-28/06/l1r4aieysv10604l1r4aieysv1481238.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash a0cb9340efc817b54c1ae7c2b8a8d76f
b2935e4d68381b0b1fe715bc7eb22ac137e7866a
0af101cffa3fc5bb2c3ea258a7295ee93e66034a7e5cbebda26052c0ba4376c9
GET /upload/vod/2020/03-28/06/l1r4aieysv10604l1r4aieysv1481238.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/jpeg
content-length: 9960
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10409, status=webp_bigger
etag: "5e7e7880-28a9"
last-modified: Fri, 27 Mar 2020 22:04:48 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f9441cbe9b4f3-OSL
X-Firefox-Spdy: h2
hlggimg.com/1228/960_160.gif
172.247.80.59200 OK 116 kB URL HTTP/2 hlggimg.com/1228/960_160.gif
IP 172.247.80.59:0
File type GIF image data, version 89a, 960 x 160\012- data
Size 116 kB (116355 bytes)
Hash c80d5aea6b3455b84e22681f8795ed74
76e612bdb50784abb7e43e5f56f0955b25c9d7d4
408fc38a7c6120b647a92fab7aab5cfb7b1c035f1ef36accd99456b1456f16da
GET /1228/960_160.gif HTTP/1.1
Host: hlggimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 116355
last-modified: Wed, 28 Dec 2022 10:06:25 GMT
etag: "63ac1521-1c683"
expires: Sat, 04 Feb 2023 15:17:06 GMT
cache-control: max-age=2592000
server: dns1
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 28218accfe2e350c3ad8a43a7b90f103
2cdf653cf4c274acf0efe36fe8a6e54e389e9c6f
624aa75e8756276630f45a0449ef45f49b82aab33759beebd5f280e90c11ebaf
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 14:51:10 GMT
Expires: Tue, 10 Jan 2023 14:51:09 GMT
Etag: "2cdf653cf4c274acf0efe36fe8a6e54e389e9c6f"
Cache-Control: max-age=404673,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f94432d52b4f3-OSL
66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif
45.61.212.230200 OK 553 kB URL HTTP/1.1 66668aaa.com/73f23e1f7ead40baa32cf579a4bb735b.gif
IP 45.61.212.230:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 553 kB (552818 bytes)
Hash 097e6fa9314192dc3dd55cb1c5023ee5
c30366c4c910616f1a3c1b773ffb4af967e20eb5
db020d7293807326453f5848c0bf219e2b835f2530468a9d816a3c1c7941023a
Analyzer Verdict Alert quad9 Sinkholed
GET /73f23e1f7ead40baa32cf579a4bb735b.gif HTTP/1.1
Host: 66668aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62f27ac4-86f72"
Date: Fri, 16 Dec 2022 13:22:33 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 09 Aug 2022 15:18:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us3-cdnb-30
Content-Length: 552818
3718896ccc.com/69267e805d7b4aa3b4db75a4ca964b7f.gif
103.170.15.75200 OK 331 kB URL HTTP/1.1 3718896ccc.com/69267e805d7b4aa3b4db75a4ca964b7f.gif
IP 103.170.15.75:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 750 x 120\012- data
Size 331 kB (330788 bytes)
Hash 2fed29a7e518cace80f2ca8f57787c31
1f78c67a7a5864d12e6c0e13dd45fa477e80e528
b6407a42c658e82ec3ef6a64b6aff95018b90155c04648247c08e8df83afb35e
GET /69267e805d7b4aa3b4db75a4ca964b7f.gif HTTP/1.1
Host: 3718896ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a801bf-50c24"
Date: Tue, 27 Dec 2022 23:32:32 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 25 Dec 2022 07:54:39 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 330788
lbfm.lbpictupian.com/upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg
172.67.28.138200 OK 8.9 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg
IP 172.67.28.138:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash a9b2d6de54c5073fe4a4fda8e2d1805e
20e73b3c094ea2122ef55818ffef7079277e3b1b
c9ad52c29c99098b33554d1baa2e6a7b909f668f159f9233692ef20477372392
GET /upload/vod/2022/11-25/14/3ntqevhmcwr14003ntqevhmcwr245572.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/jpeg
content-length: 8924
last-modified: Fri, 25 Nov 2022 06:00:24 GMT
etag: "638059f8-22dc"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f9441cbe1b4f3-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash de0956bdfbf12d58fc85b032f10a6025
3912ec9216888f9a1026388daeb1f1caf455ad42
cae1cb885ec48e322595b211321bd36d4eee114939632ec2ca935417e474d753
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 20:33:39 GMT
Expires: Thu, 12 Jan 2023 20:33:38 GMT
Etag: "3912ec9216888f9a1026388daeb1f1caf455ad42"
Cache-Control: max-age=598022,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f9443ef0db500-OSL
p3.douyinpic.com/obj/tos-cn-i-dy/954e2828fcde41ccaee7dee63d6bda01
47.246.44.228200 OK 358 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/954e2828fcde41ccaee7dee63d6bda01
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 440 x 240\012- data
Size 358 kB (358276 bytes)
Hash 40b26808b7743791705f32cf49aa84d0
4ad6b4a4aea098d64566cb7d1efe401821890591
091c7316fb23f6614d103255be50c63bcb15e04c3dc5c3574456acedf9977d43
GET /obj/tos-cn-i-dy/954e2828fcde41ccaee7dee63d6bda01 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 358276
date: Thu, 17 Nov 2022 09:34:47 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Thu, 17 Nov 2022 09:34:47 GMT
nw-session-id: 2022111717344701015802909741AC3CFF7dbll03dy
nw-session-trace: 2022-11-17T17:34:47.714255732+08:00 208
x-bdcdn-cache-status: TCP_MISS
x-length: 358276
x-powered-by: ImageX
x-response-date: Thu, 17 Nov 2022 17:34:47 GMT
x-tt-logid: 2022111717344701015802909741AC3CFF
via: n150-059-133, cache6.l2de2[0,0,206-0,H], cache4.l2de2[4,0], cache4.l2de2[4,0], cache7.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc02:22:54::97
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 015988867d28cc4aacec031178ef98851ccdddec9cedee81c7a16a210e69849d3bd0bb4e2500fe5b66d5c488cf91a78a51c40569931971c1ff3997b9ecdb3aa032fce5de81180b0a11b8eae8bf86b22a7a002d879c063b89335a087f605664e7f0
x-response-lb: image
ali-swift-global-savetime: 1668677687
age: 4279308
x-cache: HIT TCP_MEM_HIT dirn:5:36123730
x-swift-savetime: Fri, 18 Nov 2022 03:31:17 GMT
x-swift-cachetime: 31471410
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716729569953592281e
X-Firefox-Spdy: h2
www.jxys16.xyz/
173.231.38.6200 OK 40 kB IP 173.231.38.6:0
Hash 2a58e9a49f50c702e6ec919dd1cb4bf3
1a763b2aab91f20a8b1943bafe86fd95f34c11d7
c9fb2ee1f4b80f4769a3eee61e2ae93f05ebd81724cc41f5933b190c7bc9be59
GET / HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
zhibo128x.xyz/128/318X216.gif
154.83.25.141200 OK 90 kB URL HTTP/1.1 zhibo128x.xyz/128/318X216.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 318 x 216\012- data
Hash fcfb39891df6c04744982e2f8c67f6b7
7a667d860bab955b1e95bce9a455cc5555783076
534db09ef852e7d2de2fe879e2ea4447b28ae30d9093e3854da39ee604db801d
GET /128/318X216.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 05 Jan 2023 22:14:43 GMT
Content-Type: image/gif
Content-Length: 89870
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 08:04:23 GMT
ETag: "63145c07-15f0e"
Expires: Sat, 31 Dec 2022 05:06:28 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
3p8801.co/11-960x60.gif
107.148.202.17200 OK 242 kB IP 107.148.202.17:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 242 kB (242091 bytes)
Hash b9072e166e9ab28d08854aab05882d3b
a88df27293f6525b000cc1112084fe4f2cdd0e8c
1ad655eb5ad6ce6d519f757b4e78afc39cd41e892897faadf5610e11e3d437b2
GET /11-960x60.gif HTTP/1.1
Host: 3p8801.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 242091
last-modified: Sat, 19 Nov 2022 11:26:07 GMT
etag: "6378bd4f-3b1ab"
expires: Sat, 04 Feb 2023 22:16:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif
49.51.190.27200 OK 167 kB URL HTTP/1.1 help.ifeng.com/datas/feedback/20221217/639d86e9b6b6d.gif
IP 49.51.190.27:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 167 kB (166673 bytes)
Hash a76a21236cc656e7eaa83a578e926243
0a51bf94f4c75963785f61344458936e5e060cb3
b95a0b1af937e5c8b61ef3a67fa638a98024626041d96ec1bd2b033570ec5d1a
GET /datas/feedback/20221217/639d86e9b6b6d.gif HTTP/1.1
Host: help.ifeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 166673
last-modified: Sat, 17 Dec 2022 09:07:53 GMT
etag: "639d86e9-28b11"
expires: Fri, 20 Jan 2023 22:16:34 GMT
cache-control: max-age=1296000
accept-ranges: bytes
99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif
45.61.212.60200 OK 1.1 MB URL HTTP/1.1 99887aaa.com/161f65b0d6174a0a94c6ba6b2e9c589b.gif
IP 45.61.212.60:0
File type GIF image data, version 89a, 980 x 80\012- data
Size 1.1 MB (1066629 bytes)
Hash 709be30700e74aafa715f685cba66b67
1d0ee25014c3d61849625bfc386d6ec370181a7d
93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53
Analyzer Verdict Alert quad9 Sinkholed
GET /161f65b0d6174a0a94c6ba6b2e9c589b.gif HTTP/1.1
Host: 99887aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a43809-104685"
Date: Tue, 03 Jan 2023 13:38:05 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 10:57:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-30
Content-Length: 1066629
kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif
172.83.155.45200 OK 250 kB URL HTTP/2 kvegg.com/67a0474849f4ee10ccbe3b0d2cebf337.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 250 kB (250112 bytes)
Hash 70726a2c83ff355a82c1438f1f8cd31d
f3f76125f9ba333f1a2f30b633a99baa8df781bd
a2553ce629178b3a4850cd032075da81a2e01313d524caeba5d57c9613f7afff
GET /67a0474849f4ee10ccbe3b0d2cebf337.gif HTTP/1.1
Host: kvegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 250112
last-modified: Sun, 18 Dec 2022 07:33:19 GMT
etag: "639ec23f-3d100"
expires: Fri, 06 Jan 2023 10:16:34 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 43545
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ate7nT8CtBd9W30m57gY4%2F%2FFqffLWzf7LsHYD4fRVGX99AJZ0U1hcKiiVhDhdg%2BCoMKjloAYPB3j2oPMGAZiluys3H9cv5EMvVzCfuRpsjGD%2FxOxQ%2B0CUOoNtP4E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f48617fb5e8444-YVR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jx.tongdoumaoyi.com/news/list.php
20.239.85.25200 OK 254 kB URL HTTP/2 jx.tongdoumaoyi.com/news/list.php
IP 20.239.85.25:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 254 kB (254091 bytes)
Hash 71e75d9ee2612d31f85459ed4840078b
5f275c51f5f4dce817baef5c7bc18852cf707174
30a0820b26b7f1d2d6bf090e1318cc6bcee0f93588fffbc7815d1520b883cf28
GET /news/list.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 05 Jan 2023 22:16:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2
3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif
45.61.212.118200 OK 748 kB URL HTTP/1.1 3366812ccc.com/31bae057f32c4263a5459428dcd9c2c0.gif
IP 45.61.212.118:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 748 kB (747714 bytes)
Hash 190c632a93b23820398e76a78dccf39b
f156cddcc3d508f21aabaa1c08391a976f84e172
602526a271c67646875cf62980d7c3c4a16360b747ebc2810908ca274a8ca1ad
GET /31bae057f32c4263a5459428dcd9c2c0.gif HTTP/1.1
Host: 3366812ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b288d0-b68c2"
Date: Thu, 05 Jan 2023 07:54:38 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 02 Jan 2023 07:33:36 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-18
Content-Length: 747714
99885aaa.com/2571b5232e904522b532216679441c82.gif
103.170.15.75200 OK 560 kB URL HTTP/1.1 99885aaa.com/2571b5232e904522b532216679441c82.gif
IP 103.170.15.75:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 560 kB (560267 bytes)
Hash 0c24ae98899ba81be2a10b49f953181c
903a7c1e74d3c8e88ca4be6dd68cf2a6d2165dcc
37bd6699258695711ea4919db16ca543d22b9e2d4fa118e87cbda00285027e88
Analyzer Verdict Alert quad9 Sinkholed
GET /2571b5232e904522b532216679441c82.gif HTTP/1.1
Host: 99885aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a44177-88c8b"
Date: Tue, 27 Dec 2022 02:00:46 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 22 Dec 2022 11:37:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Length: 560267
kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
13.227.254.83200 OK 864 kB URL HTTP/2 kzecc.com/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 13.227.254.83:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kzecc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 864004
last-modified: Mon, 19 Dec 2022 09:06:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 05 Jan 2023 15:30:45 GMT
etag: "d2c820747a9b9b8c3abaab0775436ab7"
x-cache: Hit from cloudfront
via: 1.1 bf37a08a8e52d3968f35ae1bb4eaae78.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: B2_G7sZKtu6R0hgo-VQNdoWX6q9fbQj-w6rjdXNWmnHDc1rH0xwQMA==
age: 24350
X-Firefox-Spdy: h2
zhibo128x.xyz/128/960x120.gif
154.83.25.141200 OK 417 kB URL HTTP/1.1 zhibo128x.xyz/128/960x120.gif
IP 154.83.25.141:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 417 kB (417166 bytes)
Hash 13c9b946edcde7ff1343201a30e2fd46
c58983acbb24dfd174e7e033c3054b9e5036cb7b
8e817dd37cc60ddd6de4dab6f55edf1132b6793ed7d391de2dd9200cd215a926
GET /128/960x120.gif HTTP/1.1
Host: zhibo128x.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 05 Jan 2023 22:14:43 GMT
Content-Type: image/gif
Content-Length: 417166
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 21:11:51 GMT
ETag: "63b5eb97-65d8e"
Expires: Fri, 03 Feb 2023 21:14:05 GMT
Cache-Control: max-age=2592000
Via: 154.83.25.138
CDN-Cache: HIT
Accept-Ranges: bytes
kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
172.83.155.45200 OK 366 kB URL HTTP/2 kzeoo.com/68a7807de3933bf7079116fa9df99e6f.gif
IP 172.83.155.45:0
ASN #201106 Spartan Host Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 366 kB (366444 bytes)
Hash 86371c51bf2086f3a40f0e438246b662
9da793de9c620485ee91b88413b256c69dc774c5
8155b44efd09301dca9ec4bdab8e3e6445d1564fe580edd5f7575c9289843ccf
GET /68a7807de3933bf7079116fa9df99e6f.gif HTTP/1.1
Host: kzeoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 366444
last-modified: Fri, 19 Aug 2022 17:02:28 GMT
etag: "62ffc224-5976c"
expires: Fri, 06 Jan 2023 10:16:34 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1420381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwipRCov4sczHTcdIWkv%2FaUrYkMXIXYgzLjnYGeXGYrNTWiFyZ4kN%2FbAl29k5zhUJwdz4MPvR6gOiEVX0jKqomGgljR2%2BFim4H7cs%2FsgE0OBbp%2BdOSiFv8UW13GA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 77f29af56ca4c5f5-SEA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/4f00585d06334268973fbb91eeba0b8e
47.246.44.228200 OK 134 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/4f00585d06334268973fbb91eeba0b8e
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 320 x 190\012- data
Size 134 kB (133945 bytes)
Hash 1451db0b67f42b4a25fb7deda607fbb1
48266d3111942dd0b477cfcbfa71527c50981385
b2bd9300e241291ffaf028b58124a4313c2846c8240f9b4cfff731bbd5136320
GET /obj/tos-cn-i-dy/4f00585d06334268973fbb91eeba0b8e HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 133945
date: Wed, 07 Dec 2022 09:03:39 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Wed, 07 Dec 2022 06:09:49 GMT
nw-session-id: 202212071409490102081611002488851Bwf5p503dy
nw-session-trace: 2022-12-07T14:09:49.498260728+08:00 94
x-bdcdn-cache-status: TCP_HIT
x-length: 133945
x-powered-by: ImageX
x-response-date: Wed, 07 Dec 2022 14:09:49 GMT
x-tt-logid: 202212071409490102081611002488851B
via: n204-098-199, cache5.l2de2[0,0,206-0,H], cache3.l2de2[0,0], cache3.l2de2[1,0], cache4.se1[0,0,200-0,H], cache3.se1[1,0]
x-request-ip: fdbd:dc01:22:35::154
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce1081f6f984275a9e5cf86091f9e0f12a79bddee19c774e2ad85295f24bdfb6c5d99b67206916692e50a0e9718503fe8bf67f8dd6809a0168f5afa28582e0a6a842bf344405f922f86f3b600daf5831627a7d
x-response-lb: image
ali-swift-global-savetime: 1670403819
age: 2553176
x-cache: HIT TCP_MEM_HIT dirn:2:89986593
x-swift-savetime: Wed, 07 Dec 2022 13:10:59 GMT
x-swift-cachetime: 31521160
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9716729569955362391e
X-Firefox-Spdy: h2
www.jxys16.xyz/template/m1938pc/static/css/bootstrap.min.css
173.231.38.6200 OK 209 kB URL HTTP/2 www.jxys16.xyz/template/m1938pc/static/css/bootstrap.min.css
IP 173.231.38.6:0
Size 209 kB (209212 bytes)
Hash 56242b130c89964d142b1b39ace3e7d8
0a07a23b32da99212b4cb5cc857af4ce2815a607
1e7b7f9e6c5b1e35bb0c067a0728554131cd4be55b5ea4937b4a6a3083740e90
GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: www.jxys16.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:16:32 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 04:46:04 GMT
vary: Accept-Encoding
etag: W/"61e1000c-23816"
expires: Fri, 06 Jan 2023 10:16:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
taiwtp1.com/xin/225135.gif
220.128.218.220200 OK 67 kB URL HTTP/2 taiwtp1.com/xin/225135.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 225 x 135\012- data
Hash 81996a5d1fe46f845ff020017edba5cb
68dc488bcaf576c3c63394123998bb55ea79d121
6ee94aa6b2f278f4d4bff35da13d01e8ecc332464a23050f5a816fe18943b7aa
GET /xin/225135.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:09:51 GMT
content-type: image/gif
content-length: 67441
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10771"
expires: Sat, 04 Feb 2023 22:09:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
8499165.com/8499/220x130.gif
198.16.51.55200 OK 143 kB URL HTTP/2 8499165.com/8499/220x130.gif
IP 198.16.51.55:0
File type GIF image data, version 89a, 220 x 130\012- data
Size 143 kB (143198 bytes)
Hash 2e3ee9276e9fdb03d57612e04313b43b
c2b0c90a434ab607712b6733da6f8f4fce17fcf4
fb8b0f4eaeb403458ec3e2d6cfcd26401b93eb2d857938aed697eae8378c2d97
GET /8499/220x130.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/gif
content-length: 143198
last-modified: Sat, 17 Dec 2022 10:40:27 GMT
etag: "22f5e-5f003b6de04b8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
3888537ccc.com/a96984034ec34a47aec0e95fd23f1058.gif
103.170.15.110200 OK 88 kB URL HTTP/1.1 3888537ccc.com/a96984034ec34a47aec0e95fd23f1058.gif
IP 103.170.15.110:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 320 x 185\012- data
Hash 8d00fbc4b81285815eb1358ff6562dee
3b35d424783d0c9f64bafbfa7e427949115a4e15
1a1af43abebdc6ae261953807be21deea00014561de8652a974e518c1958639e
Analyzer Verdict Alert quad9 Sinkholed
GET /a96984034ec34a47aec0e95fd23f1058.gif HTTP/1.1
Host: 3888537ccc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63b288f1-15974"
Date: Mon, 02 Jan 2023 13:38:29 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 02 Jan 2023 07:34:09 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-40
Content-Length: 88436
88886aaa.com/db431bafa2474156b9fddc3d9c277b4d.gif
103.170.15.79200 OK 177 kB URL HTTP/1.1 88886aaa.com/db431bafa2474156b9fddc3d9c277b4d.gif
IP 103.170.15.79:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 240 x 140\012- data
Size 177 kB (176976 bytes)
Hash 5c383b781891f009bfe7545eb03e78d9
75d4973454dc1243aeb3e10c8f58033b904f55a0
3fcb048f35db216dd311386f685b6dd7ed68384951f09cc018287cdb49d1d35b
Analyzer Verdict Alert quad9 Sinkholed
GET /db431bafa2474156b9fddc3d9c277b4d.gif HTTP/1.1
Host: 88886aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62da66b6-2b350"
Date: Thu, 29 Dec 2022 06:01:03 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 22 Jul 2022 08:58:30 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-09
Content-Length: 176976
8499165.com/8499/150x150.gif
198.16.51.55200 OK 185 kB URL HTTP/2 8499165.com/8499/150x150.gif
IP 198.16.51.55:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 185 kB (185171 bytes)
Hash 09b278a0ce767cdcdc3b9be868a94320
b69d4a2345f4d5ae6cc772a70456ea7aea74ce95
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
GET /8499/150x150.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/gif
content-length: 185171
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
etag: "2d353-5f0e00094173c"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
218.12.76.164200 OK 1.1 MB URL HTTP/1.1 ldbbs.ldmnq.com/bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif
IP 218.12.76.164:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 960 x 120\012- data
Size 1.1 MB (1082384 bytes)
Hash a2513b4510f6797c4cbe4012fc79c64c
41f15aa49c66eed88a541224dedda5d215f9e7ef
16e775f7ac1e0368c216cdcf70bc3d56d7d952d7653898dbb8093efcd712cc71
GET /bbs/topic/images/2022-12/8a42cd46-12a9-46a4-8563-ee14a925192c.gif HTTP/1.1
Host: ldbbs.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: image/gif
Content-Length: 1082384
Connection: keep-alive
Server: openresty
Age: 1354192
CloudServiceDiscount: CDN
Content-Encoding: utf-8
ETag: "a2513b4510f6797c4cbe4012fc79c64c"
Last-Modified: Wed, 21 Dec 2022 06:06:41 GMT
X-CCDN-CacheTTL: 2592000
nginx-hit: 1
via: CHN-HEshijiazhuang-AREACUCC1-CACHE23[2],CHN-HEshijiazhuang-AREACUCC1-CACHE30[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE95[133],CHN-TJ-GLOBAL1-CACHE30[123,TCP_MISS,131]
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSFhv2Sr1BDL3xCdwQqA6DE4Gw8YvJHp
x-amz-request-id: 00000185334A8E1F900DAF7A4A1D6950
x-amz-storage-class: STANDARD_IA
x-hcs-proxy-type: 1
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Accept-Ranges: bytes
8499174.com/8499/zzxx/960x100.gif
198.16.51.55200 OK 479 kB URL HTTP/2 8499174.com/8499/zzxx/960x100.gif
IP 198.16.51.55:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 479 kB (479036 bytes)
Hash f586fcd7d6a54725a2d0d26355f16a06
338916b44a69b6820f8b741d0c47e68830e6234a
af1a7ed89fa356285f747cd80c8d7d33b980066a02051706c41083edd567414d
GET /8499/zzxx/960x100.gif HTTP/1.1
Host: 8499174.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: image/gif
content-length: 479036
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "74f3c-5f092cf09552f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
66669aaa.com/2d7b4166a63c4e48bb523d07d45069fb.gif
45.61.212.52200 OK 254 kB URL HTTP/1.1 66669aaa.com/2d7b4166a63c4e48bb523d07d45069fb.gif
IP 45.61.212.52:0
File type GIF image data, version 89a, 750 x 150\012- data
Size 254 kB (254363 bytes)
Hash 73bf5e1a256f4f70c6312d76e6f02cce
198aa17d9997f20877733ae380c32d8c98ed4bb9
4b664ff030b33d67670b9cbfbf8e1ab6aeaad63d5d0eed5572658ae6d5399a7a
Analyzer Verdict Alert quad9 Sinkholed
GET /2d7b4166a63c4e48bb523d07d45069fb.gif HTTP/1.1
Host: 66669aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6399cb60-3e19b"
Date: Mon, 19 Dec 2022 10:00:48 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 14 Dec 2022 13:10:56 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-22
Content-Length: 254363
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0
43.129.255.47200 OK 206 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 206 kB (205622 bytes)
Hash 8a22a6888c325aa3acf83e7cedfe35e7
37da1ea976724d35c1c32ae18d7924192184ba32
2e90b20d4c2067ff68444790955d65d2745365cf025c486c8c2b685696faeeaa
GET /qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7KC5LIMic1KaTYwJYhDicnibqKbVUtzwk3vqBxlG2ZQYyjo/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Thu, 05 Jan 2023 22:16:34 GMT
content-type: image/gif
content-length: 205622
vary: Accept,Origin
last-modified: Mon, 19 Dec 2022 06:54:31 GMT
cache-control: max-age=2592000
x-delay: 34414 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 9
x-reqgue: 0
size: 205622
chid: 0
fid: 0
x-nws-log-uuid: dadc69d6-4459-4f78-8f49-13e90814314f
X-Firefox-Spdy: h2
tpkj3333.com/img/k80m/or0H1Mqta.gif
46.149.201.215200 OK 748 kB URL HTTP/1.1 tpkj3333.com/img/k80m/or0H1Mqta.gif
IP 46.149.201.215:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 80\012- data
Size 748 kB (748192 bytes)
Hash 4fa2f5cc209f4571d0aa982fe5f7a7b2
5a08baf1e1bb3a27317a2e931f7dfe6744d9af02
e2ada2398274d9660f4ae8722fc08922d63959e4e2a466b0d4477f17a0e6ef40
GET /img/k80m/or0H1Mqta.gif HTTP/1.1
Host: tpkj3333.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 05 Jan 2023 22:16:34 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"749732-1672933776000"
Last-Modified: Thu, 05 Jan 2023 15:49:36 GMT
Expires: Fri, 20 Jan 2023 22:16:34 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: EXPIRED, HIT
img.9376x.com/images/6399c27b56eec67c33ea8921.gif
38.54.81.125302 Found 0 B URL HTTP/2 img.9376x.com/images/6399c27b56eec67c33ea8921.gif
IP 38.54.81.125:0
GET /images/6399c27b56eec67c33ea8921.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/26c4bd83c03e4572a0da94a24edacb39
X-Firefox-Spdy: h2
png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
104.18.2.157403 Forbidden 0 B URL HTTP/2 png.pngtree.com/png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg
IP 104.18.2.157:0
GET /png-vector/20190603/ourmid/pngtree-icon-close-button-png-image_1357955.jpg HTTP/1.1
Host: png.pngtree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 05 Jan 2023 22:16:35 GMT
content-type: application/xml
cf-ray: 784f9440fcdcb506-OSL
access-control-allow-origin: *
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-id-2: bfPj2Eo9OgqCdNdbHOc6E6BtTdpSWVbFalQHM68rT5WXKEGy62qDxaXldrKqgOkbxPCLtaboARM=
x-amz-request-id: T46NSWKNTNTJCSE5
set-cookie: __cf_bm=rLwBB9wpLiDbzLov3qCsn4m5IDty.a371vF1d9dhDjs-1672956995-0-AXoo29PyBkhKBY3jwx+k6kSCwb+/d8XNXJocSTWK0GXG+gozvTL7mZOym6yFEbDafAb9YQTnBx/B5py1TB+ycSE=; path=/; expires=Thu, 05-Jan-23 22:46:35 GMT; domain=.pngtree.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
jx.tongdoumaoyi.com/news/data.php
20.239.85.25200 OK 0 B URL HTTP/2 jx.tongdoumaoyi.com/news/data.php
IP 20.239.85.25:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /news/data.php HTTP/1.1
Host: jx.tongdoumaoyi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jx.tongdoumaoyi.com/news/list.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 05 Jan 2023 22:16:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: HIT@whalem3g7000001
X-Firefox-Spdy: h2
img.7629a.com/images/63ac1e40a09b23ceb4ba9cb0.gif
38.54.81.125302 Found 0 B URL HTTP/2 img.7629a.com/images/63ac1e40a09b23ceb4ba9cb0.gif
IP 38.54.81.125:0
GET /images/63ac1e40a09b23ceb4ba9cb0.gif HTTP/1.1
Host: img.7629a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/954e2828fcde41ccaee7dee63d6bda01
X-Firefox-Spdy: h2
static.qwahk.com/960x100.gif
210.65.162.54200 OK 0 B URL HTTP/1.1 static.qwahk.com/960x100.gif
IP 210.65.162.54:0
ASN #3462 Data Communication Business Group
GET /960x100.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 763448
Content-Type: image/gif;charset=UTF-8
Date: Tue, 20 Dec 2022 17:36:54 GMT
ETag: "1672955892"
Last-Modified: Thu, 05 Jan 2023 21:58:12 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PStwtbTPE1rg71:3 (W)
X-Cache: HIT, server, memory
X-Px: ms PStwtbTPE1rg71TPE(origin)
X-Reqid: 201921416722818020221221013654ypkm0zzIsampled
X-Ws-Request-Id: 63a1f2b6_PStwtbTPE1rg71_19026-8036
img.u2762.com/images/6399c35556eec67c33ea8926.gif
38.54.81.125302 Found 0 B URL HTTP/2 img.u2762.com/images/6399c35556eec67c33ea8926.gif
IP 38.54.81.125:0
GET /images/6399c35556eec67c33ea8926.gif HTTP/1.1
Host: img.u2762.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/4f00585d06334268973fbb91eeba0b8e
X-Firefox-Spdy: h2
img.9367x.com/images/6399c32956eec67c33ea8925.gif
38.54.81.125302 Found 0 B URL HTTP/2 img.9367x.com/images/6399c32956eec67c33ea8925.gif
IP 38.54.81.125:0
GET /images/6399c32956eec67c33ea8925.gif HTTP/1.1
Host: img.9367x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9e8afd3907294526a42a854b0f4d7560
X-Firefox-Spdy: h2
static.qwahk.com/240x140.gif
210.65.162.54200 OK 0 B URL HTTP/1.1 static.qwahk.com/240x140.gif
IP 210.65.162.54:0
ASN #3462 Data Communication Business Group
GET /240x140.gif HTTP/1.1
Host: static.qwahk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jxys16.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: *
Access-Control-Allow-Orign: *
Content-Length: 359778
Content-Type: image/gif;charset=UTF-8
Date: Tue, 20 Dec 2022 17:36:35 GMT
ETag: "1672954512"
Last-Modified: Thu, 05 Jan 2023 21:35:12 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PStwtbTPE1ci72:15 (W)
X-Cache: HIT, server, memory
X-Px: ms PStwtbTPE1ci72TPE(origin)
X-Reqid: 2019214167228195202212210136351KTlfO2Zsampled
X-Ws-Request-Id: 63a1f2a3_PStwtbTPE1rg71_20295-18766