r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8795
Expires: Tue, 15 Nov 2022 04:44:39 GMT
Date: Tue, 15 Nov 2022 02:18:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2764
Cache-Control: max-age=118757
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:04 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:17:21 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14136
Expires: Tue, 15 Nov 2022 06:13:40 GMT
Date: Tue, 15 Nov 2022 02:18:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 01:44:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2025
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eRYrDyXxpEXmEGW+bFMQDao+512W1KtLb/c8OewPwJVTH/YIhy7yMb3EiAvDoBUVFZfhnXXpp9E=
x-amz-request-id: QWMM17WJ6R54C5PM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 01:51:22 GMT
age: 1602
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
jhaqc.com/
104.148.25.71301 Moved Permanently 0 B IP 104.148.25.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: jhaqc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 14 Nov 2022 10:18:58 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.jhaqc.com/index.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 02:18:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 01:44:48 GMT
cache-control: public,max-age=3600
age: 1997
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.jhaqc.com/index.php
104.148.25.71200 OK 804 B IP 104.148.25.71:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (836), with CRLF line terminators
Hash 8bf242ddca41f9c31dd2f5339ad14276
4ea8acd2adc25b4ea23ccafb004041f3efa7e24f
6d7f066b835a929e5dbc965412b2796a4958013093f5b39b6bfda9b392d159ba
GET /index.php HTTP/1.1
Host: www.jhaqc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 14 Nov 2022 10:18:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6263
Cache-Control: max-age=117199
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:05 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:51:24 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.jhaqc.com/common.js
104.148.25.71200 OK 507 B IP 104.148.25.71:0
File type ASCII text, with very long lines (1065), with no line terminators
Hash 3a94a5fefad82e37a781a8613b63edb2
33fdcfcbc94b9e641c8c32943c48a5257920bf02
c2436c695d7e01e6a193f911bcacfb4211e93a86f7806795bc1bfc571f281d20
GET /common.js HTTP/1.1
Host: www.jhaqc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 14 Nov 2022 10:18:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.jhaqc.com/tj.js
104.148.25.71200 OK 214 B IP 104.148.25.71:0
File type HTML document, ASCII text, with CRLF line terminators
Hash bdb59b05453bf6baed64d3003a7528bc
8005fd48ee13bbfc72f4aa4245356bca32219948
d9794733843db10e8c8498f8f313048a6b06148aa081a4c8e20ed17a3dc21cfe
GET /tj.js HTTP/1.1
Host: www.jhaqc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 14 Nov 2022 10:18:59 GMT
Content-Type: application/x-javascript
Content-Length: 214
Connection: keep-alive
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dUTk2N58wrHM3dRrGXRpQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8DAaEgZ9fw2NXxjO/K8WLMol7VE=
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 15 Nov 2022 02:18:05 GMT
Etag: "4078521116"
Expires: Wed, 15 Nov 2023 02:18:05 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=68670EE48A797F18FD4F9FB7395F93D5:FG=1; max-age=31536000; expires=Wed, 15-Nov-23 02:18:05 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
www.towelioctltykddpdt.xyz/js/jlys.js
172.247.28.61200 OK 1.8 kB URL HTTP/1.1 www.towelioctltykddpdt.xyz/js/jlys.js
IP 172.247.28.61:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (447), with CRLF line terminators
Hash 88facc9844ed555fcd48540ca500e724
dea6514308a73bf471b55dca6155be10ccf55263
440a96acdbbe4eaeb3ddd12ce300a541b578fae83a1b01d1ee956d7d9cbaa965
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jlys.js HTTP/1.1
Host: www.towelioctltykddpdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:33 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jun 2022 07:24:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"629865a6-f3a"
Expires: Tue, 15 Nov 2022 22:18:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.towelioctltykddpdt.xyz/jlys_data.php?zq=jlys&val=smplink&t=0.9120073854395201?v=043795782458320964
172.247.28.61200 OK 58 B URL HTTP/1.1 www.towelioctltykddpdt.xyz/jlys_data.php?zq=jlys&val=smplink&t=0.9120073854395201?v=043795782458320964
IP 172.247.28.61:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 430433ea8416ba28d64609d5ce6c0c25
5fb122125c46fd446105cbf712ca1feb8fb58fe9
0aa094a8a48f5e4a3cabb84ebc6da27d1933dd50b19bbdf2c15305a4e3512c86
Analyzer Verdict Alert quad9 Sinkholed
GET /jlys_data.php?zq=jlys&val=smplink&t=0.9120073854395201?v=043795782458320964 HTTP/1.1
Host: www.towelioctltykddpdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.jhaqc.com
Connection: keep-alive
Referer: http://www.jhaqc.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:33 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 9eb4da35fd2a97c342fd91d3c9a1aae8
2622d8c8bc0f812ab3e7753d9c4362d4fa844b07
fe822b6b501d9c1f49cb4c985e5d37d2b08ccdc8758dea03863c7e3a3ae2d7fb
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 19 Nov 2022 00:35:14 GMT
ETag: "2622d8c8bc0f812ab3e7753d9c4362d4fa844b07"
Last-Modified: Tue, 15 Nov 2022 00:35:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 138
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a47e8fbddeb4f9-OSL
www.bbniu.xyz/
156.251.184.244200 OK 13 kB IP 156.251.184.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (406)
Hash baca12c735d0ad33f24d5ef2e312655c
dfc507017010dbff560568ce678df8059f42627c
f87d01d567644d11944636fdc459fbaa0638c0c704eb1ef6c83ce6db682df586
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:33 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:57 GMT
age: 16329
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18dc101656c2e449e5f54ff7b7fb10b
d5ba3b6a069a74b5db3560a265728e627f6fe18d
53a73577e37651a936a5841fe06e40475e06ce6fa9e14fc0590ddc7aba421dd2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4394
x-amzn-requestid: fd389a5e-b816-4bd8-a073-2f52fea5bfab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhtFfnIAMF1rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b471-133a3285137912af436daffd;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:41 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6i-blK0B05DT_CvizlmYpcDTpDV8IZLOIrukIQPW6FISAuXa1T0FdQ==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 16244
etag: "d5ba3b6a069a74b5db3560a265728e627f6fe18d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dd31c5-7b83-42d7-b534-fb8391ac7086.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dd31c5-7b83-42d7-b534-fb8391ac7086.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e02b1cef4506be68e4a6fb309a88698c
7da0425161b8c34ccf9837a56bf77d498cdb65ad
c886c7d128895c62a8ecde5202f4383d22555298d78ef91d63b5d3ebedf448a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dd31c5-7b83-42d7-b534-fb8391ac7086.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: 528e9b30-ba34-4aef-b5b0-71cad9580bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuo_EXhoAMFtEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675e39-71222ac908406eeb061848f2;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:11:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vjOM-57TBG0yPsmFlS2ch7_ylKWffHpajgmCM7A7dVxQetoKYPXo6w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:46:24 GMT
age: 16302
etag: "7da0425161b8c34ccf9837a56bf77d498cdb65ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 962f43862a852bfa6766b9a2d8bfb99d
a5283e68020826f085fb4f06e3dcd36cef9eb067
7eee8aa0f5c6bce04a86fa16fb5d3e632d54792d79c550b044a40a6f070b89d4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15206
x-amzn-requestid: a04dc971-de49-4dc4-8bc2-2d3244d33ace
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhpEJkoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b470-632efaa725c2b959692e9e77;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ucLWmapHlWoKDoeb_ff2qbZOKGJLLQuq6RoP9mpFWOCVAJ70t13yw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 16244
etag: "a5283e68020826f085fb4f06e3dcd36cef9eb067"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd744cf1f-bbfc-4306-bf3d-5e1e6b8b1c90.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd744cf1f-bbfc-4306-bf3d-5e1e6b8b1c90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edc9d97a2396dfc326736cb9b2b3b474
2c5a98ad27133575ef4fa48a8ff379ee5ad51490
a89e1e9a13b72b0a826ed77a71ec92ac5548a996f6c17b11a4c002480a429333
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd744cf1f-bbfc-4306-bf3d-5e1e6b8b1c90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7873
x-amzn-requestid: 4a968a3c-c6ca-4d18-83b4-6a1d42e85fee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bef9SFIMoAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f46bb-2cd01e7d191b3eda7d743866;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:09:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Dd7LRmqYma1DJjtrhRR-6yMEx3nfHCXybm94gdjydLyjn6eFi4Cl7w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 07:16:52 GMT
age: 68474
etag: "2c5a98ad27133575ef4fa48a8ff379ee5ad51490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fc9477e5982c76b5205fe284f50848
2ca4915631ddcda64c1cb70674f4b1379e288050
496e4e4317538bd34bc6bc28f0c772b7afaf0edac6d2a8686f5e6c4f44331bb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11290
x-amzn-requestid: e56e4731-696e-4c63-9b48-1be184b32098
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPzMHOEoAMFVJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63706014-22c49f066ed90cf35d5bba3d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RXdcX1PweMfXctBjufkeOtyV8F9Yb8OyZJaUX38cdaswfBHCim7mGQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 03:38:09 GMT
age: 81597
etag: "2ca4915631ddcda64c1cb70674f4b1379e288050"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bbniu.xyz/template/jlys/static/css/bootstrap.min.css
156.251.184.244200 OK 27 kB URL HTTP/1.1 www.bbniu.xyz/template/jlys/static/css/bootstrap.min.css
IP 156.251.184.244:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (493)
Hash 009318d8ae281e66da9d7eaf20de9350
5598f58336a95bd4208b7ebddeb204d43865a70e
80683f9d898f82ebd9b8335a25cf57e68b84c836c4765a42c7bc17b43bea16e2
Analyzer Verdict Alert quad9 Sinkholed
GET /template/jlys/static/css/bootstrap.min.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Wed, 27 May 2020 23:55:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ecefdf0-2212e"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.bbniu.xyz/template/jlys/static/css/swiper.min.css
156.251.184.244200 OK 3.3 kB URL HTTP/1.1 www.bbniu.xyz/template/jlys/static/css/swiper.min.css
IP 156.251.184.244:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (17459)
Hash 3b0f19c6e3d95b50787117fc26d47c7f
33799bc7c5f9ebda4adde8d59116a87fc2cce23f
39c608aa9656788524e36287f3a9e0070085695a439e4081a5bfd48c3b6f83b3
Analyzer Verdict Alert quad9 Sinkholed
GET /template/jlys/static/css/swiper.min.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Wed, 27 May 2020 23:55:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ecefdf2-4562"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.bbniu.xyz/template/jlys/static/css/white.css
156.251.184.244200 OK 2.8 kB URL HTTP/1.1 www.bbniu.xyz/template/jlys/static/css/white.css
IP 156.251.184.244:0
File type assembler source, ASCII text, with very long lines (1029), with CRLF line terminators
Hash a5eccc7e2836315f7bb04b7898a027fd
b0df7401bdd8d1c8e70596bcf988254afafd6805
2bce05beec599deec60a00af27e41f9af335ca0684f93e22a6e3c2f6d5169590
Analyzer Verdict Alert quad9 Sinkholed
GET /template/jlys/static/css/white.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Wed, 21 Apr 2021 20:48:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60808fb6-29da"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.bbniu.xyz/template/jlys/static/css/mm-content.css
156.251.184.244200 OK 1.4 kB URL HTTP/1.1 www.bbniu.xyz/template/jlys/static/css/mm-content.css
IP 156.251.184.244:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 52aa59d2204183f0387403c70b429fe9
834ea6ae81fa673cf95f01619c727198d4954f6f
57ce4e3e4ddc6bb24d3d25a9ef34a5a3076395b049f6fa832eb05b3d62b95d00
Analyzer Verdict Alert quad9 Sinkholed
GET /template/jlys/static/css/mm-content.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Mon, 09 May 2022 14:28:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62792503-1cd0"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.bbniu.xyz/template/jlys/static/css/style.css
156.251.184.244200 OK 15 kB URL HTTP/1.1 www.bbniu.xyz/template/jlys/static/css/style.css
IP 156.251.184.244:0
File type assembler source, Unicode text, UTF-8 text, with very long lines (350), with CRLF line terminators
Hash 4495e8aa756dc2cda90f57239ecad9ea
c8aaebce7643d7c46edc3b4e2ae426ae6b8c6ed5
d56b5cf774c910d16c7c11a36322205fd47fe3f64688fb79e3f59b1f2a9a9257
Analyzer Verdict Alert quad9 Sinkholed
GET /template/jlys/static/css/style.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Thu, 08 Jul 2021 15:56:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60e72017-10b00"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.bbniu.xyz/static/js/jquery.js
156.251.184.244200 OK 35 kB URL HTTP/1.1 www.bbniu.xyz/static/js/jquery.js
IP 156.251.184.244:0
File type ASCII text, with very long lines (65447)
Hash abedc8bae88e267ba9ab2db769d1eee4
e2e0efd271d8a6564837e7226c7586a0d96047b5
a33a11a3922bed1ab922e13cd825e1fdf1fff5a9695aa9359acaa2a6e8d30066
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/jquery.js HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: application/javascript
Last-Modified: Sat, 12 Nov 2022 17:31:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636fd867-15e3f"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
96.6.16.143200 OK 1.2 MB URL HTTP/2 ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP 96.6.16.143:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.2 MB (1197751 bytes)
Hash 6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7446806
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Tue, 15 Nov 2022 02:18:07 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
js.users.51.la/21285005.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21285005.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash c827032af976c243b7bd48054094e6c9
bc5327afcec506ecd4a4e5af1b891f788a3e24bc
e5a1e6ee76c05c78cf4654d9f917125112c358781afbbb1ecae66724472dd496
GET /21285005.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/
HTTP/1.1 200 OK
Server: CloudWAF
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=8ac71f73c2b49bcc07; path=/
HWWAFSESTIME=1668478686889; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
gif.naigou1002.top/GIF/1241242.gif
104.21.233.253200 OK 276 B URL HTTP/1.1 gif.naigou1002.top/GIF/1241242.gif
IP 104.21.233.253:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (426), with no line terminators
Hash 6aea6632fb7397ddad30b57084bff67b
9f657259a61190add63aeb4b279b7666804fdbc8
e8ec9623f6a21304a8d9246e3bc820283a341e3a0837a52d949cdaebd52e3468
GET /GIF/1241242.gif HTTP/1.1
Host: gif.naigou1002.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=259200
CF-Cache-Status: HIT
Age: 7341
Last-Modified: Tue, 15 Nov 2022 00:15:46 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65vIjnFQpx%2BsvEOTe7eTAp%2FwlA%2FLWQNe0uMkfguDtmwZ6KQG6NGUnZMmjPwnEKY%2Bxke46tz%2FWqjGqdB2Pd1nw9BlMeYH2TLyDMSv3cwVYZvjGED1YgZz467pFJ57ChcEiC67zm4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a47e94de2c7777-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 5ec2bfda068843ba8f42630bf3e4b0cd
0c6ea9a3894a2fc4fa451597f77328623e7427d3
2e28d1cf20bd85ac5506e2820628701ca9af04493aba71d4f602ed988bca707b
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0397957C68CE5A5C99FD228AF31652DDBB16A689"
Expires: Tue, 15 Nov 2022 12:00:00 GMT
Last-Modified: Tue, 15 Nov 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3134
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a47e95a87fb4f9-OSL
cdn.jsdelivr.net/gh/re341/ipad@main/112.ww
151.101.85.229200 OK 1.1 MB URL HTTP/2 cdn.jsdelivr.net/gh/re341/ipad@main/112.ww
IP 151.101.85.229:0
File type GIF image data, version 89a, 206 x 206\012- data
Size 1.1 MB (1127941 bytes)
Hash 0e7eec6edceaeea89caf8f918078ac38
1d7f2cc8f2b17e529e52d2bf4594be2a1934ef25
a1dae3e6252e4cc2d7d8ef59a9b8b7484fd5e4a10f7276e975c3654f6c9391c8
GET /gh/re341/ipad@main/112.ww HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: main
x-jsd-version-type: branch
content-type: application/octet-stream
etag: W/"113605-HX8syPKxflKeUtK/RZS+Khk07yU"
accept-ranges: bytes
date: Tue, 15 Nov 2022 02:18:07 GMT
age: 7991
x-served-by: cache-fra-eddf8230116-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1127941
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP 142.250.74.35:0
Hash 77fe12c5b087586bb996f0eec132b212
db3c4dcb5248f9e8ff2b2b6d22a0a2ed28644a05
5c765f792c15fcfe3311b8897af99936c5ae0f7a37f3970b8ba410225db93b87
POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tupku.top/lm/031815-80.gif
172.67.200.40200 OK 1.6 MB URL HTTP/2 www.tupku.top/lm/031815-80.gif
IP 172.67.200.40:0
File type GIF image data, version 89a, 500 x 281\012- data
Size 1.6 MB (1626999 bytes)
Hash 17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:07 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Tue, 15 Nov 2022 22:22:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2479415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jjxv4NxpaeuTD8MoBJstnwdepAH%2BDO8%2FQWNEmD3gvBQwGPQjChZXMAdChDCTNS4wDlai84yVKHk%2B25iLxUmSJUKrEVNYuvoqIlSqoX7RyLDMbu1ZOirUr%2F9iZ1dUh%2FW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a47e95fd66b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
104.110.17.24200 OK 894 kB URL HTTP/2 dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 894 kB (893726 bytes)
Hash 1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
GET /images/03950120009rs7dn26B5E.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 893726
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6913095
expires: Fri, 03 Feb 2023 02:36:22 GMT
date: Tue, 15 Nov 2022 02:18:07 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
www.bbniu.xyz/template/jlys//images/logo.png
156.251.184.244200 OK 31 kB URL HTTP/1.1 www.bbniu.xyz/template/jlys//images/logo.png
IP 156.251.184.244:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e193b97a7e7ad03e60ea7e0525d1cc2
8a65564e9be25b8c9130ca5f46e42440f455f747
5b91ad20822478a84eb4018c93feb80184e765c4d7997383def9160c92e00757
Analyzer Verdict Alert quad9 Sinkholed
GET /template/jlys//images/logo.png HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: image/png
Content-Length: 31224
Last-Modified: Thu, 16 Jun 2022 13:35:12 GMT
Connection: keep-alive
ETag: "62ab3190-79f8"
Expires: Thu, 15 Dec 2022 10:18:34 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP 142.250.74.35:0
Hash 77fe12c5b087586bb996f0eec132b212
db3c4dcb5248f9e8ff2b2b6d22a0a2ed28644a05
5c765f792c15fcfe3311b8897af99936c5ae0f7a37f3970b8ba410225db93b87
POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef13e64d486b8332de0065e428c2e5b5
a771f04866e0ac6b334bbcf657f8aaeaa6970d0c
e7fd310f11e4aef9c0cdec1738d7f1d71258ae19c255e8d8bd33411e4824b609
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7FD310F11E4AEF9C0CDEC1738D7F1D71258AE19C255E8D8BD33411E4824B609"
Last-Modified: Sat, 12 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Tue, 15 Nov 2022 03:47:52 GMT
Date: Tue, 15 Nov 2022 02:18:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef13e64d486b8332de0065e428c2e5b5
a771f04866e0ac6b334bbcf657f8aaeaa6970d0c
e7fd310f11e4aef9c0cdec1738d7f1d71258ae19c255e8d8bd33411e4824b609
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7FD310F11E4AEF9C0CDEC1738D7F1D71258AE19C255E8D8BD33411E4824B609"
Last-Modified: Sat, 12 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Tue, 15 Nov 2022 03:47:52 GMT
Date: Tue, 15 Nov 2022 02:18:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 63566c18d5d70ea474eacf73bab096a6
5d76af6485973806839972ea3d2885dc0527f4a6
ef083a9b50db42e6f35d8c9086e09a710cc347d217fccc8b2913f3d1bfc16954
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF083A9B50DB42E6F35D8C9086E09A710CC347D217FCCC8B2913F3D1BFC16954"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1912
Expires: Tue, 15 Nov 2022 02:49:59 GMT
Date: Tue, 15 Nov 2022 02:18:07 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b3619f496c3bc45fc74e00b3085e28e0
f49aad323ab65f4ccf79b2ff4230969132f83b5e
c79360ea186c6351f1b16c193953b991b46bb87a50d94d78197f34ae7b9bce8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 03:39:08 GMT
Expires: Sun, 20 Nov 2022 03:39:07 GMT
Etag: "f49aad323ab65f4ccf79b2ff4230969132f83b5e"
Cache-Control: max-age=436259,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e97ae290b06-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c721fb64fe0c60ef4efaa77a9b5d09c6
9b1f289c7eb2b7da219de322ce3862b2091194c0
5b4e68ff04ae58ec58079534ea115b4d49346c23ac299a2a2d7050cb384b9a28
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 16:32:08 GMT
Expires: Fri, 18 Nov 2022 16:32:07 GMT
Etag: "9b1f289c7eb2b7da219de322ce3862b2091194c0"
Cache-Control: max-age=309839,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e97b9a5b521-OSL
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
66.150.130.123301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP 66.150.130.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 02:18:07 GMT
content-type: text/html
content-length: 162
location: https://kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gif
66.150.130.123301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gif
IP 66.150.130.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 02:18:07 GMT
content-type: text/html
content-length: 162
location: https://kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash f61516b4dfce0dbc333dd8306c60f1de
17a77026f84a2120bf163626741c2d695eb44584
0e76a7a25953ab6ff331ab62bdf24b0f82f1faaeca447574b0f574339e1dcd2a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 23:09:42 GMT
Expires: Mon, 21 Nov 2022 23:09:41 GMT
Etag: "17a77026f84a2120bf163626741c2d695eb44584"
Cache-Control: max-age=592892,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e983871b509-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash d0ac36671c1e542999f2d5b5f3e28517
f2bdb4f815073e3f724d2eebb072f992b5378643
c1130c5c88ceb556b77b8535d6b8063bfc607c66be4e19ff8ab460ce8cdedcc6
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 19:09:56 GMT
Expires: Mon, 21 Nov 2022 19:09:55 GMT
Etag: "f2bdb4f815073e3f724d2eebb072f992b5378643"
Cache-Control: max-age=578506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9868700b61-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 730ab8084dfe5815ab10cd8d7be9dae1
f94bc3ff5b18cd5a99913c50a79605fb3a458342
7f8c72d7d1e4feabda08e13507bdd0c67c8c5ff7558b4fef87e2658ab59a76cb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 15:31:13 GMT
Expires: Sun, 20 Nov 2022 15:31:12 GMT
Etag: "f94bc3ff5b18cd5a99913c50a79605fb3a458342"
Cache-Control: max-age=478983,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e978828b509-OSL
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash d0ac36671c1e542999f2d5b5f3e28517
f2bdb4f815073e3f724d2eebb072f992b5378643
c1130c5c88ceb556b77b8535d6b8063bfc607c66be4e19ff8ab460ce8cdedcc6
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 19:09:56 GMT
Expires: Mon, 21 Nov 2022 19:09:55 GMT
Etag: "f2bdb4f815073e3f724d2eebb072f992b5378643"
Cache-Control: max-age=578506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e987852b51e-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22cae5578e56d3d740e35685ede70a88
2c215d6ef1512e79a8f7b828686ac129965bf605
230f1ba159c1471964bdba88fc6ac016be18a8c64d9b2f2d0c73c330109f08bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "230F1BA159C1471964BDBA88FC6AC016BE18A8C64D9B2F2D0C73C330109F08BD"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21206
Expires: Tue, 15 Nov 2022 08:11:34 GMT
Date: Tue, 15 Nov 2022 02:18:08 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash d0ac36671c1e542999f2d5b5f3e28517
f2bdb4f815073e3f724d2eebb072f992b5378643
c1130c5c88ceb556b77b8535d6b8063bfc607c66be4e19ff8ab460ce8cdedcc6
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 19:09:56 GMT
Expires: Mon, 21 Nov 2022 19:09:55 GMT
Etag: "f2bdb4f815073e3f724d2eebb072f992b5378643"
Cache-Control: max-age=578506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e987b8cb523-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash d0ac36671c1e542999f2d5b5f3e28517
f2bdb4f815073e3f724d2eebb072f992b5378643
c1130c5c88ceb556b77b8535d6b8063bfc607c66be4e19ff8ab460ce8cdedcc6
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 19:09:56 GMT
Expires: Mon, 21 Nov 2022 19:09:55 GMT
Etag: "f2bdb4f815073e3f724d2eebb072f992b5378643"
Cache-Control: max-age=578506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e98989cb509-OSL
kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
104.21.55.165200 OK 1.0 MB URL HTTP/2 kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP 104.21.55.165:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.0 MB (1024160 bytes)
Hash 52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvkeee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbniu.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Sat, 10 Dec 2022 16:37:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 380444
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=froaTzOXXKea%2BmwR7Ap39vQN88uRXcjHVmmTl4IgNArpYTzxBqFpDYNG2dVBxR5s%2BxoLy0WpeQWwt%2FyzgCjRIV%2F1%2B41Fr%2FYlM5tAd%2BtL4b49U4Crzo930euf3lER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a47e99dfcdb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif
104.21.55.165200 OK 1.3 MB URL HTTP/2 kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif
IP 104.21.55.165:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.3 MB (1298074 bytes)
Hash 85b9a672c120f7478c57ca77aa1aed79
2dfe0f0557d29d30b86081052810d6fdd7ca36b7
29b8db3afafa2d2558af310a1c0da25048104389f4126b5fc19b458dc3b0af46
GET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1
Host: kvkeee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbniu.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 1298074
last-modified: Wed, 25 May 2022 13:49:49 GMT
etag: "628e33fd-13ce9a"
expires: Sat, 10 Dec 2022 13:53:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 390267
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1989idBEBlCExYQLEqZp%2BSkV1R6g5xxMkX43MV7pzeG%2Bzi58qHQzfx%2FrQCcZ%2FJ59cn3PdGm6hgje1FqIMpE9GA2qjJOaKvX8HgtPydA9eycblRKujhLmttJNZ3Nd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a47e99dfd1b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash f19b79c796747d5238899551ae2dede4
5ed3c91ec46ff194320be3f27fe0c0f6a3ff37ed
118f6d6a25a2240570e23371e72974a7afb05d7074e568aca37a0db1038b602a
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 18 Nov 2022 23:06:37 GMT
ETag: "5ed3c91ec46ff194320be3f27fe0c0f6a3ff37ed"
Last-Modified: Mon, 14 Nov 2022 23:06:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1495
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a47e9a6eb5b4ff-OSL
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22cae5578e56d3d740e35685ede70a88
2c215d6ef1512e79a8f7b828686ac129965bf605
230f1ba159c1471964bdba88fc6ac016be18a8c64d9b2f2d0c73c330109f08bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "230F1BA159C1471964BDBA88FC6AC016BE18A8C64D9B2F2D0C73C330109F08BD"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21206
Expires: Tue, 15 Nov 2022 08:11:34 GMT
Date: Tue, 15 Nov 2022 02:18:08 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP 142.250.74.35:0
Hash a190e06a3c2f374d829ac3ef97006feb
53ab0f07a8039d6ec123af53832bea592a5a0733
fbcde414bbaefa9b6a815443ad995a616a70c6c33ae4e213194fc42684fa2f81
POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
104.21.5.141200 OK 400 kB URL HTTP/2 kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 104.21.5.141:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbniu.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Sat, 10 Dec 2022 11:40:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 398241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgnUHE9Sqwu8gIqFJZ9OzdHuPArCSgQVNQpLooe11t6r5wFaFcY6K9EbMnHJpqMMehmrcUP79SE5HMWhauMh%2FBsEagjqNqKMu2l9SHnj6S53cOcP6cEMmKoD6%2FvB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a47e9ae977b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0097ef0fb7aff4740673bbe3dc0671fc
a500c24387cb3964155499a6566097d0afee65a3
15b21a9cc8b96a0a5d559c99a5cb4bc2064ec3368a91137386daa5a2655e11b5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 12:08:09 GMT
Expires: Sun, 20 Nov 2022 12:08:08 GMT
Etag: "a500c24387cb3964155499a6566097d0afee65a3"
Cache-Control: max-age=466799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9a7aadb521-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0097ef0fb7aff4740673bbe3dc0671fc
a500c24387cb3964155499a6566097d0afee65a3
15b21a9cc8b96a0a5d559c99a5cb4bc2064ec3368a91137386daa5a2655e11b5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 12:08:09 GMT
Expires: Sun, 20 Nov 2022 12:08:08 GMT
Etag: "a500c24387cb3964155499a6566097d0afee65a3"
Cache-Control: max-age=466799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9a7984b509-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 299cd3df5ae7031d1ba704b87ec99816
987333c5e3227c1df119b96d74da201d5f82663c
7b6831d1b91f6bd50412f841a8992271851811d8a7f07660f4d2bc27df0f1b55
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 21:27:21 GMT
Expires: Fri, 18 Nov 2022 21:27:20 GMT
Etag: "987333c5e3227c1df119b96d74da201d5f82663c"
Cache-Control: max-age=327551,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9aaec6b4ff-OSL
628536nyv.com/7f4326a942de44468e832f3775975026.gif
45.61.212.127200 OK 102 kB URL HTTP/1.1 628536nyv.com/7f4326a942de44468e832f3775975026.gif
IP 45.61.212.127:0
File type GIF image data, version 89a, 750 x 150\012- data
Size 102 kB (102151 bytes)
Hash eb2d786404404d76068eecb94ed0fea3
222b3896c1f7dac188d9d04b69990fb2888e89a4
acb9ec9b6d3000bf1a24d0a1c167aa1dd137438f8ef339cf7be7ebff9b26f824
Analyzer Verdict Alert quad9 Sinkholed
GET /7f4326a942de44468e832f3775975026.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "633a7a7c-18f07"
Date: Fri, 28 Oct 2022 10:48:25 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 03 Oct 2022 06:00:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-27
Content-Length: 102151
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 299cd3df5ae7031d1ba704b87ec99816
987333c5e3227c1df119b96d74da201d5f82663c
7b6831d1b91f6bd50412f841a8992271851811d8a7f07660f4d2bc27df0f1b55
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 21:27:21 GMT
Expires: Fri, 18 Nov 2022 21:27:20 GMT
Etag: "987333c5e3227c1df119b96d74da201d5f82663c"
Cache-Control: max-age=327551,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e98de720b06-OSL
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP 142.250.74.35:0
Hash a190e06a3c2f374d829ac3ef97006feb
53ab0f07a8039d6ec123af53832bea592a5a0733
fbcde414bbaefa9b6a815443ad995a616a70c6c33ae4e213194fc42684fa2f81
POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
u1022.com/fdb81046090e418b958f9fc3d83528d0.gif
103.170.15.45200 OK 528 kB URL HTTP/2 u1022.com/fdb81046090e418b958f9fc3d83528d0.gif
IP 103.170.15.45:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 100\012- data
Size 528 kB (528107 bytes)
Hash b835921ae97148cb73e491e4288ae077
392c16f2ee23667d7956bc601ee2f5927c16160d
acbe56eb9498265786e993eebf99780215d02e1cb27ea3a755f43a6134f10a55
GET /fdb81046090e418b958f9fc3d83528d0.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6367a25b-80eeb"
server: nginx
date: Tue, 08 Nov 2022 02:48:53 GMT
content-type: image/gif
last-modified: Sun, 06 Nov 2022 12:02:35 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-35
content-length: 528107
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 319e7a4a8a2b1e1d7c4240564de5d429
8f796c252635d1a38a35e00b6022977d90f652c3
907274baac112ebd20283906f185a878cf150ed50bc357b953ab37993c5ffcba
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 11:55:13 GMT
Expires: Sat, 19 Nov 2022 11:55:12 GMT
Etag: "8f796c252635d1a38a35e00b6022977d90f652c3"
Cache-Control: max-age=379623,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9cbb7db521-OSL
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
52.184.85.124200 OK 133 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 133 kB (133073 bytes)
Hash f44f18314d520e89498d1f67557c2697
bbdd1041f6be7316f0a565d525761a902959b6e6
303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8
GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
52.184.85.124200 OK 132 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 132 kB (131724 bytes)
Hash 6815a174b1da262bb85e17910991d3ed
cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01
GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
8499483.com/8499/960x60.gif
172.247.50.227200 OK 331 kB URL HTTP/2 8499483.com/8499/960x60.gif
IP 172.247.50.227:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
592773xgg.com/56e348b7f7c348f1922df8e109029a89.gif
103.170.15.94200 OK 679 kB URL HTTP/1.1 592773xgg.com/56e348b7f7c348f1922df8e109029a89.gif
IP 103.170.15.94:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 679 kB (679154 bytes)
Hash 31a2c8b304c60ba0149121ba24738944
b7e41db8a64cd0e82db9423dc5feeaeae6be5d3e
a8de43276d16854ef7935475d9bb2cece4d62f93628a0546dc6587c147a135fa
Analyzer Verdict Alert quad9 Sinkholed
GET /56e348b7f7c348f1922df8e109029a89.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b8eeb-a5cf2"
Date: Wed, 02 Nov 2022 01:41:08 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:12:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 679154
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
52.184.85.124200 OK 212 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (212163 bytes)
Hash 14c76e87c5da9f7226cf412026035c9d
a6cbebd6fd70a1975c7900dbacea379c7722bf94
b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4
GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:44 GMT
ETag: "1667486444"
Expires: Sat, 03 Dec 2022 14:40:44 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:44 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
52.184.85.124200 OK 245 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 245 kB (245365 bytes)
Hash 15b01b59267acae7726f30675e79d8bf
7449390411869cdc7b1b4ae6bee7e4fb7e893675
3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d
GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:42 GMT
ETag: "1667486442"
Expires: Sat, 03 Dec 2022 14:40:42 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
52.184.85.124200 OK 212 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 212 kB (211695 bytes)
Hash 0b39ec7c3e074e11a5629819f3aa4700
df59dbbb9d99b72d01f518d9c8484cd188440f0f
f89a04cd56e853388cad8b34084879771c6f49885033bb0a5c51402e60d468c8
GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 11:38:09 GMT
ETag: "1668166689"
Expires: Sun, 11 Dec 2022 11:38:09 GMT
Last-Modified: Fri, 11 Nov 2022 11:38:09 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
52.184.85.124200 OK 258 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 258 kB (257993 bytes)
Hash 038ba2e11d90524678f7762f4628513f
a41054637ff263d13570f7eec83a3286957edc80
51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71
GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:00 GMT
ETag: "1667494383"
Expires: Sat, 03 Dec 2022 16:53:00 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:03 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x26/20221021/1666352814488575.gif
52.184.85.124200 OK 460 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x26/20221021/1666352814488575.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 460 kB (459715 bytes)
Hash d4e74dbadc18d9e35bc48b815b8f37de
07562effc5109ea41403466d5d8795ededa57030
7973bc38aaf7332a150691990b844ce1efb79ab82e4d262fcd5901e77a53112b
GET /static/uploads/image/x26/20221021/1666352814488575.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 21 Oct 2022 11:47:02 GMT
ETag: "1666352823"
Expires: Sun, 20 Nov 2022 11:47:02 GMT
Last-Modified: Fri, 21 Oct 2022 11:47:03 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
52.184.85.124200 OK 252 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 60\012- data
Size 252 kB (251962 bytes)
Hash feb5419ef22c0a10470f6cfe2b0f1517
412e6b8e6f4244071851549b9d5ba5fdf9a5b631
d889e702650ec0543cef9a6d281f576366872f31463f3b707498aac5cef2ae07
GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:43:22 GMT
ETag: "1667486603"
Expires: Sat, 03 Dec 2022 14:43:22 GMT
Last-Modified: Thu, 03 Nov 2022 14:43:23 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352753192348.gif
52.184.85.124200 OK 429 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352753192348.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 429 kB (428593 bytes)
Hash 60de0e198b93e9f487d4f1c77ed5db88
fa3070711f791e218c5235ff20bba7c086697f75
ab8489fad65bf627642df428a3ba8b3733ce209f60b5c5e4064d76a0d160dd41
GET /static/uploads/image/x22/20221021/1666352753192348.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 21 Oct 2022 11:45:54 GMT
ETag: "1666352754"
Expires: Sun, 20 Nov 2022 11:45:54 GMT
Last-Modified: Fri, 21 Oct 2022 11:45:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352536705082.gif
52.184.85.124200 OK 423 kB URL HTTP/1.1 sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352536705082.gif
IP 52.184.85.124:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 120\012- data
Size 423 kB (423091 bytes)
Hash 05cb648d84c2606c9892128f3ae9892d
aacbe8019ae2afaf01cb75f291ecb852ab21e94e
1ecea29ead7cf4e13e61b83bf6b40832727c259807f3a5f963f6ba435ce0eeb1
GET /static/uploads/image/x22/20221021/1666352536705082.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 21 Oct 2022 11:42:20 GMT
ETag: "1666352541"
Expires: Sun, 20 Nov 2022 11:42:20 GMT
Last-Modified: Fri, 21 Oct 2022 11:42:21 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked
p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0
43.154.254.32200 OK 331 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0
IP 43.154.254.32:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Sat, 12 Nov 2022 13:28:23 GMT
cache-control: max-age=2592000
x-delay: 198 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 56ad57ca-07e7-4b34-8120-e207f9b7bbdb
X-Firefox-Spdy: h2
u1099.com/55792d2a5cc94721b2eb699169888cc7.gif
103.189.108.97200 OK 358 kB URL HTTP/2 u1099.com/55792d2a5cc94721b2eb699169888cc7.gif
IP 103.189.108.97:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 358 kB (358424 bytes)
Hash f129f8e22c360e9cc0b2de3a5e9cfe7b
d1371245e93d9600249330e7e3e2452f0b47d60a
15fa066d45d105edab17a539250f4293713408b03f9e04460b78dfa499dfad42
GET /55792d2a5cc94721b2eb699169888cc7.gif HTTP/1.1
Host: u1099.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6367a27f-57818"
server: nginx
date: Mon, 14 Nov 2022 10:57:09 GMT
content-type: image/gif
last-modified: Sun, 06 Nov 2022 12:03:11 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-087
content-length: 358424
X-Firefox-Spdy: h2
n0522.com/4d6f5c464538416c8a4367f41accb357.gif
20.243.252.217200 OK 234 kB URL HTTP/1.1 n0522.com/4d6f5c464538416c8a4367f41accb357.gif
IP 20.243.252.217:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 100\012- data
Size 234 kB (234083 bytes)
Hash 4accb5edc5dd748c790fadf9b37bb1e4
f7b4853dfa6d176c56863a976e3ba723a24e00ce
4306964c6de77a1def7c9b8d0f97c8d08ec81a5e62dd01a1a364feb22bf7fd42
GET /4d6f5c464538416c8a4367f41accb357.gif HTTP/1.1
Host: n0522.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:09 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 12:03:50 GMT
ETag: W/"6367a2a6-64308"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
u1099.com/3cd54835899b4244a452da12a2401f29.gif
103.189.108.97200 OK 383 kB URL HTTP/2 u1099.com/3cd54835899b4244a452da12a2401f29.gif
IP 103.189.108.97:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 383 kB (382842 bytes)
Hash 3ee8c68d9bcee9dba9e18883f7a79dd7
ca6173103323ab2685f5c50c81c2e80d50583ab9
150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9
GET /3cd54835899b4244a452da12a2401f29.gif HTTP/1.1
Host: u1099.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "6367a229-5d77a"
server: nginx
date: Mon, 14 Nov 2022 10:57:09 GMT
content-type: image/gif
last-modified: Sun, 06 Nov 2022 12:01:45 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-087
content-length: 382842
X-Firefox-Spdy: h2
537882736.com/41a28e3efa3841c89761a8f637921969.gif
47.75.19.145200 OK 579 kB URL HTTP/1.1 537882736.com/41a28e3efa3841c89761a8f637921969.gif
IP 47.75.19.145:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 750 x 120\012- data
Size 579 kB (579018 bytes)
Hash 54c2a3fb838c8e711bbe07220637d637
77e33ed77eb68c23320c059105fb2c900141301e
fc832269e62682138155c4f5e7f34f36512d1bfe69482fbc4a2cc3d27251c8e1
GET /41a28e3efa3841c89761a8f637921969.gif HTTP/1.1
Host: 537882736.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: image/gif
Content-Length: 579018
Connection: keep-alive
x-oss-request-id: 6372F6E0FDBA0C3038991E52
Accept-Ranges: bytes
ETag: "54C2A3FB838C8E711BBE07220637D637"
Last-Modified: Thu, 20 Oct 2022 10:49:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8834985976416227178
x-oss-storage-class: Standard
Content-MD5: VMKj+4OMjnEbvgciBjfWNw==
x-oss-server-time: 2